]> git.ipfire.org Git - thirdparty/systemd.git/blame - man/tmpfiles.d.xml
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
verify: use manager_load_startable_unit_or_warn() to load units for verification
[thirdparty/systemd.git] / man / tmpfiles.d.xml
CommitLineData
5fb13eb5 1<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
12b42c76 2<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4149f86d 3<!--
572eb058
ZJS		 4 SPDX-License-Identifier: LGPL-2.1+
5
4149f86d
BP		 6 This file is part of systemd.
7
8 Copyright 2010 Brandon Philips
9
10 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 11 under the terms of the GNU Lesser General Public License as published by
12 the Free Software Foundation; either version 2.1 of the License, or
4149f86d
BP		 13 (at your option) any later version.
14
15 systemd is distributed in the hope that it will be useful, but
16 WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 18 Lesser General Public License for more details.
4149f86d 19
5430f7f2 20 You should have received a copy of the GNU Lesser General Public License
4149f86d
BP		 21 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22-->
23<refentry id="tmpfiles.d">
24
302fbdf2
ZJS		 25 <refentryinfo>
26 <title>tmpfiles.d</title>
27 <productname>systemd</productname>
28
29 <authorgroup>
30 <author>
31 <contrib>Documentation</contrib>
32 <firstname>Brandon</firstname>
33 <surname>Philips</surname>
34 <email>brandon@ifup.org</email>
35 </author>
36 </authorgroup>
37 </refentryinfo>
38
39 <refmeta>
40 <refentrytitle>tmpfiles.d</refentrytitle>
41 <manvolnum>5</manvolnum>
42 </refmeta>
43
44 <refnamediv>
45 <refname>tmpfiles.d</refname>
46 <refpurpose>Configuration for creation, deletion and cleaning of
47 volatile and temporary files</refpurpose>
48 </refnamediv>
49
50 <refsynopsisdiv>
f2b5ca0e
ZJS		 51 <para><literallayout><filename>/etc/tmpfiles.d/*.conf</filename>
52<filename>/run/tmpfiles.d/*.conf</filename>
53<filename>/usr/lib/tmpfiles.d/*.conf</filename>
54 </literallayout></para>
55
56 <para><literallayout><filename>~/.config/user-tmpfiles.d/*.conf</filename>
57<filename>$XDG_RUNTIME_DIR/user-tmpfiles.d/*.conf</filename>
58<filename>~/.local/share/user-tmpfiles.d/*.conf</filename>
59<filename>…</filename>
60<filename>/usr/share/user-tmpfiles.d/*.conf</filename>
61 </literallayout></para>
302fbdf2
ZJS		 62 </refsynopsisdiv>
63
64 <refsect1>
65 <title>Description</title>
66
67 <para><command>systemd-tmpfiles</command> uses the configuration
68 files from the above directories to describe the creation,
69 cleaning and removal of volatile and temporary files and
70 directories which usually reside in directories such as
71 <filename>/run</filename> or <filename>/tmp</filename>.</para>
72
73 <para>Volatile and temporary files and directories are those
74 located in <filename>/run</filename> (and its alias
75 <filename>/var/run</filename>), <filename>/tmp</filename>,
76 <filename>/var/tmp</filename>, the API file systems such as
77 <filename>/sys</filename> or <filename>/proc</filename>, as well
78 as some other directories below <filename>/var</filename>.</para>
79
80 <para>System daemons frequently require private runtime
81 directories below <filename>/run</filename> to place communication
82 sockets and similar in. For these, consider declaring them in
83 their unit files using <varname>RuntimeDirectory=</varname> (see
84 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
85 for details), if this is feasible.</para>
86 </refsect1>
87
88 <refsect1>
8165be2e 89 <title>Configuration Directories and Precedence</title>
302fbdf2
ZJS		 90
91 <para>Each configuration file shall be named in the style of
92 <filename><replaceable>package</replaceable>.conf</filename> or
93 <filename><replaceable>package</replaceable>-<replaceable>part</replaceable>.conf</filename>.
