1TMPFILES.D(5) tmpfiles.d TMPFILES.D(5)
2
6 tmpfiles.d - Configuration for creation, deletion and cleaning of
7 volatile and temporary files
8
10 /etc/tmpfiles.d/*.conf
11 /run/tmpfiles.d/*.conf
12 /usr/lib/tmpfiles.d/*.conf
13 ~/.config/user-tmpfiles.d/*.conf
16 $XDG_RUNTIME_DIR/user-tmpfiles.d/*.conf
17 ~/.local/share/user-tmpfiles.d/*.conf
18 ...
19 /usr/share/user-tmpfiles.d/*.conf
20 #Type Path Mode User Group Age Argument
24 f /file/to/create mode user group - content
25 F /file/to/create-or-truncate mode user group - content
26 w /file/to/write-to - - - - content
27 d /directory/to/create-and-cleanup mode user group cleanup-age -
28 D /directory/to/create-and-remove mode user group cleanup-age -
29 e /directory/to/cleanup mode user group cleanup-age -
30 v /subvolume/to/create mode user group - -
31 v /subvolume-or-directory/to/create mode user group - -
32 Q /subvolume/to/create mode user group - -
33 p /fifo/to/create mode user group - -
34 L /symlink/to/create - - - - symlink/target/path
35 c /dev/char-device-to-create mode user group - -
36 b /dev/block-device-to-create mode user group - -
37 # p+, L+, c+, b+ create target unconditionally
38 C /target/to/create - - - - /source/to/copy
39 x /path-or-glob/to/ignore - - - - -
40 X /path-or-glob/to/ignore/recursively - - - - -
41 r /empty/dir/to/remove - - - - -
42 R /dir/to/remove/recursively - - - - -
43 z /path-or-glob/to/adjust/mode mode user group - MAC context
44 Z /path-or-glob/to/adjust/mode/recursively mode user group - MAC context
45 t /path-or-glob/to/set/xattrs - - - - xattrs
46 T /path-or-glob/to/set/xattrs/recursively - - - - xattrs
47 h /path-or-glob/to/set/attrs - - - - file attrs
48 H /path-or-glob/to/set/attrs/recursively - - - - file attrs
49 a /path-or-glob/to/set/acls - - - - POSIX ACLs
50 A /path-or-glob/to/set/acls/recursively - - - - POSIX ACLs
51 # a+, A+ append ACLs
52
54 tmpfiles.d configuration files provide a generic mechanism to define
55 the creation of regular files, directories, pipes, and device nodes,
56 adjustments to their access mode, ownership, attributes, quota
57 assignments, and contents, and finally their time-based removal. It is
58 mostly commonly used for volatile and temporary files and directories
59 (such as those located under /run, /tmp, /var/tmp, the API file systems
60 such as /sys or /proc, as well as some other directories below /var).
61 systemd-tmpfiles uses this configuration to create volatile files and
63 directories during boot and to do periodic cleanup afterwards. See
64 systemd-tmpfiles(5) for the description of
65 systemd-tmpfiles-setup.service, systemd-tmpfiles-cleanup.service, and
66 associated units.
67 System daemons frequently require private runtime directories below
69 /run to store communication sockets and similar. For these, is is
70 better to use RuntimeDirectory= in their unit files (see
71 systemd.exec(5) for details), if the flexibility provided by tmpfiles.d
72 is not required. The advantages are that the configuration required by
73 the unit is centralized in one place, and that the lifetime of the
74 directory is tied to the lifetime of the service itself. Similarly,
75 StateDirectory=, CacheDirectory=, LogsDirectory=, and
76 ConfigurationDirectory= should be used to create directories under
77 /var/lib/, /var/cache/, /var/log/, and /etc/. tmpfiles.d should be
78 used for files whose lifetime is independent of any service or requires
79 more complicated configuration.
80
82 Each configuration file shall be named in the style of package.conf or
83 package-part.conf. The second variant should be used when it is
84 desirable to make it easy to override just this part of configuration.
