I mount a logical volune as /tmp: rose@gepard:/home/rose(2)$ df -T /tmp Dateisystem Typ 1K-Blöcke Benutzt Verfügbar Verw% Eingehängt auf /dev/mapper/vg0-tmp ext2 8256952 26872 7810652 1% /tmp I just booted the system: rose@gepard:/home/rose(3)$ date Mo 15. Sep 12:58:46 CEST 2014 rose@gepard:/home/rose(4)$ uptime 12:58:49 up 17 min, 2 users, load average: 1.00, 0.94, 0.60 Cleaning of /tmp directory is set in /etc/conf.d/bootmisc rose@gepard:/home/rose(7)$ grep tmp /etc/conf.d/bootmisc # List of /tmp directories we should clean up clean_tmp_dirs="/tmp" # Should we wipe the tmp paths completely or just selectively remove known wipe_tmp="YES" But there are a lot of old files under /tmp: rose@gepard:/home/rose(9)$ ll -t /tmp/ | tail -rw-r--r-- 1 portage portage 6 8. Sep 14:12 fileOHEUzx srwxr-xr-x 1 portage portage 0 8. Sep 12:09 conftest4580= -rw------- 1 root root 0 8. Sep 09:08 manpages-checksMSC3 srwxr-xr-x 1 portage portage 0 8. Sep 05:28 conftest20331= -rw------- 1 root root 0 8. Sep 02:27 manpages-checksu1YP -rw-r--r-- 1 root root 284 7. Sep 20:54 cmd_3268.log -rw-r--r-- 1 root root 2 7. Sep 18:39 3467_nightmerge_exit.log -rw-r--r-- 1 root root 2 7. Sep 06:33 7717_nightmerge_exit.log drwxrwxr-x 2 root utmp 4096 23. Aug 13:17 screen/ drwx------ 2 root root 16384 10. Sep 2013 lost+found/ Is /etc/conf.d/bootmisc still evaluated by systemd or do I have configure the cleaning explicitely with /etc/tmpfiles.d/*.conf? rose@gepard:/home/rose(13)$ emerge --info Portage 2.2.12 (python 2.7.8-final-0, default/linux/amd64/13.0/desktop, gcc-4.8.3, glibc-2.19-r1, 3.16.2-gentoo x86_64) ================================================================= System uname: Linux-3.16.2-gentoo-x86_64-Intel-R-_Core-TM-_i7_CPU_M_620_@_2.67GHz-with-gentoo-2.2 KiB Mem: 3903396 total, 2450540 free KiB Swap: 12582908 total, 12582908 free Timestamp of tree: Mon, 15 Sep 2014 08:30:01 +0000 ld GNU ld (Gentoo 2.24 p1.4) 2.24 distcc[4947] (dcc_set_trace_from_env) ERROR: failed to open logfile /var/log/distcc.log: Permission denied [disabled] app-shells/bash: 4.2_p47 dev-java/java-config: 2.2.0 dev-lang/python: 2.7.8, 3.3.5-r1, 3.4.1 dev-util/cmake: 2.8.12.2-r2 dev-util/pkgconfig: 0.28-r2 sys-apps/baselayout: 2.2 sys-apps/openrc: 0.13.1 sys-apps/sandbox: 2.6-r1 sys-devel/autoconf: 2.13, 2.69 sys-devel/automake: 1.9.6-r3, 1.10.3, 1.11.6, 1.12.6, 1.14.1 sys-devel/binutils: 2.24-r3 sys-devel/gcc: 4.8.3 sys-devel/gcc-config: 1.8 sys-devel/libtool: 2.4.2-r1 sys-devel/make: 4.0-r1 sys-kernel/linux-headers: 3.16 (virtual/os-headers) sys-libs/glibc: 2.19-r1 Repositories: gentoo sage-on-gentoo science sunrise x11 ago tlp local g-cpan g-octave Installed sets: @system ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="* -@EULA PUEL Intel-SDP dlj-1.1 skype-eula skype-4.0.0.7-copyright googleearth AdobeFlash-11.x cadsoft Oracle-BCLA-JavaSE MakeMKV-EULA NVIDIA-CUDA Nero-AAC-EULA GIMPS" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=core2 -mtune=generic -Os -pipe -msse3 -msse4 -mcx16 -msahf -mpopcnt" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt /var/lib/hsqldb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.6/ext-active/ /etc/php/cgi-php5.6/ext-active/ /etc/php/cli-php5.6/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-march=core2 -mtune=generic -Os -pipe -msse3 -msse4 -mcx16 -msahf -mpopcnt" DISTDIR="/usr/portage/distfiles" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-march=core2 -mtune=generic -Os -pipe -msse3 -msse4 -mcx16 -msahf -mpopcnt" GENTOO_MIRRORS="http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror http://ftp-stud.fht-esslingen.de/pub/Mirrors/gentoo/ ftp://ftp.wh2.tu-dresden.de/pub/mirrors/gentoo ftp://sunsite.informatik.rwth-aachen.de/pub/Linux/gentoo ftp://ftp.tu-clausthal.de/pub/linux/gentoo ftp://ftp.easynet.nl/mirror/gentoo/ " LANG="de_DE.