View previous topic :: View next topic |
Author |
Message |
CaptainBlood Advocate
Joined: 24 Jan 2010 Posts: 3884
|
Posted: Tue Aug 20, 2024 12:12 pm Post subject: source of /tmp/{portage,screen} directories? [in progress] |
|
|
openrc here: Code: | rc-update
alsasound | boot
binfmt | boot
bootmisc | boot
cgroups | sysinit
cronie | default
devfs | sysinit
dhcpcd | default
display-manager | default
dmesg | sysinit
elogind | boot
fsck | boot
hostname | boot
hwclock | boot
keymaps | boot
killprocs | shutdown
kmod-static-nodes | sysinit
local | default nonetwork
localmount | boot
loopback | boot
modules | boot
mount-ro | shutdown
mtab | boot
opentmpfiles-dev | sysinit
opentmpfiles-setup | boot
procfs | boot
root | boot
save-keymaps | boot
save-termencoding | boot
savecache | shutdown
sshd | default
swap | boot
sysctl | boot
sysfs | sysinit |
Code: | drwxrwxr-x 2 portage portage 4096 août 20 14:32 portage
drwxrwxr-x 2 root utmp 4096 août 20 14:32 screen
srwxrwxrwx 1 user user 0 août 20 14:33 dbus-8L6Wzo9PJ5 |
portage seems obvious,
dbus seems X11 related.
Wondering which process creates that directory?
Thks 4 ur attention, interest & support. _________________ USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. "
Last edited by CaptainBlood on Wed Aug 21, 2024 5:48 pm; edited 2 times in total |
|
Back to top |
|
|
Goverp Advocate
Joined: 07 Mar 2007 Posts: 2181
|
Posted: Tue Aug 20, 2024 12:20 pm Post subject: |
|
|
In my case, yours may differ, it's the result of running "screen" on a tty to get scrollback. _________________ Greybeard |
|
Back to top |
|
|
CaptainBlood Advocate
Joined: 24 Jan 2010 Posts: 3884
|
Posted: Tue Aug 20, 2024 7:25 pm Post subject: |
|
|
Indeed, when rebooting after app-misc/screen package removal, this directory isn't created anymore...
Now the new question is how is it created?
I don't recall have set something in this regard....
As coming back to OP, the same question for /tmp/portage...
How is it created?
I may be the cause of all of this, albeit not remembering some details.
However I don't like the feeling something is happening in my back.
I really would like to know how this all happens...
Thks 4 ur attention, interest & support. _________________ USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. " |
|
Back to top |
|
|
gentoo_ram Guru
Joined: 25 Oct 2007 Posts: 502 Location: San Diego, California USA
|
Posted: Tue Aug 20, 2024 8:11 pm Post subject: |
|
|
The /tmp/screen directory is created when someone or something runs the 'screen' command. If you don't clear your /tmp directory at boot (and my set up does not) then what it means is that something ran the 'screen' command at some point. |
|
Back to top |
|
|
pingtoo Veteran
Joined: 10 Sep 2021 Posts: 1260 Location: Richmond Hill, Canada
|
Posted: Tue Aug 20, 2024 8:27 pm Post subject: |
|
|
CaptainBlood wrote: | However I don't like the feeling something is happening in my back.
I really would like to know how this all happens... |
No one can tell what happen since everybody have different setup.
The sure way is let your computer tell you what happen. enable audit will have record what happen.
if you want to disable unknown execution, then enable selinux/apparmor/seccomp.
Don't think of above as security/hardening. You can think of it as your computer service you (the master) |
|
Back to top |
|
|
flexibeast Guru
Joined: 04 Apr 2022 Posts: 465 Location: Naarm/Melbourne, Australia
|
Posted: Wed Aug 21, 2024 1:42 am Post subject: |
|
|
`tmp` directories are for temporary files that programs create, for various reasons, in order to do their job. It's a standard programming technique (e.g. in the blogging software i've written for my own use).
For example, when creating a file with certain contents at the user's request, a program might create a temporary file for output, only renaming that temporary file to the intended file name if the output operation was entirely successful. This avoids creating a file that doesn't contain all the intended content, which might be an issue if other programs are assuming that such a file will necessarily contain such content.
There are programs to help you determine which programs are working with certain directories and files, such as fuser(1) and lsof(8).
In the case of screen(1) in particular, the README file talks about the use of `/tmp/screen-exchange` for writing and reading the copy buffer, and the INSTALL file mentions that the `/tmp` directory can be used to create sockets when multiple users are using screen. But i can't immediately see any reference to `/tmp/screen` in the source (which might simply because that path is created on the fly, rather than being a literal).
