From simon@comsys.ntu-kpi.kiev.ua  Fri Oct  6 09:34:21 2006
Return-Path: <simon@comsys.ntu-kpi.kiev.ua>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id AB5C016A403
	for <FreeBSD-gnats-submit@freebsd.org>; Fri,  6 Oct 2006 09:34:21 +0000 (UTC)
	(envelope-from simon@comsys.ntu-kpi.kiev.ua)
Received: from comsys.ntu-kpi.kiev.ua (comsys.ntu-kpi.kiev.ua [195.245.194.142])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B710543D53
	for <FreeBSD-gnats-submit@freebsd.org>; Fri,  6 Oct 2006 09:34:00 +0000 (GMT)
	(envelope-from simon@comsys.ntu-kpi.kiev.ua)
Received: from pm513-1.comsys.ntu-kpi.kiev.ua (pm513-1.comsys.ntu-kpi.kiev.ua [10.18.52.101])
	(authenticated bits=0)
	by comsys.ntu-kpi.kiev.ua (8.13.7/8.13.7) with ESMTP id k96CbuEE073568
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL)
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 6 Oct 2006 12:37:56 GMT
Received: by pm513-1.comsys.ntu-kpi.kiev.ua (Postfix, from userid 1001)
	id E5F905C040; Fri,  6 Oct 2006 12:37:30 +0300 (EEST)
Message-Id: <20061006093730.GA924@pm513-1.comsys.ntu-kpi.kiev.ua>
Date: Fri, 6 Oct 2006 12:37:30 +0300
From: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>
To: FreeBSD-gnats-submit@freebsd.org
Subject: [patch] rc.d/cleartmp works incorrectly

>Number:         104044
>Category:       bin
>Synopsis:       [patch] rc.d/cleartmp works incorrectly
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    yar
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Oct 06 09:40:18 GMT 2006
>Closed-Date:    Thu Apr 19 22:18:30 GMT 2007
>Last-Modified:  Thu Apr 19 22:18:30 GMT 2007
>Originator:     Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>
>Release:        FreeBSD 6.2-PRERELEASE i386
>Organization:
>Environment:
>Description:

The rc.d/cleartmp script does not remove lost+found, quota.user and
quota.group files in the /tmp directory.  Anyone who has permissions
to write to the /tmp directory can create files or directories with
names lost+found, quota.user or quota.group and cleartmp will not
remove them.

>How-To-Repeat:

Set clear_tmp_enable="YES" in /tmp

% dd if=/dev/zero of=/tmp/quota.user count=10
# /etc/rc.d/cleartmp start
# cd /tmp ; ls -l

>Fix:

What the modified version of cleartmp does:

If clear_tmp_enable="YES", then

1.	Remove as much as possible of files and directories in /tmp using
	rm (in the original version shell patterns are incomplete).

2.	Remove the rest of files in /tmp using find.  Check that lost+found
	is a directory with the owner root.  Check that quota.user and
	quota.group are regular files with the owner root.

3.	If clear_tmp_X="YES", then create X related directories in /tmp
	(in the original version steps 2 and 3 are run in reverse order,
	as the result expressions for find are more complex).

If clear_tmp_enable="NO" and clear_tmp_X="YES", then

1.	Remove X related files and directories.

2.	Create X related directories.

--- cleartmp.orig	Mon Apr 10 16:10:30 2006
+++ cleartmp	Fri Oct  6 11:55:35 2006
@@ -14,43 +14,50 @@
 
 start_cmd="${name}_start"
 
-cleartmp_prestart()
-{
-	checkyesno clear_tmp_X || return
-
-	local x11_socket_dirs="/tmp/.X11-unix /tmp/.ICE-unix /tmp/.font-unix \
-	    /tmp/.XIM-unix"
+x11_socket_dirs="/tmp/.X11-unix /tmp/.ICE-unix /tmp/.font-unix /tmp/.XIM-unix"
 
-	# Remove X lock files, since they will prevent you from restarting X.
-	rm -f /tmp/.X[0-9]-lock
-
-	# Create socket directories with correct permissions to avoid
-	# security problem.
-	#
-	rm -fr ${x11_socket_dirs}
+createtmp_X()
+{
+	# Create X socket directories with correct permissions.
 	mkdir -m 1777 ${x11_socket_dirs}
 }
 
