fix: handle broken symlinks during mount destination creation

ComixHe · ComixHe · commit b1c7fa13d8cf · 2025-08-29T17:51:36.000+08:00
When a destination file doesn't exist, the previous implementation couldn't
distinguish between creation failure due to existing files vs other reasons.
If both opening and creating fail, the destination is definitely a broken symlink.

- Add recursive symlink resolution with depth limit (32) in create_destination_file()
- Use O_NOFOLLOW to detect symlink during file creation
- When creation fails with ELOOP, read symlink target and recursively create it
- Replace filesystem functions with internal utils for consistent error handling
- Add proper broken symlink detection and resolution logic

This ensures mount destinations work correctly even when they point to
broken symlinks, by creating the missing target files in the symlink chain.

Signed-off-by: ComixHe &lt;ComixHe1895@outlook.com&gt;
diff --git a/src/linyaps_box/container.cpp b/src/linyaps_box/container.cpp
@@ -48,6 +48,7 @@
 #endif
 
 constexpr auto propagations_flag = (MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE);
+constexpr auto max_symlink_depth{ 32 };
 
 namespace linyaps_box {
 
@@ -399,29 +400,48 @@ void do_remount(const remount_t &mount)
     }
 }
 
-[[nodiscard]] linyaps_box::utils::file_descriptor create_destination_file(
+[[nodiscard]] linyaps_box::utils::file_descriptor create_destination_directory(
         const linyaps_box::utils::file_descriptor &root, const std::filesystem::path &destination)
 {
-    LINYAPS_BOX_DEBUG() << "Creating file " << destination.string() << " under "
+    LINYAPS_BOX_DEBUG() << "Creating directory " << destination.string() << " under "
                         << linyaps_box::utils::inspect_path(root.get());
-    const auto &parent = linyaps_box::utils::mkdir(root, destination.parent_path());
-    return linyaps_box::utils::touch(parent, destination.filename());
+    return linyaps_box::utils::mkdir(root, destination);
 }
 
-[[nodiscard]] linyaps_box::utils::file_descriptor create_destination_directory(
-        const linyaps_box::utils::file_descriptor &root, const std::filesystem::path &destination)
+[[nodiscard]] linyaps_box::utils::file_descriptor
+create_destination_file(const linyaps_box::utils::file_descriptor &root,
+                        const std::filesystem::path &destination,
+                        int max_depth)
 {
-    LINYAPS_BOX_DEBUG() << "Creating directory " << destination.string() << " under "
+    if (max_depth < 0) {
+        throw std::system_error(ELOOP, std::system_category(), "failed to create file");
+    }
+
+    LINYAPS_BOX_DEBUG() << "Creating file " << destination.string() << " under "
                         << linyaps_box::utils::inspect_path(root.get());
-    return linyaps_box::utils::mkdir(root, destination);
+    const auto &parent = create_destination_directory(root, destination.parent_path());
+
+    try {
+        auto ret = linyaps_box::utils::touch(parent,
+                                             destination.filename(),
+                                             O_CLOEXEC | O_CREAT | O_WRONLY | O_NOFOLLOW);
+        return ret;
+    } catch (std::system_error &e) {
+        if (e.code() != std::errc::too_many_symbolic_link_levels) {
+            throw;
+        }
+
+        auto target = linyaps_box::utils::readlinkat(parent, destination.filename());
+        return create_destination_file(root, target, max_depth - 1);
+    }
 }
 
 [[nodiscard]] linyaps_box::utils::file_descriptor
 create_destination_symlink(const linyaps_box::utils::file_descriptor &root,
                            const std::filesystem::path &source,
                            std::filesystem::path destination)
 {
-    auto ret = std::filesystem::read_symlink(source);
+    auto ret = linyaps_box::utils::readlink(source);
     auto parent = linyaps_box::utils::mkdir(root, destination.parent_path());
 
     LINYAPS_BOX_DEBUG() << "Creating symlink " << destination.string() << " under "
@@ -447,13 +467,8 @@ create_destination_symlink(const linyaps_box::utils::file_descriptor &root,
                                         + " already exists and is not a symlink");
     }
 
