Mack said: > You might also note that according to the FHS, /tmp is only supposed to be > used by system processes. User-level processes are supposed to use /var/tmp. > But of course, many programs violate that. Still, you might want to be > cleaning up both directories.
Yes ... keep an eye on /var/tmp also. I respect Ed, but I don't get this from my read of the FHS. In my experience, it's the reverse: users typically are aware of /tmp and use it and expect it to be available (without per-ID constraints as suggested in the MVS-OE thread), while /var/tmp may actually be better controlled (and less subject to clutter) and is lesser known to lay users. My read of this part of the FHS fits. They recommend that /var/tmp cleanup be less frequent than /tmp cleanup. (Content in /var/tmp is explicitly expected to persist across reboots.) -- R; <>< Rick Troth Velocity Software http://www.velocitysoftware.com/ On Fri, Mar 11, 2011 at 10:01, Edmund R. MacKenty <ed.macke...@rocketsoftware.com> wrote: > On Friday, March 11, 2011 09:43:47 am Alan Cox wrote: >> > "industry standard" is. One thing mentioned by a person boiled down to >> > "delete all the files in /tmp which belong to a specific user when the >> > last process which is running with that UID terminates" (rephrased by >> > me). This got me > ... >> The usual approach is just to bin stuff that is a few hours/days/weeks >> old. I guess it depends what storage costs you. On a PC its what - 10 >> cents a gigabyte - so there is no real hurry. > > I agree with Alan: delete things older than a day. That's how I've seen it > done for many years. The only problem with that would be long-running > programs that write a /tmp file early on and then read from it periodically > after that. > > You might also note that according to the FHS, /tmp is only supposed to be > used by system processes. User-level processes are supposed to use /var/tmp. > But of course, many programs violate that. Still, you might want to be > cleaning up both directories. > > A UID-based deletion scheme makes sense to me as a security thing if your goal > is to make the system clean up all /tmp files for a user after they log out. > but the general rule as proposed may not work well for system UIDs, such as > lp, which don't really have the concept of a "session" after which cleanup > should occur. If you're going with a UID-based scheme, I'd limit it to UIDs > greater than or equal to UID_MIN, as defined in /etc/login.defs. > - MacK. > ----- > Edmund R. MacKenty > Software Architect > Rocket Software > 275 Grove Street - Newton, MA 02466-2272 - USA > Tel: +1.617.614.4321 > Email: m...@rs.com > Web: www.rocketsoftware.com > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit > http://www.marist.edu/htbin/wlvindex?LINUX-390 > ---------------------------------------------------------------------- > For more information on Linux on System z, visit > http://wiki.linuxvm.org/ > ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to lists...@vm.marist.edu with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/