94 The second variant should be used when it is desirable to make it
95 easy to override just this part of configuration.</para>
96
97 <para>Files in <filename>/etc/tmpfiles.d</filename> override files
98 with the same name in <filename>/usr/lib/tmpfiles.d</filename> and
99 <filename>/run/tmpfiles.d</filename>. Files in
100 <filename>/run/tmpfiles.d</filename> override files with the same
101 name in <filename>/usr/lib/tmpfiles.d</filename>. Packages should
102 install their configuration files in
103 <filename>/usr/lib/tmpfiles.d</filename>. Files in
104 <filename>/etc/tmpfiles.d</filename> are reserved for the local
105 administrator, who may use this logic to override the
106 configuration files installed by vendor packages. All
107 configuration files are sorted by their filename in lexicographic
108 order, regardless of which of the directories they reside in. If
109 multiple files specify the same path, the entry in the file with
110 the lexicographically earliest name will be applied. All other
111 conflicting entries will be logged as errors. When two lines are
112 prefix and suffix of each other, then the prefix is always
6d785b6d
LP		 113 processed first, the suffix later. Lines that take globs are
114 applied after those accepting no globs. If multiple operations
b938cb90
JE		 115 shall be applied on the same file, (such as ACL, xattr, file
116 attribute adjustments), these are always done in the same fixed
6d785b6d
LP		 117 order. Otherwise, the files/directories are processed in the order
118 they are listed.</para>
302fbdf2
ZJS		 119
120 <para>If the administrator wants to disable a configuration file
121 supplied by the vendor, the recommended way is to place a symlink
122 to <filename>/dev/null</filename> in
123 <filename>/etc/tmpfiles.d/</filename> bearing the same filename.
124 </para>
8165be2e
ZJS		 125 </refsect1>
126
127 <refsect1>
128 <title>Configuration File Format</title>
302fbdf2
ZJS		 129
130 <para>The configuration format is one line per path containing
131 type, path, mode, ownership, age, and argument fields:</para>
132
133 <programlisting>#Type Path Mode UID GID Age Argument
ed7fd549
ZJS		 134d /run/user 0755 root root 10d -
135L /tmp/foobar - - - - /dev/null</programlisting>
302fbdf2 136
657cf7f4 137 <para>Fields may be enclosed within quotes and contain C-style escapes.</para>
138
302fbdf2
ZJS		 139 <refsect2>
140 <title>Type</title>
141
142 <para>The type consists of a single letter and optionally an
143 exclamation mark.</para>
144
145 <para>The following line types are understood:</para>
146
147 <variablelist>
148 <varlistentry>
149 <term><varname>f</varname></term>
49e87292
LP		 150 <listitem><para>Create a file if it does not exist yet. If the argument parameter is given and the file did
151 not exist yet, it will be written to the file. Does not follow symlinks.</para></listitem>
302fbdf2
ZJS		 152 </varlistentry>
153
154 <varlistentry>
155 <term><varname>F</varname></term>
156 <listitem><para>Create or truncate a file. If the argument
6a9171d2 157 parameter is given, it will be written to the file. Does not follow symlinks.</para>
302fbdf2
ZJS		 158 </listitem>
159 </varlistentry>
160
161 <varlistentry>
162 <term><varname>w</varname></term>
163 <listitem><para>Write the argument parameter to a file, if
164 the file exists. Lines of this type accept shell-style
165 globs in place of normal path names. The argument parameter
166 will be written without a trailing newline. C-style
6a9171d2
LP		 167 backslash escapes are interpreted. Follows
168 symlinks.</para></listitem>
302fbdf2
ZJS		 169 </varlistentry>
170
171 <varlistentry>
172 <term><varname>d</varname></term>
4b743d67
ZJS		 173 <listitem><para>Create a directory. The mode and ownership will be adjusted if
174 specified and the directory already exists. Contents of this directory are subject
ed7fd549 175 to time based cleanup if the age argument is specified.</para></listitem>
302fbdf2
ZJS		 176 </varlistentry>
177
178 <varlistentry>
179 <term><varname>D</varname></term>
4b743d67
ZJS		 180 <listitem><para>Similar to <varname>d</varname>, but in addition the contents
181 of the directory will be removed when <option>--remove</option> is used.
