1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2015 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 //#include "btrfs-util.h"
24 #include "mount-util.h"
25 #include "path-util.h"
27 #include "stat-util.h"
28 #include "string-util.h"
31 int rm_rf_children(int fd, RemoveFlags flags, struct stat *root_dev) {
32 _cleanup_closedir_ DIR *d = NULL;
37 /* This returns the first error we run into, but nevertheless
38 * tries to go on. This closes the passed fd. */
40 if (!(flags & REMOVE_PHYSICAL)) {
42 r = fd_is_temporary_fs(fd);
49 /* We refuse to clean physical file systems
50 * with this call, unless explicitly
51 * requested. This is extra paranoia just to
52 * be sure we never ever remove non-state
55 log_error("Attempted to remove disk file system, and we can't allow that.");
64 return errno == ENOENT ? 0 : -errno;
75 if (errno != 0 && ret == 0)
80 if (streq(de->d_name, ".") || streq(de->d_name, ".."))
83 if (de->d_type == DT_UNKNOWN ||
84 (de->d_type == DT_DIR && (root_dev || (flags & REMOVE_SUBVOLUME)))) {
85 if (fstatat(fd, de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
86 if (ret == 0 && errno != ENOENT)
91 is_dir = S_ISDIR(st.st_mode);
93 is_dir = de->d_type == DT_DIR;
98 /* if root_dev is set, remove subdirectories only if device is same */
99 if (root_dev && st.st_dev != root_dev->st_dev)
102 subdir_fd = openat(fd, de->d_name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
104 if (ret == 0 && errno != ENOENT)
109 /* Stop at mount points */
110 r = fd_is_mount_point(fd, de->d_name, 0);
112 if (ret == 0 && r != -ENOENT)
115 safe_close(subdir_fd);
119 safe_close(subdir_fd);
124 if ((flags & REMOVE_SUBVOLUME) && st.st_ino == 256) {
126 /* This could be a subvolume, try to remove it */
128 r = btrfs_subvol_remove_fd(fd, de->d_name, BTRFS_REMOVE_RECURSIVE|BTRFS_REMOVE_QUOTA);;
130 if (r != -ENOTTY && r != -EINVAL) {
134 safe_close(subdir_fd);
138 /* ENOTTY, then it wasn't a
139 * btrfs subvolume, continue
142 /* It was a subvolume, continue. */
143 safe_close(subdir_fd);
149 /* We pass REMOVE_PHYSICAL here, to avoid
150 * doing the fstatfs() to check the file
151 * system type again for each directory */
152 r = rm_rf_children(subdir_fd, flags | REMOVE_PHYSICAL, root_dev);
153 if (r < 0 && ret == 0)
156 if (unlinkat(fd, de->d_name, AT_REMOVEDIR) < 0) {
157 if (ret == 0 && errno != ENOENT)
161 } else if (!(flags & REMOVE_ONLY_DIRECTORIES)) {
163 if (unlinkat(fd, de->d_name, 0) < 0) {
164 if (ret == 0 && errno != ENOENT)
171 int rm_rf(const char *path, RemoveFlags flags) {
177 /* We refuse to clean the root file system with this
178 * call. This is extra paranoia to never cause a really
179 * seriously broken system. */
180 if (path_equal(path, "/")) {
181 log_error("Attempted to remove entire root file system, and we can't allow that.");
186 if ((flags & (REMOVE_SUBVOLUME|REMOVE_ROOT|REMOVE_PHYSICAL)) == (REMOVE_SUBVOLUME|REMOVE_ROOT|REMOVE_PHYSICAL)) {
187 /* Try to remove as subvolume first */
188 r = btrfs_subvol_remove(path, BTRFS_REMOVE_RECURSIVE|BTRFS_REMOVE_QUOTA);
192 if (r != -ENOTTY && r != -EINVAL && r != -ENOTDIR)
195 /* Not btrfs or not a subvolume */
199 fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
202 if (errno != ENOTDIR && errno != ELOOP)
205 if (!(flags & REMOVE_PHYSICAL)) {
206 if (statfs(path, &s) < 0)
209 if (!is_temporary_fs(&s)) {
210 log_error("Attempted to remove disk file system, and we can't allow that.");
215 if ((flags & REMOVE_ROOT) && !(flags & REMOVE_ONLY_DIRECTORIES))
216 if (unlink(path) < 0 && errno != ENOENT)
222 r = rm_rf_children(fd, flags, NULL);
224 if (flags & REMOVE_ROOT) {
225 if (rmdir(path) < 0) {
226 if (r == 0 && errno != ENOENT)