From 7f0704da9454d36d19920e033ddadf06c9c6441e Mon Sep 17 00:00:00 2001 From: Franck Bui Date: Wed, 28 Nov 2018 16:09:16 +0100 Subject: [PATCH] tmpfiles: use CHASE_WARN in addition to CHASE_SAFE MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit and let's emit a more comprehensive warning when an unsafe transition is encountered. Before this patch: Unsafe symlinks encountered in /run/nrpe, refusing. After: Detected unsafe path transition / → /run during canonicalization of /run/nrpe. --- src/tmpfiles/tmpfiles.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/src/tmpfiles/tmpfiles.c b/src/tmpfiles/tmpfiles.c index 1f2caf5f73..d4e4f0c535 100644 --- a/src/tmpfiles/tmpfiles.c +++ b/src/tmpfiles/tmpfiles.c @@ -861,10 +861,8 @@ static int path_open_parent_safe(const char *path) { if (!dn) return log_oom(); - fd = chase_symlinks(dn, NULL, CHASE_OPEN|CHASE_SAFE, NULL); - if (fd == -ENOLINK) - return log_error_errno(fd, "Unsafe symlinks encountered in %s, refusing.", path); - if (fd < 0) + fd = chase_symlinks(dn, NULL, CHASE_OPEN|CHASE_SAFE|CHASE_WARN, NULL); + if (fd < 0 && fd != -ENOLINK) return log_error_errno(fd, "Failed to validate path %s: %m", path); return fd; @@ -884,10 +882,8 @@ static int path_open_safe(const char *path) { "Failed to open invalid path '%s'.", path); - fd = chase_symlinks(path, NULL, CHASE_OPEN|CHASE_SAFE|CHASE_NOFOLLOW, NULL); - if (fd == -ENOLINK) - return log_error_errno(fd, "Unsafe symlinks encountered in %s, refusing.", path); - if (fd < 0) + fd = chase_symlinks(path, NULL, CHASE_OPEN|CHASE_SAFE|CHASE_WARN|CHASE_NOFOLLOW, NULL); + if (fd < 0 && fd != -ENOLINK) return log_error_errno(fd, "Failed to validate path %s: %m", path); return fd;