182 </para></listitem>
183 </varlistentry>
df8dee85
ZJS		 184
185 <varlistentry>
186 <term><varname>e</varname></term>
ed7fd549
ZJS		 187 <listitem><para>Similar to <varname>d</varname>, but the directory will not be created if
188 it does not exist. Lines of this type accept shell-style globs in place of normal path
189 names. For this entry to be useful, at least one of the mode, uid, gid, or age arguments
190 must be specified, since otherwise this entry has no effect. If the age argument is
191 <literal>0</literal>, contents of the directory will be unconditionally deleted every time
192 <command>systemd-tmpfiles --clean</command> is run. This can be useful when combined with
193 <varname>!</varname>, see the examples.</para></listitem>
302fbdf2
ZJS		 194 </varlistentry>
195
196 <varlistentry>
197 <term><varname>v</varname></term>
198 <listitem><para>Create a subvolume if the path does not
2904e949
LP		 199 exist yet, the file system supports subvolumes (btrfs), and
200 the system itself is installed into a subvolume
201 (specifically: the root directory <filename>/</filename> is
202 itself a subvolume). Otherwise, create a normal directory, in
203 the same way as <varname>d</varname>. A subvolume created
204 with this line type is not assigned to any higher-level
205 quota group. For that, use <varname>q</varname> or
206 <varname>Q</varname>, which allow creating simple quota
207 group hierarchies, see below.</para></listitem>
5fb13eb5
LP		 208 </varlistentry>
209
210 <varlistentry>
211 <term><varname>q</varname></term>
b938cb90 212 <listitem><para>Similar to <varname>v</varname>. However,
5fb13eb5
LP		 213 makes sure that the subvolume will be assigned to the same
214 higher-level quota groups as the subvolume it has been
215 created in. This ensures that higher-level limits and
216 accounting applied to the parent subvolume also include the
217 specified subvolume. On non-btrfs file systems, this line
218 type is identical to <varname>d</varname>. If the subvolume
219 already exists and is already assigned to one or more higher
b938cb90 220 level quota groups, no change to the quota hierarchy is
5fb13eb5
LP		 221 made. Also see <varname>Q</varname> below. See <citerefentry
222 project='die-net'><refentrytitle>btrfs-qgroup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
223 for details about the btrfs quota group
224 concept.</para></listitem>
225 </varlistentry>
226
227 <varlistentry>
228 <term><varname>Q</varname></term>
b938cb90 229 <listitem><para>Similar to <varname>q</varname>. However,
5fb13eb5
LP		 230 instead of copying the higher-level quota group assignments
231 from the parent as-is, the lowest quota group of the parent
232 subvolume is determined that is not the leaf quota
233 group. Then, an "intermediary" quota group is inserted that
234 is one level below this level, and shares the same ID part
235 as the specified subvolume. If no higher-level quota group
236 exists for the parent subvolume, a new quota group at level
237 255 sharing the same ID as the specified subvolume is
238 inserted instead. This new intermediary quota group is then
239 assigned to the parent subvolume's higher-level quota
240 groups, and the specified subvolume's leaf quota group is
241 assigned to it.</para>
242
243 <para>Effectively, this has a similar effect as
244 <varname>q</varname>, however introduces a new higher-level
245 quota group for the specified subvolume that may be used to
246 enforce limits and accounting to the specified subvolume and
247 children subvolume created within it. Thus, by creating
248 subvolumes only via <varname>q</varname> and
b938cb90 249 <varname>Q</varname>, a concept of "subtree quotas" is
5fb13eb5
LP		 250 implemented. Each subvolume for which <varname>Q</varname>
251 is set will get a "subtree" quota group created, and all
252 child subvolumes created within it will be assigned to
253 it. Each subvolume for which <varname>q</varname> is set
254 will not get such a "subtree" quota group, but it is ensured
255 that they are added to the same "subtree" quota group as their
256 immediate parents.</para>
257
258 <para>It is recommended to use
259 <varname>Q</varname> for subvolumes that typically contain
260 further subvolumes, and where it is desirable to have
261 accounting and quota limits on all child subvolumes
262 together. Examples for <varname>Q</varname> are typically
263 <filename>/home</filename> or
264 <filename>/var/lib/machines</filename>. In contrast,
265 <varname>q</varname> should be used for subvolumes that
266 either usually do not include further subvolumes or where no
267 accounting and quota limits are needed that apply to all
268 child subvolumes together. Examples for <varname>q</varname>
269 are typically <filename>/var</filename> or
270 <filename>/var/tmp</filename>. As with <varname>Q</varname>,
271 <varname>q</varname> has no effect on the quota group
272 hierarchy if the subvolume exists and already has at least
273 one higher-level quota group assigned.</para></listitem>
302fbdf2
ZJS		 274 </varlistentry>
275
276 <varlistentry>
277 <term><varname>p</varname></term>
278 <term><varname>p+</varname></term>
279 <listitem><para>Create a named pipe (FIFO) if it does not
280 exist yet. If suffixed with <varname>+</varname> and a file
281 already exists where the pipe is to be created, it will be
282 removed and be replaced by the pipe.</para></listitem>
283 </varlistentry>
284
285 <varlistentry>
286 <term><varname>L</varname></term>
287 <term><varname>L+</varname></term>
288 <listitem><para>Create a symlink if it does not exist
b3f5897f
WD		 289 yet. If suffixed with <varname>+</varname> and a file or
290 directory already exists where the symlink is to be created,
291 it will be removed and be replaced by the symlink. If the
292 argument is omitted, symlinks to files with the same name
293 residing in the directory
294 <filename>/usr/share/factory/</filename> are created. Note
295 that permissions and ownership on symlinks are ignored.
