mirror of
https://git.FreeBSD.org/src.git
synced 2024-12-16 10:20:30 +00:00
aa5affaf3b
by default, so add a new knob that is on by default, and check that knob in start_precmd so that it can run even if cleaning /tmp is not enabled. This has the advantage of not violating POLA, while still allowing the user to disable this behavior if they wish (for example on a server that will never run X).
49 lines
1000 B
Bash
Executable File
49 lines
1000 B
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
|
|
# PROVIDE: cleartmp
|
|
# REQUIRE: mountcritremote tmp
|
|
# BEFORE: DAEMON
|
|
|
|
. /etc/rc.subr
|
|
|
|
name="cleartmp"
|
|
rcvar=`set_rcvar clear_tmp`
|
|
|
|
start_precmd="${name}_prestart"
|
|
start_cmd="${name}_start"
|
|
|
|
cleartmp_prestart()
|
|
{
|
|
checkyesno clear_tmp_X || return
|
|
|
|
local x11_socket_dirs="/tmp/.X11-unix /tmp/.ICE-unix /tmp/.font-unix /tmp/.XIM-unix"
|
|
|
|
# Remove X lock files, since they will prevent you from restarting X.
|
|
rm -f /tmp/.X[0-9]-lock
|
|
|
|
# Create socket directories with correct permissions to avoid
|
|
# security problem.
|
|
#
|
|
rm -fr ${x11_socket_dirs}
|
|
mkdir -m 1777 ${x11_socket_dirs}
|
|
}
|
|
|
|
cleartmp_start()
|
|
{
|
|
echo "Clearing /tmp."
|
|
#
|
|
# Prune quickly with one rm, then use find to clean up
|
|
# /tmp/[lq]* (this is not needed with mfs /tmp, but
|
|
# doesn't hurt anything).
|
|
#
|
|
(cd /tmp && rm -rf [a-km-pr-zA-Z]* &&
|
|
find -x . ! -name . ! -name lost+found ! -name quota.user \
|
|
! -name quota.group -exec rm -rf -- {} \; -type d -prune)
|
|
}
|
|
|
|
load_rc_config $name
|
|
run_rc_command "$1"
|