-    std::array<char, PATH_MAX + 1> buf{};
-    auto to = ::readlinkat(root.get(), destination.c_str(), buf.data(), buf.size());
-    if (to == -1) {
-        throw std::system_error(errno, std::system_category(), "readlinkat");
-    }
-
-    if (std::string_view{ buf.data(), static_cast<size_t>(to) } == ret) {
+    auto target = linyaps_box::utils::readlinkat(root, destination);
+    if (target == ret) {
         return linyaps_box::utils::open_at(root, destination, O_PATH | O_NOFOLLOW | O_CLOEXEC);
     }
 
@@ -469,11 +484,9 @@ ensure_mount_destination(bool isDir,
                          const linyaps_box::config::mount_t &mount)
 try {
     assert(mount.destination.has_value());
-    auto open_flag = O_PATH;
-    if ((mount.flags & LINGYAPS_MS_NOSYMFOLLOW) != 0) {
-        open_flag |= O_NOFOLLOW;
-    }
-
+    auto open_flag = O_PATH | O_CLOEXEC;
+    LINYAPS_BOX_DEBUG() << "Opening " << (isDir ? "directory " : "file ")
+                        << mount.destination.value() << " under " << root.current_path();
     return linyaps_box::utils::open_at(root, mount.destination.value(), open_flag);
 } catch (const std::system_error &e) {
     if (e.code().value() != ENOENT) {
@@ -492,7 +505,7 @@ try {
         return create_destination_directory(root, path);
     }
 
-    return create_destination_file(root, path);
+    return create_destination_file(root, path, max_symlink_depth);
 }
 
 void do_propagation_mount(const linyaps_box::utils::file_descriptor &destination,
diff --git a/src/linyaps_box/utils/file_describer.cpp b/src/linyaps_box/utils/file_describer.cpp
@@ -18,14 +18,23 @@ linyaps_box::utils::file_descriptor_closed_exception::file_descriptor_closed_exc
 linyaps_box::utils::file_descriptor_closed_exception::~file_descriptor_closed_exception() noexcept =
         default;
 
+linyaps_box::utils::file_descriptor_invalid_exception::file_descriptor_invalid_exception(
+        const std::string &message)
+    : std::runtime_error(message)
+{
+}
+
+linyaps_box::utils::file_descriptor_invalid_exception::
+        ~file_descriptor_invalid_exception() noexcept = default;
+
 linyaps_box::utils::file_descriptor::file_descriptor(int fd)
     : fd_(fd)
 {
 }
 
 linyaps_box::utils::file_descriptor::~file_descriptor()
 {
-    if (fd_ == -1) {
+    if (fd_ < 0) {
         return;
     }
 
@@ -58,6 +67,10 @@ auto linyaps_box::utils::file_descriptor::duplicate() const -> linyaps_box::util
         throw file_descriptor_closed_exception();
     }
 
+    if (fd_ == AT_FDCWD) {
+        throw file_descriptor_invalid_exception("cannot duplicate AT_FDCWD");
+    }
+
     auto ret = dup(fd_);
     if (ret < 0) {
         throw std::system_error(errno, std::generic_category(), "fcntl");
@@ -134,3 +147,8 @@ auto linyaps_box::utils::file_descriptor::current_path() const noexcept -> std::
 
     return path;
 }
+
+auto linyaps_box::utils::file_descriptor::cwd() -> file_descriptor
+{
+    return file_descriptor{ AT_FDCWD };
+}
diff --git a/src/linyaps_box/utils/file_describer.h b/src/linyaps_box/utils/file_describer.h
@@ -23,6 +23,19 @@ class file_descriptor_closed_exception : public std::runtime_error
     ~file_descriptor_closed_exception() noexcept override;
 };
 