296 </para></listitem>
302fbdf2
ZJS		 297 </varlistentry>
298
299 <varlistentry>
300 <term><varname>c</varname></term>
301 <term><varname>c+</varname></term>
302 <listitem><para>Create a character device node if it does
303 not exist yet. If suffixed with <varname>+</varname> and a
304 file already exists where the device node is to be created,
305 it will be removed and be replaced by the device node. It is
306 recommended to suffix this entry with an exclamation mark to
307 only create static device nodes at boot, as udev will not
308 manage static device nodes that are created at runtime.
309 </para></listitem>
310 </varlistentry>
311
312 <varlistentry>
313 <term><varname>b</varname></term>
314 <term><varname>b+</varname></term>
315 <listitem><para>Create a block device node if it does not
316 exist yet. If suffixed with <varname>+</varname> and a file
317 already exists where the device node is to be created, it
318 will be removed and be replaced by the device node. It is
319 recommended to suffix this entry with an exclamation mark to
320 only create static device nodes at boot, as udev will not
321 manage static device nodes that are created at runtime.
322 </para></listitem>
323 </varlistentry>
324
325 <varlistentry>
326 <term><varname>C</varname></term>
327 <listitem><para>Recursively copy a file or directory, if the
328 destination files or directories do not exist yet. Note that
329 this command will not descend into subdirectories if the
330 destination directory already exists. Instead, the entire
331 copy operation is skipped. If the argument is omitted, files
332 from the source directory
333 <filename>/usr/share/factory/</filename> with the same name
6a9171d2 334 are copied. Does not follow symlinks.</para></listitem>
302fbdf2
ZJS		 335 </varlistentry>
336
337 <varlistentry>
338 <term><varname>x</varname></term>
339 <listitem><para>Ignore a path during cleaning. Use this type
340 to exclude paths from clean-up as controlled with the Age
341 parameter. Note that lines of this type do not influence the
342 effect of <varname>r</varname> or <varname>R</varname>
50d9e46d 343 lines. Lines of this type accept shell-style globs in place
302fbdf2
ZJS		 344 of normal path names. </para></listitem>
345 </varlistentry>
346
347 <varlistentry>
348 <term><varname>X</varname></term>
349 <listitem><para>Ignore a path during cleaning. Use this type
350 to exclude paths from clean-up as controlled with the Age
351 parameter. Unlike <varname>x</varname>, this parameter will
352 not exclude the content if path is a directory, but only
353 directory itself. Note that lines of this type do not
354 influence the effect of <varname>r</varname> or
50d9e46d 355 <varname>R</varname> lines. Lines of this type accept
302fbdf2
ZJS		 356 shell-style globs in place of normal path names.
357 </para></listitem>
358 </varlistentry>
359
360 <varlistentry>
361 <term><varname>r</varname></term>
362 <listitem><para>Remove a file or directory if it exists.
363 This may not be used to remove non-empty directories, use
364 <varname>R</varname> for that. Lines of this type accept
365 shell-style globs in place of normal path
6a9171d2 366 names. Does not follow symlinks.</para></listitem>
302fbdf2
ZJS		 367 </varlistentry>
368
369 <varlistentry>
370 <term><varname>R</varname></term>
371 <listitem><para>Recursively remove a path and all its
372 subdirectories (if it is a directory). Lines of this type
373 accept shell-style globs in place of normal path
6a9171d2 374 names. Does not follow symlinks.</para></listitem>
302fbdf2
ZJS		 375 </varlistentry>
376
377 <varlistentry>
378 <term><varname>z</varname></term>
379 <listitem><para>Adjust the access mode, group and user, and
380 restore the SELinux security context of a file or directory,
381 if it exists. Lines of this type accept shell-style globs in
6a9171d2 382 place of normal path names. Does not follow symlinks.</para></listitem>
302fbdf2
ZJS		 383 </varlistentry>
384
385 <varlistentry>
386 <term><varname>Z</varname></term>
387 <listitem><para>Recursively set the access mode, group and
388 user, and restore the SELinux security context of a file or
389 directory if it exists, as well as of its subdirectories and
390 the files contained therein (if applicable). Lines of this
6a9171d2
LP		 391 type accept shell-style globs in place of normal path
392 names. Does not follow symlinks. </para></listitem>
302fbdf2
ZJS		 393 </varlistentry>
394
395 <varlistentry>
396 <term><varname>t</varname></term>
b705ab6a
ZJS		 397 <listitem><para>Set extended attributes. Lines of this type
398 accept shell-style globs in place of normal path names.
