]> git.ipfire.org Git - thirdparty/systemd.git/blame - man/tmpfiles.d.xml
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Add SPDX license identifiers to catalog and po files
[thirdparty/systemd.git] / man / tmpfiles.d.xml
CommitLineData
5fb13eb5 1<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
12b42c76 2<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4149f86d
BP		 3<!--
4 This file is part of systemd.
5
6 Copyright 2010 Brandon Philips
7
8 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
4149f86d
BP		 11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 16 Lesser General Public License for more details.
4149f86d 17
5430f7f2 18 You should have received a copy of the GNU Lesser General Public License
4149f86d
BP		 19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20-->
21<refentry id="tmpfiles.d">
22
302fbdf2
ZJS		 23 <refentryinfo>
24 <title>tmpfiles.d</title>
25 <productname>systemd</productname>
26
27 <authorgroup>
28 <author>
29 <contrib>Documentation</contrib>
30 <firstname>Brandon</firstname>
31 <surname>Philips</surname>
32 <email>brandon@ifup.org</email>
33 </author>
34 </authorgroup>
35 </refentryinfo>
36
37 <refmeta>
38 <refentrytitle>tmpfiles.d</refentrytitle>
39 <manvolnum>5</manvolnum>
40 </refmeta>
41
42 <refnamediv>
43 <refname>tmpfiles.d</refname>
44 <refpurpose>Configuration for creation, deletion and cleaning of
45 volatile and temporary files</refpurpose>
46 </refnamediv>
47
48 <refsynopsisdiv>
49 <para><filename>/etc/tmpfiles.d/*.conf</filename></para>
50 <para><filename>/run/tmpfiles.d/*.conf</filename></para>
51 <para><filename>/usr/lib/tmpfiles.d/*.conf</filename></para>
52 </refsynopsisdiv>
53
54 <refsect1>
55 <title>Description</title>
56
57 <para><command>systemd-tmpfiles</command> uses the configuration
58 files from the above directories to describe the creation,
59 cleaning and removal of volatile and temporary files and
60 directories which usually reside in directories such as
61 <filename>/run</filename> or <filename>/tmp</filename>.</para>
62
63 <para>Volatile and temporary files and directories are those
64 located in <filename>/run</filename> (and its alias
65 <filename>/var/run</filename>), <filename>/tmp</filename>,
66 <filename>/var/tmp</filename>, the API file systems such as
67 <filename>/sys</filename> or <filename>/proc</filename>, as well
68 as some other directories below <filename>/var</filename>.</para>
69
70 <para>System daemons frequently require private runtime
71 directories below <filename>/run</filename> to place communication
72 sockets and similar in. For these, consider declaring them in
73 their unit files using <varname>RuntimeDirectory=</varname> (see
74 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
75 for details), if this is feasible.</para>
76 </refsect1>
77
78 <refsect1>
8165be2e 79 <title>Configuration Directories and Precedence</title>
302fbdf2
ZJS		 80
81 <para>Each configuration file shall be named in the style of
82 <filename><replaceable>package</replaceable>.conf</filename> or
83 <filename><replaceable>package</replaceable>-<replaceable>part</replaceable>.conf</filename>.
84 The second variant should be used when it is desirable to make it
85 easy to override just this part of configuration.</para>
86
87 <para>Files in <filename>/etc/tmpfiles.d</filename> override files
88 with the same name in <filename>/usr/lib/tmpfiles.d</filename> and
89 <filename>/run/tmpfiles.d</filename>. Files in
90 <filename>/run/tmpfiles.d</filename> override files with the same
91 name in <filename>/usr/lib/tmpfiles.d</filename>. Packages should
92 install their configuration files in
93 <filename>/usr/lib/tmpfiles.d</filename>. Files in
94 <filename>/etc/tmpfiles.d</filename> are reserved for the local
95 administrator, who may use this logic to override the
96 configuration files installed by vendor packages. All
97 configuration files are sorted by their filename in lexicographic
98 order, regardless of which of the directories they reside in. If
99 multiple files specify the same path, the entry in the file with
100 the lexicographically earliest name will be applied. All other
101 conflicting entries will be logged as errors. When two lines are
102 prefix and suffix of each other, then the prefix is always
6d785b6d
LP		 103 processed first, the suffix later. Lines that take globs are
104 applied after those accepting no globs. If multiple operations
b938cb90
JE		 105 shall be applied on the same file, (such as ACL, xattr, file
106 attribute adjustments), these are always done in the same fixed
6d785b6d
LP		 107 order. Otherwise, the files/directories are processed in the order
108 they are listed.</para>
302fbdf2
ZJS		 109
110 <para>If the administrator wants to disable a configuration file
111 supplied by the vendor, the recommended way is to place a symlink
112 to <filename>/dev/null</filename> in
113 <filename>/etc/tmpfiles.d/</filename> bearing the same filename.
