From 4f469e6a4181dd37b036131da8a1e64740f4472e Mon Sep 17 00:00:00 2001
From: goldyfruit <gaetan.trellu@gmail.com>
Date: Thu, 31 Oct 2024 07:40:52 -0400
Subject: [PATCH 1/2] [ansible/venv] Fix potential wrapper race condition

---
 .../templates/virtualenv/wrapper-ovos-phal-admin.sh.j2      | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/ansible/roles/ovos_installer/templates/virtualenv/wrapper-ovos-phal-admin.sh.j2 b/ansible/roles/ovos_installer/templates/virtualenv/wrapper-ovos-phal-admin.sh.j2
index c156474..72b27f8 100644
--- a/ansible/roles/ovos_installer/templates/virtualenv/wrapper-ovos-phal-admin.sh.j2
+++ b/ansible/roles/ovos_installer/templates/virtualenv/wrapper-ovos-phal-admin.sh.j2
@@ -16,6 +16,12 @@ while ! [ -d "$combo_locks_path" ]; do
         ((attempt_counter++))
         echo "Trying to start ovos-phal-admin systemd unit... Attempt ${attempt_counter}/${max_attempt}"
         sleep 1
+    else
+        # If for some reasons /tmp/combo_locks is not created by the other
+        # services then we force the directory creation with the
+        # correct permissions to avoid a potential race condition.
+        mkdir -p "$combo_locks_path"
+        chown -R {{ ovos_installer_user }}:{{ ovos_installer_group }} "$combo_locks_path"
     fi
 done
 

From bb103de66c9b24af770225c754aa4e21376f374a Mon Sep 17 00:00:00 2001
From: goldyfruit <gaetan.trellu@gmail.com>
Date: Thu, 31 Oct 2024 08:46:48 -0400
Subject: [PATCH 2/2] [ansible/venv] Better error handling

---
 .../virtualenv/wrapper-ovos-phal-admin.sh.j2     | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/ansible/roles/ovos_installer/templates/virtualenv/wrapper-ovos-phal-admin.sh.j2 b/ansible/roles/ovos_installer/templates/virtualenv/wrapper-ovos-phal-admin.sh.j2
index 72b27f8..74ea324 100644
--- a/ansible/roles/ovos_installer/templates/virtualenv/wrapper-ovos-phal-admin.sh.j2
+++ b/ansible/roles/ovos_installer/templates/virtualenv/wrapper-ovos-phal-admin.sh.j2
@@ -20,8 +20,20 @@ while ! [ -d "$combo_locks_path" ]; do
         # If for some reasons /tmp/combo_locks is not created by the other
         # services then we force the directory creation with the
         # correct permissions to avoid a potential race condition.
-        mkdir -p "$combo_locks_path"
-        chown -R {{ ovos_installer_user }}:{{ ovos_installer_group }} "$combo_locks_path"
+        if ! mkdir -p "$combo_locks_path"; then
+            echo "Failed to create $combo_locks_path directory" >&2
+            exit 1
+        fi
+        if ! chmod 755 "$combo_locks_path" || \
+           ! chown -R {{ ovos_installer_user }}:{{ ovos_installer_group }} "$combo_locks_path"; then
+            echo "Failed to set permissions on $combo_locks_path" >&2
+            exit 1
+        fi
+        # Verify directory exists and has correct ownership
+        if [ ! -d "$combo_locks_path" ]; then
+            echo "Directory creation verification failed" >&2
+            exit 1
+        fi
     fi
 done