+cleartmp_X()
+{
+	# Remove X lock files, since they will prevent you from restarting X,
+	# and remove other X related directories.
+	rm -fr /tmp/.X[0-9]-lock ${x11_socket_dirs}
+}
+
 cleartmp_start()
 {
 	echo "Clearing /tmp."
-	#
-	#	Prune quickly with one rm, then use find to clean up
-	#	/tmp/[lq]* (this is not needed with mfs /tmp, but
-	#	doesn't hurt anything).
-	#
-	(cd /tmp && rm -rf [a-km-pr-zA-Z]* &&
-	    find -x . ! -name . ! -name lost+found ! -name quota.user \
-		! -name quota.group ! -name .X11-unix ! -name .ICE-unix \
-		! -name .font-unix ! -name .XIM-unix \
+
+	# Try to remove files with rm, then use find to clean up the rest
+	# of files, including those, which do not fit in command line
+	# (this is not needed with mfs /tmp, but doesn't hurt anything).
+	(cd /tmp && rm -rf .[!.] .??* [!lq]* &&
+	    find -x . ! -name . \
+		! \( -name lost+found -type d -user root \) \
+		! \( \( -name quota.user -or -name quota.group \) \
+			-type f -user root \) \
 		-exec rm -rf -- {} \; -type d -prune)
+	if checkyesno clear_tmp_X; then
+		createtmp_X
+	fi
 }
 
 load_rc_config $name
 
 # The clear_tmp_X variable should be tested even if clear_tmp_enable is NO
 case "$1" in
-*start)	cleartmp_prestart ;;
+*start)
+	if ! checkyesno ${rcvar} && checkyesno clear_tmp_X; then
+		echo "Clearing /tmp (X related)."
+		cleartmp_X
+		createtmp_X
+	fi
+	;;
 esac
 
 run_rc_command "$1"
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->freebsd-rc 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Fri Oct 6 12:14:21 UTC 2006 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=104044 

From: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/104044: [patch] rc.d/cleartmp works incorrectly
Date: Mon, 9 Oct 2006 12:07:16 +0300

 Updated version of cleartmp:
 
 1.	Change "rm -rf ..." to "rm -rf -- ..."
 
 2.	Remove cleartmp_X() and createtmp_X() functions.
 
 --- cleartmp.orig	Mon Apr 10 16:10:30 2006
 +++ cleartmp	Mon Oct  9 11:53:07 2006
 @@ -14,43 +14,42 @@
  
  start_cmd="${name}_start"
  
 -cleartmp_prestart()
 -{
 -	checkyesno clear_tmp_X || return
 -
 -	local x11_socket_dirs="/tmp/.X11-unix /tmp/.ICE-unix /tmp/.font-unix \
 -	    /tmp/.XIM-unix"
 -
 -	# Remove X lock files, since they will prevent you from restarting X.
 -	rm -f /tmp/.X[0-9]-lock
 -
 -	# Create socket directories with correct permissions to avoid
 -	# security problem.
 -	#
 -	rm -fr ${x11_socket_dirs}
 -	mkdir -m 1777 ${x11_socket_dirs}
 -}
 +x11_socket_dirs="/tmp/.X11-unix /tmp/.ICE-unix /tmp/.font-unix /tmp/.XIM-unix"
  
  cleartmp_start()
  {
  	echo "Clearing /tmp."
 -	#
 -	#	Prune quickly with one rm, then use find to clean up
 -	#	/tmp/[lq]* (this is not needed with mfs /tmp, but
 -	#	doesn't hurt anything).
 -	#
 -	(cd /tmp && rm -rf [a-km-pr-zA-Z]* &&
 -	    find -x . ! -name . ! -name lost+found ! -name quota.user \
 -		! -name quota.group ! -name .X11-unix ! -name .ICE-unix \
 -		! -name .font-unix ! -name .XIM-unix \
 +
 +	# Try to remove files with rm, then use find to clean up the rest
 +	# of files, including those, which do not fit in command line
 +	# (this is not needed with mfs /tmp, but doesn't hurt anything).
 +	(cd /tmp && rm -rf -- .[!.] .??* [!lq]* &&
 +	    find -x . ! -name . \
 +		! \( -name lost+found -type d -user root \) \
 +		! \( \( -name quota.user -or -name quota.group \) \
 +			-type f -user root \) \
  		-exec rm -rf -- {} \; -type d -prune)
 +
 +	if checkyesno clear_tmp_X; then
 +		# Create X related directories.
 +		mkdir -m 1777 ${x11_socket_dirs}
 +	fi
  }
  