114 </para>
8165be2e
ZJS		 115 </refsect1>
116
117 <refsect1>
118 <title>Configuration File Format</title>
302fbdf2
ZJS		 119
120 <para>The configuration format is one line per path containing
121 type, path, mode, ownership, age, and argument fields:</para>
122
123 <programlisting>#Type Path Mode UID GID Age Argument
ed7fd549
ZJS		 124d /run/user 0755 root root 10d -
125L /tmp/foobar - - - - /dev/null</programlisting>
302fbdf2 126
657cf7f4 127 <para>Fields may be enclosed within quotes and contain C-style escapes.</para>
128
302fbdf2
ZJS		 129 <refsect2>
130 <title>Type</title>
131
132 <para>The type consists of a single letter and optionally an
133 exclamation mark.</para>
134
135 <para>The following line types are understood:</para>
136
137 <variablelist>
138 <varlistentry>
139 <term><varname>f</varname></term>
140 <listitem><para>Create a file if it does not exist yet. If
141 the argument parameter is given, it will be written to the
6a9171d2 142 file. Does not follow symlinks.</para></listitem>
302fbdf2
ZJS		 143 </varlistentry>
144
145 <varlistentry>
146 <term><varname>F</varname></term>
147 <listitem><para>Create or truncate a file. If the argument
6a9171d2 148 parameter is given, it will be written to the file. Does not follow symlinks.</para>
302fbdf2
ZJS		 149 </listitem>
150 </varlistentry>
151
152 <varlistentry>
153 <term><varname>w</varname></term>
154 <listitem><para>Write the argument parameter to a file, if
155 the file exists. Lines of this type accept shell-style
156 globs in place of normal path names. The argument parameter
157 will be written without a trailing newline. C-style
6a9171d2
LP		 158 backslash escapes are interpreted. Follows
159 symlinks.</para></listitem>
302fbdf2
ZJS		 160 </varlistentry>
161
162 <varlistentry>
163 <term><varname>d</varname></term>
4b743d67
ZJS		 164 <listitem><para>Create a directory. The mode and ownership will be adjusted if
165 specified and the directory already exists. Contents of this directory are subject
ed7fd549 166 to time based cleanup if the age argument is specified.</para></listitem>
302fbdf2
ZJS		 167 </varlistentry>
168
169 <varlistentry>
170 <term><varname>D</varname></term>
4b743d67
ZJS		 171 <listitem><para>Similar to <varname>d</varname>, but in addition the contents
172 of the directory will be removed when <option>--remove</option> is used.
