Managing temporary files with systemd-tmpfiles
In this tutorial we can check how to manage temporary files with systemd-tmpfiles
A modern system requires a large number of temporary files and directories. Not just the highly user-visible ones such as /tmp that get used and abused by regular users, but also more task-specific ones such as daemon and user-specific volatile directories under /run. In this context, volatile means that the file system storing these files only exists in memory. When the system reboots or loses power, all the contents of volatile storage will be gone. To keep a system running cleanly, it is necessary for these directories and files to be created when they do not exist, since daemons and scripts might rely on them being there, and for old files to be purged so that they do not fill up disk space or provide faulty information.
In the past, system administrators relied on RPM packages and SystemV init-scripts to create these directories, and a tool called tmpwatch to remove old, unused files from configured directories. Systemd provides a more structure, and configurable, method to manage temporary directories and files: systemd-tmpfiles. When systemd starts a system, one of the first service units launched is systemd-tmpfiles-setup. This service runs the command systemd-tmpfiles – -create – -remove. This command reads configuration files from /usr/lib/tmpfiles.d/*.conf, /run/tmpfiles.d/*.conf, and /etc/tmpfiles.d/*.conf. Any files and directories marked for deletion in those configuration files will be removed, and any files and directories marked for creation will be created with the correct permissions if necessary.
To make sure that long-running systems do not fill up their disks with stale data, there is also systemd timer unit that calls systemd-tmpfiles – -clean on a regular interval. systemd timer units are a special type of systemd service that have a [Timer] block indicating how often the service with the same name should be started.
The configuration for the systemd-tmpfiles-clean.timer unit looks like this:
This indicates that the service with the same name (systemd-tmpfiles-clean.service) will be started 15 minutes after systemd has started, and then once every 24 hours afterwards. The command systemd-tmpfiles – -clean parses the same configuration files as the systemd-tmpfiles – -create, but instead of creating files and directories, it will purge all files which have not been accessed, changed, or modified more recently than the maximum age defined in the configuration file.
The man page tmpfiles.d(5) claims that file “older than” the age in the date field of the configuration file are removed. This is not exactly true. Files on a Linux file system following the POSIX standard have three timestamps: atime, the last time the file was accessed, mtime, the last time the file’s contents were modified, and ctime, the last time the file’s status was changed (by chown, chmod, and so on). Most Linux file systems do not have a creation time stamp. This is common among Unix-like file systems. Files will be considered unused if all three timestamps are older than the systemd-tmpfiles age configuration. If any of the three timestamps are newer than the age configuration, the file will not be removed due to age by systemd-tmpfiles. The stat command can be run on a file to see the values of all three of its time stamps. The ls -l command normally displays mtime.
Systemd-tmpfiles configuration files
The format of the configuration files for systemd-tmpfiles is detailed in the tmpfiles.d(5) manual page. The basic syntax consists of seven columns: Type, Path, Mode, UID, GID, Age, and Argument. Type refers to the action that systemd-tmpfiles should take; for example, d to create a directory if it does not yet exist, or Z to recursively restore SELinux contexts and file permissions and ownership.
Examples with explanations
d /run/systemd/seats 0755 root root
When creating files and directories, create the directory /run/systemd/seats if it does not yet exist, owned by the user root and the group root, with permissions set to rwxr-xr-r. This directory will not be automatically purged.
D /home/user 0700 user user 1
Create the directory /home/student if it does not yet exist. If it does exist, empty it of all contents. When systemd-tmpfiles – -clean is run, remove all files which have not been accessed, changed, or modified in more than one day.
L /run/fstablink – root root – /etc/fstab
Create the symbolic link /run/fstablink pointing to /etc/fstab. Never automatically purge this line.
If you need any further assistance please contact our support department.