Skip Menu |

Subject: Improve kdb5_util load locking and recovery
If a kdb5_util load (without -update) operation aborts, it leaves behind
a partially constructed temporary DB. Future load operations will fail
with "kdb5_util load: File exists.", after krb5_db2_create() gets a
successful result from check_openable().

We want kdb5_util load to discard remnant temporary DBs from failed load
operations, but we want to make sure that two load operations don't
happen concurrently. The current locking is inadequate for this; the
temporary DB is locked after it is created and unlocked before it is

To fix this, we need atomic DAL operations for create-and-lock-temp-DB
and for promote-and-unlock-temp-DB. Since temporary DB operations are
the sole property of kdb5_util load, we do not need new interfaces; we
can modify the contracts of the existing interfaces (krb5_db_create with
the "temporary" db_arg, and krb5_db_promote).

Only the DB2 back end supports non-update kdb5_util loads, so the scope
of code modifications should be limited to kadmin/db_util/load.c,
plugins/kdb/db2/kdb_db2.c, and include/kdb.h (comments only).
Subject: SVN Commit

After a failed kdb5_util load, make a subsequent load operation work
by removing the remnant temporary files after obtaining a lock. To
make this safe, the private contract for temporary DB creation and
promotion had to be altered, along with many of the DB2 internal
helper functions.
Commit By: ghudson
Revision: 24511
Changed Files:
U trunk/src/include/kdb.h
U trunk/src/kadmin/dbutil/dump.c
U trunk/src/plugins/kdb/db2/kdb_db2.c
U trunk/src/plugins/kdb/db2/kdb_db2.h