[redhat-lspp] tmpwatch

Janak Desai janak at us.ibm.com
Mon Apr 17 18:35:52 UTC 2006 

tmpwatch is an administrative tool that allows removal of files that
haven't been accessed for a period of time. tmpwatch recursively
traverses a directory to remove temporary files. It can be used for
any directory, however it is most often used for directories such 
as /tmp and /var/tmp.

If polyinstantiation is setup for the admin account as well as for
regular users, tmpwatch will not traverse instances of other users.
I can think of two possible approaches to address this, and I would
appreciate if you could share your thoughts on them or suggest any
other way to handle this. 

1) Update the man page for tmpwatch with a blurb about 
polyinstantiation and instruct the admin to unmount the 
polyinstantiated directory before executing tmpwatch on it. 
Basically educate the admin and don't try and automate any 
unmounting through tmpwatch.

2) Add an option to tmpwatch that will automatically unmount 
admin's instance before recursively traversing the target directory
to remove temporary files. With this approach tmpwatch will have to
become PAM-aware and would need appropriate PAM configuration files.
While this approach appears to be more admin friendly, it can get
useless and confusing if instance directories are not setup to be
subdirectories of the polyinstantiated directory. For example,
this option would be useful if polyinstantiation of /tmp is 
setup as 
       
                   tmp
                  /   \
                 /     \
      tmp.inst-root  tmp.inst-user-joe

Then, when root executes 'tmpwatch /tmp' with an option to traverse 
instances, both tmp.inst-root and tmp.inst-user-joe would be cleaned 
up. However, if polyinstantiation is setup in such a way that 
instance directories are not subdirectories of the polyinstantiated
directory like

               /
            /    \
           /      \
          tmp    instances 
                  /   \
                 /     \
      tmp.inst-root  tmp.inst-user-joe

Then 'tmpwatch /tmp' with an option to traverse instances will only
delete files in /tmp.  

Basically, even if we provide a new option to tmpwatch, the admin
will have to have a good understanding of polyinstantiation and
its setup. I would prefer to educate the admin rather than try
to put intelligence in the command which may or maynot help. Of
course, it also helps that there is less work in option 1) :-). 

Please let me know what you think.

-Janak

More information about the redhat-lspp mailing list