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j5" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage_gepard" PORTDIR_OVERLAY="/var/lib/layman/sage-on-gentoo /var/lib/layman/science /var/lib/layman/sunrise /var/lib/layman/x11 /var/lib/layman/ago /var/lib/layman/tlp /usr/local/portage /var/lib/cpan /var/lib/g-octave" USE="64bit R X Xaw3d a52 aac acl acpi admin afs alsa amd64 ao apache2 apng applet archive armadillo arpack asf aspell atlas audacious audiofile automap automount bash-completion berkdb blas blast bluetooth bluray boost branding bzip2 cairo cdda cddb cdf cdio cdparanoia cdr cg cgi chm cli cmake consolekit cracklib crypt css cups curl cxx daap db dbi dbm dbus declarative designer devhelp device-mapper dga dia dirac djvu doc dot dri ds2490 ds9097 ds9097u dts dv dvb dvd dvdr dvi dynamicplugin eds egl elf emacs emboss emf encode epiphany evo examples exif expat extensions extra extras faac faad fam ffmpeg fftw firefox fits flac fltk fontconfig foomaticdb fortran fortran95 fpm fpx fuse g3dvl garmin gcj gd gdal gdbm gdu gedit geoip geolocation geos gfortran gif gimp git glade glib glpk gml gmp gnome gnome-keyring gnome-print gnuplot gnutls gold gphoto2 gpm grammar graphics graphtft graphviz grass gsl gsm gstreamer gtk gtk3 gudev guile hddtemp hdf hdf5 hdri html http httpd hvm hwdb iconv icq icu id3tag ide imagemagick imap inotify introspection ipod ipv6 irda ithreads jabber jadetex java java6 jbig jit john jpeg jpeg2k kate kdepim kdrive kerberos keymap kpathsea kvm ladspa lame lapack laptop latex lcms ldap lensfun libffi libkms libnotify libsamplerate lirc live lm_sensors lua lzma lzo mad mail maildir mapnik math matroska media-library mercurial mikmod mkl mmx mmxext mng mod modules mono motif mozilla mp3 mp4 mpeg mpi mplayer mtp multilib multimedia musepack musicbrainz mysql mysqli nautilus ncurses neXt netcdf netpbm network networking nfs nls nntp nptl nsplugin ntfs ntp numpy obex objc ocaml ocr octave odbc ofa ogdi ogg openexr opengl openmp openvg pam pango pcre pda pdf pdl2 perl plasma plotutils plugins png podcast policykit portaudio posix postgres postscript ppds preview-latex proj projectm pstricks pulseaudio python python-bindings q16 q32 qemu qhull qt3support qt4 quicktime raw readline reiserfs reports rle romio rpc rrdcgi rrdtool sage samba sasl schroedinger science sdk sdl secure-delete semantic-desktop server session shout sip slang slp smart smbclient smp sms sndfile snmp soap sockets sound soup sox speex spell sql sqlite sse sse2 sse4 sse4_1 sse4_2 ssl ssse3 startup-notification stlport subtitles subversion sudo suexec svg svm swig systemd szip t1lib tcl tcpd tex tex4ht texmacs theora thesaurus thinkpad threads thunderbird tidy tiff tk tools truetype udev udisks unicode upower usb utempter v4l vaapi vala valgrind vdpau video virt-network virtualbox visio vorbis vpx vtk wav webdav webdav-serf webkit wifi wmf wxwidgets x264 xa xattr xcb xetex xext xft xine xml xmlreader xmlrpc xpm xv xvid xvmc yaml youtube zlib zvbi" ABI_X86="64" ALSA_CARDS="intel8x0" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_core authn_dbm authn_default authn_file authz_core authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgid dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info lbmethod_byrequests log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif slotmem_shm so socache_shmcb speling status unique_id unixd userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" CAMERAS="canon fuji ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CURL_SSL="nss" DRACUT_MODULES="caps lvm syslog" DVB_CARDS="usb-wt220u" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="keyboard mouse evdev synaptics void" KERNEL="linux" LCD_DEVICES="cfontz hd44780 mtxorb ncurses X lcd2usb lcdlinux png usblcd" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LINGUAS="de fr ru" NETBEANS_MODULES="apisupport cnd dlight enterprise ergonomics groovy gsf harness ide identity j2ee java mobility nb php profiler websvccommon xml" OFFICE_IMPLEMENTATION="libreoffice" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_3" QEMU_SOFTMMU_TARGETS="arm i386 x86_64" QEMU_USER_TARGETS="arm i386 x86_64" RUBY_TARGETS="ruby19 ruby20" USERLAND="GNU" VIDEO_CARDS="nouveau displaylink" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, SYNC, USE_PYTHON
BTW., I have a /usr/lib/tmpfiles.d/tmp.conf with: rose@gepard:/home/rose(17)$ grep "^[^#]" /usr/lib/tmpfiles.d/tmp.conf d /tmp 1777 root root 10d d /var/tmp 1777 root root 30d x /tmp/systemd-private-%b-* X /tmp/systemd-private-%b-*/tmp x /var/tmp/systemd-private-%b-* X /var/tmp/systemd-private-%b-*/tmp
(In reply to Juergen Rose from comment #0) > I just booted the system: system or systemd? :p > Is /etc/conf.d/bootmisc still evaluated by systemd or do I have configure > the cleaning explicitely with /etc/tmpfiles.d/*.conf? /etc/conf.d/bootmisc is a configuration file for /etc/init.d/bootmisc, and /etc/init.d/bootmisc is only executed when booting with OpenRC, so no, it's not used by systemd
(In reply to Samuli Suominen from comment #2) > (In reply to Juergen Rose from comment #0) > > I just booted the system: > > system or systemd? :p > > > Is /etc/conf.d/bootmisc still evaluated by systemd or do I have configure > > the cleaning explicitely with /etc/tmpfiles.d/*.conf? > > /etc/conf.d/bootmisc is a configuration file for /etc/init.d/bootmisc, and > /etc/init.d/bootmisc is only executed when booting with OpenRC, so no, it's > not used by systemd I am running systemd: rose@gepard:/home/rose(2)$ ps -ef | grep systemd root 1 0 1 13:42 ? 00:00:03 /usr/lib/systemd/systemd root 1658 1 0 13:43 ? 00:00:00 /usr/lib/systemd/systemd-journald root 1722 1 0 13:43 ? 00:00:01 /usr/lib/systemd/systemd-udevd systemd+ 1770 1 0 13:43 ? 00:00:00 /usr/lib/systemd/systemd-timesyncd root 1808 1 0 13:43 ? 00:00:00 /usr/lib/systemd/systemd-logind message+ 1811 1 0 13:43 ? 00:00:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-act rose 2289 1 0 13:44 ? 00:00:00 /usr/lib/systemd/systemd --user rose 2753 2383 0 13:48 pts/0 00:00:00 grep --colour=auto systemd
so, configure your systemd to do the cleanup, don't expect systemd to read openrc configuration files
Created attachment 384792 [details] Service to clean /tmp on boot When I tried some months ago, it was impossible to use tmpfiles.d for cleaning /tmp: There is no "flag" to clean only on booting. (I somehow remember that such a flag was introduced some months later, but there was some problem with it, either, which I cannot recall now; perhaps the cleaning happened too late for /tmp) So, since some months already I use the attached unit for cleaning. (I have masked tmp.mount, of course.) The solution is somewhat hackish, but whole of systemd is a hack anyway...
