[systemd-devel] How safe are D and R directives for systemd-tmpfiles?

Lennart Poettering lennart at poettering.net
Tue Oct 16 13:33:07 UTC 2018


On Di, 16.10.18 18:14, Amish (anon.amish at gmail.com) wrote:

> Hello,
> 
> I am interested in knowing how safe D and R directives for tmpfiles.d are?
> 
> If by some accident OR some packagers malicious intent - someone places a
> file with "R /" in tmpfiles.d, would this erase everything?

We refuse requests to delete the root dir:

https://github.com/systemd/systemd/blob/master/src/basic/rm-rf.c#L168

> Does systemd have a way of specifying that R and D should be applicable only
> for /tmp or /var/{cache,run,tmp} only?

When you invoke the systemd-tmpfiles binary you could specify
--prefix= to drop it's effect on non-listed prefixes.

> I could not locate anything on man page.

see systemd-tmpfiles(8).

Generally though: the directories where systemd-tmpfiles reads its
configuration from are owned by root and not writable by unprivileged
users. Moreover, the snippets are nothing you sloppily enter on the
command line, it's not a user-facing concept. Hence there's much less
chance to be misused on purpose or by accident.

Lennart

-- 
Lennart Poettering, Red Hat


More information about the systemd-devel mailing list