1TMPFILES.D(5) tmpfiles.d TMPFILES.D(5)
2
6 tmpfiles.d - Configuration for creation, deletion and cleaning of
7 volatile and temporary files
8
10 /etc/tmpfiles.d/*.conf
11 /run/tmpfiles.d/*.conf
12 /usr/lib/tmpfiles.d/*.conf
13 ~/.config/user-tmpfiles.d/*.conf
16 $XDG_RUNTIME_DIR/user-tmpfiles.d/*.conf
17 ~/.local/share/user-tmpfiles.d/*.conf
18 ...
19 /usr/share/user-tmpfiles.d/*.conf
20
23 tmpfiles.d configuration files provide a generic mechanism to define
24 the creation of regular files, directories, pipes, and device nodes,
25 adjustments to their access mode, ownership, attributes, quota
26 assignments, and contents, and finally their time-based removal. It is
27 mostly commonly used for volatile and temporary files and directories
28 (such as those located under /run, /tmp, /var/tmp, the API file systems
29 such as /sys or /proc, as well as some other directories below /var).
30 systemd-tmpfiles uses this configuration to create volatile files and
32 directories during boot and to do periodic cleanup afterwards. See
33 systemd-tmpfiles(5) for the description of
34 systemd-tmpfiles-setup.service, systemd-tmpfiles-cleanup.service, and
35 associated units.
36 System daemons frequently require private runtime directories below
38 /run to store communication sockets and similar. For these, is is
39 better to use RuntimeDirectory= in their unit files (see
40 systemd.exec(5) for details), if the flexibility provided by tmpfiles.d
41 is not required. The advantages are that the configuration required by
42 the unit is centralized in one place, and that the lifetime of the
43 directory is tied to the lifetime of the service itself. Similarly,
44 StateDirectory=, CacheDirectory=, LogsDirectory=, and
45 ConfigurationDirectory= should be used to create directories under
46 /var/lib/, /var/cache/, /var/log/, and /etc/. tmpfiles.d should be
47 used for files whose lifetime is independent of any service or requires
48 more complicated configuration.
49
51 Each configuration file shall be named in the style of package.conf or
52 package-part.conf. The second variant should be used when it is
53 desirable to make it easy to override just this part of configuration.
54 Files in /etc/tmpfiles.d override files with the same name in
56 /usr/lib/tmpfiles.d and /run/tmpfiles.d. Files in /run/tmpfiles.d
57 override files with the same name in /usr/lib/tmpfiles.d. Packages
58 should install their configuration files in /usr/lib/tmpfiles.d. Files
59 in /etc/tmpfiles.d are reserved for the local administrator, who may
60 use this logic to override the configuration files installed by vendor
61 packages. All configuration files are sorted by their filename in
62 lexicographic order, regardless of which of the directories they reside
63 in. If multiple files specify the same path, the entry in the file with
64 the lexicographically earliest name will be applied. All other
65 conflicting entries will be logged as errors. When two lines are prefix
66 path and suffix path of each other, then the prefix line is always
67 created first, the suffix later (and if removal applies to the line,
68 the order is reversed: the suffix is removed first, the prefix later).
69 Lines that take globs are applied after those accepting no globs. If
70 multiple operations shall be applied on the same file (such as ACL,
71 xattr, file attribute adjustments), these are always done in the same
72 fixed order. Except for those cases, the files/directories are
73 processed in the order they are listed.
74 If the administrator wants to disable a configuration file supplied by
76 the vendor, the recommended way is to place a symlink to /dev/null in
77 /etc/tmpfiles.d/ bearing the same filename.
78
80 The configuration format is one line per path containing type, path,
81 mode, ownership, age, and argument fields:
82 #Type Path Mode User Group Age Argument
84 d /run/user 0755 root root 10d -
85 L /tmp/foobar - - - - /dev/null
86 Fields may be enclosed within quotes and contain C-style escapes.
88 Type
90 The type consists of a single letter and optionally an exclamation mark
91 and/or minus sign.
92 The following line types are understood:
94 f
96 Create a file if it does not exist yet. If the argument parameter
97 is given and the file did not exist yet, it will be written to the
98 file. Does not follow symlinks.
