System clean-up is something that should be performed on a regular basis. Depending on the number of users, the amount of use, and disk space limitations, you might need to do it every week, or you might be able to put it off for a few months. But it is important to clean up your server – a full file system can cause critical services to stop or disallow logins.

There are four things to look at that can give you a clean running server easily.

/tmp

/tmp is writable by every user on the system, which can make it vulnerable. Many software programs write temporary files to the /tmp directory, and it can be difficult to determine which files to keep and which to remove.

Applications that are currently being used might have temporary files open, and will crash or cause an error if the files are unexpectedly removed. Or anyone using the application might lose all their work since the last saved point.

If you reboot the server, it removes all temporary files, but you need a good reason to reboot your server, and cleaning /tmp is rarely enough of a reason for a full reboot.

Since /tmp can be written to by anyone, you might think that everyone’s files are vulnerable to removal. But the t at the end of the permissions of /tmp (drwxrwxrwxt) means that only original file owners can remove files. The root user can remove any file, but other users can’t touch them.

To safely remove files from /tmp, you can use a script that looks for files that haven’t been modified for seven days and aren’t currently open. An example of this is:

find /tmp -mtime +7 | egrep -v "`lsof -n +D /tmp | awk 'NR>1 {print $9}'| tr \\n \|`"

/home

The first rule is: Never remove anything from /home without a verified backup.

Users get upset when administrators perform sweeping removals – no matter how necessary they are. A full /home won’t stop critical system operations, but it will annoy your users, who will, in turn, annoy you.

The most effective method for cleaning /home is to notify your users and get them to remove the files. You can run a script that lists all the files users haven’t accessed in over 180 days – if they haven’t used it in six months, it’s a good candidate for archiving or removing.

The script is:

find /Users -atime +180 -type f

A great way to do this is to:

  1. Run the script to get the list of files that should be removed
  2. Warn your users that you plan to get rid of these files, including a date
  3. Back up /home
  4. Give your users a final warning
  5. Remove the files

This way, if a user suddenly realises they need a file, you still have a copy, but you also have a clean /home.

It might be that you need to make changes to this routine – for example, if you can’t delete the files yourself, you can encourage your users to do so. Or you might need to exclude specific subdirectories in /home so that users can retain important documents for later reference. You can also look into setting up file system quotas to ensure that your users take the responsibility for good housekeeping.

/var

The same rules apply to /var as they do to /tmp. Many applications write to a subdirectory of /var, but proceed with caution. Some web servers hold permanent files in /var under /var/www/html – so don’t wipe out an entire web service with an overzealous rm.

There are system cleanup applications, such as tmpreaper and bleachbit, which can help you maintain a clean system.

Cleaning up packages

Package managers are great – you don’t have to spend hours resolving dependencies for software. But they also tend to clutter the file system with old packages, dependencies, and cached files.

For Debian-based systems, run the following commands:

$ sudo apt-get autoclean
$ sudo apt-get clean
$ sudo apt-get autoremove

For Red Hat-based systems:

$ sudo yum autoremove

You can also install the yum-utils package and then issue:

$ package-cleanup -leaves -all

 

What are some of your housekeeping tricks for your server?

Was this article useful? Let others know

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Comments

Please remember that all comments are moderated and any links you paste in your comment will remain as plain text. If your comment looks like spam it will be deleted. We're looking forward to answering your questions and hearing your comments and opinions!

Leave a reply

Comments are closed.

Drop us a line 0330 660 0255 or email sales@heartinternet.uk