| View previous topic :: View next topic |
| Author |
Message |
garo
Bodhisattva
Joined: 15 Jul 2002
Posts: 860
Location: Edegem,BELGIUM
|
 Posted: Sat Jan 18, 2003 1:10 pm Post subject: Is it safe to clean /tmp before shutdown ? |
 |
|
I was thinking of putting the following in my "/etc/conf.d/local.stop" :
Or is it better to put this in "/etc/conf.d/local.start", or maybe i could execute it every week with cron, or maybe i should never clean it, or maybe someone has a better idea ?
_________________
My favorite links this month:
- Surf Random
- Web-based SSH
- Stop Spam |
|
| Back to top |
|
 |
NiklasH
Apprentice
Joined: 30 Aug 2002
Posts: 211
Location: On top of something
|
| Posted: Sat Jan 18, 2003 1:39 pm Post subject: |
|
|
| I don't think a cron job would be very good, since you might have some large build going overnight, which could be broken if its files suddenly are wiped in the middle of the build. I'd vote for local.stop, since it's less annoying than having to wait for /tmp to clean up when you boot your computer. (Although I'd imagine that it wouldn't take that long, either) |
|
| Back to top |
|
|
Naan Yaar
Bodhisattva
Joined: 27 Jun 2002
Posts: 1549
|
| Posted: Sat Jan 18, 2003 1:48 pm Post subject: |
|
|
| You can also emerge tmpwatch with ACCEPT_KEYWORDS=~x86 and then run it from cron.daily (RedHat does this to clean out temp. directories). This has the advantage of working even if you don't reboot very often. |
|
| Back to top |
|
|
garo
Bodhisattva
Joined: 15 Jul 2002
Posts: 860
Location: Edegem,BELGIUM
|
| Posted: Sat Jan 18, 2003 2:06 pm Post subject: |
|
|
| Quote: | | You can also emerge tmpwatch |
Won't tmpwatch also delete tmp files that are still necessary and is this exploit fixed ?
| Quote: | | I'd vote for local.stop |
I was planning to do this, but i am not really sure if the shutdown proces doesn't need some tmp files...
_________________
My favorite links this month:
- Surf Random
- Web-based SSH
- Stop Spam |
|
| Back to top |
|
|
Naan Yaar
Bodhisattva
Joined: 27 Jun 2002
Posts: 1549
|
| Posted: Sat Jan 18, 2003 2:32 pm Post subject: |
|
|
Looks like the exploit is fixed. You can use it with the -s option to avoid deleting opened files. It also have a time setting that checks for access time before blowing away something. This works fine in practice.
| garo wrote: | | Quote: | | You can also emerge tmpwatch |
Won't tmpwatch also delete tmp files that are still necessary and is this exploit fixed ?
| Quote: | | I'd vote for local.stop |
I was planning to do this, but i am not really sure if the shutdown proces doesn't need some tmp files... |
|
|
| Back to top |
|
|
Naan Yaar
Bodhisattva
Joined: 27 Jun 2002
Posts: 1549
|
| Posted: Sat Jan 18, 2003 3:58 pm Post subject: |
|
|
There may be others like this though.
local.stop is called before all other services are stopped. So, it is not absolutely guaranteed that /tmp would not be used at this point. You can fire off tmpwatch from local.stop with a access time setting of 0 and a "-s" option (you would need to make a symlink from /usr/bin/fuser to /sbin/fuser for -s to work); this will avoid killing files that are open. You can also cook up a homebrew solution using lsof/fuser in local.stop if you don't like tmpwatch.
| Naan Yaar wrote: | | Looks like the exploit is fixed. |
|
|
| Back to top |
|
|
Aiken
Apprentice
Joined: 22 Jan 2003
Posts: 239
Location: Toowoomba/Australia
|
| Posted: Wed Jan 22, 2003 11:34 pm Post subject: |
|
|
If I clean out /tmp with a script I do it early in the boot process. Try to get it clean before processes start putting their files in /tmp. (X, xfs, kde + others).
If it is just to keep the size of /tmp down I have found tmpwatch to be quite good. On the machine that I use tmpwatch on I have it deleting any files that have not been used after 24 hours.
On my machine I have /tmp mount as tmpfs. This way it is a ram disk and /tmp clean every time I boot. I got sick of X or kde not starting because of stale lock files or temporary files in /tmp. Having /tmp as a ram disk works very nicely for me. |
|
| Back to top |
|
|
dreamer3
Guru
Joined: 24 Sep 2002
Posts: 553
|
| Posted: Thu Feb 06, 2003 6:54 am Post subject: |
|
|
| Aiken wrote: | | On my machine I have /tmp mount as tmpfs. This way it is a ram disk and /tmp clean every time I boot. I got sick of X or kde not starting because of stale lock files or temporary files in /tmp. Having /tmp as a ram disk works very nicely for me. |
Amen to that. |
|
| Back to top |
|
|
|
Other Things Gentoo
