Proposing Fedora Feature for private /tmp and /var/tmp for all systemd services in Fedora 17.

[Lennart Poettering]

On Mon, 07.11.11 14:44, Chris Adams (cmadams at hiwaay.net) wrote:

> Once upon a time, Daniel J Walsh <dwalsh at redhat.com> said:
> > I know I just opened a couple of other features on Fedora 17.  I just
> > wanted to open discussion on this about what would be the best way to
> > do this.
> > 
> > * Maybe a bad idea.  Since admins might get confused by different /tmp(s).
> 
> Hmm, one question: is it possible for root to see these alternate tmps?

Yes and no.

Yes, since they are created as subdirectories of the real / with mkdtemp()
and thus can be found there like any other directory if you are running
in the main namespaces.

No, since there's currently no sane way to figure out the private /tmp
directory of a running service. i.e. there's currently no sane way to
figure out which directory in /tmp appears as /tmp to
avahi-daemon.service. So, while you see all the subdirs, you'll have a
hard time to figure out which one is which one.

But we could definitely add this if necessary, as a property on the bus
object of the service, which would then be queriable with "systemctl
show".

Lennart

-- 
Lennart Poettering - Red Hat, Inc.