  load_rc_config $name
  
  # The clear_tmp_X variable should be tested even if clear_tmp_enable is NO
  case "$1" in
 -*start)	cleartmp_prestart ;;
 +*start)
 +	if ! checkyesno ${rcvar} && checkyesno clear_tmp_X; then
 +		# Remove X lock files, since they will prevent you from
 +		# restarting X.  Remove other X related directories and
 +		# create them again.
 +		echo "Clearing /tmp (X related)."
 +		rm -fr /tmp/.X[0-9]-lock ${x11_socket_dirs}
 +		mkdir -m 1777 ${x11_socket_dirs}
 +	fi
 +	;;
  esac
  
  run_rc_command "$1"

From: Yar Tikhiy <yar@comp.chem.msu.su>
To: Florent Thoumie <flz@xbsd.org>
Cc: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>, freebsd-rc@freebsd.org,
        bug-followup@freebsd.org
Subject: Re: bin/104044: [patch] rc.d/cleartmp works incorrectly
Date: Mon, 9 Oct 2006 16:07:56 +0400

 On Mon, Oct 09, 2006 at 11:52:30AM +0100, Florent Thoumie wrote:
 > On Mon, 2006-10-09 at 09:10 +0000, Andrey Simonenko wrote:
 > > The following reply was made to PR bin/104044; it has been noted by GNATS.
 > > 
 > > From: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>
 > > To: bug-followup@FreeBSD.org
 > > Cc:  
 > > Subject: Re: bin/104044: [patch] rc.d/cleartmp works incorrectly
 > > Date: Mon, 9 Oct 2006 12:07:16 +0300
 > > 
 > >  Updated version of cleartmp:
 > >  
 > >  1.	Change "rm -rf ..." to "rm -rf -- ..."
 > >  
 > >  2.	Remove cleartmp_X() and createtmp_X() functions.
 > 
 > Haven't tested it yet but the patch looks good to me. Anybody else to
 > have a look?
 
 The patch looks _almost_ good to me.  For the sake of style, I'd
 rather move the clear_tmp_X block to inside the start method.  That
 would require renaming rcvar to, say, rcvar1 and checking it from
 the script.  E.g.:
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 ...
 rcvar1=`set_rcvar clear_tmp`
 ...
 cleartmp_start()
 {
 	if checkyesno ${rcvar1}; then
 		echo "Clearing /tmp."
 		...
 	elif checkyesno clear_tmp_X; then
 		echo "Clearing /tmp (X related)."
 		rm -rf /tmp/.X[0-9]-lock ${x11_socket_dirs}
 	fi
 	if checkyesno clear_tmp_X; then
 		# Recreate X related directories.
 		mkdir -m 1777 ${x11_socket_dirs}
 	fi
 }
 
 run_rc_command "$1"
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 
 My point is that well-behaved rc.d scripts don't do their job outside
 of their methods.
 
 -- 
 Yar

From: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>
To: Yar Tikhiy <yar@comp.chem.msu.su>
Cc: Florent Thoumie <flz@xbsd.org>, bug-followup@freebsd.org
Subject: Re: bin/104044: [patch] rc.d/cleartmp works incorrectly
Date: Tue, 10 Oct 2006 11:26:38 +0300

 Another updated version:
 
 1.	Everything, what belongs to _start method, was moved to
 	cleartmp_start().
 
 2.	Ignore error code from rm and always run find, that is
 	use "rm ... ; find ..." instead of "rm ... && find ...":
 	one can create many files with long names and rm will not
 	be called because of "Argument list too long" error, so
 	find should do all of the work.
 
