HOME

TheInfoList



OR:

File locking is a mechanism that restricts access to a
computer file A computer file is a computer resource for recording data in a computer storage device, primarily identified by its file name. Just as words can be written to paper, so can data be written to a computer file. Files can be shared with and trans ...
, or to a region of a file, by allowing only one user or
process A process is a series or set of activities that interact to produce a result; it may occur once-only or be recurrent or periodic. Things called a process include: Business and management *Business process, activities that produce a specific se ...
to modify or delete it at a specific time and to prevent reading of the file while it's being modified or deleted. Systems implement locking to prevent the classic ''interceding update'' scenario, which is a typical example of a
race condition A race condition or race hazard is the condition of an electronics, software, or other system where the system's substantive behavior is dependent on the sequence or timing of other uncontrollable events. It becomes a bug when one or more of t ...
, by enforcing the serialization of update processes to any given file. The following example illustrates the interceding update problem: #
Process A process is a series or set of activities that interact to produce a result; it may occur once-only or be recurrent or periodic. Things called a process include: Business and management *Business process, activities that produce a specific se ...
A reads a customer
record A record, recording or records may refer to: An item or collection of data Computing * Record (computer science), a data structure ** Record, or row (database), a set of fields in a database related to one entity ** Boot sector or boot record, ...
from a file containing account information, including the customer's account balance and phone number. # Process B now reads the same record from the same file, so it has its own copy. # Process A changes the account balance in its copy of the customer record and writes the record back to the file. # Process B, which still has the original ''stale'' value for the account balance in its copy of the customer record, updates the account balance and writes the customer record back to the file. # Process B has now written its stale account-balance value to the file, causing the changes made by process A to be lost. Most
operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), schedule tasks for ef ...
s support the concept of record locking, which means that individual records within any given file may be locked, thereby increasing the number of concurrent update processes. Database maintenance uses file locking, whereby it can serialize access to the entire physical file underlying a database. Although this does prevent any other process from accessing the file, it can be more efficient than individually locking many regions in the file by removing the overhead of acquiring and releasing each lock. Poor use of file locks, like any computer lock, can result in poor performance or in
deadlock In concurrent computing, deadlock is any situation in which no member of some group of entities can proceed because each waits for another member, including itself, to take action, such as sending a message or, more commonly, releasing a lo ...
s. File locking may also refer to additional security applied by a computer user either by using Windows security, NTFS permissions or by installing a third party file locking software.


In mainframes

IBM pioneered file locking in 1963 for use in mainframe computers using
OS/360 OS/360, officially known as IBM System/360 Operating System, is a discontinued batch processing operating system developed by IBM for their then-new System/360 mainframe computer, announced in 1964; it was influenced by the earlier IBSYS/IBJOB ...
, where it was termed "exclusive control".


