O'Reilly logo

Linux Annoyances for Geeks by Michael Jang

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

User Downloads Are Overloading Workstations

As with all annoyances in this book, there is more than one method available to solve problems. In this case, I'll show you how you can keep downloads to a minimum on our selected Linux distributions.

The basic premise is that, as an administrator, you've limited downloads to the /tmp directory. You can further limit user downloads with appropriate quotas as described in "Some User Is Taking Too Much Disk Space" in Chapter 10.

Alternatively, you can extend the scripts shown in this annoyance to the applicable subdirectories for each user.

You can configure the default download directories associated with Internet-related applications such as Firefox. I'll describe the options briefly in Chapter 3. For more information on customizing Firefox for consistent settings, see Firefox Hacks by Nigel McFarlane (O'Reilly).


There may be security vulnerabilities associated with the Linux tools that maintain /tmp. While I believe they've been addressed by the major distributions, the article on this subject is worth reading; it's available from: http://www.bindview.com/Services/Razor/Papers/2002/mkstemp.cfm.

Red Hat/Fedora

The Red Hat/Fedora distributions configure the /usr/sbin/tmpwatch command to check various temporary directories and remove old files as part of a daily cron job in the /etc/cron.daily directory. tmpwatch is a script of three commands that look more complex than they are.

With the -x option, the first command excludes from consideration a number of directories essential to starting the GUI. Then it specifies that files older than 240 hours in the /tmp directory (other than those already excluded) will be deleted.

/usr/sbin/tmpwatch -x /tmp/.X11-unix -x /tmp/.XIM-unix -x /tmp/.font-unix -x /
tmp/.ICE-unix -x /tmp/.Test-unix 240 /tmp

The next command in the script deletes files older than 720 hours from the /var/tmp directory. This directory usually holds temporary configuration files associated with the KDE desktop environment.

/usr/sbin/tmpwatch 720 /var/tmp

The final command searches through caches of manpages. As a geek, you know that manpages are organized into nine different categories. When a manpage is loaded, it is stored in cache for easier retrieval. If you haven't accessed that manpage in 10 days (720 hours), the cache is purged by the following loop:

for d in /var/{cache/man,catman}/{cat?,X11R6/cat?,local/cat?}; do
 if [ -d "$d" ]; then
 /usr/sbin/tmpwatch -f 720 $d

Remember that the ? represents a wildcard for a single character, so the for directive shown covers the /var/cache/man/cat1 through /var/cache/man/cat9 directories.


SUSE Linux manages temporary files through a daily cron job in the /etc/cron.daily directory, known as suse.de-clean-tmp. It's a substantial script that depends on directives set in the /etc/sysconfig/cron configuration file. Generally, you won't need to change anything in the cron job; just modify the /etc/sysconfig/cron as needed. This configuration file includes the directives defined in Table 1-10.

Table 1-10. SUSE tmp management directives




By default, SUSE sets this to 0, which retains all files in /tmp directories; this directive is associated with the TMP_DIRS_TO_CLEAR directive.


By default, SUSE sets this to 0, which retains all files in the directory defined by the LONG_TMP_DIRS_TO_CLEAR directive.


Normally set to /tmp.


Set to the directory of your choice; commonly used for /var/tmp.


Specifies the owner for files to be retained; commonly assigned to root, which retains the files in /tmp required for the GUI.


Normally set to no; if set to yes, deletes all files from the /tmp directories (including those owned by the root user). Don't change unless you're not using a GUI.


Configures re-creation of the manpage database; normally set to yes.


Deletes preformatted manpages, as stored in /var/catman directory; normally set to yes.


Specifies a time after which preformatted manpages are deleted.


Deletes older databases of files created with the updatedb command; don't change unless you have installed the findutils-locate RPM.


Specifies a maximum age for file databases, in days.


The tmpwatch RPM is no longer available for SUSE Linux. As of SUSE 9.2, the appropriate script is now part of the SUSE aaa_base RPM.


Debian Linux configures the /usr/sbin/tmpreaper command as part of a daily cron job in the /etc/cron.daily directory. It depends on settings that you can configure in /etc/tmpreaper.conf and /etc/default/rcS. I'll examine both the configuration files and the script.

The /etc/default/rcS file is key to a number of configuration files associated with the boot process. The default version of this file includes one related directive:


This specifies the time that files are stored in /tmp in days. The default of 0 specifies that files in /tmp are stored per the TMPREAPER_TIME directive in /etc/tmpreaper.conf.

Now examine the /etc/tmpreaper.conf configuration file, as that is where you can set the directives used in the /etc/cron.daily/tmpreaper cron job. This configuration file includes directives as defined in Table 1-11.

Table 1-11. Debian /etc/tmpreaper.conf management directives




Related to the README.security.gz warning in the /usr/share/doc/tmpreaper directory.


If TMPTIME is not set in /etc/default/rcS, this directive determines how long files are stored in /tmp.


Lets you specify file patterns to protect from deletion; some are already protected in the default tmpreaper cron job.


Specifies the directories to apply the tmpreaper cron job.


Sets additional options to pass to the tmpreaper command.

These directives are applied to the tmpreaper cron job in the first few lines of the script. First, this stanza makes sure that the tmpreaper command exists:

if ! [ -x /usr/sbin/tmpreaper ]; then
exit 0

The next stanza checks for and then uses the /etc/tmpreaper.conf configuration file:

if [ -s /etc/tmpreaper.conf ]; then
. /etc/tmpreaper.conf

The script then checks key directives; the default TMPREAPER_TIME is seven days, and the default TMPREAPER_DIRS is /tmp.


Finally, the script is run, with a lowered priority (courtesy of nice -n10) to help prevent this job from interfering with other running processes. It avoids deleting directories critical to the running of the Linux GUI.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required