Can I delete older systemd-private-md32* files in/var/tmp?

I've just found these directories on my ubuntu PC. How do they come about?

/var/tmp/systemd-private-762c8e6ced154b18ac76720c2c05f2aa-colord.service-fcAgPb
/var/tmp/systemd-private-762c8e6ced154b18ac76720c2c05f2aa-rtkit-daemon.service-iVKzv4
/var/tmp/systemd-private-809e24ac9abd4087b9941b3590575e64-colord.service-KlzdX8
/var/tmp/systemd-private-809e24ac9abd4087b9941b3590575e64-rtkit-daemon.service-mNk1of

The directories each only contain another subdirectory tmp which is always empty.

I mean the filename is kind of self explanatory. systemd probably creates them and they have to do with an rtkit and colord services/demons.

But why does systemd create them? Are these services misconfigured?

Some of these directories are older. Some have a modification time of the last boot.

Can I delete them?


These are the effects of a PrivateTmp setting in a service unit. You will find that your rtkit-daemon.service and colord.service units employ that very setting. For why that is, you will have to consult the people who wrote those service unit files. PrivateTmp is after all a band-aid to cover over security holes left by the ways that some programs use /tmp and /var/tmp (excessively privileged use, failure to avoid symbolic link attacks, overwriting anybody's existing files, easily predictable names, excessively open permissions, and so forth). Maybe the security hole has been fixed.

PrivateTmp is implemented, under the covers, by systemd creating a nonce directory under the target temporary directory, and then mounting it in place of the original as a private mount point seen only by the service process(es).

Leaving such directories lying around used to be a systemd bug, that people worked around with tmpfiles.d snippets of their own. It is claimed to have been fixed in your version of systemd. Of course, these directories also get left around by dirty shutdowns.

You can, of course, delete the ones that aren't currently being used by the relevant services.

Further reading

  • Accumulation of /var/tmp/systemd-private-* directories. Fedora Bug #884344.
  • Andrei Borzenkov (2015-02-23). Maybe SOLUTION, re: back to the 'fix this eternally broken temp file cleanup service' debate. OpenSUSE mailing list.