 --- /usr/src/etc/rc.d/cleartmp	Mon Apr 10 16:10:30 2006
 +++ cleartmp	Tue Oct 10 10:03:07 2006
 @@ -10,47 +10,37 @@
  . /etc/rc.subr
  
  name="cleartmp"
 -rcvar=`set_rcvar clear_tmp`
 -
 +rcvar1=`set_rcvar clear_tmp`
  start_cmd="${name}_start"
  
 -cleartmp_prestart()
 +cleartmp_start()
  {
 -	checkyesno clear_tmp_X || return
 -
  	local x11_socket_dirs="/tmp/.X11-unix /tmp/.ICE-unix /tmp/.font-unix \
  	    /tmp/.XIM-unix"
  
 -	# Remove X lock files, since they will prevent you from restarting X.
 -	rm -f /tmp/.X[0-9]-lock
 -
 -	# Create socket directories with correct permissions to avoid
 -	# security problem.
 -	#
 -	rm -fr ${x11_socket_dirs}
 -	mkdir -m 1777 ${x11_socket_dirs}
 -}
 -
 -cleartmp_start()
 -{
 -	echo "Clearing /tmp."
 -	#
 -	#	Prune quickly with one rm, then use find to clean up
 -	#	/tmp/[lq]* (this is not needed with mfs /tmp, but
 -	#	doesn't hurt anything).
 -	#
 -	(cd /tmp && rm -rf [a-km-pr-zA-Z]* &&
 -	    find -x . ! -name . ! -name lost+found ! -name quota.user \
 -		! -name quota.group ! -name .X11-unix ! -name .ICE-unix \
 -		! -name .font-unix ! -name .XIM-unix \
 -		-exec rm -rf -- {} \; -type d -prune)
 +	if checkyesno ${rcvar1}; then
 +		# Remove files with rm, then use find to clean up the rest
 +		# of files (there can be too many files for command line).
 +		# This is not needed with mfs /tmp, but doesn't hurt anything.
 +		echo "Clearing /tmp."
 +		(cd /tmp && { rm -rf -- .[!.] .??* [!lq]* ;
 +		    find -x . ! -name . \
 +			! \( -name lost+found -type d -user root \) \
 +			! \( \( -name quota.user -or -name quota.group \) \
 +				-type f -user root \) \
 +			-exec rm -rf -- {} \; -type d -prune; }
 +		)
 +	elif checkyesno clear_tmp_X; then
 +		# Remove X lock files, since they will prevent you from
 +		# restarting X.  Remove other X related directories.
 +		echo "Clearing /tmp (X related)."
 +		rm -rf /tmp/.X[0-9]-lock ${x11_socket_dirs}
 +	fi
 +	if checkyesno clear_tmp_X; then
 +		# Create X related directories.
 +		mkdir -m 1777 ${x11_socket_dirs}
 +	fi
  }
  
  load_rc_config $name
 -
 -# The clear_tmp_X variable should be tested even if clear_tmp_enable is NO
 -case "$1" in
 -*start)	cleartmp_prestart ;;
 -esac
 -
  run_rc_command "$1"

From: Yar Tikhiy <yar@comp.chem.msu.su>
To: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>
Cc: Florent Thoumie <flz@xbsd.org>, bug-followup@freebsd.org
Subject: Re: bin/104044: [patch] rc.d/cleartmp works incorrectly
Date: Tue, 10 Oct 2006 14:34:43 +0400

 On Tue, Oct 10, 2006 at 11:26:38AM +0300, Andrey Simonenko wrote:
 > Another updated version:
 > 
 > 1.	Everything, what belongs to _start method, was moved to
 > 	cleartmp_start().
 
 Thanks!
 
 > 2.	Ignore error code from rm and always run find, that is
 > 	use "rm ... ; find ..." instead of "rm ... && find ...":
 > 	one can create many files with long names and rm will not
 > 	be called because of "Argument list too long" error, so
 > 	find should do all of the work.
 
 By the way, did you consider omitting the first rm at all and just
 using "find ... -print0 | xargs -0 rm -rf" ?  The first rm can be
 an optimization as long as we use find with -exec.  OTOH, xargs -0
 would buy us the same performance and robustness without hacks.
 Both find and xargs should be available to cleartmp.  Here's the
 code.  Note "type -d" omitted.
 
 	if checkyesno ${rcvar1}; then
 		# This is not needed with mfs /tmp, but doesn't hurt anything.
 		echo "Clearing /tmp."
 		find -x /tmp/. ! -name . \
 			! \( -name lost+found -type d -user root \) \
 			! \( \( -name quota.user -or -name quota.group \) \
 				-type f -user root \) \
 			-prune -print0 | xargs -0 rm -rf
 	elif ...
 