85 Files in /etc/tmpfiles.d override files with the same name in
87 /usr/lib/tmpfiles.d and /run/tmpfiles.d. Files in /run/tmpfiles.d
88 override files with the same name in /usr/lib/tmpfiles.d. Packages
89 should install their configuration files in /usr/lib/tmpfiles.d. Files
90 in /etc/tmpfiles.d are reserved for the local administrator, who may
91 use this logic to override the configuration files installed by vendor
92 packages. All configuration files are sorted by their filename in
93 lexicographic order, regardless of which of the directories they reside
94 in. If multiple files specify the same path, the entry in the file with
95 the lexicographically earliest name will be applied. All other
96 conflicting entries will be logged as errors. When two lines are prefix
97 path and suffix path of each other, then the prefix line is always
98 created first, the suffix later (and if removal applies to the line,
99 the order is reversed: the suffix is removed first, the prefix later).
100 Lines that take globs are applied after those accepting no globs. If
101 multiple operations shall be applied on the same file (such as ACL,
102 xattr, file attribute adjustments), these are always done in the same
103 fixed order. Except for those cases, the files/directories are
104 processed in the order they are listed.
105 If the administrator wants to disable a configuration file supplied by
107 the vendor, the recommended way is to place a symlink to /dev/null in
108 /etc/tmpfiles.d/ bearing the same filename.
109
111 The configuration format is one line per path containing type, path,
112 mode, ownership, age, and argument fields:
113 #Type Path Mode User Group Age Argument
115 d /run/user 0755 root root 10d -
116 L /tmp/foobar - - - - /dev/null
117 Fields may be enclosed within quotes and contain C-style escapes.
119 Type
121 The type consists of a single letter and optionally an exclamation mark
122 and/or minus sign.
123 The following line types are understood:
125 f
127 Create a file if it does not exist yet. If the argument parameter
128 is given and the file did not exist yet, it will be written to the
129 file. Does not follow symlinks.
130 F
132 Create or truncate a file. If the argument parameter is given, it
133 will be written to the file. Does not follow symlinks.
134 w
136 Write the argument parameter to a file, if the file exists. Lines
137 of this type accept shell-style globs in place of normal path
138 names. The argument parameter will be written without a trailing
139 newline. C-style backslash escapes are interpreted. Follows
140 symlinks.
141 d
143 Create a directory. The mode and ownership will be adjusted if
144 specified. Contents of this directory are subject to time based
145 cleanup if the age argument is specified.
146 D
148 Similar to d, but in addition the contents of the directory will be
149 removed when --remove is used.
150 e
152 Adjust the mode and ownership of existing directories and remove
153 their contents based on age. Lines of this type accept shell-style
154 globs in place of normal path names. Contents of the directories
155 are subject to time based cleanup if the age argument is specified.
156 If the age argument is "0", contents will be unconditionally
157 deleted every time systemd-tmpfiles --clean is run.
158 For this entry to be useful, at least one of the mode, user, group,
160 or age arguments must be specified, since otherwise this entry has
161 no effect. As an exception, an entry with no effect may be useful
162 when combined with !, see the examples.
163 v
165 Create a subvolume if the path does not exist yet, the file system
166 supports subvolumes (btrfs), and the system itself is installed
167 into a subvolume (specifically: the root directory / is itself a
168 subvolume). Otherwise, create a normal directory, in the same way
169 as d.
170 A subvolume created with this line type is not assigned to any
172 higher-level quota group. For that, use q or Q, which allow
173 creating simple quota group hierarchies, see below.
174 q
176 Create a subvolume or directory the same as v, but assign the
177 subvolume to the same higher-level quota groups as the parent. This
178 ensures that higher-level limits and accounting applied to the
179 parent subvolume also include the specified subvolume. On non-btrfs
180 file systems, this line type is identical to d.