99 F
101 Create or truncate a file. If the argument parameter is given, it
102 will be written to the file. Does not follow symlinks.
103 w
105 Write the argument parameter to a file, if the file exists. Lines
106 of this type accept shell-style globs in place of normal path
107 names. The argument parameter will be written without a trailing
108 newline. C-style backslash escapes are interpreted. Follows
109 symlinks.
110 d
112 Create a directory. The mode and ownership will be adjusted if
113 specified. Contents of this directory are subject to time based
114 cleanup if the age argument is specified.
115 D
117 Similar to d, but in addition the contents of the directory will be
118 removed when --remove is used.
119 e
121 Adjust the mode and ownership of existing directories and remove
122 their contents based on age. Lines of this type accept shell-style
123 globs in place of normal path names. Contents of the directories
124 are subject to time based cleanup if the age argument is specified.
125 If the age argument is "0", contents will be unconditionally
126 deleted every time systemd-tmpfiles --clean is run.
127 For this entry to be useful, at least one of the mode, user, group,
129 or age arguments must be specified, since otherwise this entry has
130 no effect. As an exception, an entry with no effect may be useful
131 when combined with !, see the examples.
132 v
134 Create a subvolume if the path does not exist yet, the file system
135 supports subvolumes (btrfs), and the system itself is installed
136 into a subvolume (specifically: the root directory / is itself a
137 subvolume). Otherwise, create a normal directory, in the same way
138 as d.
139 A subvolume created with this line type is not assigned to any
141 higher-level quota group. For that, use q or Q, which allow
142 creating simple quota group hierarchies, see below.
143 q
145 Create a subvolume or directory the same as v, but assign the
146 subvolume to the same higher-level quota groups as the parent. This
147 ensures that higher-level limits and accounting applied to the
148 parent subvolume also include the specified subvolume. On non-btrfs
149 file systems, this line type is identical to d.
150 If the subvolume already exists, no change to the quota hierarchy
152 is made, regardless of whether the subvolume is already attached to
153 a quota group or not. Also see Q below. See btrfs-qgroup(8) for
154 details about the btrfs quota group concept.
155 Q
157 Create the subvolume or directory the same as v, but assign the new
158 subvolume to a new leaf quota group. Instead of copying the
159 higher-level quota group assignments from the parent as is done
160 with q, the lowest quota group of the parent subvolume is
161 determined that is not the leaf quota group. Then, an
162 "intermediary" quota group is inserted that is one level below this
163 level, and shares the same ID part as the specified subvolume. If
164 no higher-level quota group exists for the parent subvolume, a new
165 quota group at level 255 sharing the same ID as the specified
166 subvolume is inserted instead. This new intermediary quota group is
167 then assigned to the parent subvolume's higher-level quota groups,
168 and the specified subvolume's leaf quota group is assigned to it.
169 Effectively, this has a similar effect as q, however introduces a
171 new higher-level quota group for the specified subvolume that may
172 be used to enforce limits and accounting to the specified subvolume
173 and children subvolume created within it. Thus, by creating
174 subvolumes only via q and Q, a concept of "subtree quotas" is
175 implemented. Each subvolume for which Q is set will get a "subtree"
176 quota group created, and all child subvolumes created within it
177 will be assigned to it. Each subvolume for which q is set will not
178 get such a "subtree" quota group, but it is ensured that they are
179 added to the same "subtree" quota group as their immediate parents.
180 It is recommended to use Q for subvolumes that typically contain
182 further subvolumes, and where it is desirable to have accounting
183 and quota limits on all child subvolumes together. Examples for Q
184 are typically /home or /var/lib/machines. In contrast, q should be
185 used for subvolumes that either usually do not include further
186 subvolumes or where no accounting and quota limits are needed that
187 apply to all child subvolumes together. Examples for q are
188 typically /var or /var/tmp.
189 As with q, Q has no effect on the quota group hierarchy if the
191 subvolume already exists, regardless of whether the subvolume
192 already belong to a quota group or not.
193 p, p+
195 Create a named pipe (FIFO) if it does not exist yet. If suffixed
196 with + and a file already exists where the pipe is to be created,
197 it will be removed and be replaced by the pipe.
198 L, L+
200 Create a symlink if it does not exist yet. If suffixed with + and a
201 file or directory already exists where the symlink is to be
202 created, it will be removed and be replaced by the symlink. If the
203 argument is omitted, symlinks to files with the same name residing
204 in the directory /usr/share/factory/ are created. Note that
205 permissions and ownership on symlinks are ignored.
206 c, c+
208 Create a character device node if it does not exist yet. If
209 suffixed with + and a file already exists where the device node is
210 to be created, it will be removed and be replaced by the device
211 node. It is recommended to suffix this entry with an exclamation
212 mark to only create static device nodes at boot, as udev will not
213 manage static device nodes that are created at runtime.
214 b, b+
216 Create a block device node if it does not exist yet. If suffixed
217 with + and a file already exists where the device node is to be
218 created, it will be removed and be replaced by the device node. It
219 is recommended to suffix this entry with an exclamation mark to
220 only create static device nodes at boot, as udev will not manage
221 static device nodes that are created at runtime.
222 C
224 Recursively copy a file or directory, if the destination files or
225 directories do not exist yet or the destination directory is empty.
226 Note that this command will not descend into subdirectories if the
227 destination directory already exists and is not empty. Instead, the
228 entire copy operation is skipped. If the argument is omitted, files
229 from the source directory /usr/share/factory/ with the same name
230 are copied. Does not follow symlinks.
231 x
233 Ignore a path during cleaning. Use this type to exclude paths from
234 clean-up as controlled with the Age parameter. Note that lines of
235 this type do not influence the effect of r or R lines. Lines of
236 this type accept shell-style globs in place of normal path names.
237 X
239 Ignore a path during cleaning. Use this type to exclude paths from
240 clean-up as controlled with the Age parameter. Unlike x, this
241 parameter will not exclude the content if path is a directory, but
242 only directory itself. Note that lines of this type do not
243 influence the effect of r or R lines. Lines of this type accept
244 shell-style globs in place of normal path names.
245 r
247 Remove a file or directory if it exists. This may not be used to
248 remove non-empty directories, use R for that. Lines of this type
249 accept shell-style globs in place of normal path names. Does not
250 follow symlinks.
251 R
253 Recursively remove a path and all its subdirectories (if it is a
254 directory). Lines of this type accept shell-style globs in place of
255 normal path names. Does not follow symlinks.
256 z
258 Adjust the access mode, user and group ownership, and restore the
259 SELinux security context of a file or directory, if it exists.
260 Lines of this type accept shell-style globs in place of normal path
261 names. Does not follow symlinks.
262 Z
264 Recursively set the access mode, user and group ownership, and
265 restore the SELinux security context of a file or directory if it
266 exists, as well as of its subdirectories and the files contained
267 therein (if applicable). Lines of this type accept shell-style
268 globs in place of normal path names. Does not follow symlinks.
269 t
271 Set extended attributes. Lines of this type accept shell-style
272 globs in place of normal path names. This can be useful for setting
273 SMACK labels. Does not follow symlinks.
274 T
276 Recursively set extended attributes. Lines of this type accept
277 shell-style globs in place of normal path names. This can be useful
278 for setting SMACK labels. Does not follow symlinks.
279 h
281 Set file/directory attributes. Lines of this type accept
282 shell-style globs in place of normal path names.
283 The format of the argument field is [+-=][aAcCdDeijsStTu] . The
285 prefix + (the default one) causes the attribute(s) to be added; -
286 causes the attribute(s) to be removed; = causes the attributes to
287 be set exactly as the following letters. The letters
288 "aAcCdDeijsStTu" select the new attributes for the files, see
289 chattr(1) for further information.
290 Passing only = as argument resets all the file attributes listed
292 above. It has to be pointed out that the = prefix limits itself to
293 the attributes corresponding to the letters listed here. All other
294 attributes will be left untouched. Does not follow symlinks.
295 H
297 Recursively set file/directory attributes. Lines of this type
298 accept shell-style globs in place of normal path names. Does not
299 follow symlinks.
300 a, a+
302 Set POSIX ACLs (access control lists). If suffixed with +, the
303 specified entries will be added to the existing set.
304 systemd-tmpfiles will automatically add the required base entries
305 for user and group based on the access mode of the file, unless
306 base entries already exist or are explicitly specified. The mask
307 will be added if not specified explicitly or already present. Lines
308 of this type accept shell-style globs in place of normal path
309 names. This can be useful for allowing additional access to certain
310 files. Does not follow symlinks.
311 A, A+
313 Same as a and a+, but recursive. Does not follow symlinks.
314 If the exclamation mark is used, this line is only safe to execute
316 during boot, and can break a running system. Lines without the
317 exclamation mark are presumed to be safe to execute at any time, e.g.
318 on package upgrades. systemd-tmpfiles will execute line with an
319 exclamation mark only if option --boot is given.
320 For example:
322 # Make sure these are created by default so that nobody else can
324 d /tmp/.X11-unix 1777 root root 10d
325 # Unlink the X11 lock files
327 r! /tmp/.X[0-9]*-lock
328 The second line in contrast to the first one would break a running
330 system, and will only be executed with --boot.
331 If the minus sign is used, this line failing to run successfully during
333 create (and only create) will not cause the execution of
334 systemd-tmpfiles to return an error.
335 For example:
337 # Modify sysfs but don't fail if we are in a container with a read-only /proc
339 w- /proc/sys/vm/swappiness - - - - 10
340 Note that for all line types that result in creation of any kind of
342 file node (i.e. f/F, d/D/v/q/Q, p, L, c/b and C) leading directories
343 are implicitly created if needed, owned by root with an access mode of
344 0755. In order to create them with different modes or ownership make
345 sure to add appropriate d lines.
346 Path
348 The file system path specification supports simple specifier expansion,
349 see below. The path (after expansion) must be absolute.
350 Mode
352 The file access mode to use when creating this file or directory. If
353 omitted or when set to "-", the default is used: 0755 for directories,
354 0644 for all other file objects. For z, Z lines, if omitted or when set
355 to "-", the file access mode will not be modified. This parameter is
356 ignored for x, r, R, L, t, and a lines.
357 Optionally, if prefixed with "~", the access mode is masked based on
359 the already set access bits for existing file or directories: if the
360 existing file has all executable bits unset, all executable bits are
361 removed from the new access mode, too. Similarly, if all read bits are
362 removed from the old access mode, they will be removed from the new
363 access mode too, and if all write bits are removed, they will be
364 removed from the new access mode too. In addition, the sticky/SUID/SGID
365 bit is removed unless applied to a directory. This functionality is
366 particularly useful in conjunction with Z.
367 User, Group
369 The user and group to use for this file or directory. This may either
370 be a numeric ID or a user/group name. If omitted or when set to "-",
371 the user and group of the user who invokes systemd-tmpfiles is used.
372 For z and Z lines, when omitted or when set to "-", the file ownership
373 will not be modified. These parameters are ignored for x, r, R, L, t,
374 and a lines.
375 Age
377 The date field, when set, is used to decide what files to delete when
378 cleaning. If a file or directory is older than the current time minus
379 the age field, it is deleted. The field format is a series of integers
380 each followed by one of the following suffixes for the respective time
381 units: s, m or min, h, d, w, ms, and us, meaning seconds, minutes,
382 hours, days, weeks, milliseconds, and microseconds, respectively. Full
383 names of the time units can be used too.
384 If multiple integers and units are specified, the time values are
386 summed. If an integer is given without a unit, s is assumed.
387 When the age is set to zero, the files are cleaned unconditionally.
389 The age field only applies to lines starting with d, D, e, v, q, Q, C,
391 x and X. If omitted or set to "-", no automatic clean-up is done.
392 If the age field starts with a tilde character "~", the clean-up is
394 only applied to files and directories one level inside the directory
395 specified, but not the files and directories immediately inside it.
396 The age of a file system entry is determined from its last modification
398 timestamp (mtime), its last access timestamp (atime), and (except for
399 directories) its last status change timestamp (ctime). Any of these
400 three (or two) values will prevent cleanup if it is more recent than
401 the current time minus the age field.
402 Argument
404 For L lines determines the destination path of the symlink. For c and
405 b, determines the major/minor of the device node, with major and minor
406 formatted as integers, separated by ":", e.g. "1:3". For f, F, and w,
407 the argument may be used to specify a short string that is written to
408 the file, suffixed by a newline. For C, specifies the source file or
409 directory. For t and T, determines extended attributes to be set. For a
410 and A, determines ACL attributes to be set. For h and H, determines the
411 file attributes to set. Ignored for all other lines.
412 This field can contain specifiers, see below.
414
416 Specifiers can be used in the "path" and "argument" fields. An unknown
417 or unresolvable specifier is treated as invalid configuration. The
418 following expansions are understood:
419 Table 1. Specifiers available
421 ┌──────────┬─────────────────────┬─────────────────────┐
422 │Specifier │ Meaning │ Details │
423 ├──────────┼─────────────────────┼─────────────────────┤
424 │"%b" │ Boot ID │ The boot ID of the │
425 │ │ │ running system, │
426 │ │ │ formatted as │
427 │ │ │ string. See │
428 │ │ │ random(4) for more │
429 │ │ │ information. │
430 ├──────────┼─────────────────────┼─────────────────────┤
431 │"%C" │ System or user │ In --user mode, │
432 │ │ cache directory │ this is the same as │
433 │ │ │ $XDG_CACHE_HOME, │
434 │ │ │ and /var/cache │
435 │ │ │ otherwise. │
436 ├──────────┼─────────────────────┼─────────────────────┤
437 │"%h" │ User home directory │ This is the home │
438 │ │ │ directory of the │
439 │ │ │ user running the │
440 │ │ │ command. In case of │
441 │ │ │ the system instance │
442 │ │ │ this resolves to │
443 │ │ │ "/root". │
444 ├──────────┼─────────────────────┼─────────────────────┤
445 │"%H" │ Host name │ The hostname of the │
446 │ │ │ running system. │
447 ├──────────┼─────────────────────┼─────────────────────┤
448 │"%L" │ System or user log │ In --user mode, │
449 │ │ directory │ this is the same as │
450 │ │ │ $XDG_CONFIG_HOME │
451 │ │ │ with /log appended, │
452 │ │ │ and /var/log │
453 │ │ │ otherwise. │
454 ├──────────┼─────────────────────┼─────────────────────┤
455 │"%m" │ Machine ID │ The machine ID of │
456 │ │ │ the running system, │
457 │ │ │ formatted as │
458 │ │ │ string. See │
459 │ │ │ machine-id(5) for │
460 │ │ │ more information. │
461 ├──────────┼─────────────────────┼─────────────────────┤
462 │"%S" │ System or user │ In --user mode, │
463 │ │ state directory │ this is the same as │
464 │ │ │ $XDG_CONFIG_HOME, │
465 │ │ │ and /var/lib │
466 │ │ │ otherwise. │
467 ├──────────┼─────────────────────┼─────────────────────┤
468 │"%t" │ System or user │ In --user mode, │
469 │ │ runtime directory │ this is the same │
470 │ │ │ $XDG_RUNTIME_DIR, │
471 │ │ │ and /run otherwise. │
472 ├──────────┼─────────────────────┼─────────────────────┤
473 │"%T" │ Directory for │ This is either /tmp │
474 │ │ temporary files │ or the path │
475 │ │ │ "$TMPDIR", "$TEMP" │
476 │ │ │ or "$TMP" are set │
477 │ │ │ to. │
478 ├──────────┼─────────────────────┼─────────────────────┤
479 │"%g" │ User group │ This is the name of │
480 │ │ │ the group running │
481 │ │ │ the command. In │
482 │ │ │ case of the system │