In Microsoft Windows

Microsoft Windows uses three distinct mechanisms to manage access to shared files: # using share-access controls that allow applications to specify whole-file access-sharing for read, write, or delete # using byte-range locks to arbitrate read and write access to regions within a single file # by Windows file systems disallowing executing files from being opened for write or delete access Windows inherits the semantics of share-access controls from the
MS-DOS MS-DOS ( ; acronym for Microsoft Disk Operating System, also known as Microsoft DOS) is an operating system for x86-based personal computers mostly developed by Microsoft. Collectively, MS-DOS, its rebranding as IBM PC DOS, and a few oper ...
system, where sharing was introduced in MS-DOS 3.3 . Thus, an application must explicitly allow sharing when it opens a file; otherwise it has exclusive read, write, and delete access to the file until closed (other types of access, such as those to retrieve the attributes of a file are allowed.) For a file opened with shared access, applications may then use byte-range locking to control access to specific regions of the file. Such byte-range locks specify a region of the file (offset and length) and the type of lock (shared or exclusive). Note that the region of the file being locked is ''not'' required to have data within the file, and applications sometimes exploit this ability to implement their functionality. For applications that use the file read/write APIs in Windows, byte-range locks are enforced (also referred to as ''mandatory locks'') by the file systems that execute within Windows. For applications that use the file mapping APIs in Windows, byte-range locks are not enforced (also referred to as ''advisory locks.'') Byte-range locking may also have other side-effects on the Windows system. For example, the Windows file-sharing mechanism will typically disable client side caching of a file for ''all'' clients when byte-range locks are used by ''any'' client. The client will observe slower access because read and write operations must be sent to the server where the file is stored. Improper error-handling in an application program can lead to a scenario where a file is locked (either using "share" access or with byte-range file locking) and cannot be accessed by other applications. If so, the user may be able to restore file access by manually terminating the malfunctioning program. This is typically done through the
Task Manager In operating systems, a task manager is a system monitor program used to provide information about the processes and applications running on a computer, as well as the general status of the computer. Some implementations can also be used to ...
utility. The ''sharing mode'' (dwShareMode) parameter of the CreateFile function (used to open files) determines file-sharing. The sharing mode can be specified to allow sharing the file for read, write, or delete access, or any combination of these. Subsequent attempts to open the file must be compatible with all previously granted sharing-access to the file. When the file is closed, sharing-access restrictions are adjusted to remove the restrictions imposed by that specific file open. Byte-range locking type is determined by the ''dwFlags'' parameter in the LockFileEx function used to lock a region of a file. The
Windows API The Windows API, informally WinAPI, is Microsoft's core set of application programming interfaces (APIs) available in the Microsoft Windows operating systems. The name Windows API collectively refers to several different platform implementations ...
function LockFile can also be used and acquires an exclusive lock on the region of the file. Any file containing an executable program file that is currently running on the computer system as a program (e.g. an EXE, COM, DLL, CPL or other binary program file format) is normally locked by the operating system itself, preventing any application from modifying or deleting it. Any attempt to do so will be denied with a sharing violation error, despite the fact that the program file is not opened by any application. However, some access is still allowed. For example, a running application file can be renamed or copied (read) even when executing. Files are accessed by applications in Windows by using ''
file handles In Unix and Unix-like computer operating systems, a file descriptor (FD, less frequently fildes) is a process-unique identifier (handle) for a file or other input/output resource, such as a pipe or network socket. File descriptors typically have ...
''. These file handles can be explored with the
Process Explorer Process Explorer is a freeware task manager and system monitor for Microsoft Windows created by SysInternals, which has been acquired by Microsoft and re-branded as Windows Sysinternals. It provides the functionality of Windows Task Manager along ...
utility. This utility can also be used to force-close handles without needing to terminate the application holding them. This can cause an undefined behavior, since the program will receive an unexpected error when using the force-closed handle and may even operate on an unexpected file since the handle number may be recycled. Microsoft Windows XP and Server 2003 editions have introduced volume snapshot (VSS) capability to
NTFS New Technology File System (NTFS) is a proprietary journaling file system developed by Microsoft. Starting with Windows NT 3.1, it is the default file system of the Windows NT family. It superseded File Allocation Table (FAT) as the preferred f ...
, allowing open files to be accessed by backup software despite any exclusive locks. However, unless software is rewritten to specifically support this feature, the snapshot will be ''crash consistent'' only, while properly supported applications can assist the operating system in creating "transactionally consistent" snapshots. Other commercial software for accessing locked files under Windows include File Access Manager and Open File Manager. These work by installing their own drivers to access the files in
kernel mode In computer science, hierarchical protection domains, often called protection rings, are mechanisms to protect data and functionality from faults (by improving fault tolerance) and malicious behavior (by providing computer security). Compute ...
.