 Another thought of mine was that cleartmp wouldn't handle files with
 an immutable flag set.  Fortunately, rm -f appears to take care of
 files with uchg while those with schg on them should be left alone.
 So flags aren't an issue.
 
 -- 
 Yar

From: Yar Tikhiy <yar@comp.chem.msu.su>
To: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>
Cc: Florent Thoumie <flz@xbsd.org>, bug-followup@freebsd.org
Subject: Re: bin/104044: [patch] rc.d/cleartmp works incorrectly
Date: Tue, 10 Oct 2006 15:31:35 +0400

 On Tue, Oct 10, 2006 at 02:34:43PM +0400, Yar Tikhiy wrote:
 > 
 > > 2.	Ignore error code from rm and always run find, that is
 > > 	use "rm ... ; find ..." instead of "rm ... && find ...":
 > > 	one can create many files with long names and rm will not
 > > 	be called because of "Argument list too long" error, so
 > > 	find should do all of the work.
 > 
 > By the way, did you consider omitting the first rm at all and just
 > using "find ... -print0 | xargs -0 rm -rf" ?  The first rm can be
 > an optimization as long as we use find with -exec.  OTOH, xargs -0
 > would buy us the same performance and robustness without hacks.
 > Both find and xargs should be available to cleartmp.  Here's the
 > code.  Note "type -d" omitted.
 > 
 > 	if checkyesno ${rcvar1}; then
 > 		# This is not needed with mfs /tmp, but doesn't hurt anything.
 > 		echo "Clearing /tmp."
 > 		find -x /tmp/. ! -name . \
 > 			! \( -name lost+found -type d -user root \) \
 > 			! \( \( -name quota.user -or -name quota.group \) \
 > 				-type f -user root \) \
 > 			-prune -print0 | xargs -0 rm -rf
                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 > 	elif ...
 
 It seems we can use just "-delete" here.  If run as root, find
 deletes entries with funny permissions or flags as well as rm does.
 BTW, find will descend into lost+found and delete its contents in
 both cases (rm w/ -prune, or -delete), which is good IMHO.
 
 -- 
 Yar

From: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>
To: Yar Tikhiy <yar@comp.chem.msu.su>
Cc: Florent Thoumie <flz@xbsd.org>, bug-followup@freebsd.org
Subject: Re: bin/104044: [patch] rc.d/cleartmp works incorrectly
Date: Thu, 12 Oct 2006 13:36:29 +0300

 On Tue, Oct 10, 2006 at 03:31:35PM +0400, Yar Tikhiy wrote:
 > On Tue, Oct 10, 2006 at 02:34:43PM +0400, Yar Tikhiy wrote:
 > > 
 > > > 2.	Ignore error code from rm and always run find, that is
 > > > 	use "rm ... ; find ..." instead of "rm ... && find ...":
 > > > 	one can create many files with long names and rm will not
 > > > 	be called because of "Argument list too long" error, so
 > > > 	find should do all of the work.
 > > 
 > > By the way, did you consider omitting the first rm at all and just
 > > using "find ... -print0 | xargs -0 rm -rf" ?  The first rm can be
 > > an optimization as long as we use find with -exec.  OTOH, xargs -0
 > > would buy us the same performance and robustness without hacks.
 > > Both find and xargs should be available to cleartmp.  Here's the
 > > code.  Note "type -d" omitted.
 > > 
 > > 	if checkyesno ${rcvar1}; then
 > > 		# This is not needed with mfs /tmp, but doesn't hurt anything.
 > > 		echo "Clearing /tmp."
 > > 		find -x /tmp/. ! -name . \
 > > 			! \( -name lost+found -type d -user root \) \
 > > 			! \( \( -name quota.user -or -name quota.group \) \
 > > 				-type f -user root \) \
 > > 			-prune -print0 | xargs -0 rm -rf
 >                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 > > 	elif ...
 > 
 > It seems we can use just "-delete" here.  If run as root, find
 > deletes entries with funny permissions or flags as well as rm does.
 > BTW, find will descend into lost+found and delete its contents in
 > both cases (rm w/ -prune, or -delete), which is good IMHO.
 
