Managing temporary files with systemd-tmpfiles on Red Hat Enterprise Linux 7
Have you ever used a temporary directory? I’m guessing if you use a computer, you’ve used one of these. It’s a core feature of nearly every operating-system.
To ensure system stability, you should always check that filesystems on which a temporary directory resides don’t get full — running out of space can quickly bring your system to a grinding halt.
One method to prevent running out of space could be to place those directories on a dedicated partition, but no matter the solution, it is a best practice to clean those directories periodically, based on your/your app’s needs.
Red Hat Enterprise Linux (and Fedora as well) provides a more structured and configurable method to manage temporary directories and files: systemd-tmpfiles.
Once a Red Hat-like system boots up, a special unit file is executed:
systemd-tmpfiles-setup, this unit will execute the
systemd-tmpfile --create --remove command.
You can take a look at the systemd unit file by executing the following commands:
[root@freddy ~]# systemctl status systemd-tmpfiles-setup.service ● systemd-tmpfiles-setup.service - Create Volatile Files and Directories Loaded: loaded (/usr/lib/systemd/system/systemd-tmpfiles-setup.service; static; vendor preset: disabled) Active: active (exited) since Thu 2016-08-18 20:06:04 CEST; 2 weeks 2 days ago Docs: man:tmpfiles.d(5) man:systemd-tmpfiles(8) Main PID: 1007 (code=exited, status=0/SUCCESS) Tasks: 0 (limit: 512) CGroup: /system.slice/systemd-tmpfiles-setup.service Aug 18 20:06:04 freddy systemd: Starting Create Volatile Files and Directories... Aug 18 20:06:04 freddy systemd: Started Create Volatile Files and Directories. [root@freddy ~]# cat /usr/lib/systemd/system/systemd-tmpfiles-setup.service # This file is part of systemd. # # systemd is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published by # the Free Software Foundation; either version 2.1 of the License, or # (at your option) any later version. [Unit] Description=Create Volatile Files and Directories Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) DefaultDependencies=no Conflicts=shutdown.target After=local-fs.target systemd-sysusers.service Before=sysinit.target shutdown.target RefuseManualStop=yes [Service] Type=oneshot RemainAfterExit=yes ExecStart=/usr/bin/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev
The previous command reads all the configuration files and execute directories’ creation/clean up as specified.
The systemd-tmpfile service execution, at boot time, will ensure that all the required temporary directories are created — but what about any scheduled clean up?
Systemd gives you the t
imer unit for controlling scheduled and cyclic actions to be performed in the running system.
To quote the systemd manual:
A unit configuration file whose name ends in “.timer” encodes information about a timer controlled and supervised by systemd, for timer-based activation.
For each timer file, a matching unit file must exist, describing the unit to activate when the timer elapses. By default, a service by the same name as the timer (except for the suffix) is activated. Example: a timer file foo.timer activates a matching service foo.service. The unit to activate may be controlled by Unit=.
You can inspect the behaviour of the timer unit by querying the systemd daemon:
[root@freddy ~]# systemctl status systemd-tmpfiles-clean.timer ● systemd-tmpfiles-clean.timer - Daily Cleanup of Temporary Directories Loaded: loaded (/usr/lib/systemd/system/systemd-tmpfiles-clean.timer; static; vendor preset: disabled) Active: active (waiting) since Thu 2016-08-18 20:06:04 CEST; 2 weeks 2 days ago Docs: man:tmpfiles.d(5) man:systemd-tmpfiles(8) Aug 18 20:06:04 freddy systemd: Started Daily Cleanup of Temporary Directories. [root@freddy ~]# cat /usr/lib/systemd/system/systemd-tmpfiles-clean.timer # This file is part of systemd. # # systemd is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published by # the Free Software Foundation; either version 2.1 of the License, or # (at your option) any later version. [Unit] Description=Daily Cleanup of Temporary Directories Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) [Timer] OnBootSec=15min OnUnitActiveSec=1d
As you’ll find on the timer unit, it will run just 15 minutes after systemd start, and then every 24 hours from that time onward. The command, in this case, will only affect files/directories purging/cleaning.
Develop using Red Hat's most valuable products
Your membership unlocks Red Hat products and technical training on enterprise cloud application development.JOIN RED HAT DEVELOPER
Let’s discuss systemd-tmpfiles configuration files.
Typically, for unix-like services, configuration files are located in different places and they have a hierarchical priority process. The configuration locations for systemd-tmpfiles service have the following order priority (Highest to lower):
Supposing that a configuration file with the same name is placed under all the three configuration directories, the file with highest priority will be the one in
/etc. The configuration files placed under /run are created at runtime by services/daemons to control temporary directory cleaning processes. And, as usual, configuration files under
/usr/lib/* should be never edited directly because they’re vendor-provided — you should override them using this priority mechanism, placing a custom file under
Looking at configuration file syntax, a systemd-tmpfiles configuration contains:
Type, Path, Mode, UID, GID, Age, and Arguments
You can inspect the installed configuration file and understand their behaviour looking at the
systemd-tmpfiles man page.
We’ll now explore some existing configuration files in the
[root@freddy ~]# cat /usr/lib/tmpfiles.d/httpd.conf d /run/httpd 710 root apache d /run/httpd/htcacheclean 700 apache apache
In this example,
systemd will create the
/run/httpd/htcacheclean, if they don’t yet exist, assigning them the given permission, UID and GID.
[root@freddy ~]# cat /usr/lib/tmpfiles.d/rpm.conf r /var/lib/rpm/__db.*
In this example,
systemd will periodically clean up RPM database library files.
Symlink creation and recursive file copy
[root@freddy ~]# cat /usr/lib/tmpfiles.d/etc.conf # This file is part of systemd. # # systemd is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published by # the Free Software Foundation; either version 2.1 of the License, or # (at your option) any later version. # See tmpfiles.d(5) for details L /etc/os-release - - - - ../usr/lib/os-release L /etc/localtime - - - - ../usr/share/zoneinfo/UTC L+ /etc/mtab - - - - ../proc/self/mounts C /etc/nsswitch.conf - - - - C /etc/pam.d - - - -
In this example,
systemd will ensure the creation of symbolic links for
If suffixed with
'+', and a file already exists where the symlink is to be created, the file will be removed and be replaced by the symlink.
Lastly ,”C” types for files/directories
/etc/pam.d, quoting the tmpfiles.d manual section:
Recursively copy a file or directory, if the destination files or directories do not exist yet. Note that this command will not descend into subdirectories if the destination directory already exists. Instead, the entire copy operation is skipped. If the argument is omitted, files from the source directory /usr/share/factory/ with the same name are copied. Does not follow symlinks.
Time option usage
[root@freddy ~]# cat /usr/lib/tmpfiles.d/cups.conf # See tmpfiles.d(5) for details d /run/cups 0755 root lp - d /run/cups/certs 0511 lp sys - d /var/spool/cups/tmp - - - 30d
Finally, in this example, you can see the usage of Time options. Each file older than 30 days on
/var/spool/cups/tmp will be deleted.
Note that the Time option designates that a file will be considered unused only if
ctime are all older than the specified time.
If you want to dig more on the available configuration types, just type “
man 5 tmpfiles.d” on your shell, and in case you want to test just one configuration file at a time, you can place it as an argument to the
Feel free to leave comments or ask questions! Thanks for reading.