Package: tmpreaper Version: 1.6.17 Severity: normal Hi,
having libpam-tmpdir installed results in PAM creating a /tmp/user/<numeric-user-id-here> directory for every user when they start a session, setting TMP and TMPDIR to this directory. Long-running processes such as web applications started e.g. via sudo -u someuser may end up with their TMP set to /tmp/user/<id-of-someuser>, which is desirable because it makes /tmp attacks against them harder. However, if they don't use their individual tmp directories frequently, tmpreaper with its default settings may delete them, breaking the application. I suggest that the default configuration be changed thusly: TMPREAPER_PROTECT_EXTRA='/tmp/user/[0-9]*' TMPREAPER_DIRS='/tmp/. /tmp/user/*/.' This would (I hope) cause the per-user tmp directories themselves to be left alone but their contents cleaned up. Thanks AndrĂ¡s -- System Information: Debian Release: trixie/sid APT prefers stable-security APT policy: (500, 'stable-security'), (350, 'unstable'), (1, 'experimental') merged-usr: no Architecture: amd64 (x86_64) Foreign Architectures: i386 Locale: LANG=en_US.UTF-8, LC_CTYPE=hu_HU.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 Init: runit (via /run/runit.stopit) LSM: AppArmor: enabled Versions of packages tmpreaper depends on: ii debconf [debconf-2.0] 1.5.82 ii libc6 2.37-7 ii libmount1 2.38.1-5devuan1+b1 tmpreaper recommends no packages. tmpreaper suggests no packages. -- Configuration Files: /etc/tmpreaper.conf changed [not included] -- debconf information excluded