/usr/lib/tmpfiles.d/tmp.conf will clear out files older than 10 days from /tmp. If you want everything cleared out on boot, you will need to create your own unit for it. As Martin indicates, there isn't an obvious way to do it with tmpfiles.
I should also note that /tmp is a tmpfs by default, which does not need cleaning on boot. Does anyone have an idea for how we could conditionally start a unit based on if /tmp is a tmpfs? If so, we might propose it upstream or add it to gentoo-systemd-integration.
(In reply to Samuli Suominen from comment #4) > so, configure your systemd to do the cleanup, don't expect systemd to read > openrc configuration files But what should I do, that /tmp is cleared during booting? Create a /etc/tmpfiles.d/tmp.conf with D /tmp 1777 root root 1s ?
(In reply to Mike Gilbert from comment #7) > I should also note that /tmp is a tmpfs by default, which does not need > cleaning on boot. > > Does anyone have an idea for how we could conditionally start a unit based > on if /tmp is a tmpfs? If so, we might propose it upstream or add it to > gentoo-systemd-integration. I have only 4 GB RAM. That's why I do not want to waste my RAM for the /tmp filesystem. Therefore I have to configure my system, that /tmp is cleaned at booting. There is really not any way to do this with /usr/lib/systemd/system/systemd-tmpfiles-clean.service or /usr/lib/systemd/system/systemd-tmpfiles-clean.timer ?
(In reply to Juergen Rose from comment #8) > D /tmp 1777 root root 1s ? Don't do this: This will permanently wipe your /tmp Use the unit I suggested.
(In reply to Mike Gilbert from comment #7) > > Does anyone have an idea for how we could conditionally start a unit based > on if /tmp is a tmpfs? The unit I suggested starts *before* /tmp is overmounted, so it should be correct to execute it in any case. (And for the same reason, this unit can also not check what tmp.mount *will* do afterwards.) Maybe there are some blocking mechanisms in systemd that only one of both units can be installed. However, as mentioned, it would probably not hurt if both are executed: If in doubt just an overmounted filesystem will be cleaned "unnecessarily", freeing possibly some disk space.
(In reply to Mike Gilbert from comment #7) > I should also note that /tmp is a tmpfs by default, which does not need > cleaning on boot. > > Does anyone have an idea for how we could conditionally start a unit based > on if /tmp is a tmpfs? If so, we might propose it upstream or add it to > gentoo-systemd-integration. Maybe making that service conflict with tmp.mount? Anyway, I am unsure if upstream will like it as the current /tmp handling looks to have been discussed in the past per: http://www.freedesktop.org/wiki/Software/systemd/APIFileSystems/ http://0pointer.de/blog/projects/tmp.html But we can try it anyway if finally get some unit to do that :)
(In reply to Pacho Ramos from comment #12) > > Maybe making that service conflict with tmp.mount? Since systemd has only daemons in mind when speaking about services, this is not the right thing: A conflict means only that one "daemon" must be finished when the other starts; this is already included in the dependency. > as the current /tmp handling looks to have been discussed in the past As I understand, it is discussed there that they want to choose tmpfs as the default. It depends on whether they are willing to provide choice or whether they just want to make the default hard to change. All experience with systemd upstream shows that chances are minimal that they will decide in favor of choice.
Yeah, I'm also doubtful that systemd upstream would want to maintain a solution for this. After thinking a bit, I think we could just run a unit like Martin's unconditionally. Cleaning up an empty tmpfs should be harmless. Or maybe just install it and let people enable it themselves.
Oh, and the unit should probably run *after* tmp.mount so that it works for Juergen's case of a separate, non-volatile /tmp mount. We want to clean the contents of the final /tmp, not whatever happens to be in the rootfs under /tmp.
Just please remember to give strong guarantees that it will run early enough and block further processes, so that we don't end up accidentally deleting fresh files...
