diff options
author | Lennart Poettering <lennart@poettering.net> | 2012-07-09 17:30:22 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2012-07-09 17:30:22 +0200 |
commit | 461b1822321d6be0d7fd8be29bf3b4993ebd1b85 (patch) | |
tree | 34c4d6423ed74c0f03ba206818827c86cec219a6 | |
parent | 8401e9f91d65c3d8d49cf0d2e35d03146354e957 (diff) |
paranoia: refuse rm_rf("/")
-rw-r--r-- | TODO | 4 | ||||
-rw-r--r-- | src/journal/journald.c | 2 | ||||
-rw-r--r-- | src/shared/util.c | 3 |
3 files changed, 8 insertions, 1 deletions
@@ -22,6 +22,10 @@ Bugfixes: Features: +* refuse taking lower-case variable names in sd_journal_send() and friends. + +* when running as user instance: implicitly default to WorkingDirectory=$HOME for all services. + * journalctl highlight reboots * Merge KillUnit()'s mode and who params into one diff --git a/src/journal/journald.c b/src/journal/journald.c index 8d1b10d270..0629f79f1c 100644 --- a/src/journal/journald.c +++ b/src/journal/journald.c @@ -2058,7 +2058,6 @@ static int system_journal_open(Server *s) { } static int server_flush_to_var(Server *s) { - char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; Object *o = NULL; int r; sd_id128_t machine; @@ -2135,6 +2134,7 @@ finish: s->runtime_journal = NULL; if (r >= 0) { + char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"; sd_id128_to_string(machine, path + 17); rm_rf(path, false, true, false); } diff --git a/src/shared/util.c b/src/shared/util.c index 041a63bb4b..41505b2ca7 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -3339,6 +3339,9 @@ int rm_rf(const char *path, bool only_dirs, bool delete_root, bool honour_sticky assert(path); + /* Be paranoid */ + assert(!streq(path, "/")); + fd = open(path, O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC|O_NOFOLLOW|O_NOATIME); if (fd < 0) { |