181 If the subvolume already exists, no change to the quota hierarchy
183 is made, regardless of whether the subvolume is already attached to
184 a quota group or not. Also see Q below. See btrfs-qgroup(8) for
185 details about the btrfs quota group concept.
186 Q
188 Create the subvolume or directory the same as v, but assign the new
189 subvolume to a new leaf quota group. Instead of copying the
190 higher-level quota group assignments from the parent as is done
191 with q, the lowest quota group of the parent subvolume is
192 determined that is not the leaf quota group. Then, an
193 "intermediary" quota group is inserted that is one level below this
194 level, and shares the same ID part as the specified subvolume. If
195 no higher-level quota group exists for the parent subvolume, a new
196 quota group at level 255 sharing the same ID as the specified
197 subvolume is inserted instead. This new intermediary quota group is
198 then assigned to the parent subvolume's higher-level quota groups,
199 and the specified subvolume's leaf quota group is assigned to it.
200 Effectively, this has a similar effect as q, however introduces a
202 new higher-level quota group for the specified subvolume that may
203 be used to enforce limits and accounting to the specified subvolume
204 and children subvolume created within it. Thus, by creating
205 subvolumes only via q and Q, a concept of "subtree quotas" is
206 implemented. Each subvolume for which Q is set will get a "subtree"
207 quota group created, and all child subvolumes created within it
208 will be assigned to it. Each subvolume for which q is set will not
209 get such a "subtree" quota group, but it is ensured that they are
210 added to the same "subtree" quota group as their immediate parents.
211 It is recommended to use Q for subvolumes that typically contain
213 further subvolumes, and where it is desirable to have accounting
214 and quota limits on all child subvolumes together. Examples for Q
215 are typically /home or /var/lib/machines. In contrast, q should be
216 used for subvolumes that either usually do not include further
217 subvolumes or where no accounting and quota limits are needed that
218 apply to all child subvolumes together. Examples for q are
219 typically /var or /var/tmp.
220 As with q, Q has no effect on the quota group hierarchy if the
222 subvolume already exists, regardless of whether the subvolume
223 already belong to a quota group or not.
224 p, p+
226 Create a named pipe (FIFO) if it does not exist yet. If suffixed
227 with + and a file already exists where the pipe is to be created,
228 it will be removed and be replaced by the pipe.
229 L, L+
231 Create a symlink if it does not exist yet. If suffixed with + and a
232 file or directory already exists where the symlink is to be
233 created, it will be removed and be replaced by the symlink. If the
234 argument is omitted, symlinks to files with the same name residing
235 in the directory /usr/share/factory/ are created. Note that
236 permissions and ownership on symlinks are ignored.
237 c, c+
239 Create a character device node if it does not exist yet. If
240 suffixed with + and a file already exists where the device node is
241 to be created, it will be removed and be replaced by the device
242 node. It is recommended to suffix this entry with an exclamation
243 mark to only create static device nodes at boot, as udev will not
244 manage static device nodes that are created at runtime.
245 b, b+
247 Create a block device node if it does not exist yet. If suffixed
248 with + and a file already exists where the device node is to be
249 created, it will be removed and be replaced by the device node. It
250 is recommended to suffix this entry with an exclamation mark to
251 only create static device nodes at boot, as udev will not manage
252 static device nodes that are created at runtime.
253 C
255 Recursively copy a file or directory, if the destination files or
256 directories do not exist yet or the destination directory is empty.
257 Note that this command will not descend into subdirectories if the
258 destination directory already exists and is not empty. Instead, the
259 entire copy operation is skipped. If the argument is omitted, files
260 from the source directory /usr/share/factory/ with the same name
261 are copied. Does not follow symlinks.
262 x
264 Ignore a path during cleaning. Use this type to exclude paths from
265 clean-up as controlled with the Age parameter. Note that lines of
266 this type do not influence the effect of r or R lines. Lines of
267 this type accept shell-style globs in place of normal path names.
268 X
270 Ignore a path during cleaning. Use this type to exclude paths from
271 clean-up as controlled with the Age parameter. Unlike x, this
272 parameter will not exclude the content if path is a directory, but
273 only directory itself. Note that lines of this type do not
274 influence the effect of r or R lines. Lines of this type accept
275 shell-style globs in place of normal path names.
276 r
278 Remove a file or directory if it exists. This may not be used to
279 remove non-empty directories, use R for that. Lines of this type
280 accept shell-style globs in place of normal path names. Does not
281 follow symlinks.
282 R
284 Recursively remove a path and all its subdirectories (if it is a
285 directory). Lines of this type accept shell-style globs in place of
286 normal path names. Does not follow symlinks.
287 z
289 Adjust the access mode, user and group ownership, and restore the
290 SELinux security context of a file or directory, if it exists.
291 Lines of this type accept shell-style globs in place of normal path
292 names. Does not follow symlinks.
293 Z
295 Recursively set the access mode, user and group ownership, and
296 restore the SELinux security context of a file or directory if it
297 exists, as well as of its subdirectories and the files contained
298 therein (if applicable). Lines of this type accept shell-style
299 globs in place of normal path names. Does not follow symlinks.
300 t
302 Set extended attributes, see attr(5) for details. The argument
303 field should take one or more assignment expressions in the form
304 namespace.attribute=value, for examples see below. Lines of this
305 type accept shell-style globs in place of normal path names. This
306 can be useful for setting SMACK labels. Does not follow symlinks.
307 Please note that extended attributes settable with this line type
309 are a different concept from the Linux file attributes settable
310 with h/H, see below.
311 T
313 Same as t, but operates recursively.
314 h
316 Set Linux file/directory attributes. Lines of this type accept
317 shell-style globs in place of normal path names.
318 The format of the argument field is [+-=][aAcCdDeijPsStTu]. The
320 prefix + (the default one) causes the attribute(s) to be added; -
321 causes the attribute(s) to be removed; = causes the attributes to
322 be set exactly as the following letters. The letters
323 "aAcCdDeijPsStTu" select the new attributes for the files, see
324 chattr(1) for further information.
325 Passing only = as argument resets all the file attributes listed
327 above. It has to be pointed out that the = prefix limits itself to
328 the attributes corresponding to the letters listed here. All other
329 attributes will be left untouched. Does not follow symlinks.
330 Please note that the Linux file attributes settable with this line
332 type are a different concept from the extended attributes settable
333 with t/T, see above.
334 H
336 Sames as h, but operates recursively.
337 a, a+
339 Set POSIX ACLs (access control lists), see acl(5). If suffixed with
340 +, the specified entries will be added to the existing set.
341 systemd-tmpfiles will automatically add the required base entries
342 for user and group based on the access mode of the file, unless
343 base entries already exist or are explicitly specified. The mask
344 will be added if not specified explicitly or already present. Lines
345 of this type accept shell-style globs in place of normal path
346 names. This can be useful for allowing additional access to certain
347 files. Does not follow symlinks.
348 A, A+
350 Same as a and a+, but recursive. Does not follow symlinks.
351 If the exclamation mark is used, this line is only safe to execute
353 during boot, and can break a running system. Lines without the
354 exclamation mark are presumed to be safe to execute at any time, e.g.
355 on package upgrades. systemd-tmpfiles will execute line with an
356 exclamation mark only if option --boot is given.
357 For example:
359 # Make sure these are created by default so that nobody else can
361 d /tmp/.X11-unix 1777 root root 10d
362 # Unlink the X11 lock files
364 r! /tmp/.X[0-9]*-lock
365 The second line in contrast to the first one would break a running
367 system, and will only be executed with --boot.
368 If the minus sign is used, this line failing to run successfully during
370 create (and only create) will not cause the execution of
371 systemd-tmpfiles to return an error.
