[arch-general] pacman/libalpm/libfetch do not honor TMPDIR

Isaac Dupree ml at isaac.cedarswampstudios.org
Tue Nov 29 20:51:41 EST 2011


On 11/29/2011 05:20 PM, clemens fischer wrote:
> With tmpwatch one gets to choose files not accessed or modified for
> a certain period, and it needs no config file.  Arch-tmpfiles, OTOH,
> would require such a thing.
>
> Then again, a simple "find<some-dirs>  -atime +<time-spec>  -exec /bin/rm
> '{}' +" does about the same as tmpwatch.

Use -execdir instead, for security reasons (to protect against race 
conditions at least a little bit better).  Or even better, just use 
-delete, which is built into find and also does everything to make the 
command able to delete long-unaccessed directories too.

Still, for something this sensitive to mistakes*, I'd be more likely to 
trust a command made specifically for the purpose.  For example, web 
search found me a tmpwatch man-page that says various things it's 
careful about: "When changing directories, tmpwatch is very sensitive to 
possible race conditions and will exit with an error if one is detected. 
It does not follow symbolic links in the directories it's cleaning (even 
if a symbolic link is given as its argument), will not switch 
filesystems, and only removes empty directories and regular files." ... 
and I think there's more.

(disclosure: I don't need it personally, as tmpfs /tmp meets my needs.)

-Isaac

* at least: shared /tmp is a bit of a security disaster ; programs like 
X keep socket-type files there ; perhaps more: how many people know all 
of these parts well enough to write robust generic /tmp-related code?


More information about the arch-general mailing list