On Fri, Sep 08, 2000 at 06:33:01PM -0800, Ethan Benson wrote: > On Sat, Sep 09, 2000 at 01:16:19PM +1100, CaT wrote: > > > > > For my system: > > > > [13:09:22] [EMAIL PROTECTED]:/root>> find /var -perm +o+w -mount > > [13:09:26] [EMAIL PROTECTED]:/root>> > > > > I've not had problems. :) > > you have removed /var/lock? and i presume made /var/tmp its own
No. It's just not globally writeable. > partition. Actually, I've not come across a use for it yet. From memory it is there for things like editor temp files so that you can resurrect your work after a crash. Basically, temp files which are not temp enough to not survive a botoup. No need for it on my system (things like vim, which is the only editor installed on my box, have been configured to keep tmp files in a dir in the users home dir). If I did have a need for it though, I'd make it a seperate partition, yes. > > Still, why does /var/lib/texmf/* need to be publically writeable? > > design flaws in tetex. see the BTS for a long discussion about it. BTS? > its not trivial to fix unfortunatly. doh. what do those files do? (if you know offhand) > > That's a package I don't have installed. > > most people do since its priority standard. aye. I'd say it needs fixing also then. :) > > > if your worried about users messing with /var put quotas on /var. > > > > If that's the only solution then yes, but why do we need global > > write access to /var in the first place? > > /var/lock i am not sure about, i don't usually see anything in there, > though right now i see a > -rw-r--r-- 1 root root 11 Sep 8 18:10 LCK..ttyS0 > > which belongs to pppd, but it runs as root. Yes. That's all I have in there also. > /var/lock is cleaned on boot. > > > > more headaches for /tmp cleaners and it does not solve any of the > > > above problems. to solve the above problems enforce quotas on /var > > > > Well it does... Logging will go on etc. As for /tmp cleaners, somehting > > like tmpwatch is a good start, but it'd be nice if it had an exclusion > > list to the global timeout. It'd make it much more useful. :) > > like this (from /etc/cron.daily/tmpreaper): Ooo! > # ! Important ! Please read the manual regarding the --protect option. > # The pattern *MUST* be surrounded by single quotes. > > nice -n10 tmpreaper --mtime-dir --symlinks 7d \ > --protect '/tmp/.X*-{lock,unix,unix/*}' \ > --protect '/tmp/.ICE-{unix,unix/*}' \ > --protect '/tmp/.iroha_{unix,unix/*}' \ > --protect '/tmp/.ki2-{unix,unix/*}' \ > --protect '/tmp/.font-unix' \ > --protect '/tmp/lost+found' \ > --protect '/tmp/quota.user' \ > --protect '/tmp/quota.group' \ > /tmp I'll be grabbing this when my HD stops getting roasted. > still i don't think its good to overload /tmp with this kind of > garbage more then necessary or that list could get rediculous. Yes it could but then I think that's better then the alternative... and if you REALLY wanted to, you could have a .debian or whatnot dir in there to store all such things (or most of them/some of them) > FHS may answer some of these questions too. FHS? :) -- CaT ([EMAIL PROTECTED]) 'He had position, but I was determined to score.' -- Worf, DS9, Season 5: 'Let He Who Is Without Sin...'