temporary files and directories which usually reside
in directories such as <filename>/run</filename>
or <filename>/tmp</filename>.</para>
+
+ <para>Volatile and temporary files and directories are
+ those located in <filename>/run</filename> (and its
+ alias <filename>/var/run</filename>),
+ <filename>/tmp</filename>,
+ <filename>/var/tmp</filename>, the API file systems
+ such as <filename>/sys</filename> or
+ <filename>/proc</filename>, as well as some other
+ directories below <filename>/var</filename>.</para>
+
+ <para>System daemons frequently require private
+ runtime directories below <filename>/run</filename> to
+ place communication sockets and similar in. For these,
+ consider declaring them in their unit files using
+ <varname>RuntimeDirectory=</varname>
+ (see <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details),
+ if this is feasible.</para>
</refsect1>
<refsect1>
d /run/user 0755 root root 10d -
L /tmp/foobar - - - - /dev/null</programlisting>
-
<refsect2>
<title>Type</title>
adjust its access mode, group
and user to the specified
values and reset the SELinux
- label. If it does not exist, do
+ security context. If it does not exist, do
nothing.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>z</varname></term>
<listitem><para>Restore
- SELinux security context label
+ SELinux security context
and set ownership and access
mode of a file or directory if
it exists. Lines of this type
<term><varname>Z</varname></term>
<listitem><para>Recursively
restore SELinux security
- context label and set
+ context and set
ownership and access mode of a
path and all its
subdirectories (if it is a
execute at any time, e.g. on package upgrades.
<command>systemd-tmpfiles</command> will
execute line with an exclamation mark only if
- option <option>--unsafe</option> is given.
+ option <option>--boot</option> is given.
</para>
<para>For example:
- <programlisting>
-# Make sure these are created by default so that nobody else can
+ <programlisting># Make sure these are created by default so that nobody else can
d /tmp/.X11-unix 1777 root root 10d
# Unlink the X11 lock files
-r! /tmp/.X[0-9]*-lock
- </programlisting>
+r! /tmp/.X[0-9]*-lock</programlisting>
The second line in contrast to the first one
would break a running system, and will only be
- executed with <option>--unsafe</option>.</para>
+ executed with <option>--boot</option>.</para>
</refsect2>
<refsect2>
<title>/etc/tmpfiles.d/screen.conf example</title>
<para><command>screen</command> needs two directories created at boot with specific modes and ownership.</para>
- <programlisting>d /var/run/screens 1777 root root 10d
-d /var/run/uscreens 0755 root root 10d12h</programlisting>
+ <programlisting>d /run/screens 1777 root root 10d
+d /run/uscreens 0755 root root 10d12h</programlisting>
</example>
<example>
<title>/etc/tmpfiles.d/abrt.conf example</title>
<para>
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-tmpfiles</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>systemd-delta</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+ <citerefentry><refentrytitle>systemd-delta</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
</para>
</refsect1>
~ianmdlvl / elogind.git / blobdiff