If the creation of temporary files is a general concern for you, you should certainly become familiar with something like fuser(1), and with grep'ing the source code of the relevant program to learn why a given temporary file is being created, and for what purpose. |
|
Back to top |
|
|
gentoo_ram Guru
Joined: 25 Oct 2007 Posts: 502 Location: San Diego, California USA
|
Posted: Wed Aug 21, 2024 5:07 am Post subject: |
|
|
The /tmp/screen string is definitely in the executable:
Code: | gw ~ # strings /usr/bin/screen-4.9.1 | grep tmp
/tmp/screen-exchange
/tmp/screen
Utmp slot not found -> not removed
What? Cannot remove Utmp slot?
/var/run/utmp
/var/run/utmp
|
|
|
Back to top |
|
|
flexibeast Guru
Joined: 04 Apr 2022 Posts: 465 Location: Naarm/Melbourne, Australia
|
Posted: Wed Aug 21, 2024 7:10 am Post subject: |
|
|
gentoo_ram wrote: | The /tmp/screen string is definitely in the executable |
So it is - thanks for reminding me about the existence of strings(1), i keep forgetting about it for some reason ...
i actually hadn't read the original post closely enough, but doing so now brought my attention to the fact that the created "screen" directory is owned by group 'utmp', which suggests it's being used to provide support utmp(5) functionality:
Quote: | The utmp file allows one to discover information about who is currently using the system. There may be more users currently using the system, because not all programs use utmp logging. |
screen's utmp stuff can be found in utmp.c. i'm in the middle of other stuff, so i've not examined that file in detail.
As an aside, the creator of s6 has written a piece of software called utmps, and on its home page, says:
Quote: | utmps is an implementation of the utmpx.h family of functions performing user accounting on Unix systems.
Traditionally, utmp functionality is provided by the system's libc. However, not all libcs implement utmp: for instance the musl libc, on Linux, does not. The main reason for it is that utmp functionality is difficult to implement in a secure way; in particular, it is impossible to implement without either running a daemon or allowing arbitrary programs to tamper with user accounting. |
|
|
Back to top |
|
|
pa4wdh l33t
Joined: 16 Dec 2005 Posts: 890
|
Posted: Wed Aug 21, 2024 8:36 am Post subject: |
|
|
On my system the /tmp/screen directory is created by a tmpfiles.d entry added by the app-misc/screen package:
Code: | $ equery f screen
* Searching for screen ...
* Contents of app-misc/screen-4.9.1-r1:
(...)
/usr/lib/tmpfiles.d
/usr/lib/tmpfiles.d/screen.conf
(...)
$ cat /usr/lib/tmpfiles.d/screen.conf
d /tmp/screen 0775 root utmp
|
I guess something similar is happening on you system.
Welcome to the wonderful world of tmpfiles _________________ The gentoo way of bringing peace to the world:
USE="-war" emerge --newuse @world
My shared code repository: https://code.pa4wdh.nl.eu.org
Music, Free as in Freedom: https://www.jamendo.com |
|
Back to top |
|
|
Goverp Advocate
Joined: 07 Mar 2007 Posts: 2181
|
Posted: Wed Aug 21, 2024 8:47 am Post subject: |
|
|
From the screen ebuild - verbatim:
Code: | ewarn "This revision changes the screen socket location to ${EROOT}/tmp/${PN}" |
_________________ Greybeard |
|
Back to top |
|
|
CaptainBlood Advocate
Joined: 24 Jan 2010 Posts: 3884
|
Posted: Wed Aug 21, 2024 12:46 pm Post subject: |
|
|
Very nice clarifications what's happening there. is also a PITA here , likely with similar origin...
Thks 4 ur attention, interest & support. _________________ USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. " |
|
Back to top |
|
|
sam_ Developer
Joined: 14 Aug 2020 Posts: 1977
|
Posted: Wed Aug 21, 2024 12:50 pm Post subject: |
|
|
You can write your own snippet and/or use INSTALL_MASK if it bothers you.
For Portage, it exists for a good reason (because of privilege escalation issues). |
|
Back to top |
|
|
CaptainBlood Advocate
Joined: 24 Jan 2010 Posts: 3884
|
Posted: Wed Aug 21, 2024 1:10 pm Post subject: |
|
|
sam_ wrote: | For Portage, it exists for a good reason (because of privilege escalation issues). | Does letting things as they are has any implication regarding /etc/portage/make.conf content?
Thks 4 ur attention, interest & support. _________________ USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. " |
|
Back to top |
|
|
CaptainBlood Advocate
Joined: 24 Jan 2010 Posts: 3884
|
Posted: Wed Aug 21, 2024 2:35 pm Post subject: |
|
|
CaptainBlood wrote: | sam_ wrote: | For Portage, it exists for a good reason (because of privilege escalation issues). | Does letting things as they are has any implication regarding /etc/portage/make.conf content expectation?
