Automatically clean /tmp or /var/tmp files that are in protected PrivateTmp directories in CentOS / RHEL 7

Contents

With CentOS/RHEL 6 there was a function called tmpwatch that was launched /etc/cron.daily/tmpwach This process has changed in CentOS/RHEL 7. There is a system target that runs daily: system-tempfiles-clean.timer. Although tmpwatch does a pretty good job in cleaning out the /tmp or /var/tmp files, it does not by default clean out the /tmp/systemd-private directories as these are secure.  There are a couple of ways to handle these “private” directories.  Here, will focus on one.

PrviateTmp

Check which services have PrivateTmp set to true.

grep -R PrivateTmp /etc/systemd/

Select the appropriate service and change the value from “true” to “false”, reload the daemon, and restart the service.

Source(s)

  • https://support.plesk.com/hc/en-us/articles/115000063849-Directories-like-tmp-systemd-private-overflow-cause-server-crash-due-to-lack-of-disk-space
  • https://www.thegeekdiary.com/centos-rhel-7-how-tmpfiles-clean-up-tmp-or-var-tmp-replacement-of-tmpwatch/
  • https://unix.stackexchange.com/questions/118754/when-exactly-does-tmpwatch-clear-out-files-i-place-in-tmp