←back to thread

A deep dive into Debian 13 /tmp: What's new, and what to do if you don't like it

(lowendbox.com)
150 points shaunpud | 6 comments | 29 Aug 25 02:39 UTC | HN request time: 0s | source | bottom
Show context
nrdvana ◴[29 Aug 25 04:29 UTC] No.45060203[source]
The third mitigating feature the article forgot to mention is that tmpfs can get paged out to the swap partition. If you drop a large file there and forget it, it will all end up in the swap partition if applications are demanding more memory.
replies(3): >>45060224 #>>45060756 #>>45061403 #
guappa ◴[29 Aug 25 07:57 UTC] No.45061403[source]
Fedora did this long before debian. I remember doing wget of an .iso file on /tmp and my entire wayland session being killed by the OOM killer.

I still think it's a terrible idea.

replies(1): >>45061462 #
1. nolist_policy ◴[29 Aug 25 08:06 UTC] No.45061462[source]
Use `/var/tmp` of you want a disk backed tmp.
replies(1): >>45061925 #
2. 1718627440 ◴[29 Aug 25 09:19 UTC] No.45061925[source]
I thought /var/tmp is for applications while /tmp is for the user.
replies(3): >>45062090 #>>45062856 #>>45062943 #
3. Hendrikto ◴[29 Aug 25 09:48 UTC] No.45062090[source]
> /tmp/

> The place for small temporary files. This directory is usually mounted as a tmpfs instance, and should hence not be used for larger files. (Use /var/tmp/ for larger files.) This directory is usually flushed at boot-up. Also, files that are not accessed within a certain time may be automatically deleted.

Source: https://uapi-group.org/specifications/specs/linux_file_syste...

replies(1): >>45062912 #
4. styanax ◴[29 Aug 25 11:56 UTC] No.45062856[source]
Trivia: CIS Guidelines (security tasks applied to a server to pass an enhanced security audit to be compliant with a standard, in a soundbite) has an item requiring /var/tmp to be a bind mount to /tmp (as well as setting specific security options on /tmp). A server attempting to pass CIS audits (very common in my work-related experience w/Enterprises) may well not have a unique /var/tmp.
5. guappa ◴[29 Aug 25 12:01 UTC] No.45062912{3}[source]
But that was written after the change was made :D
6. throw0101c ◴[29 Aug 25 12:04 UTC] No.45062943[source]
> I thought /var/tmp is for applications while /tmp is for the user.

/tmp is for stuff that is 'absolutely' temporary, in that on many/most systems it is nuked between reboots. /var/tmp is 'relatively' temporary in that applications can put stuff there that they're working on, but if there is a crash, the contents are not deleted and can be recovered across reboots.