]> git.ipfire.org Git - thirdparty/systemd.git/blame - man/tmpfiles.d.xml
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
final v236 update (#7649)
[thirdparty/systemd.git] / man / tmpfiles.d.xml
CommitLineData
5fb13eb5 1<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
12b42c76 2<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4149f86d 3<!--
572eb058
ZJS		 4 SPDX-License-Identifier: LGPL-2.1+
5
4149f86d
BP		 6 This file is part of systemd.
7
8 Copyright 2010 Brandon Philips
9
10 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 11 under the terms of the GNU Lesser General Public License as published by
12 the Free Software Foundation; either version 2.1 of the License, or
4149f86d
BP		 13 (at your option) any later version.
14
15 systemd is distributed in the hope that it will be useful, but
16 WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 18 Lesser General Public License for more details.
4149f86d 19
5430f7f2 20 You should have received a copy of the GNU Lesser General Public License
4149f86d
BP		 21 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22-->
23<refentry id="tmpfiles.d">
24
302fbdf2
ZJS		 25 <refentryinfo>
26 <title>tmpfiles.d</title>
27 <productname>systemd</productname>
28
29 <authorgroup>
30 <author>
31 <contrib>Documentation</contrib>
32 <firstname>Brandon</firstname>
33 <surname>Philips</surname>
34 <email>brandon@ifup.org</email>
35 </author>
36 </authorgroup>
37 </refentryinfo>
38
39 <refmeta>
40 <refentrytitle>tmpfiles.d</refentrytitle>
41 <manvolnum>5</manvolnum>
42 </refmeta>
43
44 <refnamediv>
45 <refname>tmpfiles.d</refname>
46 <refpurpose>Configuration for creation, deletion and cleaning of
47 volatile and temporary files</refpurpose>
48 </refnamediv>
49
50 <refsynopsisdiv>
f2b5ca0e
ZJS		 51 <para><literallayout><filename>/etc/tmpfiles.d/*.conf</filename>
52<filename>/run/tmpfiles.d/*.conf</filename>
53<filename>/usr/lib/tmpfiles.d/*.conf</filename>
54 </literallayout></para>
55
56 <para><literallayout><filename>~/.config/user-tmpfiles.d/*.conf</filename>
57<filename>$XDG_RUNTIME_DIR/user-tmpfiles.d/*.conf</filename>
58<filename>~/.local/share/user-tmpfiles.d/*.conf</filename>
59<filename>…</filename>
60<filename>/usr/share/user-tmpfiles.d/*.conf</filename>
61 </literallayout></para>
302fbdf2
ZJS		 62 </refsynopsisdiv>
63
64 <refsect1>
65 <title>Description</title>
66
67 <para><command>systemd-tmpfiles</command> uses the configuration
68 files from the above directories to describe the creation,
69 cleaning and removal of volatile and temporary files and
70 directories which usually reside in directories such as
71 <filename>/run</filename> or <filename>/tmp</filename>.</para>
72
73 <para>Volatile and temporary files and directories are those
74 located in <filename>/run</filename> (and its alias
75 <filename>/var/run</filename>), <filename>/tmp</filename>,
76 <filename>/var/tmp</filename>, the API file systems such as
77 <filename>/sys</filename> or <filename>/proc</filename>, as well
78 as some other directories below <filename>/var</filename>.</para>
79
80 <para>System daemons frequently require private runtime
81 directories below <filename>/run</filename> to place communication
82 sockets and similar in. For these, consider declaring them in
83 their unit files using <varname>RuntimeDirectory=</varname> (see
84 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
85 for details), if this is feasible.</para>
86 </refsect1>
87
88 <refsect1>
8165be2e 89 <title>Configuration Directories and Precedence</title>
302fbdf2
ZJS		 90
91 <para>Each configuration file shall be named in the style of
92 <filename><replaceable>package</replaceable>.conf</filename> or
93 <filename><replaceable>package</replaceable>-<replaceable>part</replaceable>.conf</filename>.
