1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2015 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include "path-util.h"
26 int rm_rf_children(int fd, RemoveFlags flags, struct stat *root_dev) {
27 _cleanup_closedir_ DIR *d = NULL;
32 /* This returns the first error we run into, but nevertheless
33 * tries to go on. This closes the passed fd. */
35 if (!(flags & REMOVE_PHYSICAL)) {
37 r = fd_is_temporary_fs(fd);
44 /* We refuse to clean physical file systems
45 * with this call, unless explicitly
46 * requested. This is extra paranoia just to
47 * be sure we never ever remove non-state
50 log_error("Attempted to remove disk file system, and we can't allow that.");
59 return errno == ENOENT ? 0 : -errno;
70 if (errno != 0 && ret == 0)
75 if (streq(de->d_name, ".") || streq(de->d_name, ".."))
78 if (de->d_type == DT_UNKNOWN ||
79 (de->d_type == DT_DIR && (root_dev || (flags & REMOVE_SUBVOLUME)))) {
80 if (fstatat(fd, de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
81 if (ret == 0 && errno != ENOENT)
86 is_dir = S_ISDIR(st.st_mode);
88 is_dir = de->d_type == DT_DIR;
93 /* if root_dev is set, remove subdirectories only if device is same */
94 if (root_dev && st.st_dev != root_dev->st_dev)
97 subdir_fd = openat(fd, de->d_name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
99 if (ret == 0 && errno != ENOENT)
104 /* Stop at mount points */
105 r = fd_is_mount_point(fd, de->d_name, 0);
107 if (ret == 0 && r != -ENOENT)
110 safe_close(subdir_fd);
114 safe_close(subdir_fd);
118 if ((flags & REMOVE_SUBVOLUME) && st.st_ino == 256) {
120 /* This could be a subvolume, try to remove it */
122 r = btrfs_subvol_remove_fd(fd, de->d_name, true);
124 if (r != -ENOTTY && r != -EINVAL) {
128 safe_close(subdir_fd);
132 /* ENOTTY, then it wasn't a
133 * btrfs subvolume, continue
136 /* It was a subvolume, continue. */
137 safe_close(subdir_fd);
142 /* We pass REMOVE_PHYSICAL here, to avoid
143 * doing the fstatfs() to check the file
144 * system type again for each directory */
145 r = rm_rf_children(subdir_fd, flags | REMOVE_PHYSICAL, root_dev);
146 if (r < 0 && ret == 0)
149 if (unlinkat(fd, de->d_name, AT_REMOVEDIR) < 0) {
150 if (ret == 0 && errno != ENOENT)
154 } else if (!(flags & REMOVE_ONLY_DIRECTORIES)) {
156 if (unlinkat(fd, de->d_name, 0) < 0) {
157 if (ret == 0 && errno != ENOENT)
164 int rm_rf(const char *path, RemoveFlags flags) {
170 /* We refuse to clean the root file system with this
171 * call. This is extra paranoia to never cause a really
172 * seriously broken system. */
173 if (path_equal(path, "/")) {
174 log_error("Attempted to remove entire root file system, and we can't allow that.");
178 if ((flags & (REMOVE_SUBVOLUME|REMOVE_ROOT|REMOVE_PHYSICAL)) == (REMOVE_SUBVOLUME|REMOVE_ROOT|REMOVE_PHYSICAL)) {
179 /* Try to remove as subvolume first */
180 r = btrfs_subvol_remove(path, true);
184 if (r != -ENOTTY && r != -EINVAL)
187 /* Not btrfs or not a subvolume */
190 fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME);
193 if (errno != ENOTDIR && errno != ELOOP)
196 if (!(flags & REMOVE_PHYSICAL)) {
197 if (statfs(path, &s) < 0)
200 if (!is_temporary_fs(&s)) {
201 log_error("Attempted to remove disk file system, and we can't allow that.");
206 if ((flags & REMOVE_ROOT) && !(flags & REMOVE_ONLY_DIRECTORIES))
207 if (unlink(path) < 0 && errno != ENOENT)
213 r = rm_rf_children(fd, flags, NULL);
215 if (flags & REMOVE_ROOT) {
216 if (rmdir(path) < 0) {
217 if (r == 0 && errno != ENOENT)