RH199 - ch07s05

Most critical applications and services use temporary files and directories. Some applications and users use the /tmp directory to hold transient working data, whereas other applications use task-specific locations such as daemon- and user-specific volatile directories under /run, which exist only in memory. When the system reboots or loses power, memory-based file systems are self-cleaning.

Commonly, daemons and scripts operate correctly only when their expected temporary files and directories exist. Additionally, purging temporary files on persistent storage is necessary to prevent disk space issues or stale working data.

Red Hat Enterprise Linux includes the systemd-tmpfiles tool, which provides a structured and configurable method to manage temporary directories and files.

At system boot, one of the first systemd service units to launch is the systemd-tmpfiles-setup service. This service runs the systemd-tmpfiles command --create --remove option, which reads instructions from the /usr/lib/tmpfiles.d/*.conf, /run/tmpfiles.d/*.conf, and /etc/tmpfiles.d/*.conf configuration files. These configuration files list files and directories that the systemd-tmpfiles-setup service is instructed to create, delete, or secure with permissions.

Clean Temporary Files with a Systemd Timer

To prevent long-running systems from filling up their disks with stale data, a systemd timer unit called systemd-tmpfiles-clean.timer triggers at a regular interval the systemd-tmpfiles-clean.service unit, which executes the systemd-tmpfiles --clean command.

A systemd timer unit configuration has a [Timer] section to indicate how to start the service with the same name as the timer.

Use the following systemctl command to view the contents of the systemd-tmpfiles-clean.timer unit configuration file.

[user@host ~]$ systemctl cat systemd-tmpfiles-clean.timer
# /usr/lib/systemd/system/systemd-tmpfiles-clean.timer
#  SPDX-License-Identifier: LGPL-2.1-or-later
#
#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it
#  under the terms of the GNU Lesser General Public License as published by
#  the Free Software Foundation; either version 2.1 of the License, or
#  (at your option) any later version.

[Unit]
Description=Daily Cleanup of Temporary Directories
Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8)
ConditionPathExists=!/etc/initrd-release

[Timer]
OnBootSec=15min
OnUnitActiveSec=1d

In the preceding configuration, the OnBootSec=15min parameter indicates that the systemd-tmpfiles-clean.service unit gets triggered 15 minutes after the system boots up. The OnUnitActiveSec=1d parameter indicates that any further trigger to the systemd-tmpfiles-clean.service unit happens 24 hours after the service unit was last activated.

Change the parameters in the systemd-tmpfiles-clean.timer unit configuration file to meet your requirements. For example, a 30min value for the OnUnitActiveSec parameter triggers the systemd-tmpfiles-clean.service unit 30 minutes after the service unit is last activated. As a result, the systemd-tmpfiles-clean.service unit gets triggered every 30 minutes after the changes are recognized.

After you change the timer unit configuration file, use the systemctl daemon-reload command to ensure that the systemd daemon loads the new configuration.

[root@host ~]# systemctl daemon-reload

Clean Temporary Files Manually

The systemd-tmpfiles --clean command parses the same configuration files as the systemd-tmpfiles --create command, but instead of creating files and directories, it purges all files that were not accessed, changed, or modified more recently than the maximum age that is defined in the configuration file.

For detailed information about the format of the configuration files for the systemd-tmpfiles service, see the tmpfiles.d(5) man page. The syntax consists of the following columns: Type, Path, Mode, UID, GID, Age, and Argument. Type refers to the action for the systemd-tmpfiles service to take; for example, d to create a directory if it does not exist, or Z to recursively restore SELinux contexts, file permissions, and ownership.

The following command purges a configuration with explanations:

d /run/systemd/seats 0755 root root -

When you create files and directories, create the /run/systemd/seats directory if it does not exist, with the root user and the root group as owners, and with permissions of rwxr-xr-x. If this directory does exist, then take no action. The systemd-tmpfiles service does not purge this directory automatically.

D /home/student 0700 student student 1d

Create the /home/student directory if it does not exist. If it does exist, then remove all its contents. When the system runs the systemd-tmpfiles --clean command, it removes from the directory all files that you did not access, change, or modify for more than one day.

L /run/fstablink - root root - /etc/fstab

Create the /run/fstablink symbolic link, to point to the /etc/fstab directory. Never automatically purge this line.

Configuration File Precedence

The systemd-tmpfiles-clean service configuration files can exist in three places:

/etc/tmpfiles.d/*.conf
/run/tmpfiles.d/*.conf
/usr/lib/tmpfiles.d/*.conf

Use the files in the /etc/tmpfiles.d/ directory to configure custom temporary locations, and to override vendor-provided defaults. The files in the /run/tmpfiles.d/ directory are volatile files, which normally daemons use to manage their own runtime temporary files. Relevant RPM packages provide the files in the /usr/lib/tmpfiles.d/ directory; therefore do not edit these files.

If a file in the /run/tmpfiles.d/ directory has the same file name as a file in the /usr/lib/tmpfiles.d/ directory, then the service uses the file in the /run/tmpfiles.d/ directory. If a file in the /etc/tmpfiles.d/ directory has the same file name as a file in either the /run/tmpfiles.d/ or the /usr/lib/tmpfiles.d/ directories, then the service uses the file in the /etc/tmpfiles.d/ directory.

Given these precedence rules, you can override vendor-provided settings by copying the relevant file to the /etc/tmpfiles.d/ directory and then editing it. By using these configuration locations correctly, you can manage administrator-configured settings from a central configuration management system, and package updates do not overwrite your configured settings.

Note

When testing new or modified configurations, apply only the commands from a single configuration file at a time. Specify the name of the single configuration file on the systemd-tmpfiles command line.

References

systemd-tmpfiles(8), tmpfiles.d(5), stat(1), stat(2), and systemd.timer(5) man pages

Revision: rh199-9.3-8dd73db

Click CREATE to build all of the virtual machines needed for the classroom lab environment. This may take several minutes to complete. Once created the environment can then be stopped and restarted to pause your experience.

If you DELETE your lab, you will remove all of the virtual machines in your classroom and lose all of your progress.