6a9171d2
LP		 399 This can be useful for setting SMACK labels. Does not follow
400 symlinks.</para></listitem>
b705ab6a
ZJS		 401 </varlistentry>
402
403 <varlistentry>
404 <term><varname>T</varname></term>
405 <listitem><para>Recursively set extended attributes. Lines
406 of this type accept shell-style globs in place of normal
6a9171d2
LP		 407 path names. This can be useful for setting SMACK
408 labels. Does not follow symlinks. </para></listitem>
302fbdf2 409 </varlistentry>
f8eeeaf9 410
fa3f5fd2
GB		 411 <varlistentry>
412 <term><varname>h</varname></term>
413 <listitem><para>Set file/directory attributes. Lines of this type
414 accept shell-style globs in place of normal path names.</para>
415
1ae705fb
LP		 416 <para>The format of the argument field is
417 <varname>[+-=][aAcCdDeijsStTu] </varname>. The prefix
418 <varname>+</varname> (the default one) causes the
fa3f5fd2 419 attribute(s) to be added; <varname>-</varname> causes the
1ae705fb 420 attribute(s) to be removed; <varname>=</varname> causes the
a8eaaee7 421 attributes to be set exactly as the following letters. The
1ae705fb 422 letters <literal>aAcCdDeijsStTu</literal> select the new
fa3f5fd2 423 attributes for the files, see
c30c611c 424 <citerefentry project='man-pages'><refentrytitle>chattr</refentrytitle>
fa3f5fd2
GB		 425 <manvolnum>1</manvolnum></citerefentry> for further information.
426 </para>
1ae705fb
LP		 427 <para>Passing only <varname>=</varname> as argument resets
428 all the file attributes listed above. It has to be pointed
b938cb90 429 out that the <varname>=</varname> prefix limits itself to
1ae705fb
LP		 430 the attributes corresponding to the letters listed here. All
431 other attributes will be left untouched. Does not follow
432 symlinks.</para>
fa3f5fd2
GB		 433 </listitem>
434 </varlistentry>
435
436 <varlistentry>
437 <term><varname>H</varname></term>
438 <listitem><para>Recursively set file/directory attributes. Lines
439 of this type accept shell-style globs in place of normal
6a9171d2 440 path names. Does not follow symlinks.
fa3f5fd2
GB		 441 </para></listitem>
442 </varlistentry>
443
f8eeeaf9
ZJS		 444 <varlistentry>
445 <term><varname>a</varname></term>
50d9e46d
ZJS		 446 <term><varname>a+</varname></term>
447 <listitem><para>Set POSIX ACLs (access control lists). If
a8eaaee7 448 suffixed with <varname>+</varname>, the specified entries will
dd4105b0
ZJS		 449 be added to the existing set.
450 <command>systemd-tmpfiles</command> will automatically add
451 the required base entries for user and group based on the
452 access mode of the file, unless base entries already exist
7f3fdb7f 453 or are explicitly specified. The mask will be added if not
dd4105b0
ZJS		 454 specified explicitly or already present. Lines of this type
455 accept shell-style globs in place of normal path names. This
456 can be useful for allowing additional access to certain
6a9171d2 457 files. Does not follow symlinks.</para></listitem>
b705ab6a
ZJS		 458 </varlistentry>
459
460 <varlistentry>
461 <term><varname>A</varname></term>
50d9e46d
ZJS		 462 <term><varname>A+</varname></term>
463 <listitem><para>Same as <varname>a</varname> and
6a9171d2
LP		 464 <varname>a+</varname>, but recursive. Does not follow
465 symlinks.</para></listitem>
f8eeeaf9 466 </varlistentry>
302fbdf2
ZJS		 467 </variablelist>
468
469 <para>If the exclamation mark is used, this line is only safe of
470 execute during boot, and can break a running system. Lines
471 without the exclamation mark are presumed to be safe to execute
472 at any time, e.g. on package upgrades.