483 │ │ │ instance this │
484 │ │ │ resolves to "root". │
485 ├──────────┼─────────────────────┼─────────────────────┤
486 │"%G" │ User GID │ This is the numeric │
487 │ │ │ GID of the group │
488 │ │ │ running the │
489 │ │ │ command. In case of │
490 │ │ │ the system instance │
491 │ │ │ this resolves to 0. │
492 ├──────────┼─────────────────────┼─────────────────────┤
493 │"%u" │ User name │ This is the name of │
494 │ │ │ the user running │
495 │ │ │ the command. In │
496 │ │ │ case of the system │
497 │ │ │ instance this │
498 │ │ │ resolves to "root". │
499 ├──────────┼─────────────────────┼─────────────────────┤
500 │"%U" │ User UID │ This is the numeric │
501 │ │ │ UID of the user │
502 │ │ │ running the │
503 │ │ │ command. In case of │
504 │ │ │ the system instance │
505 │ │ │ this resolves to 0. │
506 ├──────────┼─────────────────────┼─────────────────────┤
507 │"%v" │ Kernel release │ Identical to uname │
508 │ │ │ -r output. │
509 ├──────────┼─────────────────────┼─────────────────────┤
510 │"%V" │ Directory for │ This is either │
511 │ │ larger and │ /var/tmp or the │
512 │ │ persistent │ path "$TMPDIR", │
513 │ │ temporary files │ "$TEMP" or "$TMP" │
514 │ │ │ are set to. │
515 ├──────────┼─────────────────────┼─────────────────────┤
516 │"%%" │ Escaped "%" │ Single percent │
517 │ │ │ sign. │
518 └──────────┴─────────────────────┴─────────────────────┘
519
521 Example 1. Create directories with specific mode and ownership
522 screen(1), needs two directories created at boot with specific modes
524 and ownership:
525 # /usr/lib/tmpfiles.d/screen.conf
527 d /run/screens 1777 root screen 10d
528 d /run/uscreens 0755 root screen 10d12h
529 Contents of /run/screens and /run/uscreens will be cleaned up after 10
531 and 10½ days, respectively.
532 Example 2. Create a directory with a SMACK attribute
534 D /run/cups - - - -
536 t /run/cups - - - - security.SMACK64=printing user.attr-with-spaces="foo bar"
537 The directory will be owned by root and have default mode. Its contents
540 are not subject to time based cleanup, but will be obliterated when
541 systemd-tmpfiles --remove runs.
542 Example 3. Create a directory and prevent its contents from cleanup
544 abrt(1), needs a directory created at boot with specific mode and
546 ownership and its content should be preserved from the automatic
547 cleanup applied to the contents of /var/tmp:
548 # /usr/lib/tmpfiles.d/tmp.conf
550 d /var/tmp 1777 root root 30d
551 # /usr/lib/tmpfiles.d/abrt.conf
553 d /var/tmp/abrt 0755 abrt abrt -
554 Example 4. Apply clean up during boot and based on time
556 # /usr/lib/tmpfiles.d/dnf.conf
558 r! /var/cache/dnf/*/*/download_lock.pid
559 r! /var/cache/dnf/*/*/metadata_lock.pid
560 r! /var/lib/dnf/rpmdb_lock.pid
561 e /var/cache/dnf/ - - - 30d
562 The lock files will be removed during boot. Any files and directories
564 in /var/cache/dnf/ will be removed after they have not been accessed in
565 30 days.
566 Example 5. Empty the contents of a cache directory on boot
568 # /usr/lib/tmpfiles.d/krb5rcache.conf
570 e! /var/cache/krb5rcache - - - 0
571 Any files and subdirectories in /var/cache/krb5rcache/ will be removed
573 on boot. The directory will not be created.
574
576 /var/run/ is a deprecated symlink to /run/, and applications should use
577 the latter. systemd-tmpfiles will warn if /var/run/ is used.
578
580 systemd(1), systemd-tmpfiles(8), systemd-delta(1), systemd.exec(5),
581 attr(5), getfattr(1), setfattr(1), setfacl(1), getfacl(1), chattr(1),
582 btrfs-subvolume(8), btrfs-qgroup(8)
583systemd 241 TMPFILES.D(5)