]> git.ipfire.org Git - thirdparty/systemd.git/blame - man/tmpfiles.d.xml
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tmpfiles: introduce the concept of unsafe operations
[thirdparty/systemd.git] / man / tmpfiles.d.xml
CommitLineData
4149f86d
BP		 1<?xml version="1.0"?>
2<!--*-nxml-*-->
3<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4<!--
5 This file is part of systemd.
6
7 Copyright 2010 Brandon Philips
8
9 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 10 under the terms of the GNU Lesser General Public License as published by
11 the Free Software Foundation; either version 2.1 of the License, or
4149f86d
BP		 12 (at your option) any later version.
13
14 systemd is distributed in the hope that it will be useful, but
15 WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 17 Lesser General Public License for more details.
4149f86d 18
5430f7f2 19 You should have received a copy of the GNU Lesser General Public License
4149f86d
BP		 20 along with systemd; If not, see <http://www.gnu.org/licenses/>.
21-->
22<refentry id="tmpfiles.d">
23
24 <refentryinfo>
25 <title>tmpfiles.d</title>
26 <productname>systemd</productname>
27
28 <authorgroup>
29 <author>
30 <contrib>Documentation</contrib>
31 <firstname>Brandon</firstname>
32 <surname>Philips</surname>
33 <email>brandon@ifup.org</email>
34 </author>
35 </authorgroup>
36 </refentryinfo>
37
38 <refmeta>
39 <refentrytitle>tmpfiles.d</refentrytitle>
40 <manvolnum>5</manvolnum>
41 </refmeta>
42
43 <refnamediv>
44 <refname>tmpfiles.d</refname>
522d4a49
LP		 45 <refpurpose>Configuration for creation, deletion and
46 cleaning of volatile and temporary files</refpurpose>
4149f86d
BP		 47 </refnamediv>
48
a7c64469
LP		 49 <refsynopsisdiv>
50 <para><filename>/etc/tmpfiles.d/*.conf</filename></para>
772f8371 51 <para><filename>/run/tmpfiles.d/*.conf</filename></para>
fc1a2e06 52 <para><filename>/usr/lib/tmpfiles.d/*.conf</filename></para>
a7c64469
LP		 53 </refsynopsisdiv>
54
4149f86d
BP		 55 <refsect1>
56 <title>Description</title>
57
0e25e94e
KS		 58 <para><command>systemd-tmpfiles</command> uses the
59 configuration files from the above directories to describe the
60 creation, cleaning and removal of volatile and
61 temporary files and directories which usually reside
62 in directories such as <filename>/run</filename>
63 or <filename>/tmp</filename>.</para>
4149f86d
BP		 64 </refsect1>
65
66 <refsect1>
0e25e94e 67 <title>Configuration Format</title>
4149f86d 68
6110885c 69 <para>Each configuration file shall be named in the
ef72c1f0
ZJS		 70 style of
71 <filename><replaceable>package</replaceable>.conf</filename>
72 or
73 <filename><replaceable>package</replaceable>-<replaceable>part</replaceable>.conf</filename>.
74 The second variant should be used when it is desirable
75 to make it easy to override just this part of
76 configuration.</para>
77
78 <para>Files in <filename>/etc/tmpfiles.d</filename>
79 override files with the same name in
80 <filename>/usr/lib/tmpfiles.d</filename> and
81 <filename>/run/tmpfiles.d</filename>. Files in
82 <filename>/run/tmpfiles.d</filename> override files
83 with the same name in
84 <filename>/usr/lib/tmpfiles.d</filename>. Packages
6110885c 85 should install their configuration files in
ef72c1f0
ZJS		 86 <filename>/usr/lib/tmpfiles.d</filename>. Files in
87 <filename>/etc/tmpfiles.d</filename> are reserved for
88 the local administrator, who may use this logic to
89 override the configuration files installed by vendor
90 packages. All configuration files are sorted by their
91 filename in lexicographic order, regardless in which
92 of the directories they reside. If multiple files
93 specify the same path, the entry in the file with the
94 lexicographically earliest name will be applied, all
95 all other conflicting entries logged as errors.</para>
6110885c
KS		 96
97 <para>If the administrator wants to disable a
79640424 98 configuration file supplied by the vendor, the
6110885c
KS		 99 recommended way is to place a symlink to
100 <filename>/dev/null</filename> in
101 <filename>/etc/tmpfiles.d/</filename> bearing the
e9dd9f95 102 same filename.</para>
772f8371 103
0e25e94e 104 <para>The configuration format is one line per path
ef72c1f0 105 containing type, path, mode, ownership, age, and argument
0e25e94e 106 fields:</para>
aeee2322 107
ef72c1f0 108 <programlisting>#Type Path Mode UID GID Age Argument
468d726b
LP		 109d /run/user 0755 root root 10d -
110L /tmp/foobar - - - - /dev/null</programlisting>
aeee2322 111
1731e34a 112
aeee2322 113 <refsect2>
88aebb62 114 <title>Type</title>
1731e34a 115
c4708f13
ZJS		 116 <para>The type consists of a single letter and
117 optionally an exclamation mark.</para>
118
1731e34a
LP		 119 <para>The following line types are understood:</para>
120
aeee2322
LP		 121 <variablelist>
122 <varlistentry>
123 <term><varname>f</varname></term>
ef72c1f0 124 <listitem><para>Create a file if it does not exist yet. If the argument parameter is given, it will be written to the file.</para></listitem>
aeee2322
LP		 125 </varlistentry>
126
127 <varlistentry>
128 <term><varname>F</varname></term>
ef72c1f0 129 <listitem><para>Create or truncate a file. If the argument parameter is given, it will be written to the file.</para></listitem>
31ed59c5
LP		 130 </varlistentry>
131
132 <varlistentry>
133 <term><varname>w</varname></term>
54693d9b
DR		 134 <listitem><para>Write the argument parameter to a file, if the file exists.