173 </para></listitem>
174 </varlistentry>
df8dee85
ZJS		 175
176 <varlistentry>
177 <term><varname>e</varname></term>
ed7fd549
ZJS		 178 <listitem><para>Similar to <varname>d</varname>, but the directory will not be created if
179 it does not exist. Lines of this type accept shell-style globs in place of normal path
180 names. For this entry to be useful, at least one of the mode, uid, gid, or age arguments
181 must be specified, since otherwise this entry has no effect. If the age argument is
182 <literal>0</literal>, contents of the directory will be unconditionally deleted every time
183 <command>systemd-tmpfiles --clean</command> is run. This can be useful when combined with
184 <varname>!</varname>, see the examples.</para></listitem>
302fbdf2
ZJS		 185 </varlistentry>
186
187 <varlistentry>
188 <term><varname>v</varname></term>
189 <listitem><para>Create a subvolume if the path does not
2904e949
LP		 190 exist yet, the file system supports subvolumes (btrfs), and
191 the system itself is installed into a subvolume
192 (specifically: the root directory <filename>/</filename> is
193 itself a subvolume). Otherwise, create a normal directory, in
194 the same way as <varname>d</varname>. A subvolume created
195 with this line type is not assigned to any higher-level
196 quota group. For that, use <varname>q</varname> or
197 <varname>Q</varname>, which allow creating simple quota
198 group hierarchies, see below.</para></listitem>
5fb13eb5
LP		 199 </varlistentry>
200
201 <varlistentry>
202 <term><varname>q</varname></term>
b938cb90 203 <listitem><para>Similar to <varname>v</varname>. However,
5fb13eb5
LP		 204 makes sure that the subvolume will be assigned to the same
205 higher-level quota groups as the subvolume it has been
206 created in. This ensures that higher-level limits and
207 accounting applied to the parent subvolume also include the
208 specified subvolume. On non-btrfs file systems, this line
209 type is identical to <varname>d</varname>. If the subvolume
210 already exists and is already assigned to one or more higher
b938cb90 211 level quota groups, no change to the quota hierarchy is
5fb13eb5
LP		 212 made. Also see <varname>Q</varname> below. See <citerefentry
213 project='die-net'><refentrytitle>btrfs-qgroup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
214 for details about the btrfs quota group
215 concept.</para></listitem>
216 </varlistentry>
217
218 <varlistentry>
219 <term><varname>Q</varname></term>
b938cb90 220 <listitem><para>Similar to <varname>q</varname>. However,
5fb13eb5
LP		 221 instead of copying the higher-level quota group assignments
222 from the parent as-is, the lowest quota group of the parent
223 subvolume is determined that is not the leaf quota
224 group. Then, an "intermediary" quota group is inserted that
225 is one level below this level, and shares the same ID part
226 as the specified subvolume. If no higher-level quota group
227 exists for the parent subvolume, a new quota group at level
228 255 sharing the same ID as the specified subvolume is
229 inserted instead. This new intermediary quota group is then
230 assigned to the parent subvolume's higher-level quota
231 groups, and the specified subvolume's leaf quota group is
232 assigned to it.</para>
233
234 <para>Effectively, this has a similar effect as
235 <varname>q</varname>, however introduces a new higher-level
236 quota group for the specified subvolume that may be used to
237 enforce limits and accounting to the specified subvolume and
238 children subvolume created within it. Thus, by creating
239 subvolumes only via <varname>q</varname> and
b938cb90 240 <varname>Q</varname>, a concept of "subtree quotas" is
5fb13eb5
LP		 241 implemented. Each subvolume for which <varname>Q</varname>
242 is set will get a "subtree" quota group created, and all
243 child subvolumes created within it will be assigned to
244 it. Each subvolume for which <varname>q</varname> is set
245 will not get such a "subtree" quota group, but it is ensured
246 that they are added to the same "subtree" quota group as their
247 immediate parents.</para>
248
249 <para>It is recommended to use
250 <varname>Q</varname> for subvolumes that typically contain
251 further subvolumes, and where it is desirable to have
252 accounting and quota limits on all child subvolumes
253 together. Examples for <varname>Q</varname> are typically
254 <filename>/home</filename> or
255 <filename>/var/lib/machines</filename>. In contrast,
256 <varname>q</varname> should be used for subvolumes that
257 either usually do not include further subvolumes or where no
258 accounting and quota limits are needed that apply to all
259 child subvolumes together. Examples for <varname>q</varname>
260 are typically <filename>/var</filename> or
261 <filename>/var/tmp</filename>. As with <varname>Q</varname>,
262 <varname>q</varname> has no effect on the quota group
263 hierarchy if the subvolume exists and already has at least
264 one higher-level quota group assigned.</para></listitem>
302fbdf2
ZJS		 265 </varlistentry>
266
267 <varlistentry>
268 <term><varname>p</varname></term>
269 <term><varname>p+</varname></term>
270 <listitem><para>Create a named pipe (FIFO) if it does not
271 exist yet. If suffixed with <varname>+</varname> and a file
272 already exists where the pipe is to be created, it will be
273 removed and be replaced by the pipe.</para></listitem>
274 </varlistentry>
275
276 <varlistentry>
277 <term><varname>L</varname></term>
278 <term><varname>L+</varname></term>
279 <listitem><para>Create a symlink if it does not exist
b3f5897f
WD		 280 yet. If suffixed with <varname>+</varname> and a file or
281 directory already exists where the symlink is to be created,
282 it will be removed and be replaced by the symlink. If the
283 argument is omitted, symlinks to files with the same name
284 residing in the directory
285 <filename>/usr/share/factory/</filename> are created. Note
286 that permissions and ownership on symlinks are ignored.