94 The second variant should be used when it is desirable to make it
95 easy to override just this part of configuration.</para>
96
97 <para>Files in <filename>/etc/tmpfiles.d</filename> override files
98 with the same name in <filename>/usr/lib/tmpfiles.d</filename> and
99 <filename>/run/tmpfiles.d</filename>. Files in
100 <filename>/run/tmpfiles.d</filename> override files with the same
101 name in <filename>/usr/lib/tmpfiles.d</filename>. Packages should
102 install their configuration files in
103 <filename>/usr/lib/tmpfiles.d</filename>. Files in
104 <filename>/etc/tmpfiles.d</filename> are reserved for the local
105 administrator, who may use this logic to override the
106 configuration files installed by vendor packages. All
107 configuration files are sorted by their filename in lexicographic
108 order, regardless of which of the directories they reside in. If
109 multiple files specify the same path, the entry in the file with
110 the lexicographically earliest name will be applied. All other
111 conflicting entries will be logged as errors. When two lines are
112 prefix and suffix of each other, then the prefix is always
6d785b6d
LP		 113 processed first, the suffix later. Lines that take globs are
114 applied after those accepting no globs. If multiple operations
b938cb90
JE		 115 shall be applied on the same file, (such as ACL, xattr, file
116 attribute adjustments), these are always done in the same fixed
6d785b6d
LP		 117 order. Otherwise, the files/directories are processed in the order
118 they are listed.</para>
302fbdf2
ZJS		 119
120 <para>If the administrator wants to disable a configuration file
121 supplied by the vendor, the recommended way is to place a symlink
122 to <filename>/dev/null</filename> in
123 <filename>/etc/tmpfiles.d/</filename> bearing the same filename.
124 </para>
8165be2e
ZJS		 125 </refsect1>
126
127 <refsect1>
128 <title>Configuration File Format</title>
302fbdf2
ZJS		 129
130 <para>The configuration format is one line per path containing
131 type, path, mode, ownership, age, and argument fields:</para>
132
133 <programlisting>#Type Path Mode UID GID Age Argument
ed7fd549
ZJS		 134d /run/user 0755 root root 10d -
135L /tmp/foobar - - - - /dev/null</programlisting>
302fbdf2 136
657cf7f4 137 <para>Fields may be enclosed within quotes and contain C-style escapes.</para>
138
302fbdf2
ZJS		 139 <refsect2>
140 <title>Type</title>
141
142 <para>The type consists of a single letter and optionally an
143 exclamation mark.</para>
144
145 <para>The following line types are understood:</para>
146
147 <variablelist>
148 <varlistentry>
149 <term><varname>f</varname></term>
150 <listitem><para>Create a file if it does not exist yet. If
151 the argument parameter is given, it will be written to the
6a9171d2 152 file. Does not follow symlinks.</para></listitem>
302fbdf2
ZJS		 153 </varlistentry>
154
155 <varlistentry>
156 <term><varname>F</varname></term>
157 <listitem><para>Create or truncate a file. If the argument
6a9171d2 158 parameter is given, it will be written to the file. Does not follow symlinks.</para>
302fbdf2
ZJS		 159 </listitem>
160 </varlistentry>
161
162 <varlistentry>
163 <term><varname>w</varname></term>
164 <listitem><para>Write the argument parameter to a file, if
165 the file exists. Lines of this type accept shell-style
166 globs in place of normal path names. The argument parameter
167 will be written without a trailing newline. C-style
6a9171d2
LP		 168 backslash escapes are interpreted. Follows
169 symlinks.</para></listitem>
302fbdf2
ZJS		 170 </varlistentry>
171
172 <varlistentry>
173 <term><varname>d</varname></term>
4b743d67
ZJS		 174 <listitem><para>Create a directory. The mode and ownership will be adjusted if
175 specified and the directory already exists. Contents of this directory are subject
ed7fd549 176 to time based cleanup if the age argument is specified.</para></listitem>
302fbdf2
ZJS		 177 </varlistentry>
178
179 <varlistentry>
180 <term><varname>D</varname></term>
4b743d67
ZJS		 181 <listitem><para>Similar to <varname>d</varname>, but in addition the contents
182 of the directory will be removed when <option>--remove</option> is used.
