9

I'm trying to change the cleanup interval for Apache PrivateTmp files from the default 30 days to 6 hours. I read that to edit the time intervals, I should set up an override file in /etc/tmpfiles.d/tmp.conf rather than editing /usr/lib/tmpfiles.d/tmp.conf, so I created that file with the following lines:

# override the default cleanup intervals
v /tmp 1777 root root 6h
v /var/tmp 1777 root root 6h

Now if I run systemd-tmpfiles --clean, the expected files are removed, so this part is working.

However, /usr/lib/systemd/system/systemd-tmpfiles-clean.timer has OnUnitActiveSec set to 1d. I assume this means my 6 hour cleanup interval will effectively be limited to once per day.

I can change that timer interval to 6h or less, but should I edit this file directly, or create an override file similar to /etc/tmpfiles.d?

Update: this question was marked as a duplicate, but I don't see anything in the linked question about whether I should be using an override file like with the tmp.conf file.

Solution: apparently I can't post this as an answer since the question has been marked as a duplicate. But this is how I created an override file to change the timer interval:

Copy the existing timer file to the corresponding override directory:

sudo cp /usr/lib/systemd/system/systemd-tmpfiles-clean.timer /etc/systemd/system

Edit the new copy (change the 1d value to 1h):

sudo nano /etc/systemd/system/systemd-tmpfiles-clean.timer

Load the new timer file:

sudo systemctl daemon-reload

Confirm that the new timer interval is loaded:

sudo systemctl list-timers

Improve this question
8
  • Did you understand why you shouldn't edit /usr/lib/tmpfiles.d/tmp.conf and instead use override files?
    – muru
    Commented Jul 2, 2018 at 2:05
  • Is it because software updates could overwrite the /usr/lib files and wipe out any custom settings?
    – arlomedia
    Commented Jul 2, 2018 at 2:54
  • Yes, indeed, and that's why systemd provides a built-in mechanism to create such override files (systemctl edit).
    – muru
    Commented Jul 2, 2018 at 3:16
  • So do the .timer files follow the same principle, or should those just be edited directly? I haven't found any documentation or examples of changing the timer values, except the "duplicate" question above, which doesn't explain where the files are located.
    – arlomedia
    Commented Jul 2, 2018 at 3:26
  • 1
    Use systemctl edit on the timer and see what happens.
    – muru
    Commented Jul 2, 2018 at 3:27

1 Answer 1

Reset to default
8

This answer is a bit late but I'll leave it here in case others stumble on it.

I think that it's important to understand the underlying mechanism of how systemd overrides work. Your solution illustrates that you figured out the low level implementation details and how to manually create overrides, which is a good thing.

For the sake of completeness and propagating best practices, people should use the built-in systemctl functions to create overrides (as @muru mentioned in the comment). For example:

sudo systemctl edit systemd-tmpfiles-clean.timer

For example, this ensures permissions are properly set on the file and reduces the likelihood of introducing errors by relying on the underlying abstractions.

If you want to view the components that make up this unit, use systemctl cat as follows:

sudo systemctl cat systemd-tmpfiles-clean.timer 

# /usr/lib/systemd/system/systemd-tmpfiles-clean.timer
#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it
#  under the terms of the GNU Lesser General Public License as published by
#  the Free Software Foundation; either version 2.1 of the License, or
#  (at your option) any later version.

[Unit]
Description=Daily Cleanup of Temporary Directories
Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8)

[Timer]
OnBootSec=15min
OnUnitActiveSec=1d

# /etc/systemd/system/systemd-tmpfiles-clean.timer.d/override.conf
[Timer]
# reset existing triggers
OnBootSec=
OnUnitActiveSec=
# add new triggers
OnBootSec=15min
OnUnitActiveSec=60min
Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .