Bug 782539
Summary: | Propose that you turn on PrivateTmp=true in service file for varnishd | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Daniel Walsh <dwalsh> |
Component: | varnish | Assignee: | Ingvar Hagelund <ingvar> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | rawhide | CC: | ingvar |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | varnish-3.0.2-2.fc17 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2012-03-18 00:48:19 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 782466 |
Description
Daniel Walsh
2012-01-17 16:03:26 UTC
Any change on this bug. We are coming up to Feature Freeze, and would like some comment on this bug. If you do not believe this application uses /tmp than please comment on this and close the bug. If you believe this application needs to use /tmp to communicate with other applications or users then you can close this bug with that comment. If your app does not use systemd, then close this bug with that comment. If you have no idea, then please add a comment, and change the bug to assigned. I need to update the status on this feature. Thanks for your help. In its fedora package, varnish should not use /tmp, but it may be configured to do so. It does not need to share any data with its surroundings, so a private /tmp should be safe. I'll look into this. Ingvar Just adding PrivateTmp=true works with no changes to the config. If I change the config to use /tmp instead of /var/lib/varnish, a new private tmp catalog is created in /tmp/systemd-namespace-[some_uniq_tmpdir] every time varnish is restarted. This seems by design, but I need some way to clear up. varnish may reserve several GB to its file backing store, so after a few restarts, a lot of space on /tmp may be filled up. With a bit afterthought: If the user changes this kind of config, he probably knows very well what he is doing and why, so keeping the default to /var/lib/varnish, and adding PrivateTmp=true should be safe. The only other file stored in /tmp is an anonymous file handle used some time during startup. It is automatically cleared away and works without problems with PrivateTmp=true. varnish-3.0.2-2.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/varnish-3.0.2-2.fc17 Package varnish-3.0.2-2.fc17: * should fix your issue, * was pushed to the Fedora 17 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing varnish-3.0.2-2.fc17' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-3672/varnish-3.0.2-2.fc17 then log in and leave karma (feedback). varnish-3.0.2-2.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report. |