183 </para></listitem>
184 </varlistentry>
df8dee85
ZJS		 185
186 <varlistentry>
187 <term><varname>e</varname></term>
ed7fd549
ZJS		 188 <listitem><para>Similar to <varname>d</varname>, but the directory will not be created if
189 it does not exist. Lines of this type accept shell-style globs in place of normal path
190 names. For this entry to be useful, at least one of the mode, uid, gid, or age arguments
191 must be specified, since otherwise this entry has no effect. If the age argument is
192 <literal>0</literal>, contents of the directory will be unconditionally deleted every time
193 <command>systemd-tmpfiles --clean</command> is run. This can be useful when combined with
194 <varname>!</varname>, see the examples.</para></listitem>
302fbdf2
ZJS		 195 </varlistentry>
196
197 <varlistentry>
198 <term><varname>v</varname></term>
199 <listitem><para>Create a subvolume if the path does not
2904e949
LP		 200 exist yet, the file system supports subvolumes (btrfs), and
201 the system itself is installed into a subvolume
202 (specifically: the root directory <filename>/</filename> is
203 itself a subvolume). Otherwise, create a normal directory, in
204 the same way as <varname>d</varname>. A subvolume created
205 with this line type is not assigned to any higher-level
206 quota group. For that, use <varname>q</varname> or
207 <varname>Q</varname>, which allow creating simple quota
208 group hierarchies, see below.</para></listitem>
5fb13eb5
LP		 209 </varlistentry>
210
211 <varlistentry>
212 <term><varname>q</varname></term>
b938cb90 213 <listitem><para>Similar to <varname>v</varname>. However,
5fb13eb5
LP		 214 makes sure that the subvolume will be assigned to the same
215 higher-level quota groups as the subvolume it has been
216 created in. This ensures that higher-level limits and
217 accounting applied to the parent subvolume also include the
218 specified subvolume. On non-btrfs file systems, this line
219 type is identical to <varname>d</varname>. If the subvolume
220 already exists and is already assigned to one or more higher
b938cb90 221 level quota groups, no change to the quota hierarchy is
5fb13eb5
LP		 222 made. Also see <varname>Q</varname> below. See <citerefentry
223 project='die-net'><refentrytitle>btrfs-qgroup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
224 for details about the btrfs quota group
225 concept.</para></listitem>
226 </varlistentry>
227
228 <varlistentry>
229 <term><varname>Q</varname></term>
b938cb90 230 <listitem><para>Similar to <varname>q</varname>. However,
5fb13eb5
LP		 231 instead of copying the higher-level quota group assignments
232 from the parent as-is, the lowest quota group of the parent
233 subvolume is determined that is not the leaf quota
234 group. Then, an "intermediary" quota group is inserted that
235 is one level below this level, and shares the same ID part
236 as the specified subvolume. If no higher-level quota group
237 exists for the parent subvolume, a new quota group at level
238 255 sharing the same ID as the specified subvolume is
239 inserted instead. This new intermediary quota group is then
240 assigned to the parent subvolume's higher-level quota
241 groups, and the specified subvolume's leaf quota group is
242 assigned to it.</para>
243
244 <para>Effectively, this has a similar effect as
245 <varname>q</varname>, however introduces a new higher-level
246 quota group for the specified subvolume that may be used to
247 enforce limits and accounting to the specified subvolume and
248 children subvolume created within it. Thus, by creating
249 subvolumes only via <varname>q</varname> and
b938cb90 250 <varname>Q</varname>, a concept of "subtree quotas" is
5fb13eb5
LP		 251 implemented. Each subvolume for which <varname>Q</varname>
252 is set will get a "subtree" quota group created, and all
253 child subvolumes created within it will be assigned to
254 it. Each subvolume for which <varname>q</varname> is set
255 will not get such a "subtree" quota group, but it is ensured
256 that they are added to the same "subtree" quota group as their
257 immediate parents.</para>
258
259 <para>It is recommended to use
260 <varname>Q</varname> for subvolumes that typically contain
261 further subvolumes, and where it is desirable to have
262 accounting and quota limits on all child subvolumes
263 together. Examples for <varname>Q</varname> are typically
264 <filename>/home</filename> or
265 <filename>/var/lib/machines</filename>. In contrast,
266 <varname>q</varname> should be used for subvolumes that
267 either usually do not include further subvolumes or where no
268 accounting and quota limits are needed that apply to all
269 child subvolumes together. Examples for <varname>q</varname>
270 are typically <filename>/var</filename> or
271 <filename>/var/tmp</filename>. As with <varname>Q</varname>,
272 <varname>q</varname> has no effect on the quota group
273 hierarchy if the subvolume exists and already has at least
274 one higher-level quota group assigned.</para></listitem>
302fbdf2
ZJS		 275 </varlistentry>
276
277 <varlistentry>
278 <term><varname>p</varname></term>
279 <term><varname>p+</varname></term>
280 <listitem><para>Create a named pipe (FIFO) if it does not
281 exist yet. If suffixed with <varname>+</varname> and a file
282 already exists where the pipe is to be created, it will be
283 removed and be replaced by the pipe.</para></listitem>
284 </varlistentry>
285
286 <varlistentry>
287 <term><varname>L</varname></term>
288 <term><varname>L+</varname></term>
289 <listitem><para>Create a symlink if it does not exist
b3f5897f
WD		 290 yet. If suffixed with <varname>+</varname> and a file or
291 directory already exists where the symlink is to be created,
292 it will be removed and be replaced by the symlink. If the
293 argument is omitted, symlinks to files with the same name
294 residing in the directory
295 <filename>/usr/share/factory/</filename> are created. Note
296 that permissions and ownership on symlinks are ignored.