+class file_descriptor_invalid_exception : public std::runtime_error
+{
+public:
+    explicit file_descriptor_invalid_exception(const std::string &message);
+    file_descriptor_invalid_exception(const file_descriptor_invalid_exception &) = default;
+    file_descriptor_invalid_exception(file_descriptor_invalid_exception &&) noexcept = default;
+    auto operator=(const file_descriptor_invalid_exception &)
+            -> file_descriptor_invalid_exception & = default;
+    auto operator=(file_descriptor_invalid_exception &&) noexcept
+            -> file_descriptor_invalid_exception & = default;
+    ~file_descriptor_invalid_exception() noexcept override;
+};
+
 class file_descriptor
 {
 public:
@@ -51,6 +64,8 @@ class file_descriptor
 
     [[nodiscard]] auto current_path() const noexcept -> std::filesystem::path;
 
+    static auto cwd() -> file_descriptor;
+
 private:
     int fd_{ -1 };
 };
diff --git a/src/linyaps_box/utils/symlink.cpp b/src/linyaps_box/utils/symlink.cpp
@@ -6,6 +6,10 @@
 
 #include "linyaps_box/utils/log.h"
 
+#include <linux/limits.h>
+
+#include <array>
+
 void linyaps_box::utils::symlink(const std::filesystem::path &target,
                                  const std::filesystem::path &link_path)
 {
@@ -30,3 +34,26 @@ void linyaps_box::utils::symlink_at(const std::filesystem::path &target,
         throw std::system_error(errno, std::system_category(), "symlinkat");
     }
 }
+
+std::filesystem::path linyaps_box::utils::readlink(const std::filesystem::path &path)
+{
+    std::error_code ec;
+    auto ret = std::filesystem::read_symlink(path, ec);
+    if (ec) {
+        throw std::system_error{ ec.value(), std::system_category(), ec.message() };
+    }
+
+    return ret;
+}
+
+std::filesystem::path linyaps_box::utils::readlinkat(const file_descriptor &dirfd,
+                                                     const std::filesystem::path &path)
+{
+    std::array<char, PATH_MAX + 1> buf{};
+    auto ret = ::readlinkat(dirfd.get(), path.c_str(), buf.data(), PATH_MAX + 1);
+    if (ret == -1) {
+        throw std::system_error(errno, std::system_category(), "readlinkat");
+    }
+
+    return std::filesystem::path{ buf.data() };
+}
diff --git a/src/linyaps_box/utils/symlink.h b/src/linyaps_box/utils/symlink.h
@@ -16,4 +16,8 @@ void symlink_at(const std::filesystem::path &target,
                 const file_descriptor &dirfd,
                 const std::filesystem::path &link_path);
 
+std::filesystem::path readlink(const std::filesystem::path &path);
+
+std::filesystem::path readlinkat(const file_descriptor &dirfd, const std::filesystem::path &path);
+
 } // namespace linyaps_box::utils
diff --git a/src/linyaps_box/utils/touch.cpp b/src/linyaps_box/utils/touch.cpp
@@ -9,11 +9,13 @@
 
 #include <fcntl.h>
 
-auto linyaps_box::utils::touch(const file_descriptor &root, const std::filesystem::path &path)
-        -> linyaps_box::utils::file_descriptor
+auto linyaps_box::utils::touch(const file_descriptor &root,
+                               const std::filesystem::path &path,
+                               int flag,
+                               mode_t mode) -> linyaps_box::utils::file_descriptor
 {
     LINYAPS_BOX_DEBUG() << "touch " << path << " at " << inspect_fd(root.get());
-    const auto fd = ::openat(root.get(), path.c_str(), O_CREAT | O_WRONLY, 0666);
+    const auto fd = ::openat(root.get(), path.c_str(), flag, mode);
     if (fd == -1) {
         throw std::system_error(errno,
                                 std::system_category(),
diff --git a/src/linyaps_box/utils/touch.h b/src/linyaps_box/utils/touch.h
@@ -8,6 +8,9 @@
 
 namespace linyaps_box::utils {
 
-auto touch(const file_descriptor &root, const std::filesystem::path &path) -> file_descriptor;
+auto touch(const file_descriptor &root,
+           const std::filesystem::path &path,
+           int flag,
+           mode_t mode = 0700) -> file_descriptor;
 
 } // namespace linyaps_box::utils
