1symlink(7)             Miscellaneous Information Manual             symlink(7)
2
3
4

NAME

6       symlink - symbolic link handling
7

DESCRIPTION

9       Symbolic  links  are files that act as pointers to other files.  To un‐
10       derstand their behavior, you must first understand how hard links work.
11
12       A hard link to a file is indistinguishable from the original  file  be‐
13       cause it is a reference to the object underlying the original filename.
14       (To be precise: each of the hard links to a file is a reference to  the
15       same inode number, where an inode number is an index into the inode ta‐
16       ble, which contains metadata about all  files  on  a  filesystem.   See
17       stat(2).)  Changes to a file are independent of the name used to refer‐
18       ence the file.  Hard links may not refer to directories (to prevent the
19       possibility  of  loops  within the filesystem tree, which would confuse
20       many programs) and may not refer to files on different filesystems (be‐
21       cause inode numbers are not unique across filesystems).
22
23       A  symbolic  link is a special type of file whose contents are a string
24       that is the pathname of another  file,  the  file  to  which  the  link
25       refers.   (The  contents  of  a  symbolic  link can be read using read‐
26       link(2).)  In other words, a symbolic link  is  a  pointer  to  another
27       name, and not to an underlying object.  For this reason, symbolic links
28       may refer to directories and may cross filesystem boundaries.
29
30       There is no requirement that the pathname referred  to  by  a  symbolic
31       link should exist.  A symbolic link that refers to a pathname that does
32       not exist is said to be a dangling link.
33
34       Because a symbolic link  and  its  referenced  object  coexist  in  the
35       filesystem  name  space,  confusion can arise in distinguishing between
36       the link itself and the referenced object.  On historical systems, com‐
37       mands  and system calls adopted their own link-following conventions in
38       a somewhat ad-hoc fashion.  Rules for a more uniform approach, as  they
39       are  implemented  on Linux and other systems, are outlined here.  It is
40       important that site-local applications also conform to these rules,  so
41       that the user interface can be as consistent as possible.
42
43   Magic links
44       There  is a special class of symbolic-link-like objects known as "magic
45       links", which can be found in certain pseudofilesystems such as proc(5)
46       (examples  include  /proc/pid/exe  and  /proc/pid/fd/*).  Unlike normal
47       symbolic links, magic links are not  resolved  through  pathname-expan‐
48       sion,  but  instead act as direct references to the kernel's own repre‐
49       sentation of a file handle.  As such, these magic links allow users  to
50       access  files which cannot be referenced with normal paths (such as un‐
51       linked files still referenced by a running program ).
52
53       Because they can  bypass  ordinary  mount_namespaces(7)-based  restric‐
54       tions,  magic  links  have  been  used as attack vectors in various ex‐
55       ploits.
56
57   Symbolic link ownership, permissions, and timestamps
58       The owner and group of an existing symbolic link can be  changed  using
59       lchown(2).   The  ownership of a symbolic link matters when the link is
60       being removed or renamed in a directory that has  the  sticky  bit  set
61       (see  inode(7)),  and when the fs.protected_symlinks sysctl is set (see
62       proc(5)).
63
64       The last access and last modification timestamps of a symbolic link can
65       be changed using utimensat(2) or lutimes(3).
66
67       On  Linux, the permissions of an ordinary symbolic link are not used in
68       any operations; the permissions are always 0777 (read, write, and  exe‐
69       cute for all user categories), and can't be changed.
70
71       However, magic links do not follow this rule.  They can have a non-0777
72       mode, though this mode is not currently used in any permission checks.
73
74   Obtaining a file descriptor that refers to a symbolic link
75       Using the combination of the O_PATH and  O_NOFOLLOW  flags  to  open(2)
76       yields  a  file  descriptor that can be passed as the dirfd argument in
77       system calls such as fstatat(2), fchownat(2),  fchmodat(2),  linkat(2),
78       and  readlinkat(2),  in  order  to  operate on the symbolic link itself
79       (rather than the file to which it refers).
80
81       By default (i.e., if the AT_SYMLINK_FOLLOW flag is not  specified),  if
82       name_to_handle_at(2)  is applied to a symbolic link, it yields a handle
83       for the symbolic link (rather than the file to which it  refers).   One
84       can  then  obtain  a file descriptor for the symbolic link (rather than
85       the file to which it refers) by specifying the O_PATH flag in a  subse‐
86       quent call to open_by_handle_at(2).  Again, that file descriptor can be
87       used in the aforementioned system calls to operate on the symbolic link
88       itself.
89
90   Handling of symbolic links by system calls and commands
91       Symbolic  links  are handled either by operating on the link itself, or
92       by operating on the object referred to by  the  link.   In  the  latter
93       case,  an  application or system call is said to follow the link.  Sym‐
94       bolic links may refer to other symbolic links, in which case the  links
95       are  dereferenced until an object that is not a symbolic link is found,
96       a symbolic link that refers to a file which does not exist is found, or
97       a  loop is detected.  (Loop detection is done by placing an upper limit
98       on the number of links that may be followed, and an  error  results  if
99       this limit is exceeded.)
100
101       There  are three separate areas that need to be discussed.  They are as
102       follows:
103
104       •  Symbolic links used as filename arguments for system calls.
105
106       •  Symbolic links specified as command-line arguments to utilities that
107          are not traversing a file tree.
108
109       •  Symbolic  links  encountered by utilities that are traversing a file
110          tree (either specified on the command line or encountered as part of
111          the file hierarchy walk).
112
113       Before  describing  the treatment of symbolic links by system calls and
114       commands, we require some terminology.  Given a pathname  of  the  form
115       a/b/c,  the  part  preceding  the final slash (i.e., a/b) is called the
116       dirname component, and the part following the final slash (i.e., c)  is
117       called the basename component.
118
119   Treatment of symbolic links in system calls
120       The  first area is symbolic links used as filename arguments for system
121       calls.
122
123       The treatment of symbolic links within a pathname passed  to  a  system
124       call is as follows:
125
126       (1)  Within the dirname component of a pathname, symbolic links are al‐
127            ways followed in nearly every system call.  (This is also true for
128            commands.)   The one exception is openat2(2), which provides flags
129            that can be used to explicitly prevent following of symbolic links
130            in the dirname component.
131
132       (2)  Except  as  noted below, all system calls follow symbolic links in
133            the basename component of a pathname.  For example, if there  were
134            a  symbolic  link  slink  which pointed to a file named afile, the
135            system call open("slink" ...) would return a file  descriptor  re‐
136            ferring to the file afile.
137
138       Various system calls do not follow links in the basename component of a
139       pathname,  and  operate  on  the  symbolic  link  itself.   They   are:
140       lchown(2),  lgetxattr(2), llistxattr(2), lremovexattr(2), lsetxattr(2),
141       lstat(2), readlink(2), rename(2), rmdir(2), and unlink(2).
142
143       Certain other system calls optionally  follow  symbolic  links  in  the
144       basename component of a pathname.  They are: faccessat(2), fchownat(2),
145       fstatat(2),  linkat(2),   name_to_handle_at(2),   open(2),   openat(2),
146       open_by_handle_at(2),  and utimensat(2); see their manual pages for de‐
147       tails.  Because remove(3) is an alias for unlink(2), that library func‐
148       tion  also does not follow symbolic links.  When rmdir(2) is applied to
149       a symbolic link, it fails with the error ENOTDIR.
150
151       link(2)  warrants  special  discussion.   POSIX.1-2001  specifies  that
152       link(2)  should dereference oldpath if it is a symbolic link.  However,
153       Linux does not do this.  (By default, Solaris  is  the  same,  but  the
154       POSIX.1-2001  specified behavior can be obtained with suitable compiler
155       options.)  POSIX.1-2008 changed the specification to allow  either  be‐
156       havior in an implementation.
157
158   Commands not traversing a file tree
159       The  second  area is symbolic links, specified as command-line filename
160       arguments, to commands which are not traversing a file tree.
161
162       Except as noted below, commands follow symbolic links named as command-
163       line arguments.  For example, if there were a symbolic link slink which
164       pointed to a file named afile, the command cat slink would display  the
165       contents of the file afile.
166
167       It  is  important to realize that this rule includes commands which may
168       optionally traverse file trees; for example, the command chown file  is
169       included  in this rule, while the command chown -R file, which performs
170       a tree traversal, is not.  (The latter is described in the third  area,
171       below.)
172
173       If  it  is explicitly intended that the command operate on the symbolic
174       link instead of following the symbolic link—for example, it is  desired
175       that  chown  slink  change  the  ownership  of  the file that slink is,
176       whether it is a symbolic link or not—then the -h option should be used.
177       In  the  above  example, chown root slink would change the ownership of
178       the file referred to by slink, while chown -h root slink  would  change
179       the ownership of slink itself.
180
181       There are some exceptions to this rule:
182
183       •  The  mv(1)  and rm(1) commands do not follow symbolic links named as
184          arguments, but respectively  attempt  to  rename  and  delete  them.
185          (Note,  if  the symbolic link references a file via a relative path,
186          moving it to another directory may very well cause it to stop  work‐
187          ing, since the path may no longer be correct.)
188
189       •  The  ls(1)  command is also an exception to this rule.  For compati‐
190          bility with historic systems (when ls(1) is not doing a  tree  walk—
191          that is, -R option is not specified), the ls(1) command follows sym‐
192          bolic links named as arguments if the -H or -L option is  specified,
193          or  if the -F, -d, or -l options are not specified.  (The ls(1) com‐
194          mand is the only command where the -H and -L options affect its  be‐