135 Lines of this type accept shell-style globs in place of normal path
136 names. The argument parameter will be written without a trailing
137 newline. C-style backslash escapes are interpreted.</para></listitem>
aeee2322
LP		 138 </varlistentry>
139
140 <varlistentry>
141 <term><varname>d</varname></term>
ef72c1f0 142 <listitem><para>Create a directory if it does not exist yet.</para></listitem>
aeee2322
LP		 143 </varlistentry>
144
145 <varlistentry>
146 <term><varname>D</varname></term>
ef72c1f0 147 <listitem><para>Create or empty a directory.</para></listitem>
aeee2322
LP		 148 </varlistentry>
149
ee17ee7c
LP		 150 <varlistentry>
151 <term><varname>p</varname></term>
ef72c1f0 152 <listitem><para>Create a named pipe (FIFO) if it does not exist yet.</para></listitem>
ee17ee7c
LP		 153 </varlistentry>
154
468d726b
LP		 155 <varlistentry>
156 <term><varname>L</varname></term>
ef72c1f0 157 <listitem><para>Create a symlink if it does not exist yet.</para></listitem>
468d726b
LP		 158 </varlistentry>
159
160 <varlistentry>
161 <term><varname>c</varname></term>
ef72c1f0 162 <listitem><para>Create a character device node if it does not exist yet.</para></listitem>
468d726b
LP		 163 </varlistentry>
164
165 <varlistentry>
166 <term><varname>b</varname></term>
ef72c1f0 167 <listitem><para>Create a block device node if it does not exist yet.</para></listitem>
468d726b
LP		 168 </varlistentry>
169
265ffa1e
LP		 170 <varlistentry>
171 <term><varname>m</varname></term>
172 <listitem><para>If the
72f4d966 173 specified file path exists,
265ffa1e
LP		 174 adjust its access mode, group
175 and user to the specified
176 values and reset the SELinux
72f4d966 177 label. If it does not exist, do
265ffa1e
LP		 178 nothing.</para></listitem>
179 </varlistentry>
180
aeee2322
LP		 181 <varlistentry>
182 <term><varname>x</varname></term>
b8bb3e8f
LP		 183 <listitem><para>Ignore a path
184 during cleaning. Use this type
185 to exclude paths from clean-up
186 as controlled with the Age
187 parameter. Note that lines of
188 this type do not influence the
ef72c1f0
ZJS		 189 effect of <varname>r</varname>
190 or <varname>R</varname> lines.
191 Lines of this type accept
b8bb3e8f 192 shell-style globs in place of
ef72c1f0
ZJS		 193 normal path names.
194 </para></listitem>
aeee2322
LP		 195 </varlistentry>
196
78a92a5a
MS		 197 <varlistentry>
198 <term><varname>X</varname></term>
199 <listitem><para>Ignore a path
e776c8cf
VP		 200 during cleaning. Use this type
201 to exclude paths from clean-up
202 as controlled with the Age
ef72c1f0
ZJS		 203 parameter. Unlike
204 <varname>x</varname>, this
e776c8cf 205 parameter will not exclude the
ef72c1f0
ZJS		 206 content if path is a
207 directory, but only directory
208 itself. Note that lines of
209 this type do not influence the
210 effect of <varname>r</varname>
211 or <varname>R</varname> lines.
212 Lines of this type accept
213 shell-style globs in place of
214 normal path names.
