On Wed, May 24, 2017 at 11:34 AM, Ian Zimmerman <i...@primate.net> wrote: > On 2017-05-24 08:00, Kai Krakow wrote: > >> Unix semantics suggest that /tmp is not expected to survive reboots >> anyways (in contrast, /var/tmp is expected to survive reboots), so >> tmpfs is a logical consequence to use for /tmp. > > /tmp is wiped by the bootmisc init job anyway. >
In general I haven't found anything that is bothered by /var/tmp being lost on reboot, but obviously that is something you need to be prepared for if you put it on tmpfs. One thing that wasn't mentioned is that having /tmp in tmpfs might also have security benefits depending on what is stored there, since it won't be written to disk. If you have a filesystem on tmpfs and your swap is encrypted (which you should consider setting up since it is essentially "free") then /tmp also becomes a useful dumping ground for stuff that is decrypted for temporary processing. For example, if you keep your passwords in a gpg-encrypted file you could copy it to /tmp, decrypt it there, do what you need to, and then delete it. That wouldn't leave any recoverable traces of the file. There are lots of guides about encrypted swap. It is the sort of thing that is convenient to set up since there is no value in preserving a swap file across reboots, so you can just generate a random key on each boot. I suspect that would break down if you're using hibernation / suspend to disk. -- Rich