In Unix-like systems

Unix-like A Unix-like (sometimes referred to as UN*X or *nix) operating system is one that behaves in a manner similar to a Unix system, although not necessarily conforming to or being certified to any version of the Single UNIX Specification. A Unix-li ...
operating systems (including
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which i ...
and Apple's
macOS macOS (; previously OS X and originally Mac OS X) is a Unix operating system developed and marketed by Apple Inc. since 2001. It is the primary operating system for Apple's Mac (computer), Mac computers. Within the market of ...
) do not normally automatically lock open files. Several kinds of file-locking mechanisms are available in different flavors of Unix, and many operating systems support more than one kind for compatibility. The most common mechanism is . Two other such mechanisms are and , each of which may be implemented atop fcntl or may be implemented separately from fcntl. Although some types of locks can be configured to be mandatory, file locks under Unix are by default ''advisory''. This means that cooperating processes may use locks to coordinate access to a file among themselves, but uncooperative processes are also free to ignore locks and access the file in any way they choose. In other words, file locks lock out other file lockers only, not I/O. Two kinds of locks are offered: shared locks and exclusive locks. In the case of fcntl, different kinds of locks may be applied to different sections (byte ranges) of a file, or else to the whole file. Shared locks can be held by multiple processes at the same time, but an exclusive lock can only be held by one process, and cannot coexist with a shared lock. To acquire a shared lock, a process must wait until no processes hold any exclusive locks. To acquire an exclusive lock, a process must wait until no processes hold either kind of lock. Unlike locks created by fcntl, those created by flock are preserved across forks, making them useful in forking servers. It is therefore possible for more than one process to hold an exclusive lock on the same file, provided these processes share a filial relationship and the exclusive lock was initially created in a single process before being duplicated across a fork. Shared locks are sometimes called "read locks" and exclusive locks are sometimes called "write locks". However, because locks on Unix are advisory, this isn't enforced. Thus it is possible for a database to have a concept of "shared writes" vs. "exclusive writes"; for example, changing a field in place may be permitted under shared access, whereas garbage-collecting and rewriting the database may require exclusive access. File locks apply to the actual file, rather than the file name. This is important since Unix allows multiple names to refer to the same file. Together with non-mandatory locking, this leads to great flexibility in accessing files from multiple processes. On the other hand, the cooperative locking approach can lead to problems when a process writes to a file without obeying file locks set by other processes. For this reason, some Unix-like operating systems also offer limited support for ''mandatory locking''. On such systems, a file whose setgid bit is on but whose group execution bit is off when that file is opened will be subject to automatic mandatory locking if the underlying filesystem supports it. However, non-local NFS partitions tend to disregard this bit. If a file is subject to mandatory locking, attempts to read from a region that is locked with an exclusive lock, or to write to a region that is locked with a shared or exclusive lock, will block until the lock is released. This strategy first originated in System V, and can be seen today in the Solaris,
HP-UX HP-UX (from "Hewlett Packard Unix") is Hewlett Packard Enterprise's proprietary implementation of the Unix operating system, based on Unix System V (initially System III) and first released in 1984. Current versions support HPE Integrit ...
, and Linux operating systems. It is not part of POSIX, however, and BSD-derived operating systems such as
FreeBSD FreeBSD is a free and open-source Unix-like operating system descended from the Berkeley Software Distribution (BSD), which was based on Research Unix. The first version of FreeBSD was released in 1993. In 2005, FreeBSD was the most popular ...
,
OpenBSD OpenBSD is a security-focused operating system, security-focused, free and open-source, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by fork (software development), forking N ...
,
NetBSD NetBSD is a free and open-source Unix operating system based on the Berkeley Software Distribution (BSD). It was the first open-source BSD descendant officially released after 386BSD was forked. It continues to be actively developed and is a ...
, and Apple's
macOS macOS (; previously OS X and originally Mac OS X) is a Unix operating system developed and marketed by Apple Inc. since 2001. It is the primary operating system for Apple's Mac (computer), Mac computers. Within the market of ...
do not support it. Linux also supports ''mandatory locking'' through the special ''-o mand'' parameter for file system mounting (), but this is rarely used. Some Unix-like operating systems prevent attempts to open the executable file of a running program for writing; this is a third form of locking, separate from those provided by fcntl and flock.


Problems

More than one process can hold an exclusive flock on a given file if the exclusive lock was duplicated across a later fork. This simplifies coding for network servers and helps prevent race conditions, but can be confusing to the unaware. Mandatory locks have no effect on the unlink system call. Consequently, certain programs may, effectively, circumvent mandatory locking. Stevens & Rago (2005) observed that the ed editor indeed did that. Whether and how flock locks work on network filesystems, such as NFS, is implementation dependent. On BSD systems, flock calls on a file descriptor open to a file on an NFS-mounted partition are successful no-ops. On
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which i ...
prior to 2.6.12, flock calls on NFS files would act only locally. Kernel 2.6.12 and above implement flock calls on NFS files using POSIX byte-range locks. These locks will be visible to other NFS clients that implement fcntl-style ''POSIX locks'', but invisible to those that do not. Lock upgrades and downgrades ''release'' the old lock before applying the new lock. If an application downgrades an exclusive lock to a shared lock while another application is blocked waiting for an exclusive lock, the latter application may get the exclusive lock and lock the first application out. This means that lock downgrades can block, which may be counter-intuitive. ''All'' fcntl locks associated with a file for a given process are removed when ''any'' file descriptor for that file is closed by that process, even if a lock was never requested for that file descriptor. Also, fcntl locks are not inherited by a child process. The fcntl close semantics are particularly troublesome for applications that call subroutine libraries that may access files. Neither of these "bugs" occurs using real flock-style locks. Preservation of the lock status on open file descriptors passed to another process using a Unix domain socket is implementation dependent.


