Date: Mon, 27 Feb 2023 22:14:04 -0800 From: Xin Li <delphij@FreeBSD.org> To: "Piotr P. Stefaniak" <pstef@freebsd.org> Cc: dev-commits-src-main@freebsd.org Subject: Re: git: 39e8c2a29a86 - main - cleanvar: Be more careful when cleaning up /var. Message-ID: <b7c8f1ed-9419-3980-1b90-a90335834904@FreeBSD.org> In-Reply-To: <Y/1B/IQ52%2BNv8HKx@freefall.freebsd.org> References: <202302130457.31D4v8Hh067792@gitrepo.freebsd.org> <Y/1B/IQ52%2BNv8HKx@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2023-02-27 3:51 PM, Piotr P. Stefaniak wrote:
> On 2023-02-13 04:57:08, Xin LI wrote:
>> cleanvar: Be more careful when cleaning up /var.
>>
>> The cleanvar script uses find -delete to remove stale files under
>> /var,
>> which could lead to unwanted removal of files in some unusual
>> scenarios.
>> For example, when a mounted fdescfs(5) is present under
>> /var/run/samba/fd,
>> find(1) could descend into a directory that is out of /var/run and
>> remove
>> files that should not be removed.
>>
>> To mitigate this, modify the script to use find -x, which restricts
>> the
>> find scope to one file system only instead of descending into mounted
>> file systems.
>
>> @@ -31,15 +31,15 @@ cleanvar_start()
>> {
>> if [ -d /var/run -a ! -f /var/run/clean_var ]; then
>> # Skip over logging sockets
>> - find /var/run \( -type f -or -type s ! -name log -and ! -name
>> logpriv \) -delete
>> + find -x /var/run \( -type f -or -type s ! -name log -and !
>> -name logpriv \) -delete
>> >/var/run/clean_var
>> fi
>
> Do we want to assume that /var/run is never a symlink? If not, we
> probably want to use find -xH here.
No, I don't think it's safe to follow symlinks. If it's desirable to
follow /var/run itself, perhaps this should be changed to "/var/run/".
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?b7c8f1ed-9419-3980-1b90-a90335834904>