(In reply to Mike Gilbert from comment #14) [...] > Or maybe just install it and let people enable it themselves. I would prefer this option as, that way, we keep closer to upstream for most people (upstream prefers people to have /tmp in tmpfs and probably most people is using that)
(In reply to Michał Górny from comment #16) > Just please remember to give strong guarantees That's the problem: All units using /tmp only contain After=tmp.mount This was the actual reason for my Before=tmp.mount in the unit Obviously, upstream had no intention to ever support anything else then tmpfs for /tmp, even optionally. After some further experiences, I changed my mind, meanwhile: Recommend people to use a sane init system if they do not agree with upstream's crazy ideas instead of introducing workarounds for the ugliest consequences.
(In reply to Martin Väth from comment #18) > (In reply to Michał Górny from comment #16) > > Just please remember to give strong guarantees > > That's the problem: All units using /tmp only contain After=tmp.mount > This was the actual reason for my Before=tmp.mount in the unit On my system at least, there are no units in /lib/systemd/system that explicitly contain a reference to tmp.mount. It seems like most (all?) units that would write data to /tmp use local-fs.target as a sync point. And the vast majority will only start after basic.target due to DefaultDependencies.
(In reply to Mike Gilbert from comment #19) > On my system at least, there are no units in /lib/systemd/system that > explicitly contain a reference to tmp.mount. This is correct. Either my memory was wrong, or this has changed in some systemd version. > It seems like most (all?) units that would write data to /tmp use > local-fs.target as a sync point. Originally, I had tried with local-fs.target.wants and had some problems, or maybe I only feared them - I really cannot remember, anymore. > And the vast majority Depends what you call vast majority. There are quite a lot of tools which might potentially be needed to complete local-fs: lvm, encryption, .... (maybe also bluetooth, network, ...?) It is sufficient, if just a single unit is misssed... Independent of that: If you switch between different init systems, you will probably want to clean /tmp before overmounting it, since otherwise you just waste disk space for no reason.
(In reply to Martin Väth from comment #20) > It is sufficient, if just a single unit is misssed... Let's not expend too much effort trying to find something that probably doesn't exist. We don't plan to enable this by default anyway.
(In reply to Mike Gilbert from comment #21) > We don't plan to enable this by default anyway. This is not an excuse to introduce a broken unit. systemd randomly does not boot often enough due to its crazy idea of parallel booting, anyway. No need to make it intentionally even less reliable. Moreover, why break things if there is the "guaranteed" to work solution (if something needs /tmp and starts before tmp.mount, it certainly is broken) which even has the additional advantage of freeing unneeded disk space even if tmp.mount is used?
(In reply to Martin Väth from comment #22) What is this "guaranteed" to work solution? I have lost track of what you are talking about.
If you mean cleaning /tmp on rootfs: That doesn't solve the problem presented by the bug reporter. If you really want that, file a separate bug report.
I did some testing, and the unit below seems to work fairly well. Even if we don't commit it, maybe someone will find it useful. [Unit] Description=Clean /tmp DefaultDependencies=no After=systemd-remount-fs.service Before=local-fs.target RequiresMountsFor=/tmp ConditionPathIsReadWrite=/tmp [Service] Type=oneshot ExecStart=/usr/bin/find /tmp -mindepth 1 -xdev -delete [Install] WantedBy=local-fs.target
(In reply to Mike Gilbert from comment #23) > What is this "guaranteed" to work solution? I meant Before=tmp.mount (In reply to Mike Gilbert from comment #24) > If you mean cleaning /tmp on rootfs: That doesn't solve the problem > presented by the bug reporter. Ah, I see: He has tmp not on root. That's unusual, and I missed that. Yes, this is a different situation. > ExecStart=/usr/bin/find /tmp -mindepth 1 -xdev -delete Just for the records: -delete (and probably also -xdev) work only with GNU find; that's why I used /bin/rm. If one can rely on GNU userland, it plays no role, of course. Probably you can estimate better whether gentoo+systemd might also be used on some embedded devices or chroots where it might make a difference.
I have given this some thought, and I'm not going to add this to the tree as a supported solution. If you choose to put /tmp on persistent storage, you will need to clean it up yourself. systemd-tmpfiles will clean up files older than 10 days.