Buffered I/O problems

One source of lock failure occurs when buffered I/O has buffers assigned in the user's local workspace, rather than in an operating system buffer pool. fread and fwrite are commonly used to do buffered I/O, and once a section of a file is read, another attempt to read that same section will, most likely, obtain the data from the local buffer. The problem is another user attached to the same file has their own local buffers, and the same thing is happening for them. An fwrite of data obtained from the buffer by fread will ''not'' be obtaining the data from the file itself, and some other user could have changed it. Both could use flock to ensure exclusive access, which prevents simultaneous writes, but since the reads are reading from the buffer and not the file itself, any data changed by user #1 can be lost by user #2 (over-written). The best solution to this problem is to use unbuffered I/O (read and write) with flock, which also means using lseek instead of fseek and ftell. Of course, you'll have to make adjustments for function parameters and results returned. Generally speaking, buffered I/O is ''unsafe'' when used with shared files.


In AmigaOS

In
AmigaOS AmigaOS is a family of proprietary native operating systems of the Amiga and AmigaOne personal computers. It was developed first by Commodore International and introduced with the launch of the first Amiga, the Amiga 1000, in 1985. Early versions ...
, a lock on a file (or directory) can be acquired using the Lock function (in the dos.library). A lock can be shared (other processes can read the file/directory, but can't modify or delete it), or exclusive so that only the process which successfully acquires the lock can access or modify the object. The lock is on the whole object and not part of it. The lock must be released with the UnLock function: unlike in Unix, the operating system does not implicitly unlock the object when the process terminates.


Lock files

Shell script A shell script is a computer program designed to be run by a Unix shell, a command-line interpreter. The various dialects of shell scripts are considered to be scripting languages. Typical operations performed by shell scripts include file manip ...
s and other programs often use a strategy similar to the use of file locking: creation of ''lock files'', which are files whose contents are irrelevant (although often one will find the
process identifier In computing, the process identifier (a.k.a. process ID or PID) is a number used by most operating system kernels—such as those of Unix, macOS and Windows—to uniquely identify an active process. This number may be used as a parameter in vario ...
of the holder of the lock in the file) and whose sole purpose is to signal by their presence that some resource is locked. A lock file is often the best approach if the resource to be controlled is not a regular file at all, so using methods for locking files does not apply. For example, a lock file might govern access to a set of related resources, such as several different files, directories, a group of disk partitions, or selected access to higher level protocols like servers or database connections. When using lock files, care must be taken to ensure that operations are atomic. To obtain a lock, the process must verify that the lock file does not exist and then create it, whilst preventing another process from creating it in the meantime. Various methods to do this include: * Using the lockfile command (a conditional semaphore-file creator distributed in the procmail package). * System calls that create a file, but fail if the file already exists. (System calls are available from languages such as C or C++, and shell scripts can make use of noclobber) * Using the mkdir command and checking the exit code for failure Lock files are often named with a tilde (~) prefixed to the name of the file they are locking, or a duplicate of the full file name suffixed with .LCK . If they are locking a resource other than a file, they may be named more arbitrarily. Certain
Mozilla Mozilla (stylized as moz://a) is a free software community founded in 1998 by members of Netscape. The Mozilla community uses, develops, spreads and supports Mozilla products, thereby promoting exclusively free software and open standards, w ...
products (such as
Firefox Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation. It uses the Gecko rendering engine to display web pages, which implements current and ...
, Thunderbird, Sunbird) use this type of file resource lock mechanism (using a temporary file named "parent.lock".)


Unlocker software

An unlocker is a utility used to determine what process is locking a file, and displays a list of processes as well as choices on what to do with the process (kill task, unlock, etc.) along with a list of file options such as delete or rename. On some Unix-like systems, utilities such as fstat and lockf can be used to inspect the state of file locks by process, by filename, or both. On Windows systems, if a file is locked, it's possible to schedule its moving or deletion to be performed on the next reboot. This approach is typically used by installers to replace locked system files.


Version control systems

In version control systems file locking is used to prevent two users changing the same file version in parallel and then when saving, the second user to overwrite what first user changed. This is implemented by marking locked files as read-only in the file system. A user wanting to change the file performs an unlock (also called checkout) operation, and until a check-in (store) operation is done, or the lock is reverted, nobody else is allowed to unlock the file.


See also

* Readers–writer lock


References

{{Reflist, 30em


External links


Everything you never wanted to know about file locking
a review of the Unix file locking options and their problems (dated December 13, 2010)
File-private POSIX locks
a LWN.net article on file locks supported on Linux that behave differently from POSIX locks regarding inheritance and behavior on close Computer file systems