372 For example:
374 # Modify sysfs but don't fail if we are in a container with a read-only /proc
376 w- /proc/sys/vm/swappiness - - - - 10
377 Note that for all line types that result in creation of any kind of
379 file node (i.e. f/F, d/D/v/q/Q, p, L, c/b and C) leading directories
380 are implicitly created if needed, owned by root with an access mode of
381 0755. In order to create them with different modes or ownership make
382 sure to add appropriate d lines.
383 Path
385 The file system path specification supports simple specifier expansion,
386 see below. The path (after expansion) must be absolute.
387 Mode
389 The file access mode to use when creating this file or directory. If
390 omitted or when set to "-", the default is used: 0755 for directories,
391 0644 for all other file objects. For z, Z lines, if omitted or when set
392 to "-", the file access mode will not be modified. This parameter is
393 ignored for x, r, R, L, t, and a lines.
394 Optionally, if prefixed with "~", the access mode is masked based on
396 the already set access bits for existing file or directories: if the
397 existing file has all executable bits unset, all executable bits are
398 removed from the new access mode, too. Similarly, if all read bits are
399 removed from the old access mode, they will be removed from the new
400 access mode too, and if all write bits are removed, they will be
401 removed from the new access mode too. In addition, the sticky/SUID/SGID
402 bit is removed unless applied to a directory. This functionality is
403 particularly useful in conjunction with Z.
404 User, Group
406 The user and group to use for this file or directory. This may either
407 be a numeric ID or a user/group name. If omitted or when set to "-",
408 the user and group of the user who invokes systemd-tmpfiles is used.
409 For z and Z lines, when omitted or when set to "-", the file ownership
410 will not be modified. These parameters are ignored for x, r, R, L, t,
411 and a lines.
412 This field should generally only reference system users/groups, i.e.
414 users/groups that are guaranteed to be resolvable during early boot. If
415 this field references users/groups that only become resolveable during
416 later boot (i.e. after NIS, LDAP or a similar networked directory
417 service become available), execution of the operations declared by the
418 line will likely fail. Also see Notes on Resolvability of User and
419 Group Names[1] for more information on requirements on system
420 user/group definitions.
421 Age
423 The date field, when set, is used to decide what files to delete when
424 cleaning. If a file or directory is older than the current time minus
425 the age field, it is deleted. The field format is a series of integers
426 each followed by one of the following suffixes for the respective time
427 units: s, m or min, h, d, w, ms, and us, meaning seconds, minutes,
428 hours, days, weeks, milliseconds, and microseconds, respectively. Full
429 names of the time units can be used too.
430 If multiple integers and units are specified, the time values are
432 summed. If an integer is given without a unit, s is assumed.
433 When the age is set to zero, the files are cleaned unconditionally.
435 The age field only applies to lines starting with d, D, e, v, q, Q, C,
437 x and X. If omitted or set to "-", no automatic clean-up is done.
438 If the age field starts with a tilde character "~", the clean-up is
440 only applied to files and directories one level inside the directory
441 specified, but not the files and directories immediately inside it.
442 The age of a file system entry is determined from its last modification
444 timestamp (mtime), its last access timestamp (atime), and (except for
445 directories) its last status change timestamp (ctime). Any of these
446 three (or two) values will prevent cleanup if it is more recent than
447 the current time minus the age field.
448 Note that while the aging algorithm is run a 'shared' BSD file lock
450 (see flock(2)) is taken on each directory the algorithm descends into
451 (and each directory below that, and so on). If the aging algorithm
452 finds a lock is already taken on some directory, it (and everything
453 below it) is skipped. Applications may use this to temporarily exclude
454 certain directory subtrees from the aging algorithm: the applications
455 can take a BSD file lock themselves, and as long as they keep it aging
456 of the directory and everything below it is disabled.