297 </para></listitem>
302fbdf2
ZJS		 298 </varlistentry>
299
300 <varlistentry>
301 <term><varname>c</varname></term>
302 <term><varname>c+</varname></term>
303 <listitem><para>Create a character device node if it does
304 not exist yet. If suffixed with <varname>+</varname> and a
305 file already exists where the device node is to be created,
306 it will be removed and be replaced by the device node. It is
307 recommended to suffix this entry with an exclamation mark to
308 only create static device nodes at boot, as udev will not
309 manage static device nodes that are created at runtime.
310 </para></listitem>
311 </varlistentry>
312
313 <varlistentry>
314 <term><varname>b</varname></term>
315 <term><varname>b+</varname></term>
316 <listitem><para>Create a block device node if it does not
317 exist yet. If suffixed with <varname>+</varname> and a file
318 already exists where the device node is to be created, it
319 will be removed and be replaced by the device node. It is
320 recommended to suffix this entry with an exclamation mark to
321 only create static device nodes at boot, as udev will not
322 manage static device nodes that are created at runtime.
323 </para></listitem>
324 </varlistentry>
325
326 <varlistentry>
327 <term><varname>C</varname></term>
328 <listitem><para>Recursively copy a file or directory, if the
329 destination files or directories do not exist yet. Note that
330 this command will not descend into subdirectories if the
331 destination directory already exists. Instead, the entire
332 copy operation is skipped. If the argument is omitted, files
333 from the source directory
334 <filename>/usr/share/factory/</filename> with the same name
6a9171d2 335 are copied. Does not follow symlinks.</para></listitem>
302fbdf2
ZJS		 336 </varlistentry>
337
338 <varlistentry>
339 <term><varname>x</varname></term>
340 <listitem><para>Ignore a path during cleaning. Use this type
341 to exclude paths from clean-up as controlled with the Age
342 parameter. Note that lines of this type do not influence the
343 effect of <varname>r</varname> or <varname>R</varname>
50d9e46d 344 lines. Lines of this type accept shell-style globs in place
302fbdf2
ZJS		 345 of normal path names. </para></listitem>
346 </varlistentry>
347
348 <varlistentry>
349 <term><varname>X</varname></term>
350 <listitem><para>Ignore a path during cleaning. Use this type
351 to exclude paths from clean-up as controlled with the Age
352 parameter. Unlike <varname>x</varname>, this parameter will
353 not exclude the content if path is a directory, but only
354 directory itself. Note that lines of this type do not
355 influence the effect of <varname>r</varname> or
50d9e46d 356 <varname>R</varname> lines. Lines of this type accept
302fbdf2
ZJS		 357 shell-style globs in place of normal path names.
358 </para></listitem>
359 </varlistentry>
360
361 <varlistentry>
362 <term><varname>r</varname></term>
363 <listitem><para>Remove a file or directory if it exists.
364 This may not be used to remove non-empty directories, use
365 <varname>R</varname> for that. Lines of this type accept
366 shell-style globs in place of normal path
6a9171d2 367 names. Does not follow symlinks.</para></listitem>
302fbdf2
ZJS		 368 </varlistentry>
369
370 <varlistentry>
371 <term><varname>R</varname></term>
372 <listitem><para>Recursively remove a path and all its
373 subdirectories (if it is a directory). Lines of this type
374 accept shell-style globs in place of normal path
6a9171d2 375 names. Does not follow symlinks.</para></listitem>
302fbdf2
ZJS		 376 </varlistentry>
377
378 <varlistentry>
379 <term><varname>z</varname></term>
380 <listitem><para>Adjust the access mode, group and user, and
381 restore the SELinux security context of a file or directory,
382 if it exists. Lines of this type accept shell-style globs in
6a9171d2 383 place of normal path names. Does not follow symlinks.</para></listitem>
302fbdf2
ZJS		 384 </varlistentry>
385
386 <varlistentry>
387 <term><varname>Z</varname></term>
388 <listitem><para>Recursively set the access mode, group and
389 user, and restore the SELinux security context of a file or
390 directory if it exists, as well as of its subdirectories and
391 the files contained therein (if applicable). Lines of this
6a9171d2
LP		 392 type accept shell-style globs in place of normal path
393 names. Does not follow symlinks. </para></listitem>
302fbdf2
ZJS		 394 </varlistentry>
395
396 <varlistentry>
397 <term><varname>t</varname></term>
b705ab6a
ZJS		 398 <listitem><para>Set extended attributes. Lines of this type
399 accept shell-style globs in place of normal path names.