 --- cleartmp.orig	Mon Apr 10 16:10:30 2006
 +++ cleartmp	Thu Oct 12 13:08:00 2006
 @@ -10,47 +10,33 @@
  . /etc/rc.subr
  
  name="cleartmp"
 -rcvar=`set_rcvar clear_tmp`
 -
 +rcvar1=`set_rcvar clear_tmp`
  start_cmd="${name}_start"
  
 -cleartmp_prestart()
 +cleartmp_start()
  {
 -	checkyesno clear_tmp_X || return
 -
  	local x11_socket_dirs="/tmp/.X11-unix /tmp/.ICE-unix /tmp/.font-unix \
  	    /tmp/.XIM-unix"
  
 -	# Remove X lock files, since they will prevent you from restarting X.
 -	rm -f /tmp/.X[0-9]-lock
 -
 -	# Create socket directories with correct permissions to avoid
 -	# security problem.
 -	#
 -	rm -fr ${x11_socket_dirs}
 -	mkdir -m 1777 ${x11_socket_dirs}
 -}
 -
 -cleartmp_start()
 -{
 -	echo "Clearing /tmp."
 -	#
 -	#	Prune quickly with one rm, then use find to clean up
 -	#	/tmp/[lq]* (this is not needed with mfs /tmp, but
 -	#	doesn't hurt anything).
 -	#
 -	(cd /tmp && rm -rf [a-km-pr-zA-Z]* &&
 -	    find -x . ! -name . ! -name lost+found ! -name quota.user \
 -		! -name quota.group ! -name .X11-unix ! -name .ICE-unix \
 -		! -name .font-unix ! -name .XIM-unix \
 -		-exec rm -rf -- {} \; -type d -prune)
 +	if checkyesno ${rcvar1}; then
 +		# This is not needed for mfs /tmp, but doesn't hurt anything.
 +		echo "Clearing /tmp."
 +		find -x /tmp/. ! -name . \
 +		    ! \( -name lost+found -type d -user root \) \
 +		    ! \( \( -name quota.user -or -name quota.group \) \
 +			-type f -user root \) \
 +		    -delete
 +	elif checkyesno clear_tmp_X; then
 +		# Remove X lock files, since they will prevent you from
 +		# restarting X.  Remove other X related directories.
 +		echo "Clearing /tmp (X related)."
 +		rm -rf /tmp/.X[0-9]-lock ${x11_socket_dirs}
 +	fi
 +	if checkyesno clear_tmp_X; then
 +		# Create X related directories.
 +		mkdir -m 1777 ${x11_socket_dirs}
 +	fi
  }
  
  load_rc_config $name
 -
 -# The clear_tmp_X variable should be tested even if clear_tmp_enable is NO
 -case "$1" in
 -*start)	cleartmp_prestart ;;
 -esac
 -
  run_rc_command "$1"
 
State-Changed-From-To: open->patched 
State-Changed-By: yar 
State-Changed-When: Mon Oct 16 13:09:21 UTC 2006 
State-Changed-Why:  
The correct version has been committed to HEAD, 
MFC is due in 1 month. 


Responsible-Changed-From-To: freebsd-rc->yar 
Responsible-Changed-By: yar 
Responsible-Changed-When: Mon Oct 16 13:09:21 UTC 2006 
Responsible-Changed-Why:  
The correct version has been committed to HEAD, 
MFC is due in 1 month. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=104044 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/104044: commit references a PR
Date: Mon, 16 Oct 2006 13:02:04 +0000 (UTC)

 yar         2006-10-16 13:01:45 UTC
 
   FreeBSD src repository
 
   Modified files:
     etc/rc.d             cleartmp 
   Log:
   Improve cleartmp in a number of aspects:
   
   + Use rc.subr(8) features properly.
   + Do the whole job of obliterating /tmp contents in find(1).
   + Leave lost+found and quota.{user,group} in /tmp only if root-owned.
   + Make the overall structure clearer by first removing the X dirs
     (perhaps along with the rest of /tmp) and then re-creating them.
   + Use "find -exec rm -rf {} +" for efficiency: each rm instance gets
     a chance to kill as much files in /tmp as ARG_MAX permits.
   