287 </para></listitem>
302fbdf2
ZJS		 288 </varlistentry>
289
290 <varlistentry>
291 <term><varname>c</varname></term>
292 <term><varname>c+</varname></term>
293 <listitem><para>Create a character device node if it does
294 not exist yet. If suffixed with <varname>+</varname> and a
295 file already exists where the device node is to be created,
296 it will be removed and be replaced by the device node. It is
297 recommended to suffix this entry with an exclamation mark to
298 only create static device nodes at boot, as udev will not
299 manage static device nodes that are created at runtime.
300 </para></listitem>
301 </varlistentry>
302
303 <varlistentry>
304 <term><varname>b</varname></term>
305 <term><varname>b+</varname></term>
306 <listitem><para>Create a block device node if it does not
307 exist yet. If suffixed with <varname>+</varname> and a file
308 already exists where the device node is to be created, it
309 will be removed and be replaced by the device node. It is
310 recommended to suffix this entry with an exclamation mark to
311 only create static device nodes at boot, as udev will not
312 manage static device nodes that are created at runtime.
313 </para></listitem>
314 </varlistentry>
315
316 <varlistentry>
317 <term><varname>C</varname></term>
318 <listitem><para>Recursively copy a file or directory, if the
319 destination files or directories do not exist yet. Note that
320 this command will not descend into subdirectories if the
321 destination directory already exists. Instead, the entire
322 copy operation is skipped. If the argument is omitted, files
323 from the source directory
324 <filename>/usr/share/factory/</filename> with the same name
6a9171d2 325 are copied. Does not follow symlinks.</para></listitem>
302fbdf2
ZJS		 326 </varlistentry>
327
328 <varlistentry>
329 <term><varname>x</varname></term>
330 <listitem><para>Ignore a path during cleaning. Use this type
331 to exclude paths from clean-up as controlled with the Age
332 parameter. Note that lines of this type do not influence the
333 effect of <varname>r</varname> or <varname>R</varname>
50d9e46d 334 lines. Lines of this type accept shell-style globs in place
302fbdf2
ZJS		 335 of normal path names. </para></listitem>
336 </varlistentry>
337
338 <varlistentry>
339 <term><varname>X</varname></term>
340 <listitem><para>Ignore a path during cleaning. Use this type
341 to exclude paths from clean-up as controlled with the Age
342 parameter. Unlike <varname>x</varname>, this parameter will
343 not exclude the content if path is a directory, but only
344 directory itself. Note that lines of this type do not
345 influence the effect of <varname>r</varname> or
50d9e46d 346 <varname>R</varname> lines. Lines of this type accept
302fbdf2
ZJS		 347 shell-style globs in place of normal path names.
348 </para></listitem>
349 </varlistentry>
350
351 <varlistentry>
352 <term><varname>r</varname></term>
353 <listitem><para>Remove a file or directory if it exists.
