On Tue, 7 May 2024 at 22:57, Russ Allbery <r...@debian.org> wrote: > > Richard Lewis <richard.lewis.deb...@googlemail.com> writes: > > Luca Boccassi <bl...@debian.org> writes: > > >> what would break where, and how to fix it? > > > Another one for you to investigate: I believe apt source and 'apt-get > > source' download and extract things into /tmp, as in the mmdebootstap > > example mentioned by someone else, this will create "old" files that > > could immediately be flagged for deletion causing surprises. > > > (People restoring from backups might also find this an issue) > > systemd-tmpfiles respects atime and ctime by default, not just mtime, so I > think this would only be a problem on file systems that didn't support > those attributes. atime is often turned off, but I believe support for > ctime is fairly universal among the likely file systems for /var/tmp, and > I believe tmpfs supports all three. (I'm not 100% sure, though, so please > correct me if I'm wrong.)
Yes atime/ctime are used too, so things that are really in the process of being used are not really an issue. I checked screen and even in bookworm it uses /run/screen/ as you said, so it's fine. I checked tmux and indeed it uses /tmp/tmux-UID/ - which is a terrible choice given it's predictable so if something manages to run first it can hijack it, but that's really a pre-existing issue. I've filed a bug to notify that it needs to start flocking the file in /tmp/ while running to avoid them being deleted while in use.
