Re: git: 39e8c2a29a86 - main - cleanvar: Be more careful when cleaning up /var.

Reply: Xin Li : "Re: git: 39e8c2a29a86 - main - cleanvar: Be more careful when cleaning up /var."
In reply to: Xin LI : "git: 39e8c2a29a86 - main - cleanvar: Be more careful when cleaning up /var."
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Piotr P. Stefaniak <pstef_at_freebsd.org>
Date: Mon, 27 Feb 2023 23:51:24 UTC

On 2023-02-13 04:57:08, Xin LI wrote:
>    cleanvar: Be more careful when cleaning up /var.
>
>    The cleanvar script uses find -delete to remove stale files under /var,
>    which could lead to unwanted removal of files in some unusual scenarios.
>    For example, when a mounted fdescfs(5) is present under /var/run/samba/fd,
>    find(1) could descend into a directory that is out of /var/run and remove
>    files that should not be removed.
>
>    To mitigate this, modify the script to use find -x, which restricts the
>    find scope to one file system only instead of descending into mounted
>    file systems.

>@@ -31,15 +31,15 @@ cleanvar_start()
> {
> 	if [ -d /var/run -a ! -f /var/run/clean_var ]; then
> 		# Skip over logging sockets
>-		find /var/run \( -type f -or -type s ! -name log -and ! -name logpriv \) -delete
>+		find -x /var/run \( -type f -or -type s ! -name log -and ! -name logpriv \) -delete
> 		>/var/run/clean_var
> 	fi

Do we want to assume that /var/run is never a symlink? If not, we
probably want to use find -xH here.

Piotr