354 This may not be used to remove non-empty directories, use
355 <varname>R</varname> for that. Lines of this type accept
356 shell-style globs in place of normal path
6a9171d2 357 names. Does not follow symlinks.</para></listitem>
302fbdf2
ZJS		 358 </varlistentry>
359
360 <varlistentry>
361 <term><varname>R</varname></term>
362 <listitem><para>Recursively remove a path and all its
363 subdirectories (if it is a directory). Lines of this type
364 accept shell-style globs in place of normal path
6a9171d2 365 names. Does not follow symlinks.</para></listitem>
302fbdf2
ZJS		 366 </varlistentry>
367
368 <varlistentry>
369 <term><varname>z</varname></term>
370 <listitem><para>Adjust the access mode, group and user, and
371 restore the SELinux security context of a file or directory,
372 if it exists. Lines of this type accept shell-style globs in
6a9171d2 373 place of normal path names. Does not follow symlinks.</para></listitem>
302fbdf2
ZJS		 374 </varlistentry>
375
376 <varlistentry>
377 <term><varname>Z</varname></term>
378 <listitem><para>Recursively set the access mode, group and
379 user, and restore the SELinux security context of a file or
380 directory if it exists, as well as of its subdirectories and
381 the files contained therein (if applicable). Lines of this
6a9171d2
LP		 382 type accept shell-style globs in place of normal path
383 names. Does not follow symlinks. </para></listitem>
302fbdf2
ZJS		 384 </varlistentry>
385
386 <varlistentry>
387 <term><varname>t</varname></term>
b705ab6a
ZJS		 388 <listitem><para>Set extended attributes. Lines of this type
389 accept shell-style globs in place of normal path names.
6a9171d2
LP		 390 This can be useful for setting SMACK labels. Does not follow
391 symlinks.</para></listitem>
b705ab6a
ZJS		 392 </varlistentry>
393
394 <varlistentry>
395 <term><varname>T</varname></term>
396 <listitem><para>Recursively set extended attributes. Lines
397 of this type accept shell-style globs in place of normal
6a9171d2
LP		 398 path names. This can be useful for setting SMACK
399 labels. Does not follow symlinks. </para></listitem>
302fbdf2 400 </varlistentry>
f8eeeaf9 401
fa3f5fd2
GB		 402 <varlistentry>
403 <term><varname>h</varname></term>
404 <listitem><para>Set file/directory attributes. Lines of this type
405 accept shell-style globs in place of normal path names.</para>
406
1ae705fb
LP		 407 <para>The format of the argument field is
408 <varname>[+-=][aAcCdDeijsStTu] </varname>. The prefix
409 <varname>+</varname> (the default one) causes the
fa3f5fd2 410 attribute(s) to be added; <varname>-</varname> causes the
1ae705fb 411 attribute(s) to be removed; <varname>=</varname> causes the
a8eaaee7 412 attributes to be set exactly as the following letters. The
1ae705fb 413 letters <literal>aAcCdDeijsStTu</literal> select the new
fa3f5fd2 414 attributes for the files, see
c30c611c 415 <citerefentry project='man-pages'><refentrytitle>chattr</refentrytitle>
fa3f5fd2
GB		 416 <manvolnum>1</manvolnum></citerefentry> for further information.
417 </para>
1ae705fb
LP		 418 <para>Passing only <varname>=</varname> as argument resets
419 all the file attributes listed above. It has to be pointed
b938cb90 420 out that the <varname>=</varname> prefix limits itself to
1ae705fb
LP		 421 the attributes corresponding to the letters listed here. All
422 other attributes will be left untouched. Does not follow
423 symlinks.</para>
fa3f5fd2
GB		 424 </listitem>
425 </varlistentry>
426
427 <varlistentry>
428 <term><varname>H</varname></term>
429 <listitem><para>Recursively set file/directory attributes. Lines
430 of this type accept shell-style globs in place of normal
6a9171d2 431 path names. Does not follow symlinks.
fa3f5fd2
GB		 432 </para></listitem>
433 </varlistentry>
434
f8eeeaf9
ZJS		 435 <varlistentry>
436 <term><varname>a</varname></term>
50d9e46d
ZJS		 437 <term><varname>a+</varname></term>
438 <listitem><para>Set POSIX ACLs (access control lists). If
a8eaaee7 439 suffixed with <varname>+</varname>, the specified entries will
dd4105b0
ZJS		 440 be added to the existing set.
441 <command>systemd-tmpfiles</command> will automatically add
442 the required base entries for user and group based on the
443 access mode of the file, unless base entries already exist
7f3fdb7f 444 or are explicitly specified. The mask will be added if not
dd4105b0
ZJS		 445 specified explicitly or already present. Lines of this type
446 accept shell-style globs in place of normal path names. This
447 can be useful for allowing additional access to certain
6a9171d2 448 files. Does not follow symlinks.</para></listitem>
b705ab6a
ZJS		 449 </varlistentry>
450
451 <varlistentry>
452 <term><varname>A</varname></term>
50d9e46d
ZJS		 453 <term><varname>A+</varname></term>
454 <listitem><para>Same as <varname>a</varname> and
6a9171d2
LP		 455 <varname>a+</varname>, but recursive. Does not follow
456 symlinks.</para></listitem>
f8eeeaf9 457 </varlistentry>
302fbdf2
ZJS		 458 </variablelist>
459
460 <para>If the exclamation mark is used, this line is only safe of
461 execute during boot, and can break a running system. Lines
462 without the exclamation mark are presumed to be safe to execute
463 at any time, e.g. on package upgrades.
