//! Code to remove obsolete and extraneous files from a filesystem-based state
//! directory.
use std::{
path::{Path, PathBuf},
time::{Duration, SystemTime},
use tor_basic_utils::PathExt as _;
use tor_error::warn_report;
use tracing::warn;
/// Return true if `path` looks like a filename we'd like to remove from our
/// state directory.
fn fname_looks_obsolete(path: &Path) -> bool {
if let Some(extension) = path.extension() {
if extension == "toml" {
// We don't make toml files any more. We migrated to json because
// toml isn't so good for serializing arbitrary objects.
return true;
if let Some(stem) = path.file_stem() {
if stem == "default_guards" {
// This file type is obsolete and was removed around 0.0.4.
/// How old must an obsolete-looking file be before we're willing to remove it?
// TODO: This could someday be configurable, if there are in fact users who want
// to keep obsolete files around in their state directories for months or years,
// or who need to get rid of them immediately.
const CUTOFF: Duration = Duration::from_secs(4 * 24 * 60 * 60);
/// Return true if `entry` is very old relative to `now` and therefore safe to delete.
fn very_old(entry: &std::fs::DirEntry, now: SystemTime) -> std::io::Result<bool> {
Ok(match now.duration_since(entry.metadata()?.modified()?) {
Ok(age) => age > CUTOFF,
Err(_) => {
// If duration_since failed, this file is actually from the future, and so it definitely isn't older than the cutoff.
/// Implementation helper for [`FsStateMgr::clean()`](super::FsStateMgr::clean):
/// list all files in `statepath` that are ready to delete as of `now`.
pub(super) fn files_to_delete(statepath: &Path, now: SystemTime) -> Vec<PathBuf> {
let mut result = Vec::new();
let dir_read_failed = |err: std::io::Error| {
use std::io::ErrorKind as EK;
match err.kind() {
EK::NotFound => {}
_ => warn_report!(
"Failed to scan directory {} for obsolete files",
let entries = std::fs::read_dir(statepath)
.map_err(dir_read_failed) // Result from fs::read_dir
.map_while(|result| result.map_err(dir_read_failed).ok()); // Result from
for entry in entries {
let path = entry.path();
let basename = entry.file_name();
if fname_looks_obsolete(Path::new(&basename)) {
match very_old(&entry, now) {
Ok(true) => result.push(path),
Ok(false) => {
"Found obsolete file {}; will delete it when it is older.",
Err(err) => {
"Found obsolete file {} but could not access its modification time",
#[cfg(all(test, not(miri) /* filesystem access */))]
mod test {
// @@ begin test lint list maintained by maint/add_warning @@
//! <!-- @@ end test lint list maintained by maint/add_warning @@ -->
use super::*;
fn fnames() {
let examples = vec![
("guards", false),
("default_guards.json", true),
("guards.toml", true),
("marzipan.toml", true),
("marzipan.json", false),
for (name, obsolete) in examples {
assert_eq!(fname_looks_obsolete(Path::new(name)), obsolete);
fn age() {
let dir = tempfile::TempDir::new().unwrap();
let fname1 = dir.path().join("quokka");
let now = SystemTime::now();
std::fs::write(fname1, "hello world").unwrap();
let mut r = std::fs::read_dir(dir.path()).unwrap();
let ent =;
assert!(!very_old(&ent, now).unwrap());
assert!(very_old(&ent, now + CUTOFF * 2).unwrap());
fn list() {
let fname1 = dir.path().join("quokka.toml");
let fname2 = dir.path().join("wombat.json");
std::fs::write(fname2, "greetings").unwrap();
let removable_now = files_to_delete(dir.path(), now);
let removable_later = files_to_delete(dir.path(), now + CUTOFF * 2);
assert_eq!(removable_later.len(), 1);
assert_eq!(removable_later[0].file_stem().unwrap(), "quokka");
// Make sure we tolerate files written "in the future"
let removable_earlier = files_to_delete(dir.path(), now - CUTOFF * 2);
fn absent() {
let dir2 = dir.path().join("subdir_that_doesnt_exist");
let r = files_to_delete(&dir2, SystemTime::now());