diff options
author | dougb <dougb@FreeBSD.org> | 2005-12-20 20:36:48 +0000 |
---|---|---|
committer | dougb <dougb@FreeBSD.org> | 2005-12-20 20:36:48 +0000 |
commit | 5a09b5d83f2e95dba9b891c36c6b45f41ebb4c60 (patch) | |
tree | 46ddcb88c60185dea0ff357af454b4171a44c48e /etc | |
parent | 9f22e2f35e36371aa72e2704a4470469c0e9cfff (diff) | |
download | FreeBSD-src-5a09b5d83f2e95dba9b891c36c6b45f41ebb4c60.zip FreeBSD-src-5a09b5d83f2e95dba9b891c36c6b45f41ebb4c60.tar.gz |
Brooks pointed out a potential problem with disabling the X cleaning
by default, so add a new knob that is on by default, and check that
knob in start_precmd so that it can run even if cleaning /tmp is
not enabled. This has the advantage of not violating POLA, while
still allowing the user to disable this behavior if they wish (for
example on a server that will never run X).
Diffstat (limited to 'etc')
-rw-r--r-- | etc/defaults/rc.conf | 1 | ||||
-rwxr-xr-x | etc/rc.d/cleartmp | 27 |
2 files changed, 18 insertions, 10 deletions
diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf index 5239f29f..df0143d 100644 --- a/etc/defaults/rc.conf +++ b/etc/defaults/rc.conf @@ -492,6 +492,7 @@ svr4_enable="NO" # SysVR4 emulation loaded at startup (or NO). osf1_enable="NO" # Alpha OSF/1 emulation loaded at startup (or NO). clear_tmp_enable="NO" # Clear /tmp at startup. +clear_tmp_X="YES" # Clear and recreate X11-related directories in /tmp ldconfig_insecure="NO" # Set to YES to disable ldconfig security checks ldconfig_paths="/usr/lib/compat /usr/X11R6/lib /usr/local/lib /usr/local/lib/compat/pkg" # shared library search paths diff --git a/etc/rc.d/cleartmp b/etc/rc.d/cleartmp index 2220fc4..aa75a14 100755 --- a/etc/rc.d/cleartmp +++ b/etc/rc.d/cleartmp @@ -11,21 +11,15 @@ name="cleartmp" rcvar=`set_rcvar clear_tmp` + +start_precmd="${name}_prestart" start_cmd="${name}_start" -cleartmp_start() +cleartmp_prestart() { + checkyesno clear_tmp_X || return local x11_socket_dirs="/tmp/.X11-unix /tmp/.ICE-unix /tmp/.font-unix /tmp/.XIM-unix" - echo "Clearing /tmp." - # - # Prune quickly with one rm, then use find to clean up - # /tmp/[lq]* (this is not needed with mfs /tmp, but - # doesn't hurt anything). - # - (cd /tmp && rm -rf [a-km-pr-zA-Z]* && - find -x . ! -name . ! -name lost+found ! -name quota.user \ - ! -name quota.group -exec rm -rf -- {} \; -type d -prune) # Remove X lock files, since they will prevent you from restarting X. rm -f /tmp/.X[0-9]-lock @@ -37,5 +31,18 @@ cleartmp_start() mkdir -m 1777 ${x11_socket_dirs} } +cleartmp_start() +{ + echo "Clearing /tmp." + # + # Prune quickly with one rm, then use find to clean up + # /tmp/[lq]* (this is not needed with mfs /tmp, but + # doesn't hurt anything). + # + (cd /tmp && rm -rf [a-km-pr-zA-Z]* && + find -x . ! -name . ! -name lost+found ! -name quota.user \ + ! -name quota.group -exec rm -rf -- {} \; -type d -prune) +} + load_rc_config $name run_rc_command "$1" |