464 <command>systemd-tmpfiles</command> will execute line with an
465 exclamation mark only if option <option>--boot</option> is
466 given.</para>
467
468 <para>For example:
469 <programlisting># Make sure these are created by default so that nobody else can
9b9c30ec 470d /tmp/.X11-unix 1777 root root 10d
302fbdf2 471
9b9c30ec
LP		 472# Unlink the X11 lock files
473r! /tmp/.X[0-9]*-lock</programlisting>
302fbdf2
ZJS		 474 The second line in contrast to the first one would break a
475 running system, and will only be executed with
476 <option>--boot</option>.</para>
477 </refsect2>
478
479 <refsect2>
480 <title>Path</title>
481
482 <para>The file system path specification supports simple
483 specifier expansion. The following expansions are
484 understood:</para>
485
486 <table>
487 <title>Specifiers available</title>
488 <tgroup cols='3' align='left' colsep='1' rowsep='1'>
489 <colspec colname="spec" />
490 <colspec colname="mean" />
491 <colspec colname="detail" />
492 <thead>
493 <row>
494 <entry>Specifier</entry>
495 <entry>Meaning</entry>
496 <entry>Details</entry>
497 </row>
498 </thead>
499 <tbody>
500 <row>
501 <entry><literal>%m</literal></entry>
502 <entry>Machine ID</entry>
503 <entry>The machine ID of the running system, formatted as string. See <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry> for more information.</entry>
504 </row>
505 <row>
506 <entry><literal>%b</literal></entry>
507 <entry>Boot ID</entry>
508 <entry>The boot ID of the running system, formatted as string. See <citerefentry><refentrytitle>random</refentrytitle><manvolnum>4</manvolnum></citerefentry> for more information.</entry>
509 </row>
510 <row>
511 <entry><literal>%H</literal></entry>
512 <entry>Host name</entry>
513 <entry>The hostname of the running system.</entry>
514 </row>
515 <row>
516 <entry><literal>%v</literal></entry>
517 <entry>Kernel release</entry>
518 <entry>Identical to <command>uname -r</command> output.</entry>
519 </row>
520 <row>
521 <entry><literal>%%</literal></entry>
522 <entry>Escaped %</entry>
523 <entry>Single percent sign.</entry>
524 </row>
525 </tbody>
526 </tgroup>
527 </table>
528 </refsect2>
529
530 <refsect2>
531 <title>Mode</title>
532
533 <para>The file access mode to use when creating this file or
534 directory. If omitted or when set to <literal>-</literal>, the
535 default is used: 0755 for directories, 0644 for all other file
536 objects. For <varname>z</varname>, <varname>Z</varname> lines,
537 if omitted or when set to <literal>-</literal>, the file access
538 mode will not be modified. This parameter is ignored for
539 <varname>x</varname>, <varname>r</varname>,
f8eeeaf9
ZJS		 540 <varname>R</varname>, <varname>L</varname>, <varname>t</varname>,
541 and <varname>a</varname> lines.</para>
302fbdf2
ZJS		 542
543 <para>Optionally, if prefixed with <literal>~</literal>, the
544 access mode is masked based on the already set access bits for
545 existing file or directories: if the existing file has all
546 executable bits unset, all executable bits are removed from the
547 new access mode, too. Similarly, if all read bits are removed
548 from the old access mode, they will be removed from the new
549 access mode too, and if all write bits are removed, they will be
550 removed from the new access mode too. In addition, the
551 sticky/SUID/SGID bit is removed unless applied to a
552 directory. This functionality is particularly useful in
553 conjunction with <varname>Z</varname>.</para>
554 </refsect2>
555
556 <refsect2>
557 <title>UID, GID</title>
558
559 <para>The user and group to use for this file or directory. This
560 may either be a numeric user/group ID or a user or group
561 name. If omitted or when set to <literal>-</literal>, the
a8eaaee7 562 default 0 (root) is used. For <varname>z</varname> and
f8eeeaf9
ZJS		 563 <varname>Z</varname> lines, when omitted or when set to