6a9171d2
LP		 400 This can be useful for setting SMACK labels. Does not follow
401 symlinks.</para></listitem>
b705ab6a
ZJS		 402 </varlistentry>
403
404 <varlistentry>
405 <term><varname>T</varname></term>
406 <listitem><para>Recursively set extended attributes. Lines
407 of this type accept shell-style globs in place of normal
6a9171d2
LP		 408 path names. This can be useful for setting SMACK
409 labels. Does not follow symlinks. </para></listitem>
302fbdf2 410 </varlistentry>
f8eeeaf9 411
fa3f5fd2
GB		 412 <varlistentry>
413 <term><varname>h</varname></term>
414 <listitem><para>Set file/directory attributes. Lines of this type
415 accept shell-style globs in place of normal path names.</para>
416
1ae705fb
LP		 417 <para>The format of the argument field is
418 <varname>[+-=][aAcCdDeijsStTu] </varname>. The prefix
419 <varname>+</varname> (the default one) causes the
fa3f5fd2 420 attribute(s) to be added; <varname>-</varname> causes the
1ae705fb 421 attribute(s) to be removed; <varname>=</varname> causes the
a8eaaee7 422 attributes to be set exactly as the following letters. The
1ae705fb 423 letters <literal>aAcCdDeijsStTu</literal> select the new
fa3f5fd2 424 attributes for the files, see
c30c611c 425 <citerefentry project='man-pages'><refentrytitle>chattr</refentrytitle>
fa3f5fd2
GB		 426 <manvolnum>1</manvolnum></citerefentry> for further information.
427 </para>
1ae705fb
LP		 428 <para>Passing only <varname>=</varname> as argument resets
429 all the file attributes listed above. It has to be pointed
b938cb90 430 out that the <varname>=</varname> prefix limits itself to
1ae705fb
LP		 431 the attributes corresponding to the letters listed here. All
432 other attributes will be left untouched. Does not follow
433 symlinks.</para>
fa3f5fd2
GB		 434 </listitem>
435 </varlistentry>
436
437 <varlistentry>
438 <term><varname>H</varname></term>
439 <listitem><para>Recursively set file/directory attributes. Lines
440 of this type accept shell-style globs in place of normal
6a9171d2 441 path names. Does not follow symlinks.
fa3f5fd2
GB		 442 </para></listitem>
443 </varlistentry>
444
f8eeeaf9
ZJS		 445 <varlistentry>
446 <term><varname>a</varname></term>
50d9e46d
ZJS		 447 <term><varname>a+</varname></term>
448 <listitem><para>Set POSIX ACLs (access control lists). If
a8eaaee7 449 suffixed with <varname>+</varname>, the specified entries will
dd4105b0
ZJS		 450 be added to the existing set.
451 <command>systemd-tmpfiles</command> will automatically add
452 the required base entries for user and group based on the
453 access mode of the file, unless base entries already exist
7f3fdb7f 454 or are explicitly specified. The mask will be added if not
dd4105b0
ZJS		 455 specified explicitly or already present. Lines of this type
456 accept shell-style globs in place of normal path names. This
457 can be useful for allowing additional access to certain
6a9171d2 458 files. Does not follow symlinks.</para></listitem>
b705ab6a
ZJS		 459 </varlistentry>
460
461 <varlistentry>
462 <term><varname>A</varname></term>
50d9e46d
ZJS		 463 <term><varname>A+</varname></term>
464 <listitem><para>Same as <varname>a</varname> and
6a9171d2
LP		 465 <varname>a+</varname>, but recursive. Does not follow
466 symlinks.</para></listitem>
f8eeeaf9 467 </varlistentry>
302fbdf2
ZJS		 468 </variablelist>
469
470 <para>If the exclamation mark is used, this line is only safe of
471 execute during boot, and can break a running system. Lines
472 without the exclamation mark are presumed to be safe to execute
473 at any time, e.g. on package upgrades.