215 </para></listitem>
78a92a5a
MS		 216 </varlistentry>
217
aeee2322
LP		 218 <varlistentry>
219 <term><varname>r</varname></term>
b8bb3e8f 220 <listitem><para>Remove a file
ef72c1f0
ZJS		 221 or directory if it exists.
222 This may not be used to remove
223 non-empty directories, use
224 <varname>R</varname> for that.
225 Lines of this type accept
226 shell-style globs in place of
227 normal path
b8bb3e8f 228 names.</para></listitem>
aeee2322
LP		 229 </varlistentry>
230
231 <varlistentry>
232 <term><varname>R</varname></term>
b8bb3e8f
LP		 233 <listitem><para>Recursively
234 remove a path and all its
235 subdirectories (if it is a
236 directory). Lines of this type
237 accept shell-style globs in
238 place of normal path
239 names.</para></listitem>
aeee2322 240 </varlistentry>
462d63db 241
777b87e7
MS		 242 <varlistentry>
243 <term><varname>z</varname></term>
669e49fe
LP		 244 <listitem><para>Restore
245 SELinux security context label
246 and set ownership and access
247 mode of a file or directory if
248 it exists. Lines of this type
249 accept shell-style globs in
250 place of normal path names.
777b87e7
MS		 251 </para></listitem>
252 </varlistentry>
253
462d63db
MS		 254 <varlistentry>
255 <term><varname>Z</varname></term>
669e49fe
LP		 256 <listitem><para>Recursively
257 restore SELinux security
258 context label and set
259 ownership and access mode of a
260 path and all its
261 subdirectories (if it is a
262 directory). Lines of this type
263 accept shell-style globs in
264 place of normal path
265 names.</para></listitem>
462d63db 266 </varlistentry>
aeee2322 267 </variablelist>
c4708f13
ZJS		 268
269 <para>If the exclamation mark is used, this
270 line is only safe of execute during boot, and
271 can break a running system. Lines without the
272 exclamation mark are presumed to be safe to
273 execute at any time, e.g. on package upgrades.
274 <command>systemd-tmpfiles</command> will
275 execute line with an exclamation mark only if
276 option <option>--unsafe</option> is given.
277 </para>
278
279 <para>For example:
280 <programlisting>
281# Make sure these are created by default so that nobody else can
282d /tmp/.X11-unix 1777 root root 10d
283
284# Unlink the X11 lock files
285r! /tmp/.X[0-9]*-lock
286 </programlisting>
287 The second line in contrast to the first one
288 would break a running system, and will only be
289 executed with <option>--unsafe</option>.</para>
aeee2322
LP		 290 </refsect2>
291
1731e34a
LP		 292 <refsect2>
293 <title>Path</title>
294
295 <para>The file system path specification supports simple specifier
296 expansion. The following expansions are
297 understood:</para>
298
299 <table>
300 <title>Specifiers available</title>
301 <tgroup cols='3' align='left' colsep='1' rowsep='1'>
302 <colspec colname="spec" />
303 <colspec colname="mean" />
304 <colspec colname="detail" />
305 <thead>
306 <row>
307 <entry>Specifier</entry>
308 <entry>Meaning</entry>
309 <entry>Details</entry>
310 </row>
311 </thead>
312 <tbody>
313 <row>
314 <entry><literal>%m</literal></entry>
315 <entry>Machine ID</entry>
316 <entry>The machine ID of the running system, formatted as string. See <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry> for more information.</entry>
317 </row>
318 <row>
319 <entry><literal>%b</literal></entry>
320 <entry>Boot ID</entry>
321 <entry>The boot ID of the running system, formatted as string. See <citerefentry><refentrytitle>random</refentrytitle><manvolnum>4</manvolnum></citerefentry> for more information.</entry>
322 </row>
323 <row>
324 <entry><literal>%H</literal></entry>
325 <entry>Host name</entry>
326 <entry>The hostname of the running system.</entry>
327 </row>
328 <row>
329 <entry><literal>%v</literal></entry>
330 <entry>Kernel release</entry>
331 <entry>Identical to <command>uname -r</command> output.</entry>
332 </row>
333 <row>
334 <entry><literal>%%</literal></entry>
335 <entry>Escaped %</entry>
336 <entry>Single percent sign.</entry>
337 </row>
338 </tbody>
339 </tgroup>
340 </table>
341 </refsect2>
342
aeee2322 343 <refsect2>
88aebb62
LP		 344 <title>Mode</title>
345
b8bb3e8f
LP		 346 <para>The file access mode to use when
347 creating this file or directory. If omitted or
79640424 348 when set to -, the default is used: 0755 for
ef72c1f0
ZJS		 349 directories, 0644 for all other file objects.