564 <literal>-</literal>, the file ownership will not be
565 modified. These parameters are ignored for <varname>x</varname>,
566 <varname>r</varname>, <varname>R</varname>,
567 <varname>L</varname>, <varname>t</varname>, and
568 <varname>a</varname> lines.</para>
302fbdf2
ZJS		 569 </refsect2>
570
571 <refsect2>
572 <title>Age</title>
573 <para>The date field, when set, is used to decide what files to
574 delete when cleaning. If a file or directory is older than the
575 current time minus the age field, it is deleted. The field
576 format is a series of integers each followed by one of the
a8eaaee7 577 following suffixes for the respective time units:
00c53f42
ZJS		 578 <constant>s</constant>,
579 <constant>m</constant> or <constant>min</constant>,
580 <constant>h</constant>,
581 <constant>d</constant>,
582 <constant>w</constant>,
a8eaaee7 583 <constant>ms</constant>, and
00c53f42 584 <constant>us</constant>,
a8eaaee7
JE		 585 meaning seconds, minutes, hours, days, weeks,
586 milliseconds, and microseconds, respectively. Full names of the time units can
00c53f42
ZJS		 587 be used too.
588 </para>
302fbdf2
ZJS		 589
590 <para>If multiple integers and units are specified, the time
00c53f42
ZJS		 591 values are summed. If an integer is given without a unit,
592 <constant>s</constant> is assumed.
302fbdf2
ZJS		 593 </para>
594
595 <para>When the age is set to zero, the files are cleaned
596 unconditionally.</para>
597
5fb13eb5 598 <para>The age field only applies to lines starting with
df8dee85 599 <varname>d</varname>, <varname>D</varname>, <varname>e</varname>,
5fb13eb5
LP		 600 <varname>v</varname>, <varname>q</varname>,
601 <varname>Q</varname>, <varname>C</varname>, <varname>x</varname>
602 and <varname>X</varname>. If omitted or set to
603 <literal>-</literal>, no automatic clean-up is done.</para>
302fbdf2
ZJS		 604
605 <para>If the age field starts with a tilde character
606 <literal>~</literal>, the clean-up is only applied to files and
607 directories one level inside the directory specified, but not
608 the files and directories immediately inside it.</para>
609 </refsect2>
610
611 <refsect2>
612 <title>Argument</title>
613
614 <para>For <varname>L</varname> lines determines the destination
a8eaaee7
JE		 615 path of the symlink. For <varname>c</varname> and
616 <varname>b</varname>, determines the major/minor of the device
302fbdf2
ZJS		 617 node, with major and minor formatted as integers, separated by
618 <literal>:</literal>, e.g. <literal>1:3</literal>. For
619 <varname>f</varname>, <varname>F</varname>, and
a8eaaee7 620 <varname>w</varname>, the argument may be used to specify a short string that
302fbdf2
ZJS		 621 is written to the file, suffixed by a newline. For
622 <varname>C</varname>, specifies the source file or
a8eaaee7 623 directory. For <varname>t</varname> and <varname>T</varname>,
0ac0b1e7 624 determines extended attributes to be set. For
a8eaaee7
JE		 625 <varname>a</varname> and <varname>A</varname>, determines ACL
626 attributes to be set. For <varname>h</varname> and
b938cb90 627 <varname>H</varname>, determines the file attributes to
0ac0b1e7 628 set. Ignored for all other lines.</para>
302fbdf2
ZJS		 629 </refsect2>
630
631 </refsect1>
632
633 <refsect1>
4b743d67 634 <title>Examples</title>
302fbdf2 635 <example>
4b743d67
ZJS		 636 <title>Create directories with specific mode and ownership</title>
637 <para>
0a07667d 638 <citerefentry project='die-net'><refentrytitle>screen</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
4b743d67
ZJS		 639 needs two directories created at boot with specific modes and ownership:</para>
640
641 <programlisting># /usr/lib/tmpfiles.d/screen.conf
642d /run/screens 1777 root screen 10d
643d /run/uscreens 0755 root screen 10d12h
644</programlisting>
645
646 <para>Contents of <filename>/run/screens</filename> and /run/uscreens will
