From: Rich Freeman <rich0@gentoo.org>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Re: tmp on tmpfs
Date: Wed, 24 May 2017 12:30:36 -0700 [thread overview]
Message-ID: <CAGfcS_nFxj+Ze5dLuruZgZaaA84BGCkisYYD7Q1FYOQ-_18VEA@mail.gmail.com> (raw)
In-Reply-To: <20170524182146.3926.2A178EC5@matica.foolinux.mooo.com>
On Wed, May 24, 2017 at 11:34 AM, Ian Zimmerman <itz@primate.net> wrote:
> On 2017-05-24 08:00, Kai Krakow wrote:
>
>> Unix semantics suggest that /tmp is not expected to survive reboots
>> anyways (in contrast, /var/tmp is expected to survive reboots), so
>> tmpfs is a logical consequence to use for /tmp.
>
> /tmp is wiped by the bootmisc init job anyway.
>
In general I haven't found anything that is bothered by /var/tmp being
lost on reboot, but obviously that is something you need to be
prepared for if you put it on tmpfs.
One thing that wasn't mentioned is that having /tmp in tmpfs might
also have security benefits depending on what is stored there, since
it won't be written to disk. If you have a filesystem on tmpfs and
your swap is encrypted (which you should consider setting up since it
is essentially "free") then /tmp also becomes a useful dumping ground
for stuff that is decrypted for temporary processing. For example, if
you keep your passwords in a gpg-encrypted file you could copy it to
/tmp, decrypt it there, do what you need to, and then delete it. That
wouldn't leave any recoverable traces of the file.
There are lots of guides about encrypted swap. It is the sort of
thing that is convenient to set up since there is no value in
preserving a swap file across reboots, so you can just generate a
random key on each boot. I suspect that would break down if you're
using hibernation / suspend to disk.
--
Rich
next prev parent reply other threads:[~2017-05-24 19:30 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-24 5:16 [gentoo-user] tmp on tmpfs Ian Zimmerman
2017-05-24 5:34 ` gentoo-user
2017-05-24 6:00 ` [gentoo-user] " Kai Krakow
2017-05-24 17:05 ` Kai Krakow
2017-05-25 18:46 ` [gentoo-user] Puzzled by zswap [Was: tmp on tmpfs] Ian Zimmerman
2017-05-25 19:16 ` [gentoo-user] " Martin Vaeth
2017-05-26 6:00 ` Kai Krakow
2017-05-24 18:34 ` [gentoo-user] Re: tmp on tmpfs Ian Zimmerman
2017-05-24 19:30 ` Rich Freeman [this message]
2017-05-24 21:16 ` Andrew Savchenko
2017-05-24 22:40 ` Rich Freeman
2017-05-25 6:34 ` J. Roeleveld
2017-05-25 11:04 ` Kai Krakow
2017-05-25 12:23 ` Rich Freeman
2017-05-25 14:16 ` J. Roeleveld
2017-05-25 16:06 ` Rich Freeman
2017-05-25 16:28 ` J. Roeleveld
2017-05-25 16:41 ` Rich Freeman
2017-05-25 3:38 ` Kai Krakow
2017-05-25 7:19 ` J. Roeleveld
2017-05-25 3:36 ` Kai Krakow
2017-05-24 17:00 ` [gentoo-user] " R0b0t1
2017-05-24 6:03 ` Andrew Tselischev
2017-05-24 9:34 ` Rich Freeman
2017-05-24 9:43 ` gentoo-user
2017-05-24 9:54 ` Rich Freeman
2017-05-24 12:45 ` Andrew Savchenko
2017-05-25 4:45 ` [gentoo-user] " Martin Vaeth
2017-05-25 7:24 ` Mick
2017-05-25 15:46 ` Martin Vaeth
2017-05-25 22:36 ` [gentoo-user] " Kent Fredric
2017-05-28 10:07 ` Mick
2017-05-31 0:36 ` Kent Fredric
2017-05-31 7:33 ` Mick
2017-05-24 18:46 ` [gentoo-user] " Nikos Chantziaras
-- strict thread matches above, loose matches on Subject: below --
2017-05-29 11:09 [gentoo-user] Kernel did not finding root partition Raphael MD
2017-05-29 11:19 ` Rasmus Thomsen
2017-05-29 17:48 ` [gentoo-user] " Kai Krakow
2017-05-29 18:07 ` Raphael MD
2017-05-29 18:16 ` Neil Bothwick
2017-05-29 19:42 ` Kai Krakow
2017-05-30 8:26 ` Peter Humphrey
2017-05-30 17:08 ` Raphael MD
2017-05-30 18:05 ` Mick
2017-05-30 19:28 ` Kai Krakow
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAGfcS_nFxj+Ze5dLuruZgZaaA84BGCkisYYD7Q1FYOQ-_18VEA@mail.gmail.com \
--to=rich0@gentoo.org \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox