[arch-general] SystemD: Is there a way to disable PrivateTmp globally?
"Jérôme M. Berger"
jeberger at free.fr
Thu Nov 1 12:40:20 EDT 2012
Is there a way to disable Private Tmp globally? I know I can
disable it by copying all the affected unit files to /etc/systemd
and removing it there but is there a way to disable it once and for all?
The reasons I want to disable it are:
- I don't need it: this is a single user machine that sits behind a
firewall and doesn't run any publicly available servers, so the
security issues that private tmp solves are not important for this
- I want to know where the files are, and I especially do not want
them in a tmpfs. According to the docs I was able to find, private
tmp is implemented using "kernel namespace" but that tells me
nothing about where the data is stored;
- I want to be able to access those files for debugging purposes.
For example, I have some custom Apache modules that dump debug
information to files in /tmp and I need to be able to access them.
However, I haven't found any way to access the private tmp of a
service, even as root.
mailto:jeberger at free.fr
Jabber: jeberger at jabber.fr
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 198 bytes
Desc: OpenPGP digital signature
More information about the arch-general