457 Argument
459 For L lines determines the destination path of the symlink. For c and
460 b, determines the major/minor of the device node, with major and minor
461 formatted as integers, separated by ":", e.g. "1:3". For f, F, and w,
462 the argument may be used to specify a short string that is written to
463 the file, suffixed by a newline. For C, specifies the source file or
464 directory. For t and T, determines extended attributes to be set. For a
465 and A, determines ACL attributes to be set. For h and H, determines the
466 file attributes to set. Ignored for all other lines.
467 This field can contain specifiers, see below.
469
471 Specifiers can be used in the "path" and "argument" fields. An unknown
472 or unresolvable specifier is treated as invalid configuration. The
473 following expansions are understood:
474 Table 1. Specifiers available
476 ┌──────────┬─────────────────────┬─────────────────────┐
477 │Specifier │ Meaning │ Details │
478 ├──────────┼─────────────────────┼─────────────────────┤
479 │"%b" │ Boot ID │ The boot ID of the │
480 │ │ │ running system, │
481 │ │ │ formatted as │
482 │ │ │ string. See │
483 │ │ │ random(4) for more │
484 │ │ │ information. │
485 ├──────────┼─────────────────────┼─────────────────────┤
486 │"%C" │ System or user │ In --user mode, │
487 │ │ cache directory │ this is the same as │
488 │ │ │ $XDG_CACHE_HOME, │
489 │ │ │ and /var/cache │
490 │ │ │ otherwise. │
491 ├──────────┼─────────────────────┼─────────────────────┤
492 │"%h" │ User home directory │ This is the home │
493 │ │ │ directory of the │
494 │ │ │ user running the │
495 │ │ │ command. In case of │
496 │ │ │ the system instance │
497 │ │ │ this resolves to │
498 │ │ │ "/root". │
499 ├──────────┼─────────────────────┼─────────────────────┤
500 │"%H" │ Host name │ The hostname of the │
501 │ │ │ running system. │
502 ├──────────┼─────────────────────┼─────────────────────┤
503 │"%L" │ System or user log │ In --user mode, │
504 │ │ directory │ this is the same as │
505 │ │ │ $XDG_CONFIG_HOME │
506 │ │ │ with /log appended, │
507 │ │ │ and /var/log │
508 │ │ │ otherwise. │
509 ├──────────┼─────────────────────┼─────────────────────┤
510 │"%m" │ Machine ID │ The machine ID of │
511 │ │ │ the running system, │
512 │ │ │ formatted as │
513 │ │ │ string. See │
514 │ │ │ machine-id(5) for │
515 │ │ │ more information. │
516 ├──────────┼─────────────────────┼─────────────────────┤
517 │"%S" │ System or user │ In --user mode, │
518 │ │ state directory │ this is the same as │
519 │ │ │ $XDG_CONFIG_HOME, │
520 │ │ │ and /var/lib │
521 │ │ │ otherwise. │
522 ├──────────┼─────────────────────┼─────────────────────┤
523 │"%t" │ System or user │ In --user mode, │
524 │ │ runtime directory │ this is the same │
525 │ │ │ $XDG_RUNTIME_DIR, │
526 │ │ │ and /run otherwise. │
527 ├──────────┼─────────────────────┼─────────────────────┤
528 │"%T" │ Directory for │ This is either /tmp │
529 │ │ temporary files │ or the path │
530 │ │ │ "$TMPDIR", "$TEMP" │
531 │ │ │ or "$TMP" are set │
532 │ │ │ to. │
533 ├──────────┼─────────────────────┼─────────────────────┤
534 │"%g" │ User group │ This is the name of │
535 │ │ │ the group running │
536 │ │ │ the command. In │
537 │ │ │ case of the system │
538 │ │ │ instance this │
539 │ │ │ resolves to "root". │
540 ├──────────┼─────────────────────┼─────────────────────┤
541 │"%G" │ User GID │ This is the numeric │
542 │ │ │ GID of the group │
543 │ │ │ running the │
544 │ │ │ command. In case of │