195          havior even though it is not doing a walk of a file tree.)
196
197       •  The  file(1) command is also an exception to this rule.  The file(1)
198          command does not follow symbolic links named as argument by default.
199          The  file(1) command does follow symbolic links named as argument if
200          the -L option is specified.
201
202   Commands traversing a file tree
203       The following commands either optionally or always traverse file trees:
204       chgrp(1),  chmod(1),  chown(1),  cp(1),  du(1), find(1), ls(1), pax(1),
205       rm(1), and tar(1).
206
207       It is important to realize that the following rules  apply  equally  to
208       symbolic  links encountered during the file tree traversal and symbolic
209       links listed as command-line arguments.
210
211       The first rule applies to symbolic links  that  reference  files  other
212       than  directories.   Operations  that  apply to symbolic links are per‐
213       formed on the links themselves, but otherwise the links are ignored.
214
215       The command rm -r slink directory will remove slink,  as  well  as  any
216       symbolic  links encountered in the tree traversal of directory, because
217       symbolic links may be removed.  In no case will rm(1) affect  the  file
218       referred to by slink.
219
220       The  second  rule  applies to symbolic links that refer to directories.
221       Symbolic links that refer to directories are never followed by default.
222       This  is often referred to as a "physical" walk, as opposed to a "logi‐
223       cal" walk (where symbolic links that  refer  to  directories  are  fol‐
224       lowed).
225
226       Certain  conventions are (should be) followed as consistently as possi‐
227       ble by commands that perform file tree walks:
228
229       •  A command can be made to follow any symbolic links named on the com‐
230          mand  line, regardless of the type of file they reference, by speci‐
231          fying the -H (for "half-logical") flag.  This flag  is  intended  to
232          make  the  command-line name space look like the logical name space.
233          (Note, for commands that do not always do file tree traversals,  the
234          -H flag will be ignored if the -R flag is not also specified.)
235
236          For example, the command chown -HR user slink will traverse the file
237          hierarchy rooted in the file pointed to by slink.  Note, the  -H  is
238          not  the  same  as  the  previously  discussed -h flag.  The -H flag
239          causes symbolic links specified on the command line to  be  derefer‐
240          enced  for  the  purposes of both the action to be performed and the
241          tree walk, and it is as if the user had specified the  name  of  the
242          file to which the symbolic link pointed.
243
244       •  A command can be made to follow any symbolic links named on the com‐
245          mand line, as well as any symbolic links encountered during the tra‐
246          versal, regardless of the type of file they reference, by specifying
247          the -L (for "logical") flag.  This flag is intended to make the  en‐
248          tire  name  space look like the logical name space.  (Note, for com‐
249          mands that do not always do file tree traversals, the -L  flag  will
250          be ignored if the -R flag is not also specified.)
251
252          For  example, the command chown -LR user slink will change the owner
253          of the file referred to by slink.  If slink refers to  a  directory,
254          chown  will traverse the file hierarchy rooted in the directory that
255          it references.  In addition, if any symbolic links  are  encountered
256          in  any  file tree that chown traverses, they will be treated in the
257          same fashion as slink.
258
259       •  A command can be made to provide the default behavior by  specifying
260          the -P (for "physical") flag.  This flag is intended to make the en‐
261          tire name space look like the physical name space.
262
263       For commands that do not by default do file tree  traversals,  the  -H,
264       -L,  and -P flags are ignored if the -R flag is not also specified.  In
265       addition, you may specify the -H, -L, and -P options  more  than  once;
266       the  last one specified determines the command's behavior.  This is in‐
267       tended to permit you to alias commands to behave one way or the  other,
268       and then override that behavior on the command line.
269
270       The ls(1) and rm(1) commands have exceptions to these rules:
271
272       •  The rm(1) command operates on the symbolic link, and not the file it
273          references, and therefore never follows a symbolic link.  The  rm(1)
274          command does not support the -H, -L, or -P options.
275
276       •  To  maintain  compatibility with historic systems, the ls(1) command
277          acts a little differently.  If you do not specify the -F, -d, or  -l
278          options,  ls(1)  will follow symbolic links specified on the command
279          line.  If the -L flag  is  specified,  ls(1)  follows  all  symbolic
280          links,  regardless  of  their type, whether specified on the command
281          line or encountered in the tree walk.
282

SEE ALSO

284       chgrp(1), chmod(1), find(1),  ln(1),  ls(1),  mv(1),  namei(1),  rm(1),
285       lchown(2),  link(2),  lstat(2), readlink(2), rename(2), symlink(2), un‐
286       link(2), utimensat(2), lutimes(3), path_resolution(7)
287
288
289
290Linux man-pages 6.05              2023-04-03                        symlink(7)
Impressum