The issue was that old/stale tmp files are not getting cleaned by tmpwatch. This is because CSF/LFD regularly reads all tmp files scanning for trojans and other exploits, thus changing the ‘last access’ time so tmpwatch wouldn’t delete anything.
I wrote a script to manually clean out session that are over 7 days old. Other files will linger like sockets, and a few others, but the space consumed is negligible.
#!/bin/sh
# Clean out /tmp manually since CSF+LFD breaks tmpwatch.
find /tmp -mtime +7 -name *sess_* -type f -print0 | xargs -0 rm
find /tmp -mtime +7 -name php* -type f -print0 | xargs -0 rmI set it up as a bash script and set up a daily cron:
0 0 * * * /root/cleantmp.sh > /dev/null 2>&1
Comments are closed.