/tmp should be tmpfs in RAM

Registered by Dustin Kirkland  on 2009-04-24

In Ubuntu, we clear /tmp on every boot.

As such, on most systems, /tmp should actually be a tmpfs entirely in RAM.

This has several advantages, mainly:
 * Performance - much faster read/write access to data in /tmp
 * Security - sensitive data would be cleared from memory on boot, rather than written (leaked) to disk -- important for encryption scenarios

Note that encrypted-swap is also important to this blueprint! As /tmp filled, and data was swapped to disk, you'd want to ensure that the data swapping to disk is encrypted.



Blueprint information

Robbie Williamson
Scott James Remnant (Canonical)
Scott James Remnant (Canonical)
Series goal:
Proposed for lucid
Milestone target:
Started by
Scott James Remnant (Canonical) on 2009-11-19

Related branches



Discussion Points:
 * Minimum RAM size for this to be useful?
 * Dynamically scalable swapfiles
 * Other considerations for this to provide "additional security"?
-- Dustin Kirkland

  * Some webapps use /tmp to store files, as they are being uploaded, when a file is too large to fit in RAM. Issues will probably come up on servers that use a ram-disk for /tmp, if such webapps are installed without modifying (base code, or configuration) them to write their files elsewhere.
    * swap might alleviate this.

 * Yes, swap (ideally, growable swapfiles, see other spec on swapfiles). Also, I think we should provide a toggle-able configuration parameter, that allows an administrator to switch between tmp-on-disk and tmp-in-ram.


re: minimum RAM sizes - my 5 year old laptop had 2GB of RAM, my 8 month old laptop has 4GB. I think memory sizes have grown to the point that this may not be a significant concern. I already use a tmpfs on /tmp on all of my machines. I've also replaced the HDDs with SSDs, and it's even more important there to minimize traffic to the drives. I also have swap disabled by default; because I don't want paging activity to wear out the SSDs prematurely. I only enable swap just before hibernating.
  -- Howard

Notes from UDS Session (Dustin Kirkland)
/tmp as tmpfs

 - blazingly fast
 - faster boot speed (no need to clean out /tmp on boot)
 - security in some cases (can have readonly root, tmp data doesn't hit disk)
 - power savings
 - better for ssd's (actually you want ramfs)

 - much smaller than traditional /tmp

swapd - dynamic swapfiles, configurable, could grow memory to disk as necessary

should preserve ability for admin's to preserve /tmp across boots
 - 2 steps
  * comment out /tmp as tmpfs in /etc/fstab
  * edit /etc/defaults

document how /tmp traditionally works, document how tmpfs works, how to switch back and forth

default install behavior
 - default install should use a single / partition, swapfiles managed by swapd, /tmp as a tmpfs
 - leave things alone

2009-08-27 robbie.w: BLOCKED because of kernel Bug 386554 . Once this bug is resolved we can quickly enabled.

http://pqxx.org/development/swapspace (comparing to swapd and others) “Robustness and user-friendliness are the first priorities in developing this program. For example, all alternatives we looked at perversely needed to allocate multiple chunks of memory in dealing with low-memory situations; allocation failure would typically crash these programs. It turned out that none of these allocations were really necessary, and Swapspace manages to avoid them categorically.”
 – ion


Work Items