545 │ │ │ the system instance │
546 │ │ │ this resolves to 0. │
547 ├──────────┼─────────────────────┼─────────────────────┤
548 │"%u" │ User name │ This is the name of │
549 │ │ │ the user running │
550 │ │ │ the command. In │
551 │ │ │ case of the system │
552 │ │ │ instance this │
553 │ │ │ resolves to "root". │
554 ├──────────┼─────────────────────┼─────────────────────┤
555 │"%U" │ User UID │ This is the numeric │
556 │ │ │ UID of the user │
557 │ │ │ running the │
558 │ │ │ command. In case of │
559 │ │ │ the system instance │
560 │ │ │ this resolves to 0. │
561 ├──────────┼─────────────────────┼─────────────────────┤
562 │"%v" │ Kernel release │ Identical to uname │
563 │ │ │ -r output. │
564 ├──────────┼─────────────────────┼─────────────────────┤
565 │"%V" │ Directory for │ This is either │
566 │ │ larger and │ /var/tmp or the │
567 │ │ persistent │ path "$TMPDIR", │
568 │ │ temporary files │ "$TEMP" or "$TMP" │
569 │ │ │ are set to. │
570 ├──────────┼─────────────────────┼─────────────────────┤
571 │"%%" │ Escaped "%" │ Single percent │
572 │ │ │ sign. │
573 └──────────┴─────────────────────┴─────────────────────┘
574
576 Example 1. Create directories with specific mode and ownership
577 screen(1), needs two directories created at boot with specific modes
579 and ownership:
580 # /usr/lib/tmpfiles.d/screen.conf
582 d /run/screens 1777 root screen 10d
583 d /run/uscreens 0755 root screen 10d12h
584 Contents of /run/screens and /run/uscreens will be cleaned up after 10
586 and 10½ days, respectively.
587 Example 2. Create a directory with a SMACK attribute
589 D /run/cups - - - -
591 t /run/cups - - - - security.SMACK64=printing user.attr-with-spaces="foo bar"
592 The directory will be owned by root and have default mode. Its contents
595 are not subject to time based cleanup, but will be obliterated when
596 systemd-tmpfiles --remove runs.
597 Example 3. Create a directory and prevent its contents from cleanup
599 abrt(1), needs a directory created at boot with specific mode and
601 ownership and its content should be preserved from the automatic
602 cleanup applied to the contents of /var/tmp:
603 # /usr/lib/tmpfiles.d/tmp.conf
605 d /var/tmp 1777 root root 30d
606 # /usr/lib/tmpfiles.d/abrt.conf
608 d /var/tmp/abrt 0755 abrt abrt -
609 Example 4. Apply clean up during boot and based on time
611 # /usr/lib/tmpfiles.d/dnf.conf
613 r! /var/cache/dnf/*/*/download_lock.pid
614 r! /var/cache/dnf/*/*/metadata_lock.pid
615 r! /var/lib/dnf/rpmdb_lock.pid
616 e /var/cache/dnf/ - - - 30d
617 The lock files will be removed during boot. Any files and directories
619 in /var/cache/dnf/ will be removed after they have not been accessed in
620 30 days.
621 Example 5. Empty the contents of a cache directory on boot
623 # /usr/lib/tmpfiles.d/krb5rcache.conf
625 e! /var/cache/krb5rcache - - - 0
626 Any files and subdirectories in /var/cache/krb5rcache/ will be removed
628 on boot. The directory will not be created.
629
631 /var/run/ is a deprecated symlink to /run/, and applications should use
632 the latter. systemd-tmpfiles will warn if /var/run/ is used.
633
635 systemd(1), systemd-tmpfiles(8), systemd-delta(1), systemd.exec(5),
636 attr(5), getfattr(1), setfattr(1), setfacl(1), getfacl(1), chattr(1),
637 btrfs-subvolume(8), btrfs-qgroup(8)
638
640 1. Notes on Resolvability of User and Group Names
641 https://systemd.io/UIDS-GIDS.html#notes-on-resolvability-of-user-and-group-names
642systemd 243 TMPFILES.D(5)