Description
I am automating seamless DANE support after acmetool, and this process triggers a sequence of simple atomic and idempotent actions with its own timing. This raises concerns about atomicity of the /var/lib/acme/live directory contents. Multiple files cannot be written all at the same time, and concurrent programs might interact and see half-way results.
I therefore started wrapping acmetool with a voluntary lock, using flock(). I use the same lock for the scripts that work with /var/lib/acme.
I think it is generally a good idea to use flock() in the tool itself, precisely because it is a command that runs as a cronjob and occasionally at the user's request. There should be no interference between any two calls of the tool and, given the neat documentation of the /var/lib/acme directory, it would be good if any other tools could follow a compatible practice.
Activity