350 For <varname>z</varname>, <varname>Z</varname>
351 lines, if omitted or when set to
352 <literal>-</literal>, the file access mode
353 will not be modified. This parameter is
354 ignored for <varname>x</varname>,
355 <varname>r</varname>, <varname>R</varname>,
356 <varname>L</varname> lines.</para>
88aebb62
LP		 357 </refsect2>
358
359 <refsect2>
360 <title>UID, GID</title>
361
362 <para>The user and group to use for this file
363 or directory. This may either be a numeric
364 user/group ID or a user or group name. If
ef72c1f0
ZJS		 365 omitted or when set to <literal>-</literal>,
366 the default 0 (root) is used. For
367 <varname>z</varname>, <varname>Z</varname>
368 lines, when omitted or when set to -, the file
369 ownership will not be modified. These
370 parameters are ignored for
371 <varname>x</varname>, <varname>r</varname>,
372 <varname>R</varname>, <varname>L</varname>
373 lines.</para>
88aebb62
LP		 374 </refsect2>
375
376 <refsect2>
377 <title>Age</title>
aeee2322
LP		 378 <para>The date field, when set, is used to
379 decide what files to delete when cleaning. If
380 a file or directory is older than the current
79640424 381 time minus the age field, it is deleted. The
aeee2322
LP		 382 field format is a series of integers each
383 followed by one of the following
384 postfixes for the respective time units:</para>
385
386 <variablelist>
387 <varlistentry>
388 <term><varname>s</varname></term>
389 <term><varname>min</varname></term>
390 <term><varname>h</varname></term>
391 <term><varname>d</varname></term>
392 <term><varname>w</varname></term>
393 <term><varname>ms</varname></term>
394 <term><varname>m</varname></term>
395 <term><varname>us</varname></term></varlistentry>
396 </variablelist>
4149f86d 397
79640424 398 <para>If multiple integers and units are specified, the time
ef44ed4e 399 values are summed up. If an integer is given without a unit,
a2558205
TG		 400 s is assumed.
401 </para>
402
403 <para>When the age is set to zero, the files are cleaned
404 unconditionally.</para>
4149f86d 405
ef72c1f0
ZJS		 406 <para>The age field only applies to lines
407 starting with <varname>d</varname>,
408 <varname>D</varname>, and
409 <varname>x</varname>. If omitted or set to
410 <literal>-</literal>, no automatic clean-up is
411 done.</para>
24f3a374
LP		 412
413 <para>If the age field starts with a tilde
ef72c1f0
ZJS		 414 character <literal>~</literal>, the clean-up
415 is only applied to files and directories one
416 level inside the directory specified, but not
417 the files and directories immediately inside
418 it.</para>
aeee2322 419 </refsect2>
4149f86d 420
468d726b
LP		 421 <refsect2>
422 <title>Argument</title>
423
ef72c1f0
ZJS		 424 <para>For <varname>L</varname> lines
425 determines the destination path of the
426 symlink. For <varname>c</varname>,
427 <varname>b</varname> determines the
468d726b 428 major/minor of the device node, with major and
ef72c1f0
ZJS		 429 minor formatted as integers, separated by
430 <literal>:</literal>, e.g.
431 <literal>1:3</literal>. For
432 <varname>f</varname>, <varname>F</varname>,
433 and <varname>w</varname> may be used to
434 specify a short string that is written to the
435 file, suffixed by a newline. Ignored for all
436 other lines.</para>
468d726b
LP		 437 </refsect2>
438
4149f86d
BP		 439 </refsect1>
440
441 <refsect1>
442 <title>Example</title>
443 <example>
444 <title>/etc/tmpfiles.d/screen.conf example</title>
445 <para><command>screen</command> needs two directories created at boot with specific modes and ownership.</para>
446
468d726b 447 <programlisting>d /var/run/screens 1777 root root 10d
aeee2322 448d /var/run/uscreens 0755 root root 10d12h</programlisting>
4149f86d 449 </example>
1e444481
LN		 450 <example>
451 <title>/etc/tmpfiles.d/abrt.conf example</title>
452 <para><command>abrt</command> needs a directory created at boot with specific mode and ownership and its content should be preserved.</para>
453
454 <programlisting>d /var/tmp/abrt 0755 abrt abrt
455x /var/tmp/abrt/*</programlisting>
456 </example>
4149f86d
BP		 457 </refsect1>
458
459 <refsect1>
460 <title>See Also</title>
461 <para>
522d4a49 462 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
75945bad
LP		 463 <citerefentry><refentrytitle>systemd-tmpfiles</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
464 <citerefentry><refentrytitle>systemd-delta</refentrytitle><manvolnum>1</manvolnum></citerefentry>
4149f86d
BP		 465 </para>
466 </refsect1>
467
468</refentry>
Unnamed repository; edit this file 'description' to name the repository.