Thks 4 ur attention, interest & support. |
_________________ USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. " |
|
Back to top |
|
|
Zucca Moderator
Joined: 14 Jun 2007 Posts: 3728 Location: Rasi, Finland
|
Posted: Wed Aug 21, 2024 3:06 pm Post subject: |
|
|
CaptainBlood wrote: | sam_ wrote: | For Portage, it exists for a good reason (because of privilege escalation issues). | Does letting things as they are has any implication regarding /etc/portage/make.conf content?
Thks 4 ur attention, interest & support. | If you change the default temp directories of portage in make.conf, then you should edit appropriate tmpfiles.d -file too. See inside /usr/lib/tmpfiles.d/portage-tmpdir.conf. If you want to make changes there you should copy that file into /etc/tmpfiles.d/ and then edit it. _________________ ..: Zucca :..
My gentoo installs: | init=/sbin/openrc-init
-systemd -logind -elogind seatd |
Quote: | I am NaN! I am a man! |
|
|
Back to top |
|
|
CaptainBlood Advocate
Joined: 24 Jan 2010 Posts: 3884
|
Posted: Wed Aug 21, 2024 5:19 pm Post subject: |
|
|
Here is: Code: | grep /var/tmp /etc/fstab
tmpfs /var/tmp tmpfs rw,nosuid,noatime,nodev,,mode=1777 0 0
tmpfs /var/tmp/portage tmpfs rw,nosuid,noatime,nodev,,uid=portage,gid=portage,x-mount.mkdir=775 0 0 |
Code: | grep /var/tmp /etc/portage/make.conf
PORTAGE_TMPDIR="/var/tmp" |
Zucca wrote: | See inside /usr/lib/tmpfiles.d/portage-tmpdir.conf. If you want to make changes there you should copy that file into /etc/tmpfiles.d/ and then edit it. |
Code: | cat /usr/lib/tmpfiles.d/portage-tmpdir.conf
d /var/tmp/portage 0775 portage portage
d /tmp/portage 0775 portage portage | Why is there TWO such items, where ONE sounds reasonable enough?
Maybe to help sam_ wrote: | privilege escalation issues. | ?
Sorry to say but that sounds a little confusing of an implementation...
Thks 4 ur attention, interest & support. _________________ USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. " |
|
Back to top |
|
|
CaptainBlood Advocate
Joined: 24 Jan 2010 Posts: 3884
|
Posted: Wed Aug 21, 2024 5:51 pm Post subject: |
|
|
Goverp wrote: | In my case, yours may differ, it's the result of running "screen" on a tty to get scrollback. | Interesting.
Any detail how you proceed if not manually?
Thks 4 ur attention, interest & support. _________________ USE="-* ..." in /etc/portage/make.conf here, i.e. a countermeasure to portage implicit braces, belt & diaper paradigm
LT: "I've been doing a passable imitation of the Fontana di Trevi, except my medium is mucus. Sooo much mucus. " |
|
Back to top |
|
|
Zucca Moderator
Joined: 14 Jun 2007 Posts: 3728 Location: Rasi, Finland
|
Posted: Wed Aug 21, 2024 7:33 pm Post subject: |
|
|
CaptainBlood wrote: | Code: | cat /usr/lib/tmpfiles.d/portage-tmpdir.conf
d /var/tmp/portage 0775 portage portage
d /tmp/portage 0775 portage portage | Why is there TWO such items, where ONE sounds reasonable enough? | I read somewhere that those to locations were chosen because those are the two most common locations for portage temporary directory.
IMO Portage should simply handle the temporary direction creation and permission internally.
Or via /var/lib/tmpfiles.d... if that was supported. _________________ ..: Zucca :..
My gentoo installs: | init=/sbin/openrc-init
-systemd -logind -elogind seatd |
Quote: | I am NaN! I am a man! |
|
|
Back to top |
|
|
Goverp Advocate
Joined: 07 Mar 2007 Posts: 2181
|
Posted: Thu Aug 22, 2024 9:49 am Post subject: |
|
|
CaptainBlood wrote: | Goverp wrote: | In my case, yours may differ, it's the result of running "screen" on a tty to get scrollback. | Interesting.
Any detail how you proceed if not manually? |
Not sure what your question is, so I'll answer some I might have asked:
To be general, sometimes when I switch to a tty to run say emerge --update (which I prefer not to do from KDE konsole), and I know there will be lots of output that I want to scroll through, I run "screen". I don't use all its features - the only key combination I know is Ctl+A+[ - to initiate scrollback! I run it manually - normally my tty sessions are just for a quick check on something that needs root (my everyday userid is not in wheel).
My /tmp is recreated on boot - I very vaguely recall some option I set when I first installed Gentoo, but that was so long ago, I forget what - so /var/tmp disappears unless I start screen again. _________________ Greybeard |
|
Back to top |
|
|
|