474 <command>systemd-tmpfiles</command> will execute line with an
475 exclamation mark only if option <option>--boot</option> is
476 given.</para>
477
478 <para>For example:
479 <programlisting># Make sure these are created by default so that nobody else can
9b9c30ec 480d /tmp/.X11-unix 1777 root root 10d
302fbdf2 481
9b9c30ec
LP		 482# Unlink the X11 lock files
483r! /tmp/.X[0-9]*-lock</programlisting>
302fbdf2
ZJS		 484 The second line in contrast to the first one would break a
485 running system, and will only be executed with
486 <option>--boot</option>.</para>
487 </refsect2>
488
489 <refsect2>
490 <title>Path</title>
491
492 <para>The file system path specification supports simple
2df36d09
ZJS		 493 specifier expansion, see below. The path (after expansion) must be
494 absolute.</para>
302fbdf2
ZJS		 495 </refsect2>
496
497 <refsect2>
498 <title>Mode</title>
499
500 <para>The file access mode to use when creating this file or
501 directory. If omitted or when set to <literal>-</literal>, the
502 default is used: 0755 for directories, 0644 for all other file
503 objects. For <varname>z</varname>, <varname>Z</varname> lines,
504 if omitted or when set to <literal>-</literal>, the file access
505 mode will not be modified. This parameter is ignored for
506 <varname>x</varname>, <varname>r</varname>,
f8eeeaf9
ZJS		 507 <varname>R</varname>, <varname>L</varname>, <varname>t</varname>,
508 and <varname>a</varname> lines.</para>
302fbdf2
ZJS		 509
510 <para>Optionally, if prefixed with <literal>~</literal>, the
511 access mode is masked based on the already set access bits for
512 existing file or directories: if the existing file has all
513 executable bits unset, all executable bits are removed from the
514 new access mode, too. Similarly, if all read bits are removed
515 from the old access mode, they will be removed from the new
516 access mode too, and if all write bits are removed, they will be
517 removed from the new access mode too. In addition, the
518 sticky/SUID/SGID bit is removed unless applied to a
519 directory. This functionality is particularly useful in
520 conjunction with <varname>Z</varname>.</para>
521 </refsect2>
522
523 <refsect2>
524 <title>UID, GID</title>
525
526 <para>The user and group to use for this file or directory. This
527 may either be a numeric user/group ID or a user or group
528 name. If omitted or when set to <literal>-</literal>, the
a8eaaee7 529 default 0 (root) is used. For <varname>z</varname> and
f8eeeaf9
ZJS		 530 <varname>Z</varname> lines, when omitted or when set to
531 <literal>-</literal>, the file ownership will not be
532 modified. These parameters are ignored for <varname>x</varname>,
533 <varname>r</varname>, <varname>R</varname>,
534 <varname>L</varname>, <varname>t</varname>, and
535 <varname>a</varname> lines.</para>
302fbdf2
ZJS		 536 </refsect2>
537
538 <refsect2>
539 <title>Age</title>
540 <para>The date field, when set, is used to decide what files to
541 delete when cleaning. If a file or directory is older than the
542 current time minus the age field, it is deleted. The field
543 format is a series of integers each followed by one of the
a8eaaee7 544 following suffixes for the respective time units:
00c53f42
ZJS		 545 <constant>s</constant>,
546 <constant>m</constant> or <constant>min</constant>,
547 <constant>h</constant>,
548 <constant>d</constant>,
549 <constant>w</constant>,
a8eaaee7 550 <constant>ms</constant>, and
00c53f42 551 <constant>us</constant>,
a8eaaee7
JE		 552 meaning seconds, minutes, hours, days, weeks,
553 milliseconds, and microseconds, respectively. Full names of the time units can
00c53f42
ZJS		 554 be used too.
555 </para>
302fbdf2
ZJS		 556
557 <para>If multiple integers and units are specified, the time
00c53f42
ZJS		 558 values are summed. If an integer is given without a unit,
559 <constant>s</constant> is assumed.
302fbdf2
ZJS		 560 </para>
561
562 <para>When the age is set to zero, the files are cleaned
563 unconditionally.</para>
564
5fb13eb5 565 <para>The age field only applies to lines starting with
df8dee85 566 <varname>d</varname>, <varname>D</varname>, <varname>e</varname>,
5fb13eb5
LP		 567 <varname>v</varname>, <varname>q</varname>,
568 <varname>Q</varname>, <varname>C</varname>, <varname>x</varname>
569 and <varname>X</varname>. If omitted or set to
570 <literal>-</literal>, no automatic clean-up is done.</para>
302fbdf2
ZJS		 571
572 <para>If the age field starts with a tilde character
573 <literal>~</literal>, the clean-up is only applied to files and
574 directories one level inside the directory specified, but not
575 the files and directories immediately inside it.</para>
576 </refsect2>
577
578 <refsect2>
579 <title>Argument</title>
580
581 <para>For <varname>L</varname> lines determines the destination
a8eaaee7
JE		 582 path of the symlink. For <varname>c</varname> and
583 <varname>b</varname>, determines the major/minor of the device
302fbdf2
ZJS		 584 node, with major and minor formatted as integers, separated by
585 <literal>:</literal>, e.g. <literal>1:3</literal>. For
586 <varname>f</varname>, <varname>F</varname>, and
a8eaaee7 587 <varname>w</varname>, the argument may be used to specify a short string that
302fbdf2
ZJS		 588 is written to the file, suffixed by a newline. For
589 <varname>C</varname>, specifies the source file or
a8eaaee7 590 directory. For <varname>t</varname> and <varname>T</varname>,
0ac0b1e7 591 determines extended attributes to be set. For
a8eaaee7
JE		 592 <varname>a</varname> and <varname>A</varname>, determines ACL
593 attributes to be set. For <varname>h</varname> and
b938cb90 594 <varname>H</varname>, determines the file attributes to
0ac0b1e7 595 set. Ignored for all other lines.</para>
2df36d09
ZJS		 596
597 <para>This field can contain specifiers, see below.</para>
302fbdf2 598 </refsect2>
2df36d09 599 </refsect1>
302fbdf2 600
2df36d09
ZJS		 601 <refsect1>
602 <title>Specifiers</title>
603
604 <para>Specifiers can be used in the "path" and "argument" fields.
751223fe 605 An unknown or unresolvable specifier is treated as invalid configuration.
2df36d09
ZJS		 606 The following expansions are understood:</para>
607 <table>
608 <title>Specifiers available</title>
609 <tgroup cols='3' align='left' colsep='1' rowsep='1'>
610 <colspec colname="spec" />
611 <colspec colname="mean" />
612 <colspec colname="detail" />
613 <thead>
614 <row>
615 <entry>Specifier</entry>
616 <entry>Meaning</entry>
617 <entry>Details</entry>
618 </row>
619 </thead>
620 <tbody>
621 <row>
622 <entry><literal>%m</literal></entry>
623 <entry>Machine ID</entry>
624 <entry>The machine ID of the running system, formatted as string. See <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry> for more information.</entry>
625 </row>
626 <row>
627 <entry><literal>%b</literal></entry>
628 <entry>Boot ID</entry>
629 <entry>The boot ID of the running system, formatted as string. See <citerefentry><refentrytitle>random</refentrytitle><manvolnum>4</manvolnum></citerefentry> for more information.</entry>
630 </row>
631 <row>
632 <entry><literal>%H</literal></entry>
633 <entry>Host name</entry>
634 <entry>The hostname of the running system.</entry>
635 </row>
636 <row>
637 <entry><literal>%v</literal></entry>
638 <entry>Kernel release</entry>
639 <entry>Identical to <command>uname -r</command> output.</entry>
640 </row>
ca23eeb5
TW		 641 <row>
642 <entry><literal>%U</literal></entry>
643 <entry>User UID</entry>
644 <entry>This is the numeric UID of the user running the service manager instance. In case of the system manager this resolves to <constant>0</constant>.</entry>
645 </row>
646 <row>
647 <entry><literal>%u</literal></entry>
648 <entry>User name</entry>
649 <entry>This is the name of the user running the service manager instance. In case of the system manager this resolves to <literal>root</literal>.</entry>
650 </row>
651 <row>
652 <entry><literal>%h</literal></entry>
653 <entry>User home directory</entry>
654 <entry>This is the home directory of the user running the service manager instance. In case of the system manager this resolves to <literal>/root</literal>.</entry>
655 </row>
5a8575ef
ZJS		 656 <row>
657 <entry><literal>%t</literal></entry>
658 <entry>System or user runtime directory</entry>
659 <entry>In --user mode, this is the same <varname>$XDG_RUNTIME_DIR</varname>, and <filename>/run</filename> otherwise.</entry>
660 </row>
661 <row>
662 <entry><literal>%S</literal></entry>
663 <entry>System or user state directory</entry>
664 <entry>In <option>--user</option> mode, this is the same as <varname>$XDG_CONFIG_HOME</varname>, and <filename>/var/lib</filename> otherwise.</entry>
665 </row>
666 <row>
667 <entry><literal>%C</literal></entry>
668 <entry>System or user cache directory</entry>
669 <entry>In <option>--user</option> mode, this is the same as <varname>$XDG_CACHE_HOME</varname>, and <filename>/var/cache</filename> otherwise.</entry>
670 </row>
671 <row>
672 <entry><literal>%L</literal></entry>
673 <entry>System or user log directory</entry>
674 <entry>In <option>--user</option> mode, this is the same as <varname>$XDG_CONFIG_HOME</varname> with <filename noindex='true'>/log</filename> appended, and <filename>/var/log</filename> otherwise.</entry>
675 </row>
2df36d09
ZJS		 676 <row>
677 <entry><literal>%%</literal></entry>
5a8575ef 678 <entry>Escaped <literal>%</literal></entry>
2df36d09
ZJS		 679 <entry>Single percent sign.</entry>
680 </row>
681 </tbody>
682 </tgroup>
683 </table>
302fbdf2
ZJS		 684 </refsect1>
685
686 <refsect1>
4b743d67 687 <title>Examples</title>
302fbdf2 688 <example>
4b743d67
ZJS		 689 <title>Create directories with specific mode and ownership</title>
690 <para>
0a07667d 691 <citerefentry project='die-net'><refentrytitle>screen</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
4b743d67
ZJS		 692 needs two directories created at boot with specific modes and ownership:</para>
693
694 <programlisting># /usr/lib/tmpfiles.d/screen.conf
695d /run/screens 1777 root screen 10d
