[arch-general] SystemD: Is there a way to disable PrivateTmp globally?

"Jérôme M. Berger" jeberger at free.fr
Thu Nov 1 12:40:20 EDT 2012


	Is there a way to disable Private Tmp globally? I know I can
disable it by copying all the affected unit files to /etc/systemd
and removing it there but is there a way to disable it once and for all?

	The reasons I want to disable it are:
- I don't need it: this is a single user machine that sits behind a
firewall and doesn't run any publicly available servers, so the
security issues that private tmp solves are not important for this
- I want to know where the files are, and I especially do not want
them in a tmpfs. According to the docs I was able to find, private
tmp is implemented using "kernel namespace" but that tells me
nothing about where the data is stored;
- I want to be able to access those files for debugging purposes.
For example, I have some custom Apache modules that dump debug
information to files in /tmp and I need to be able to access them.
However, I haven't found any way to access the private tmp of a
service, even as root.

mailto:jeberger at free.fr
Jabber: jeberger at jabber.fr

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20121101/3b4461c5/attachment.asc>

More information about the arch-general mailing list