473 <command>systemd-tmpfiles</command> will execute line with an
474 exclamation mark only if option <option>--boot</option> is
475 given.</para>
476
477 <para>For example:
478 <programlisting># Make sure these are created by default so that nobody else can
9b9c30ec 479d /tmp/.X11-unix 1777 root root 10d
302fbdf2 480
9b9c30ec
LP		 481# Unlink the X11 lock files
482r! /tmp/.X[0-9]*-lock</programlisting>
302fbdf2
ZJS		 483 The second line in contrast to the first one would break a
484 running system, and will only be executed with
485 <option>--boot</option>.</para>
7fa10748
LP		 486
487 <para>Note that for all line types that result in creation of any kind of file node
488 (i.e. <varname>f</varname>/<varname>F</varname>,
489 <varname>d</varname>/<varname>D</varname>/<varname>v</varname>/<varname>q</varname>/<varname>Q</varname>,
490 <varname>p</varname>, <varname>L</varname>, <varname>c</varname>/<varname>b</varname> and <varname>C</varname>)
491 leading directories are implicitly created if needed, owned by root with an access mode of 0755. In order to
492 create them with different modes or ownership make sure to add appropriate <varname>d</varname> lines.</para>
302fbdf2
ZJS		 493 </refsect2>
494
495 <refsect2>
496 <title>Path</title>
497
498 <para>The file system path specification supports simple
2df36d09
ZJS		 499 specifier expansion, see below. The path (after expansion) must be
500 absolute.</para>
302fbdf2
ZJS		 501 </refsect2>
502
503 <refsect2>
504 <title>Mode</title>
505
506 <para>The file access mode to use when creating this file or
507 directory. If omitted or when set to <literal>-</literal>, the
508 default is used: 0755 for directories, 0644 for all other file
509 objects. For <varname>z</varname>, <varname>Z</varname> lines,
510 if omitted or when set to <literal>-</literal>, the file access
511 mode will not be modified. This parameter is ignored for
512 <varname>x</varname>, <varname>r</varname>,
f8eeeaf9
ZJS		 513 <varname>R</varname>, <varname>L</varname>, <varname>t</varname>,
514 and <varname>a</varname> lines.</para>
302fbdf2
ZJS		 515
516 <para>Optionally, if prefixed with <literal>~</literal>, the
517 access mode is masked based on the already set access bits for
518 existing file or directories: if the existing file has all
519 executable bits unset, all executable bits are removed from the
520 new access mode, too. Similarly, if all read bits are removed
521 from the old access mode, they will be removed from the new
522 access mode too, and if all write bits are removed, they will be
523 removed from the new access mode too. In addition, the
524 sticky/SUID/SGID bit is removed unless applied to a
525 directory. This functionality is particularly useful in
526 conjunction with <varname>Z</varname>.</para>
527 </refsect2>
528
529 <refsect2>
530 <title>UID, GID</title>
531
532 <para>The user and group to use for this file or directory. This
533 may either be a numeric user/group ID or a user or group
534 name. If omitted or when set to <literal>-</literal>, the
a8eaaee7 535 default 0 (root) is used. For <varname>z</varname> and
f8eeeaf9
ZJS		 536 <varname>Z</varname> lines, when omitted or when set to
537 <literal>-</literal>, the file ownership will not be
538 modified. These parameters are ignored for <varname>x</varname>,
539 <varname>r</varname>, <varname>R</varname>,
540 <varname>L</varname>, <varname>t</varname>, and
541 <varname>a</varname> lines.</para>
302fbdf2
ZJS		 542 </refsect2>
543
544 <refsect2>
545 <title>Age</title>
546 <para>The date field, when set, is used to decide what files to
547 delete when cleaning. If a file or directory is older than the
548 current time minus the age field, it is deleted. The field
549 format is a series of integers each followed by one of the
a8eaaee7 550 following suffixes for the respective time units:
00c53f42
ZJS		 551 <constant>s</constant>,
552 <constant>m</constant> or <constant>min</constant>,
553 <constant>h</constant>,
554 <constant>d</constant>,
555 <constant>w</constant>,
a8eaaee7 556 <constant>ms</constant>, and
00c53f42 557 <constant>us</constant>,
a8eaaee7
JE		 558 meaning seconds, minutes, hours, days, weeks,
559 milliseconds, and microseconds, respectively. Full names of the time units can
00c53f42
ZJS		 560 be used too.
561 </para>
302fbdf2
ZJS		 562
563 <para>If multiple integers and units are specified, the time
00c53f42
ZJS		 564 values are summed. If an integer is given without a unit,
565 <constant>s</constant> is assumed.
302fbdf2
ZJS		 566 </para>
567
568 <para>When the age is set to zero, the files are cleaned
569 unconditionally.</para>
570
5fb13eb5 571 <para>The age field only applies to lines starting with
df8dee85 572 <varname>d</varname>, <varname>D</varname>, <varname>e</varname>,
5fb13eb5
LP		 573 <varname>v</varname>, <varname>q</varname>,
574 <varname>Q</varname>, <varname>C</varname>, <varname>x</varname>
575 and <varname>X</varname>. If omitted or set to
576 <literal>-</literal>, no automatic clean-up is done.</para>
302fbdf2
ZJS		 577
578 <para>If the age field starts with a tilde character
579 <literal>~</literal>, the clean-up is only applied to files and
580 directories one level inside the directory specified, but not
581 the files and directories immediately inside it.</para>
662b3e58
LW		 582
583 <para>The age of a file system entry is determined from its last
584 modification timestamp (mtime), its last access timestamp (atime),
585 and (except for directories) its last status change timestamp
586 (ctime). Any of these three (or two) values will prevent cleanup
587 if it is more recent than the current time minus the age
588 field.</para>
302fbdf2
ZJS		 589 </refsect2>
590
591 <refsect2>
592 <title>Argument</title>
593
49e87292
LP		 594 <para>For <varname>L</varname> lines determines the destination path of the symlink. For <varname>c</varname> and
595 <varname>b</varname>, determines the major/minor of the device node, with major and minor formatted as integers,
596 separated by <literal>:</literal>, e.g. <literal>1:3</literal>. For <varname>f</varname>, <varname>F</varname>,
597 and <varname>w</varname>, the argument may be used to specify a short string that is written to the file,
598 suffixed by a newline. For <varname>C</varname>, specifies the source file or directory. For <varname>t</varname>
599 and <varname>T</varname>, determines extended attributes to be set. For <varname>a</varname> and
600 <varname>A</varname>, determines ACL attributes to be set. For <varname>h</varname> and <varname>H</varname>,
601 determines the file attributes to set. Ignored for all other lines.</para>
2df36d09
ZJS		 602
603 <para>This field can contain specifiers, see below.</para>
302fbdf2 604 </refsect2>
2df36d09 605 </refsect1>
302fbdf2 606
2df36d09
ZJS		 607 <refsect1>
608 <title>Specifiers</title>
609
610 <para>Specifiers can be used in the "path" and "argument" fields.
751223fe 611 An unknown or unresolvable specifier is treated as invalid configuration.
2df36d09
ZJS		 612 The following expansions are understood:</para>
613 <table>
614 <title>Specifiers available</title>
615 <tgroup cols='3' align='left' colsep='1' rowsep='1'>
616 <colspec colname="spec" />
617 <colspec colname="mean" />
618 <colspec colname="detail" />
619 <thead>
620 <row>
621 <entry>Specifier</entry>
622 <entry>Meaning</entry>
623 <entry>Details</entry>
624 </row>
625 </thead>
626 <tbody>
627 <row>
628 <entry><literal>%m</literal></entry>
629 <entry>Machine ID</entry>
630 <entry>The machine ID of the running system, formatted as string. See <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry> for more information.</entry>
631 </row>
632 <row>
633 <entry><literal>%b</literal></entry>
634 <entry>Boot ID</entry>
635 <entry>The boot ID of the running system, formatted as string. See <citerefentry><refentrytitle>random</refentrytitle><manvolnum>4</manvolnum></citerefentry> for more information.</entry>
636 </row>
637 <row>
638 <entry><literal>%H</literal></entry>
639 <entry>Host name</entry>
640 <entry>The hostname of the running system.</entry>
641 </row>
642 <row>
643 <entry><literal>%v</literal></entry>
644 <entry>Kernel release</entry>
645 <entry>Identical to <command>uname -r</command> output.</entry>
646 </row>
ca23eeb5
TW		 647 <row>
648 <entry><literal>%U</literal></entry>
649 <entry>User UID</entry>
650 <entry>This is the numeric UID of the user running the service manager instance. In case of the system manager this resolves to <constant>0</constant>.</entry>
651 </row>
652 <row>
653 <entry><literal>%u</literal></entry>
654 <entry>User name</entry>
655 <entry>This is the name of the user running the service manager instance. In case of the system manager this resolves to <literal>root</literal>.</entry>
656 </row>
657 <row>
658 <entry><literal>%h</literal></entry>
659 <entry>User home directory</entry>
660 <entry>This is the home directory of the user running the service manager instance. In case of the system manager this resolves to <literal>/root</literal>.</entry>
661 </row>
5a8575ef
ZJS		 662 <row>
663 <entry><literal>%t</literal></entry>
664 <entry>System or user runtime directory</entry>
665 <entry>In --user mode, this is the same <varname>$XDG_RUNTIME_DIR</varname>, and <filename>/run</filename> otherwise.</entry>
666 </row>
667 <row>
668 <entry><literal>%S</literal></entry>
669 <entry>System or user state directory</entry>
670 <entry>In <option>--user</option> mode, this is the same as <varname>$XDG_CONFIG_HOME</varname>, and <filename>/var/lib</filename> otherwise.</entry>
671 </row>
672 <row>
673 <entry><literal>%C</literal></entry>
674 <entry>System or user cache directory</entry>
675 <entry>In <option>--user</option> mode, this is the same as <varname>$XDG_CACHE_HOME</varname>, and <filename>/var/cache</filename> otherwise.</entry>
676 </row>
677 <row>
678 <entry><literal>%L</literal></entry>
679 <entry>System or user log directory</entry>
680 <entry>In <option>--user</option> mode, this is the same as <varname>$XDG_CONFIG_HOME</varname> with <filename noindex='true'>/log</filename> appended, and <filename>/var/log</filename> otherwise.</entry>
681 </row>
2df36d09
ZJS		 682 <row>
683 <entry><literal>%%</literal></entry>
5a8575ef 684 <entry>Escaped <literal>%</literal></entry>
2df36d09
ZJS		 685 <entry>Single percent sign.</entry>
686 </row>
687 </tbody>
688 </tgroup>
689 </table>
302fbdf2
ZJS		 690 </refsect1>
691
692 <refsect1>
4b743d67 693 <title>Examples</title>
302fbdf2 694 <example>
4b743d67
ZJS		 695 <title>Create directories with specific mode and ownership</title>
696 <para>
0a07667d 697 <citerefentry project='die-net'><refentrytitle>screen</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
4b743d67
ZJS		 698 needs two directories created at boot with specific modes and ownership:</para>
699
700 <programlisting># /usr/lib/tmpfiles.d/screen.conf
701d /run/screens 1777 root screen 10d
