[ale] cleaning out /tmp
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Sep 3 12:31:33 EDT 2007
On Mon 2007-09-03 11:45:26 -0400, Michael B. Trausch wrote:
> Hrm. That's some odd behavior, I would think. Why would a program
> do that... it would seem that it is saving state in /tmp by doing
> that, but really shouldn't it be using /var/* for that purpose?
That'd be ideal, but not all programs are system-level programs, and
so they don't have designated space in /var for such storage.
For example, the default location for a krb5 credentials cache for a
user with uid 1234 is /tmp/krb5cc_1234. That ccache is hardly ever
actually held open by a process: it's only briefly scanned (and maybe
updated) upon authentication, then released. If you were to purge a
user's ccache, they'd suddenly be unable to authenticate to the
systems they expected to. If i were a user on that system, i'd be
rather frustrated.
If yer gonna be trying to clean the /tmp dir on a live system, you
should have atime turned on for that filesystem, and you should only
remove files that haven't been accessed for > 48 hours or something.
Even easier than cleaning up /tmp manually on reboot is to just mount
it as a tmpfs anyway, so it's only held in RAM (backed by swap, of
course, should it be necessary):
[0 dkg at squeak ~]$ grep /tmp /etc/fstab
tmp /tmp tmpfs nosuid,nodev,mode=1777 0 0
[0 dkg at squeak ~]$
hth,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
More information about the Ale
mailing list