From a247755d5221411ffe7780677b270963682dadd1 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 28 Dec 2010 14:20:21 +0100 Subject: [PATCH] tmpfiles: ensure we do no follow symlinks when cleaning up dirs Patch suggested by Miloslav Trmac. --- src/tmpfiles.c | 2 +- src/util.c | 4 ++-- src/util.h | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/tmpfiles.c b/src/tmpfiles.c index 120236c5c..1234cbf34 100644 --- a/src/tmpfiles.c +++ b/src/tmpfiles.c @@ -149,7 +149,7 @@ static int dir_cleanup( DIR *sub_dir; int q; - sub_dir = xopendirat(dirfd(d), dent->d_name); + sub_dir = xopendirat(dirfd(d), dent->d_name, O_NOFOLLOW); if (sub_dir == NULL) { if (errno != ENOENT) { log_error("opendir(%s/%s) failed: %m", p, dent->d_name); diff --git a/src/util.c b/src/util.c index d769d6098..60af4fe60 100644 --- a/src/util.c +++ b/src/util.c @@ -3402,8 +3402,8 @@ bool null_or_empty(struct stat *st) { return false; } -DIR *xopendirat(int fd, const char *name) { - return fdopendir(openat(fd, name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC)); +DIR *xopendirat(int fd, const char *name, int flags) { + return fdopendir(openat(fd, name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|flags)); } int signal_from_string_try_harder(const char *s) { diff --git a/src/util.h b/src/util.h index 7e1eacc68..1e4eedfbc 100644 --- a/src/util.h +++ b/src/util.h @@ -363,7 +363,7 @@ _noreturn_ void freeze(void); bool null_or_empty(struct stat *st); -DIR *xopendirat(int dirfd, const char *name); +DIR *xopendirat(int dirfd, const char *name, int flags); void dual_timestamp_serialize(FILE *f, const char *name, dual_timestamp *t); void dual_timestamp_deserialize(const char *value, dual_timestamp *t); -- 2.30.2