With CentOS/RHEL 6 there was a function called tmpwatch that was launched /etc/cron.daily/tmpwach This process has changed in CentOS/RHEL 7. There is a system target that runs daily: system-tempfiles-clean.timer. Although tmpwatch does a pretty good job in cleaning out the /tmp or /var/tmp files, it does not by default clean out the /tmp/systemd-private directories as these are secure. There are a couple of ways to handle these “private” directories. Here, will focus on one.
Check which services have PrivateTmp set to true.
grep -R PrivateTmp /etc/systemd/
Select the appropriate service and change the value from “true” to “false”, reload the daemon, and restart the service.