Section 1.10. User Downloads Are Overloading Workstations

Previous page
Table of content
Next page

1.10. User Downloads Are Overloading Workstations

As with all annoyances in this book, there is more than one method available to solve problems. In this case, I'll show you how you can keep downloads to a minimum on our selected Linux distributions.

The basic premise is that, as an administrator, you've limited downloads to the /tmp directory. You can further limit user downloads with appropriate quotas as described in "Some User Is Taking Too Much Disk Space" in Chapter 10.

Alternatively, you can extend the scripts shown in this annoyance to the applicable subdirectories for each user.

You can configure the default download directories associated with Internet-related applications such as Firefox. I'll describe the options briefly in Chapter 3. For more information on customizing Firefox for consistent settings, see Firefox Hacks by Nigel McFarlane (O'Reilly).

There may be security vulnerabilities associated with the Linux tools that maintain /tmp. While I believe they've been addressed by the major distributions, the article on this subject is worth reading; it's available from: http://www.bindview.com/Services/Razor/Papers/2002/mkstemp.cfm.


1.10.1. Red Hat/Fedora

The Red Hat/Fedora distributions configure the /usr/sbin/tmpwatch command to check various temporary directories and remove old files as part of a daily cron job in the /etc/cron.daily directory. tmpwatch is a script of three commands that look more complex than they are.

With the -x option, the first command excludes from consideration a number of directories essential to starting the GUI. Then it specifies that files older than 240 hours in the /tmp directory (other than those already excluded) will be deleted.

 /usr/sbin/tmpwatch -x /tmp/.X11-unix -x /tmp/.XIM-unix -x /tmp/.font-unix -x / tmp/.ICE-unix -x /tmp/.Test-unix 240 /tmp

The next command in the script deletes files older than 720 hours from the /var/tmp directory. This directory usually holds temporary configuration files associated with the KDE desktop environment.

 /usr/sbin/tmpwatch 720 /var/tmp

The final command searches through caches of manpages. As a geek, you know that manpages are organized into nine different categories. When a manpage is loaded, it is stored in cache for easier retrieval. If you haven't accessed that manpage in 10 days (720 hours), the cache is purged by the following loop:

 for d in /var/{cache/man,catman}/{cat?,X11R6/cat?,local/cat?}; do  if [ -d "$d" ]; then  /usr/sbin/tmpwatch -f 720 $d fi done

Remember that the ? represents a wildcard for a single character, so the for directive shown covers the /var/cache/man/cat1 through /var/cache/man/cat9 directories.

1.10.2. SUSE

SUSE Linux manages temporary files through a daily cron job in the /etc/cron.daily directory, known as suse.de-clean-tmp. It's a substantial script that depends on directives set in the /etc/sysconfig/cron configuration file. Generally, you won't need to change anything in the cron job; just modify the /etc/sysconfig/cron as needed. This configuration file includes the directives defined in Table 1-10.

Table 1-10. SUSE tmp management directives

Directive

Description

MAX_DAYS_IN_TMP

By default, SUSE sets this to 0, which retains all files in /tmp directories; this directive is associated with the TMP_DIRS_TO_CLEAR directive.

MAX_DAYS_IN_LONG_TMP

By default, SUSE sets this to 0, which retains all files in the directory defined by the LONG_TMP_DIRS_TO_CLEAR directive.

TMP_DIRS_TO_CLEAR

Normally set to /tmp.

LONG_TMP_DIRS_TO_CLEAR

Set to the directory of your choice; commonly used for /var/tmp.

OWNER_TO_KEEP_IN_TMP

Specifies the owner for files to be retained; commonly assigned to root, which retains the files in /tmp required for the GUI.

CLEAR_TMP_DIRS_AT_BOOTUP

Normally set to no; if set to yes, deletes all files from the /tmp directories (including those owned by the root user). Don't change unless you're not using a GUI.

REINIT_MANDB

Configures re-creation of the manpage database; normally set to yes.

DELETE_OLD_CATMAN

Deletes preformatted manpages, as stored in /var/catman directory; normally set to yes.

CATMAN_ATIME

Specifies a time after which preformatted manpages are deleted.

DELETE_OLD_CORE

Deletes older databases of files created with the updatedb command; don't change unless you have installed the findutils-locate RPM.

MAX_DAYS_FOR_CORE

Specifies a maximum age for file databases, in days.


The tmpwatch RPM is no longer available for SUSE Linux. As of SUSE 9.2, the appropriate script is now part of the SUSE aaa_base RPM.


1.10.3. Debian

Debian Linux configures the /usr/sbin/tmpreaper command as part of a daily cron job in the /etc/cron.daily directory. It depends on settings that you can configure in /etc/tmpreaper.conf and /etc/default/rcS. I'll examine both the configuration files and the script.

The /etc/default/rcS file is key to a number of configuration files associated with the boot process. The default version of this file includes one related directive:

 TMPTIME=0

This specifies the time that files are stored in /tmp in days. The default of 0 specifies that files in /tmp are stored per the TMPREAPER_TIME directive in /etc/tmpreaper.conf.

Now examine the /etc/tmpreaper.conf configuration file, as that is where you can set the directives used in the /etc/cron.daily/tmpreaper cron job. This configuration file includes directives as defined in Table 1-11.

Table 1-11. Debian /etc/tmpreaper.conf management directives

Directive

Description

SHOWWARNING

Related to the README.security.gz warning in the /usr/share/doc/tmpreaper directory.

TMPREAPER_TIME

If TMPTIME is not set in /etc/default/rcS, this directive determines how long files are stored in /tmp.

TMPREAPER_PROTECT_EXTRA

Lets you specify file patterns to protect from deletion; some are already protected in the default tmpreaper cron job.

TMPREAPER_DIRS

Specifies the directories to apply the tmpreaper cron job.

TMPREAPER_ADDITIONALOPTIONS

Sets additional options to pass to the tmpreaper command.


These directives are applied to the tmpreaper cron job in the first few lines of the script. First, this stanza makes sure that the tmpreaper command exists:

 if ! [ -x /usr/sbin/tmpreaper ]; then exit 0 fi

The next stanza checks for and then uses the /etc/tmpreaper.conf configuration file:

 if [ -s /etc/tmpreaper.conf ]; then . /etc/tmpreaper.conf fi

The script then checks key directives; the default TMPREAPER_TIME is seven days, and the default TMPREAPER_DIRS is /tmp.

 TMPREAPER_TIME=${TMPREAPER_TIME:-7d} TMPREAPER_PROTECT_EXTRA=${TMPREAPER_PROTECT_EXTRA:-''} TMPREAPER_DIRS=${TMPREAPER_DIRS:-'/tmp/.'}

Finally, the script is run, with a lowered priority (courtesy of nice -n10) to help prevent this job from interfering with other running processes. It avoids deleting directories critical to the running of the Linux GUI.


Previous page
Table of content
Next page
Linux Annoyances for Geeks
Linux Annoyances for Geeks: Getting the Most Flexible System in the World Just the Way You Want It
ISBN: 0596008015
EAN: 2147483647
Year: 2004
Pages: 144
Authors: Michael Jang
BUY ON AMAZON
Oracle Developer Forms Techniques
Adobe After Effects 7.0 Studio Techniques
A Practitioners Guide to Software Test Design
Special Edition Using Crystal Reports 10
Microsoft WSH and VBScript Programming for the Absolute Beginner
Quantitative Methods in Project Management
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy