scheduled regular purging of a directory

If none of the more specific forums is the right place to ask

scheduled regular purging of a directory

Postby y2kdis » 2006-01-23 08:03

how do i purge/delete files older than 1 day from a particular directory? i might have to do this every day so i'm assuming this has to be done in cron but i'm clueless as to how to go about it. i don't have any experience yet in linux scripting or setting a cron job so a sample snippet or instructions will be very much appreciated.
y2kdis
 
Posts: 32
Joined: 2005-12-08 10:26

Postby lacek » 2006-01-23 12:43

Here is a crontab entry doing this:
Code: Select all
12 1 * * * root find /the/directory/you/wanna/purge -mtime +1 -exec rm \{\} \;


See the man page of cron, crontab and find for more info.
lacek
Moderator Team Member
 
Posts: 769
Joined: 2004-03-11 18:49
Location: Budapest, Hungary

Postby Jeroen » 2006-01-23 18:38

Please look into 'tmpreaper' program (apt-get or aptitude or synaptic install it), it does what you are looking for, in an easily configureable way -- and also more efficient and more secure. Lacek's solution for example is vulnerabile to a symlink attack, a malicious user with too much time on his hands can get root to remove such files like /etc/passwd, and can't deal with directories.

tmpreaper installs itself in /etc/cron.daily/ automatically, and is configureable via /etc/tmpreaper.conf, but you can run the command 'tmpreaper' from cron manually too.
Jeroen
Debian Developer, Site Admin
Debian Developer, Site Admin
 
Posts: 571
Joined: 2004-04-06 18:19
Location: Utrecht, NL

Postby y2kdis » 2006-01-25 02:04

i tried to install tmpreaper but i came across some errors.
------------------------------------------------------------------------
Preconfiguring packages ...
Can't exec "/tmp/tmpreaper.config.57021": Permission denied at /usr/share/perl/5.8/IPC/Open3.pm line 168.
open2: exec of /tmp/tmpreaper.config.57021 configure failed at /usr/share/perl5/Debconf/ConfModule.pm line 44
tmpreaper failed to preconfigure, with exit status 255
Selecting previously deselected package tmpreaper.
(Reading database ... 22975 files and directories currently installed.)
Unpacking tmpreaper (from .../tmpreaper_1.6.5_i386.deb) ...
Setting up tmpreaper (1.6.5) ...
-------------------------------------------------------------------------

i looks like tmpreaper was installed but it's not working. any idea how to solve this?

by the way, i've pasted below the section of the files that conflicted with the installation. the particular line that threw an error is marked with a comment.

Open3.pm
Code: Select all
    if ($cmd[0] eq '-') { croak "Arguments don't make sense when the command is '-'"
         if @cmd > 1;
         return 0;
     }
     local($")=(" ");
     //NEXT LINE IS 168
     exec @cmd # XXX: wrong process to croak from or croak "$Me: exec of @cmd failed";     
    }


ConfModule.pm
Code: Select all
sub startup {
   my $this=shift;
   my $confmodule=shift;
   $this->frontend->clear;
   $this->busy([]);
   
   my @args=$this->confmodule($confmodule);
   push @args, @_ if @_;
   
   debug developer => "starting ".join(' ',@args);
   //NEXT LINE IS 44
   $this->pid(open2($this->read_handle(FileHandle->new), $this->write_handle(FileHandle->new), @args)) || die $!;
   
  $this->caught_sigpipe('');
  $SIG{PIPE}=sub { $this->caught_sigpipe(128) };
}

y2kdis
 
Posts: 32
Joined: 2005-12-08 10:26

Postby Jeroen » 2006-01-25 02:15

Maybe you've mounted /tmp as noexec?
Jeroen
Debian Developer, Site Admin
Debian Developer, Site Admin
 
Posts: 571
Joined: 2004-04-06 18:19
Location: Utrecht, NL

Postby Guest » 2006-01-25 05:47

Jeroen wrote:Maybe you've mounted /tmp as noexec?



Yay! You were right it's mounted as nosuid,noexec as suggested from another site. Anyway, i temporarily removed the noexec option then installed tmpreaper. No error this time!

After that I edited /etc/tmpreaper.conf to have the ff changes:
age limit for files=1 day
directory to clean='/var/www/out/'
Code: Select all
if [ -n "$TMPTIME" -a "$TMPTIME" -gt 0 ]; then
    TMPREAPER_TIME=${TMPTIME}d
else
    TMPREAPER_TIME=1d
   #I changed the above value from 7d to 1d
fi
# uncomment and change the next line to overrule the /etc/default/rcS value
TMPREAPER_TIME=1d 
#I commented out the above line and change the value from 7d to 1d

TMPREAPER_PROTECT_EXTRA=''
TMPREAPER_DIRS='/var/www/out/.'
#I changed the above value from '/tmp.' to '/var/www/out/.'
TMPREAPER_ADDITIONALOPTIONS=''


Then I re-edited /etc/fstab and set /tmp as noexec again since it's not the target folder now. Did I do the right thing? Also, since I removed /tmp from the tmpreaper configuration I am assuming that whatever application was used to regularly clean that folder before tmpreaper was installed will be associated with it again. I may be wrong though.
Guest
 

Postby y2kdis » 2006-01-25 05:49

Sorry, that was me. I didn't notice I wasn't log in when I made a reply.
y2kdis
 
Posts: 32
Joined: 2005-12-08 10:26

Postby kink » 2006-01-25 13:38

Anonymous wrote:Also, since I removed /tmp from the tmpreaper configuration I am assuming that whatever application was used to regularly clean that folder before tmpreaper was installed will be associated with it again. I may be wrong though.


On a default Debian system, /tmp is not cleaned up automatically, only if you install a thing like tmpreaper. It will be wiped on boot, that's all. So it's actually a good thing to have tmpreaper clear /tmp out regularly.
User avatar
kink
Debian Developer, Site Admin
Debian Developer, Site Admin
 
Posts: 287
Joined: 2006-01-02 16:47
Location: Utrecht, The Netherlands

Postby y2kdis » 2006-01-30 08:02

i included /tmp back on the list but kept the noexec option for it. will tmpreaper work on it even with that setting? tmpreaper had a conflict during installation with noexec option but now that is already installed i wonder if it will be ok to revert back to the original setting. i'm asking basically because i don't know if noexec for a folder is limited to files within it (tmpreaper is installed outside /tmp).
y2kdis
 
Posts: 32
Joined: 2005-12-08 10:26

Postby Jeroen » 2006-01-30 08:08

Once a program is installed, it probably works fine with noexec on /tmp. If not, you'll notice. Installation scripts should fail if there was some error (as tmpreaper did), but it will note that in dpkg's database, and dpkg will retry until it succeeds. If dpkg/apt/whatever don't complain anymore and try again to configure tmpreaper, assume it's installed correctly. Especially if it simply just works when you try it :).

Note though, that noexec on /tmp provides mostly just a false sense of security, while executing scripts and programs is then no longer possible, one can execute scripts (including perl) by using "perl /tmp/scriptname.pl", also, there are typically more world-writeable places on the filesystem ($HOME of most users, /var/tmp). It might help against some very standard scriptkiddie-attacks, but when you've got a human with even a modest brain on the attacking side, you lose anyway if one would otherwise be able to execute a random program in /tmp.
Jeroen
Debian Developer, Site Admin
Debian Developer, Site Admin
 
Posts: 571
Joined: 2004-04-06 18:19
Location: Utrecht, NL


Return to General Questions

Who is online

Users browsing this forum: No registered users and 15 guests

fashionable