I want to stop the automatic deletion of the tmp area with RHEL7

(Past correspondence memo)

I want to prevent the bottom of / tmp from being deleted without permission. Tmpwatch is missing from RHEL7. It seems that systemd-tmpfiles-clean.timer is cleaning the tmp area.

The configuration file is here: /usr/lib/tmpfiles.d/tmp.conf

Copy this file to /etc/tmpfiles.d/ You may want to rewrite it to exclude / tmp / *.

testing environment

VM (CetnOS7) (Production VM is RHEL7) XenServer

Verification

Confirm with man command

# man tmpfiles.d
--------------------------------------------
CONFIGURATION FORMAT

Files in /etc/tmpfiles.d override files with the same name in /usr/lib/tmpfiles.d and /run/tmpfiles.d.
Files in /run/tmpfiles.d override files with the same name in /usr/lib/tmpfiles.d.
Packages should install their configuration files in /usr/lib/tmpfiles.d.
Files in /etc/tmpfiles.d are reserved for the local administrator, who may use this logic to override the configuration files installed by vendor packages. 
All configuration files are sorted by their filename in lexicographic order, regardless of which of the directories they reside in.
If multiple files specify the same path, the entry in the file with the lexicographically earliest name will be applied.
All other conflicting entries will be logged as errors.
When two lines are prefix and suffix of each other, then the prefix is always processed first, the suffix later.
Otherwise, the files/directories are processed in the order they are listed.
If the administrator wants to disable a configuration file supplied by the vendor, the recommended way is to place a symlink to /dev/null in /etc/tmpfiles.d/ bearing the same filename.
--------------------------------------------

/etc/tmpfiles.d > /run/tmpfiles.d > /usr/lib/tmpfiles.d It seems to be strong in that order.

Since systemd-tmpfiles-clean.timer checks all atime / mtime / ctime, Just create a file and then change the timestamp with touch I can't confirm whether it will be deleted. (Because ctime cannot be changed)

Check settings

# cat /usr/lib/tmpfiles.d/tmp.conf
-----------------------------
v /tmp 1777 root root 10d
v /var/tmp 1777 root root 30d

→ /Under tmp, things older than 10 days disappear
-----------------------------

Stop NTP

# systemctl disable ntpd.service

chronyd also stopped

# systemctl stop chronyd
# systemctl disable chronyd
Create a file directory
# cd /tmp/
# touch test
# mkdir miisuke

Check time
# stat test
Access: 2020-03-27 18:54:15.333822690 +0900
Modify: 2020-03-27 18:54:15.333822690 +0900
Change: 2020-03-27 18:54:15.333822690 +0900

# stat miisuke
Access: 2020-03-27 18:54:27.822006515 +0900
Modify: 2020-03-27 18:54:27.822006515 +0900
Change: 2020-03-27 18:54:27.822006515 +0900

Shift the server time
# date
Friday, March 27, 2020 19:09:58 JST

# date -s "03/28 20:00 2030"
# date
Thursday, March 28, 2030 20:00:02 JST

File creation at this point
# touch test2
# mkdir miisuke2

# stat test2
Access: 2030-03-28 20:00:37.166547096 +0900
Modify: 2030-03-28 20:00:37.166547096 +0900
Change: 2030-03-28 20:00:37.166547096 +0900

# stat miisuke2
Access: 2030-03-28 20:00:39.423580319 +0900
Modify: 2030-03-28 20:00:39.423580319 +0900
Change: 2030-03-28 20:00:39.423580319 +0900

Try restarting the server
# shutdown -r now

Should test and miisuke disappear?

$ date
Friday, March 27, 2020 19:16:12 JST
→ The time has returned after restarting. Is it synced on the xen host? ??

Redo

Make the server time old
# date -s "03/28 20:00 2010"
# date
Sunday, March 28, 2010 20:00:01 JST

Create file here
# cd /tmp/
# touch test3
# mkdir miisuke3

# stat test3
Access: 2010-03-28 20:01:47.397000000 +0900
Modify: 2010-03-28 20:01:47.397000000 +0900
Change: 2010-03-28 20:01:47.397000000 +0900

# stat miisuke3
Access: 2010-03-28 20:01:50.509000000 +0900
Modify: 2010-03-28 20:01:50.509000000 +0900
Change: 2010-03-28 20:01:50.509000000 +0900

Try restarting the server
# shutdown -r now

Should miisuke3 and test3 disappear when the time goes back?

# date
Friday, March 27, 2020 19:22:41 JST

# ls -l /tmp/
Total 0
drwxr-xr-x 2 root root 6 March 27 18:54 miisuke
drwxr-xr-x 2 root root 6 March 28 2030 miisuke2
drwxr-xr-x 2 root root 6 March 28 2010 miisuke3
-rw-r--r--1 root root 0 March 27 18:54 test
-rw-r--r--1 root root 0 March 28 2030 test2
-rw-r--r--1 root root 0 March 28 2010 test3

Not disappear.

Manually execute the deletion process
# SYSTEMD_LOG_TARGET=console SYSTEMD_LOG_LEVEL=debug /usr/bin/systemd-tmpfiles --clean

# ls -l /tmp/
drwxr-xr-x 2 root root 6 March 27 18:54 miisuke
drwxr-xr-x 2 root root 6 March 28 2030 miisuke2
-rw-r--r--1 root root 0 March 27 18:54 test
-rw-r--r--1 root root 0 March 28 2030 test2

Had disappeared.

Try to enable the process.

Create configuration file

# cd /etc/tmpfiles.d/
# cp -pi /usr/lib/tmpfiles.d/tmp.conf .
# vi tmp.conf
----------------
x /tmp/*
x /var/tmp/*
----------------

Make the server time old
# date -s "03/28 20:00 2010"
# date
Sunday, March 28, 2010 20:00:02 JST

Create file here
# cd /tmp/
# touch test3
# mkdir miisuke3

# stat test3
Access: 2010-03-28 20:00:16.230000000 +0900
Modify: 2010-03-28 20:00:16.230000000 +0900
Change: 2010-03-28 20:00:16.230000000 +0900

# stat miisuke3
Access: 2010-03-28 20:00:19.255000000 +0900
Modify: 2010-03-28 20:00:19.255000000 +0900
Change: 2010-03-28 20:00:19.255000000 +0900

Try restarting the server
# shutdown -r now

# date
Friday, March 27, 2020 19:51:03 JST

# ls -l /tmp/
It hasn't disappeared yet.

Manually execute the deletion process
# SYSTEMD_LOG_TARGET=console SYSTEMD_LOG_LEVEL=debug /usr/bin/systemd-tmpfiles --clean

# ls -l /tmp/
Total 0
drwxr-xr-x 2 root root 6 March 27 18:54 miisuke
drwxr-xr-x 2 root root 6 March 28 2030 miisuke2
drwxr-xr-x 2 root root 6 March 28 2010 miisuke3
-rw-r--r--1 root root 0 March 27 18:54 test
-rw-r--r--1 root root 0 March 28 2030 test2
-rw-r--r--1 root root 0 March 28 2010 test3

It didn't disappear!

Production implementation

Implemented on RHEL7 server

Create configuration file

# cd /etc/tmpfiles.d/
# cp -pi /usr/lib/tmpfiles.d/tmp.conf .
# vi tmp.conf
----------------
x /tmp/*
x /var/tmp/*
----------------
# mv tmp.conf aaa_tmp.conf(.If it's conf, any name looks good)

reference

I referred to the following.

Differences in behavior between tmpwatch (up to CentOS6) and systemd-tmpfiles (CentOS7) Four pitfalls of CentOS 7 that you should be addicted to and cry [Linux] [Cent OS] The story that files under / tmp and / var / tmp are deleted without permission [Linux] Regarding the deletion process of the tmp folder of CentOS 7 How systemd-tmpfiles cleans up /tmp/ or /var/tmp (replacement of tmpwatch) in CentOS / RHEL 7

Recommended Posts

I want to stop the automatic deletion of the tmp area with RHEL7
I want to output the beginning of the next month with Python
I want to check the position of my face with OpenCV!
I want to express my feelings with the lyrics of Mr. Children
I want to customize the appearance of zabbix
I want to grep the execution result of strace
I want to fully understand the basics of Bokeh
I want to increase the security of ssh connections
I tried to find the entropy of the image with python
I want to specify another version of Python with pyvenv
I tried to find the average of the sequence with TensorFlow
I want to get the operation information of yahoo route
I want to change the Japanese flag to the Palau flag with Numpy
I want to color black-and-white photos of memories with GAN
[Python] I want to use the -h option with argparse
I want to judge the authenticity of the elements of numpy array
I want to know the features of Python and pip
Keras I want to get the output of any layer !!
I want to know the legend of the IT technology world
[Python] I want to make a 3D scatter plot of the epicenter with Cartopy + Matplotlib!
I want to do ○○ with Pandas
I want to debug with Python
I want to manually assign the training parameters of the [Pytorch] model
I want to know the weather with LINE bot feat.Heroku + Python
Become familiar with (want to be) around the pipeline of spaCy
I tried to automate the watering of the planter with Raspberry Pi
I want to read the html version of "OpenCV-Python Tutorials" OpenCV 3.1 version
[Introduction to StyleGAN] I played with "The Life of a Man" ♬
I tried to expand the size of the logical volume with LVM
For the time being, I want to convert files with ffmpeg !!
I want to know the population of each country in the world.
I tried to improve the efficiency of daily work with Python
I want to extract an arbitrary URL from the character string of the html source with python
I want to pin Spyder to the taskbar
I want to detect objects with OpenCV
I want to output to the console coolly
I want to handle the rhyme part1
I want to blog with Jupyter Notebook
I want to handle the rhyme part3
I want to pip install with PythonAnywhere
I want to play with aws with python
I want to display the progress bar
I want to handle the rhyme part2
I want to handle the rhyme part5
I want to handle the rhyme part4
Stop the automatic startup of Apache Nginx
I want to do it with Python lambda Django, but I will stop
[Note] I want to completely preprocess the data of the Titanic issue-Age version-
I don't want to admit it ... The dynamical representation of Neural Networks
[Image recognition] How to read the result of automatic annotation with VoTT
(Python Selenium) I want to check the settings of the download destination of WebDriver
I want to batch convert the result of "string" .split () in Python
I want to explain the abstract class (ABCmeta) of Python in detail.
I tried to get the authentication code of Qiita API with Python.
I want to sort a list in the order of other lists
I tried to automatically extract the movements of PES players with software
I want to analyze the emotions of people who want to meet and tremble
I tried to analyze the negativeness of Nono Morikubo. [Compare with Posipa]
I want to use the Qore SDK to predict the success of NBA players
I tried to streamline the standard role of new employees with Python
I tried to visualize the text of the novel "Weathering with You" with WordCloud