From 7cb53855dcc503c97f5fa9c0487946b5daeec183 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Sat, 17 Jun 2017 12:41:08 -0400 Subject: [PATCH] basic/rm-rf: allow a symlink to / to be removed We open the target path with O_DIRECTORY|O_NOFOLLOW, and if that doesn't work, we call unlink() on the path. In neither case we will follow the symlink, so we can relax our check to also not follow symlinks. Fixes #5864. --- src/basic/rm-rf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/basic/rm-rf.c b/src/basic/rm-rf.c index 421289e11bb..3f80ed263aa 100644 --- a/src/basic/rm-rf.c +++ b/src/basic/rm-rf.c @@ -182,7 +182,7 @@ int rm_rf(const char *path, RemoveFlags flags) { /* We refuse to clean the root file system with this * call. This is extra paranoia to never cause a really * seriously broken system. */ - if (path_equal_or_files_same(path, "/", 0)) { + if (path_equal_or_files_same(path, "/", AT_SYMLINK_NOFOLLOW)) { log_error("Attempted to remove entire root file system, and we can't allow that."); return -EPERM; } -- 2.47.3