702d /run/uscreens 0755 root screen 10d12h
703</programlisting>
704
705 <para>Contents of <filename>/run/screens</filename> and /run/uscreens will
1655cdee 706 be cleaned up after 10 and 10½ days, respectively.</para>
4b743d67 707 </example>
302fbdf2 708
4b743d67
ZJS		 709 <example>
710 <title>Create a directory with a SMACK attribute</title>
711 <programlisting>D /run/cups - - - -
712t /run/cups - - - - security.SMACK64=printing user.attr-with-spaces="foo bar"
713 </programlisting>
714
b17649ee 715 <para>The directory will be owned by root and have default mode. Its contents are
4b743d67
ZJS		 716 not subject to time based cleanup, but will be obliterated when
717 <command>systemd-tmpfiles --remove</command> runs.</para>
302fbdf2 718 </example>
4b743d67 719
302fbdf2 720 <example>
4b743d67
ZJS		 721 <title>Create a directory and prevent its contents from cleanup</title>
722 <para>
0a07667d 723 <citerefentry project='die-net'><refentrytitle>abrt</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
4b743d67
ZJS		 724 needs a directory created at boot with specific mode and ownership and its content
725 should be preserved from the automatic cleanup applied to the contents of
726 <filename>/var/tmp</filename>:</para>
727
728 <programlisting># /usr/lib/tmpfiles.d/tmp.conf
729d /var/tmp 1777 root root 30d
730</programlisting>
731
732 <programlisting># /usr/lib/tmpfiles.d/abrt.conf
733d /var/tmp/abrt 0755 abrt abrt -
df8dee85
ZJS		 734</programlisting>
735 </example>
736
737 <example>
738 <title>Apply clean up during boot and based on time</title>
739
740 <programlisting># /usr/lib/tmpfiles.d/dnf.conf
741r! /var/cache/dnf/*/*/download_lock.pid
742r! /var/cache/dnf/*/*/metadata_lock.pid
743r! /var/lib/dnf/rpmdb_lock.pid
e80f1a79 744e /var/cache/dnf/ - - - 30d
4b743d67 745</programlisting>
302fbdf2 746
df8dee85 747 <para>The lock files will be removed during boot. Any files and directories in
e80f1a79 748 <filename>/var/cache/dnf/</filename> will be removed after they have not been
df8dee85 749 accessed in 30 days.</para>
302fbdf2 750 </example>
ed7fd549
ZJS		 751
752 <example>
b719b26c 753 <title>Empty the contents of a cache directory on boot</title>
ed7fd549
ZJS		 754
755 <programlisting># /usr/lib/tmpfiles.d/krb5rcache.conf
756e! /var/cache/krb5rcache - - - 0
757</programlisting>
758
759 <para>Any files and subdirectories in <filename>/var/cache/krb5rcache/</filename>
760 will be removed on boot. The directory will not be created.
761 </para>
762 </example>
302fbdf2
ZJS		 763 </refsect1>
764
765 <refsect1>
766 <title>See Also</title>
767 <para>
768 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
769 <citerefentry><refentrytitle>systemd-tmpfiles</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
770 <citerefentry><refentrytitle>systemd-delta</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
f8eeeaf9
ZJS		 771 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
772 <citerefentry project='man-pages'><refentrytitle>attr</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
773 <citerefentry project='man-pages'><refentrytitle>getfattr</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
774 <citerefentry project='man-pages'><refentrytitle>setfattr</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
775 <citerefentry project='man-pages'><refentrytitle>setfacl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
fa3f5fd2 776 <citerefentry project='man-pages'><refentrytitle>getfacl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
5fb13eb5
LP		 777 <citerefentry project='man-pages'><refentrytitle>chattr</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
778 <citerefentry project='die-net'><refentrytitle>btrfs-subvolume</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
779 <citerefentry project='die-net'><refentrytitle>btrfs-qgroup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
302fbdf2
ZJS		 780 </para>
781 </refsect1>
4149f86d
BP		 782
783</refentry>
Unnamed repository; edit this file 'description' to name the repository.