   PR:             bin/104044
   Submitted by:   Andrey Simonenko <see PR for email>
   Hacked by:      yar
   MFC after:      1 month
   
   Revision  Changes    Path
   1.18      +37 -36    src/etc/rc.d/cleartmp
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 

From: Yar Tikhiy <yar@comp.chem.msu.su>
To: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>
Cc: bug-followup@freebsd.org
Subject: Re: bin/104044: [patch] rc.d/cleartmp works incorrectly
Date: Mon, 16 Oct 2006 17:08:51 +0400

 Pardon, it was stupid of me to propose using -delete.  Of course,
 it mustn't be used because it would leave lost+found and quota.*
 in subdirectories under /tmp.  As a punishment, I've just tweaked
 the patched script further, tested it, and committed it to HEAD. :-)
 But I'll delay MFC to after 6.2-RELEASE as discussed earlier.
 
 -- 
 Yar

From: Yar Tikhiy <yar@comp.chem.msu.su>
To: bug-followup@freebsd.org
Cc:  
Subject: Re: bin/104044: rc.d/cleartmp works incorrectly
Date: Wed, 18 Oct 2006 00:48:33 +0400

 Just for the record.
 
 ----- Forwarded message from Yar Tikhiy <yar@comp.chem.msu.su> -----
 
 From: Yar Tikhiy <yar@comp.chem.msu.su>
 To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
 Subject: Re: cvs commit: src/etc/rc.d cleartmp
 Date: Tue, 17 Oct 2006 21:31:33 +0400
 Cc: Maxime Henrion <mux@FreeBSD.org>, Andrzej Tobola <ato@iem.pw.edu.pl>
 
 On Mon, Oct 16, 2006 at 01:01:45PM +0000, Yar Tikhiy wrote:
 > yar         2006-10-16 13:01:45 UTC
 > 
 >   FreeBSD src repository
 > 
 >   Modified files:
 >     etc/rc.d             cleartmp 
 >   Log:
 >   Improve cleartmp in a number of aspects:
 >   
 >   + Use rc.subr(8) features properly.
 >   + Do the whole job of obliterating /tmp contents in find(1).
 >   + Leave lost+found and quota.{user,group} in /tmp only if root-owned.
 >   + Make the overall structure clearer by first removing the X dirs
 >     (perhaps along with the rest of /tmp) and then re-creating them.
 >   + Use "find -exec rm -rf {} +" for efficiency: each rm instance gets
 >     a chance to kill as much files in /tmp as ARG_MAX permits.
 
 I was asked a few times why "-prune -exec rm -rf" had been chosen
 over "-delete".  My initial reason was that -delete would keep
 bogus lost+found and quota.{user,group} entries found in subdirs
 of /tmp.  Well, on second thought, the find command line can be
 tweaked so that -delete works as wanted.  E.g.:
 
                 cd /tmp && find -x . ! -name . \
                     ! \( -path ./lost+found -type d -user root \) \
                     ! \( \( -path ./quota.user -or -path ./quota.group \) \
                         -type f -user root \) \
                     -delete
 
 Note using -path in place of -name.
 
 However, it has recently been found that our fts(3) implementation
 is unable to handle very deep trees -- see PR bin/104458.  While
 the bug hits both rm and find, rm has a better chance to recover
 from it and gain the ability to remove virtually unlimited trees
 while find is doomed to retain much more inherent limitations due
 to its complex nature.  Therefore I'm inclined to keep "-prune
 -exec rm -rf" as a more robust approach, at least potentially.
 So find has only to skim over /tmp while descending to its deeps
 is left to rm.
 
 >   PR:             bin/104044
 >   Submitted by:   Andrey Simonenko <see PR for email>
 >   Hacked by:      yar
 >   MFC after:      1 month
 >   
 >   Revision  Changes    Path
 >   1.18      +37 -36    src/etc/rc.d/cleartmp
 
 -- 
 Yar
 
 ----- End forwarded message -----
 
 -- 
 Yar
State-Changed-From-To: patched->closed 
State-Changed-By: yar 
State-Changed-When: Thu Apr 19 22:15:54 UTC 2007 
State-Changed-Why:  
I merged the fix to STABLE several months ago but forgot to close this PR 
back then. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=104044 
>Unformatted:
