diff options
author | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2020-10-03 11:51:49 +0200 |
---|---|---|
committer | Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> | 2020-10-05 18:38:35 +0200 |
commit | 422128b46d9b5820e46fd30b02de65623373935b (patch) | |
tree | 8b0a82f3febb4ae6d54c8d607f7104872d8bb577 /man/file-hierarchy.xml | |
parent | 278c13431b21114778315558fa5041b950d63bc3 (diff) | |
download | systemd-422128b46d9b5820e46fd30b02de65623373935b.tar.gz |
man: use paragraphs in descriptions of /tmp and /var/tmp
We have three somewhat separate ideas: what the directory is for, what $TMPDIR is for, and security considerations.
Let's use paragraphs.
Also, conjunctions in titles aren't capitalized usually.
Diffstat (limited to 'man/file-hierarchy.xml')
-rw-r--r-- | man/file-hierarchy.xml | 53 |
1 files changed, 29 insertions, 24 deletions
diff --git a/man/file-hierarchy.xml b/man/file-hierarchy.xml index 48114394c4..2c80c2c1a9 100644 --- a/man/file-hierarchy.xml +++ b/man/file-hierarchy.xml @@ -127,20 +127,23 @@ <term><filename>/tmp/</filename></term> <listitem><para>The place for small temporary files. This directory is usually mounted as a <literal>tmpfs</literal> instance, and should hence not be used for larger files. (Use - <filename>/var/tmp/</filename> for larger files.) Since the directory is accessible to other users of - the system, it is essential that this directory is only written to with the <citerefentry - project='man-pages'><refentrytitle>mkstemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>, - <citerefentry - project='man-pages'><refentrytitle>mkdtemp</refentrytitle><manvolnum>3</manvolnum></citerefentry> and - related calls. This directory is usually flushed at boot-up. Also, files that are not accessed within - a certain time are usually automatically deleted. If applications find the environment variable - <varname>$TMPDIR</varname> set, they should prefer using the directory specified in it over directly - referencing <filename>/tmp/</filename> (see <citerefentry + <filename>/var/tmp/</filename> for larger files.) This directory is usually flushed at boot-up. Also, + files that are not accessed within a certain time may be automatically deleted.</para> + + <para>If applications find the environment variable <varname>$TMPDIR</varname> set, they should use + the directory specified in it instead of <filename>/tmp/</filename> (see <citerefentry project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry> and <ulink url="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_03">IEEE - Std 1003.1</ulink> for details). For further details about this directory, see <ulink - url="https://systemd.io/TEMPORARY_DIRECTORIES">Using /tmp/ And /var/tmp/ - Safely</ulink>.</para></listitem> + Std 1003.1</ulink> for details).</para> + + <para>Since <filename>/tmp/</filename> is accessible to other users of the system, it is essential + that files and subdirectories under this directory are only created with <citerefentry + project='man-pages'><refentrytitle>mkstemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>, + <citerefentry + project='man-pages'><refentrytitle>mkdtemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>, + and similar calls. For more details, see <ulink url="https://systemd.io/TEMPORARY_DIRECTORIES">Using + /tmp/ and /var/tmp/ Safely</ulink>.</para> + </listitem> </varlistentry> </variablelist> @@ -334,20 +337,22 @@ <term><filename>/var/tmp/</filename></term> <listitem><para>The place for larger and persistent temporary files. In contrast to <filename>/tmp/</filename>, this directory is usually mounted from a persistent physical file system - and can thus accept larger files. (Use <filename>/tmp/</filename> for smaller files.) This directory - is generally not flushed at boot-up, but time-based cleanup of files that have not been accessed for - a certain time is applied. The same security restrictions as with <filename>/tmp/</filename> apply, - and hence only <citerefentry + and can thus accept larger files. (Use <filename>/tmp/</filename> for small ephemeral files.) This + directory is generally not flushed at boot-up, but time-based cleanup of files that have not been + accessed for a certain time is applied.</para> + + <para>If applications find the environment variable <varname>$TMPDIR</varname> set, they should use + the directory specified in it instead of <filename>/var/tmp/</filename> (see <citerefentry + project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry> for + details).</para> + + <para>The same security restrictions as with <filename>/tmp/</filename> apply: <citerefentry project='man-pages'><refentrytitle>mkstemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>, <citerefentry - project='man-pages'><refentrytitle>mkdtemp</refentrytitle><manvolnum>3</manvolnum></citerefentry> or - similar calls should be used to make use of this directory. If applications find the environment - variable <varname>$TMPDIR</varname> set, they should prefer using the directory specified in it over - directly referencing <filename>/var/tmp/</filename> (see <citerefentry - project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry> for - details). For further details about this directory, see <ulink - url="https://systemd.io/TEMPORARY_DIRECTORIES">Using /tmp/ And /var/tmp/ - Safely</ulink>.</para></listitem> + project='man-pages'><refentrytitle>mkdtemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>, + and similar calls should be used. For further details about this directory, see <ulink + url="https://systemd.io/TEMPORARY_DIRECTORIES">Using /tmp/ and /var/tmp/ Safely</ulink>.</para> + </listitem> </varlistentry> </variablelist> |