From 5474cadc8d58648693c6b8b2775be7fefe29ee0c Mon Sep 17 00:00:00 2001 From: =?utf8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Sun, 31 May 2026 11:44:21 +0200 Subject: [PATCH] tmpfiles: remove boot-only restriction from x11 directory rules 4a1f92c704aad80e9fde3f3d1678a5e5e944ae47 added '!' through confusion: the goal was probably to exclude those directories from cleanup at runtime. But as discussed below, that exclusion is not needed. In fact, we want the rule to be active during runtime, so that if the directory were removed or wasn't created earlier for whatever reason, it'd be created during one of those later runs too. This just makes the system more robust. Those directories are used for sockets, and tmpfiles will not remove live sockets. So it is fine to run the cleanup on those directories, it doesn't have any effect in normal circumstances. The only case where the cleanup would matter would be if the service was running, crashed without removing the socket, and the system would remain up for more than 10 days after that. This is not a particularly likely scenario, but OTOH, we can imaging that somebody tried to run Xorg, it didn't work, and they switched to Wayland. Or their DE crashes every once in a while, leaving some state behind. Keeping the cleanup in place seems OK, it makes the system slightly more robust in fringe scenarios. In fact, this cleanup will work better if we reduce the delay from 10 days to something small. systemd-tmpfiles-clean.timer runs once per day, so the cleanup will not be very fast anyway. So use '1h' as an arbitrary small value. (I think '0' would be risky, because it's possible for the socket to be set up through a script where it's created first and the service is connected to it, so it is momentarily "not live". I think people used to do this. Not sure if that happens anymore, but let's be safe.) Co-authored-by: Jarl Gullberg --- tmpfiles.d/x11.conf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/tmpfiles.d/x11.conf b/tmpfiles.d/x11.conf index 0e38f50bb53..b45c8eec250 100644 --- a/tmpfiles.d/x11.conf +++ b/tmpfiles.d/x11.conf @@ -9,10 +9,10 @@ # Make sure these are created by default so that nobody else can # or empty them at startup -D! /tmp/.X11-unix 1777 root root 10d -D! /tmp/.ICE-unix 1777 root root 10d -D! /tmp/.XIM-unix 1777 root root 10d -D! /tmp/.font-unix 1777 root root 10d +D /tmp/.X11-unix 1777 root root 1h +D /tmp/.ICE-unix 1777 root root 1h +D /tmp/.XIM-unix 1777 root root 1h +D /tmp/.font-unix 1777 root root 1h # Unlink the X11 lock files r! /tmp/.X[0-9]*-lock -- 2.47.3