summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2010-12-28 14:20:21 +0100
committerLennart Poettering <lennart@poettering.net>2010-12-28 14:21:28 +0100
commita247755d5221411ffe7780677b270963682dadd1 (patch)
tree3bae915f8243c8f52dfef023842dcc3778f506a0
parent5b8191986c5e00323315e61a53efadbf64de8161 (diff)
tmpfiles: ensure we do no follow symlinks when cleaning up dirs
Patch suggested by Miloslav Trmac.
-rw-r--r--src/tmpfiles.c2
-rw-r--r--src/util.c4
-rw-r--r--src/util.h2
3 files changed, 4 insertions, 4 deletions
diff --git a/src/tmpfiles.c b/src/tmpfiles.c
index 120236c5cc..1234cbf348 100644
--- a/src/tmpfiles.c
+++ b/src/tmpfiles.c
@@ -149,7 +149,7 @@ static int dir_cleanup(
DIR *sub_dir;
int q;
- sub_dir = xopendirat(dirfd(d), dent->d_name);
+ sub_dir = xopendirat(dirfd(d), dent->d_name, O_NOFOLLOW);
if (sub_dir == NULL) {
if (errno != ENOENT) {
log_error("opendir(%s/%s) failed: %m", p, dent->d_name);
diff --git a/src/util.c b/src/util.c
index d769d60986..60af4fe60d 100644
--- a/src/util.c
+++ b/src/util.c
@@ -3402,8 +3402,8 @@ bool null_or_empty(struct stat *st) {
return false;
}
-DIR *xopendirat(int fd, const char *name) {
- return fdopendir(openat(fd, name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC));
+DIR *xopendirat(int fd, const char *name, int flags) {
+ return fdopendir(openat(fd, name, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|flags));
}
int signal_from_string_try_harder(const char *s) {
diff --git a/src/util.h b/src/util.h
index 7e1eacc687..1e4eedfbce 100644
--- a/src/util.h
+++ b/src/util.h
@@ -363,7 +363,7 @@ _noreturn_ void freeze(void);
bool null_or_empty(struct stat *st);
-DIR *xopendirat(int dirfd, const char *name);
+DIR *xopendirat(int dirfd, const char *name, int flags);
void dual_timestamp_serialize(FILE *f, const char *name, dual_timestamp *t);
void dual_timestamp_deserialize(const char *value, dual_timestamp *t);