Ask Your Question
1

Any mistakes/bugs you can spot on this /tmp reallocation?

asked 2013-07-05 03:28:33 -0500

tezcatl gravatar image

Background: Yesterday I've got a lack of space in /tmp. I don't know the whole background for deciding /tmp to eat my whole RAM space with tmpfs, but I was being unable to run even shell autocompletion, and any new application was very slow (running $ free it showed use of swap growing to almost 90%). Having tinkered with debian systems for disk-space allocation, I thought it'd be painless creating a dedicated partition for /tmp and putting /etc/fstab to automount it.

So wrong... my ext2 partition for /tmp was mounted but I had no permissions, I noticed on tmpfs was mounted with mode=1777 (sticky bit, rwx for everyone, right?), but ext2 had no this option, so I choose to go with ACL for permissions and chmod for sticky bit:

sudo setfacl -d -m u::rwx /tmp

sudo setfacl -d -m g::rwx /tmp

sudo setfacl -d -m o::rwx /tmp

sudo setfacl -m g::rwx /tmp

sudo setfacl -m o::rwx /tmp

sudo chmod +t /tmp

This solved the issue with permissions and lack of space on /tmp, and the use of RAM and swap descended noticeably (less than 50%). However trying to start today apache to start a new project, SELinux blocked the search access on /tmp and I didn't liked any of the solutions proposed by the alert browser.

I don't want to disable SELinux, however its guide on docs was too much theory and almost no advice, instead this howto suggested in other question did the click on my head, and without rebooting my system with autorelabel I'm running now on /tmp without more blocks from SELinux:

$ sudo su

# restorecon -Rv -n tmp #in order to check what was going to be done

# restorecon -Rv tmp

The last bit in this history is:

After reboot, df reports /tmp still mounted with tmpfs filesystem, but mount reports it is mounted on my ext2 partition.

Thanks in advance for your input on this.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2013-08-05 04:20:19 -0500

none gravatar image

Try this to prevent system from mounting tmpfs sudo systemctl mask tmp.mount

I assume that after fixing SELinux, all works fine?

edit flag offensive delete link more

Question Tools

Stats

Asked: 2013-07-05 03:28:33 -0500

Seen: 174 times

Last updated: Aug 05 '13