[systemd-devel] PrivateTmp and systemd-tmpfiles
Kay Sievers
kay at vrfy.org
Wed Oct 17 09:28:00 PDT 2012
On Wed, Oct 17, 2012 at 6:10 PM, Lennart Poettering
<lennart at poettering.net> wrote:
> On Wed, 17.10.12 14:16, Lukáš Nykrýn (lnykryn at redhat.com) wrote:
>
>> Hello,
>> Today I have read this bug
>> https://bugzilla.redhat.com/show_bug.cgi?id=866693 and described
>> systemd-tmpfiles behavior look pretty wrong to me, but I am not sure how
>> to fix it. Some ideas cross my mind; moving systemd-namespace-*
>> elsewhere, adding some option to exclude dirs in tmpfiles conf files,
>> stop cleaning /tmp, hardcode some excludes to tmpfiles, but I don't like
>> any of these solutions.
>
> We already allow files to be excluded from clean up by setting the
> sticky bit on them. We can't do that for dirs however, since the sticky
> bit for dirs has a different meaning. One possible way to solve this
> issue otherwise might be by introducing an xattr for this. The one thing
> blocking this right now however is that tmpfs still can't handle xattrs
> properly. There were multiple attempts to get xattrs for tmpfs into the
> kernel, not sure what the latest state on this is.
>
> The best would probably be to exclude these dirs from clean-up via
> explicit tmpfiles lines. Unfortunately "x" is probably not going to do
> it here, since we actually want recursive clean-up inside the dir, just
> not of the dir... So maybe introduce a new type of "X" that excludes the
> dir itself from clean-up but does not exclude recursively?
Pre-create and protect a /tmp/systemd-namespace/ subdir?
Kay
More information about the systemd-devel
mailing list