696d /run/uscreens 0755 root screen 10d12h
697</programlisting>
698
699 <para>Contents of <filename>/run/screens</filename> and /run/uscreens will
700 cleaned up after 10 and 10½ days, respectively.</para>
701 </example>
302fbdf2 702
4b743d67
ZJS		 703 <example>
704 <title>Create a directory with a SMACK attribute</title>
705 <programlisting>D /run/cups - - - -
706t /run/cups - - - - security.SMACK64=printing user.attr-with-spaces="foo bar"
707 </programlisting>
708
b17649ee 709 <para>The directory will be owned by root and have default mode. Its contents are
4b743d67
ZJS		 710 not subject to time based cleanup, but will be obliterated when
711 <command>systemd-tmpfiles --remove</command> runs.</para>
302fbdf2 712 </example>
4b743d67 713
302fbdf2 714 <example>
4b743d67
ZJS		 715 <title>Create a directory and prevent its contents from cleanup</title>
716 <para>
0a07667d 717 <citerefentry project='die-net'><refentrytitle>abrt</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
4b743d67
ZJS		 718 needs a directory created at boot with specific mode and ownership and its content
719 should be preserved from the automatic cleanup applied to the contents of
720 <filename>/var/tmp</filename>:</para>
721
722 <programlisting># /usr/lib/tmpfiles.d/tmp.conf
723d /var/tmp 1777 root root 30d
724</programlisting>
725
726 <programlisting># /usr/lib/tmpfiles.d/abrt.conf
727d /var/tmp/abrt 0755 abrt abrt -
df8dee85
ZJS		 728</programlisting>
729 </example>
730
731 <example>
732 <title>Apply clean up during boot and based on time</title>
733
734 <programlisting># /usr/lib/tmpfiles.d/dnf.conf
735r! /var/cache/dnf/*/*/download_lock.pid
736r! /var/cache/dnf/*/*/metadata_lock.pid
737r! /var/lib/dnf/rpmdb_lock.pid
e80f1a79 738e /var/cache/dnf/ - - - 30d
4b743d67 739</programlisting>
302fbdf2 740
df8dee85 741 <para>The lock files will be removed during boot. Any files and directories in
e80f1a79 742 <filename>/var/cache/dnf/</filename> will be removed after they have not been
df8dee85 743 accessed in 30 days.</para>
302fbdf2 744 </example>
ed7fd549
ZJS		 745
746 <example>
b719b26c 747 <title>Empty the contents of a cache directory on boot</title>
ed7fd549
ZJS		 748
749 <programlisting># /usr/lib/tmpfiles.d/krb5rcache.conf
750e! /var/cache/krb5rcache - - - 0
751</programlisting>
752
753 <para>Any files and subdirectories in <filename>/var/cache/krb5rcache/</filename>
754 will be removed on boot. The directory will not be created.
755 </para>
756 </example>
302fbdf2
ZJS		 757 </refsect1>
758
759 <refsect1>
760 <title>See Also</title>
761 <para>
762 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
763 <citerefentry><refentrytitle>systemd-tmpfiles</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
764 <citerefentry><refentrytitle>systemd-delta</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
f8eeeaf9
ZJS		 765 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
766 <citerefentry project='man-pages'><refentrytitle>attr</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
767 <citerefentry project='man-pages'><refentrytitle>getfattr</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
768 <citerefentry project='man-pages'><refentrytitle>setfattr</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
769 <citerefentry project='man-pages'><refentrytitle>setfacl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
fa3f5fd2 770 <citerefentry project='man-pages'><refentrytitle>getfacl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
5fb13eb5
LP		 771 <citerefentry project='man-pages'><refentrytitle>chattr</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
772 <citerefentry project='die-net'><refentrytitle>btrfs-subvolume</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
773 <citerefentry project='die-net'><refentrytitle>btrfs-qgroup</refentrytitle><manvolnum>8</manvolnum></citerefentry>
302fbdf2
ZJS		 774 </para>
775 </refsect1>
4149f86d
BP		 776
777</refentry>
Unnamed repository; edit this file 'description' to name the repository.