647 cleaned up after 10 and 10½ days, respectively.</para>
648 </example>
302fbdf2 649
4b743d67
ZJS		 650 <example>
651 <title>Create a directory with a SMACK attribute</title>
652 <programlisting>D /run/cups - - - -
653t /run/cups - - - - security.SMACK64=printing user.attr-with-spaces="foo bar"
654 </programlisting>
655
b17649ee 656 <para>The directory will be owned by root and have default mode. Its contents are
4b743d67
ZJS		 657 not subject to time based cleanup, but will be obliterated when
658 <command>systemd-tmpfiles --remove</command> runs.</para>
302fbdf2 659 </example>
4b743d67 660
302fbdf2 661 <example>
4b743d67
ZJS		 662 <title>Create a directory and prevent its contents from cleanup</title>
663 <para>
0a07667d 664 <citerefentry project='die-net'><refentrytitle>abrt</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
4b743d67
ZJS		 665 needs a directory created at boot with specific mode and ownership and its content
666 should be preserved from the automatic cleanup applied to the contents of
667 <filename>/var/tmp</filename>:</para>
668
669 <programlisting># /usr/lib/tmpfiles.d/tmp.conf
670d /var/tmp 1777 root root 30d
671</programlisting>
672
673 <programlisting># /usr/lib/tmpfiles.d/abrt.conf
674d /var/tmp/abrt 0755 abrt abrt -
df8dee85
ZJS		 675</programlisting>
676 </example>
677
678 <example>
679 <title>Apply clean up during boot and based on time</title>
680
681 <programlisting># /usr/lib/tmpfiles.d/dnf.conf
682r! /var/cache/dnf/*/*/download_lock.pid
683r! /var/cache/dnf/*/*/metadata_lock.pid
684r! /var/lib/dnf/rpmdb_lock.pid
e80f1a79 685e /var/cache/dnf/ - - - 30d
4b743d67 686</programlisting>
302fbdf2 687
df8dee85 688 <para>The lock files will be removed during boot. Any files and directories in
e80f1a79 689 <filename>/var/cache/dnf/</filename> will be removed after they have not been
df8dee85 690 accessed in 30 days.</para>
302fbdf2 691 </example>
ed7fd549
ZJS		 692
693 <example>
b719b26c 694 <title>Empty the contents of a cache directory on boot</title>
ed7fd549
ZJS		 695
696 <programlisting># /usr/lib/tmpfiles.d/krb5rcache.conf
697e! /var/cache/krb5rcache - - - 0
698</programlisting>
699
700 <para>Any files and subdirectories in <filename>/var/cache/krb5rcache/</filename>
701 will be removed on boot. The directory will not be created.
702 </para>
703 </example>
302fbdf2
ZJS		 704 </refsect1>
705
706 <refsect1>
707 <title>See Also</title>
708 <para>
709 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
710 <citerefentry><refentrytitle>systemd-tmpfiles</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
711 <citerefentry><refentrytitle>systemd-delta</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
f8eeeaf9
ZJS		 712 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
713 <citerefentry project='man-pages'><refentrytitle>attr</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
714 <citerefentry project='man-pages'><refentrytitle>getfattr</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
715 <citerefentry project='man-pages'><refentrytitle>setfattr</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
716 <citerefentry project='man-pages'><refentrytitle>setfacl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
fa3f5fd2 717 <citerefentry project='man-pages'><refentrytitle>getfacl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
5fb13eb5
LP		 718 <citerefentry project='man-pages'><refentrytitle>chattr</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
719 <citerefentry project='die-net'><refentrytitle>btrfs-subvolume</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
720 <citerefentry project='die-net'><refentrytitle>btrfs-qgroup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
302fbdf2
ZJS		 721 </para>
722 </refsect1>
4149f86d
BP		 723
724</refentry>
Unnamed repository; edit this file 'description' to name the repository.