ConfigServer Firewall LFD Breaks tmpwatch on Linux servers

The issue was that old/stale tmp files are not getting cleaned by tmpwatch. This is because CSF/LFD regularly reads all tmp files scanning for trojans and other exploits, thus changing the ‘last access’ time so tmpwatch wouldn’t delete anything.

I wrote a script to manually clean out session that are over 7 days old. Other files will linger like sockets, and a few others, but the space consumed is negligible.

# Clean out /tmp manually since CSF+LFD breaks tmpwatch.
find /tmp -mtime +7 -name *sess_* -type f -print0 | xargs -0 rm
find /tmp -mtime +7 -name php* -type f -print0 | xargs -0 rm

I set it up as a bash script and set up a daily cron:

0 0 * * * /root/ > /dev/null 2>&1

Comments are closed.