How systemd-tmpfiles cleans up /tmp/ or /var/tmp (replacement of tmpwatch) in CentOS / RHEL 7?

In CentOS/RHEL 7, tmpfiles cleans up /tmp or /var/tmp by removing unused files. This function was called “tmpwatch” in CentOS/RHEL 6 which is invoked by crond, however, it is now realized by timer of systemd on CentOS/RHEL 7.

 

Currently the detailed functions of tmpfiles are described in configuration files:

/usr/lib/systemd/system/systemd-tmpfiles-clean.timer
/usr/lib/systemd/system/systemd-tmpfiles-clean.service
/usr/lib/tmpfiles.d/tmp.conf 

 

Shortly speaking, the functions available are:

  • removing files/directories in /tmp un-accessed more than 10 days(defined in tmp.conf)
  • removing files/directories in /var/tmp un-accessed more than 30 days(defined in tmp.conf)
  • there are several files which will not be removed(defined in tmp.conf)
  • the removing command is “/usr/bin/systemd-tmpfiles –clean“(defined in systemd-tmpfiles-clean.service)

 

un-accessed” is decided by checking all of atime/mtime/ctime of the file/directory. Thus, in case even one of atime/mtime/ctime of a file in /tmp/ is newer than 10 days, the file will not removed. If a file/directory in /tmp/ is not removed by tmpfiles even if it seems it is older than 10 days, the reason can be checked by running a command with debug options like below manually:

# SYSTEMD_LOG_TARGET=console SYSTEMD_LOG_LEVEL=debug /usr/bin/systemd-tmpfiles --clean 

 

For example, below intends that a directory “/tmp/latest” cannot be removed due to its atime.

# SYSTEMD_LOG_TARGET=console SYSTEMD_LOG_LEVEL=debug /usr/bin/systemd-tmpfiles --clean 2>&1 | grep latest
Directory "/tmp/latest": access time Wed 2017-12-06 16:56:28.771577 IST is too new 

 

Sample configuration files

 

Below are the 3 sample configuration files (un-edited) with their default settings.

# cat /usr/lib/systemd/system/systemd-tmpfiles-clean.timer
[Unit]
Description=Daily Cleanup of Temporary Directories
Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8)

[Timer]
OnBootSec=15min
OnUnitActiveSec=1d 

 

 # cat /usr/lib/tmpfiles.d/tmp.conf
# Clear tmp directories separately, to make them easier to override
v /tmp 1777 root root 10d
v /var/tmp 1777 root root 30d

# Exclude namespace mountpoints created with PrivateTmp=yes
x /tmp/systemd-private-%b-*
X /tmp/systemd-private-%b-*/tmp
x /var/tmp/systemd-private-%b-*
X /var/tmp/systemd-private-%b-*/tmp

 

# cat /usr/lib/systemd/system/systemd-tmpfiles-clean.service
[Unit]
Description=Cleanup of Temporary Directories
Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8)
DefaultDependencies=no
Conflicts=shutdown.target
After=systemd-readahead-collect.service systemd-readahead-replay.service local-fs.target time-sync.target
Before=shutdown.target

[Service]
Type=oneshot
ExecStart=/usr/bin/systemd-tmpfiles --clean
IOSchedulingClass=idle 

 

Was this answer helpful? 0 Users Found This Useful (0 Votes)