/tmp should be tmpfs in RAM

Registered by Dustin Kirkland  on 2009-04-24

In Ubuntu, we clear /tmp on every boot.

As such, on most systems, /tmp should actually be a tmpfs entirely in RAM.

This has several advantages, mainly:
 * Performance - much faster read/write access to data in /tmp
 * Security - sensitive data would be cleared from memory on boot, rather than written (leaked) to disk -- important for encryption scenarios

Note that encrypted-swap is also important to this blueprint! As /tmp filled, and data was swapped to disk, you'd want to ensure that the data swapping to disk is encrypted.

http://brainstorm.ubuntu.com/idea/16244/

:-Dustin

Blueprint information

Status:
Started
Approver:
Robbie Williamson
Priority:
Medium
Drafter:
Scott James Remnant (Canonical)
Direction:
Approved
Assignee:
Scott James Remnant (Canonical)
Definition:
Approved
Series goal:
Proposed for lucid
Implementation:
Blocked
Milestone target:
None
Started by
Scott James Remnant (Canonical) on 2009-11-19

Related branches

Sprints

Whiteboard

Discussion Points:
 * Minimum RAM size for this to be useful?
 * Dynamically scalable swapfiles
 * Other considerations for this to provide "additional security"?
-- Dustin Kirkland

  * Some webapps use /tmp to store files, as they are being uploaded, when a file is too large to fit in RAM. Issues will probably come up on servers that use a ram-disk for /tmp, if such webapps are installed without modifying (base code, or configuration) them to write their files elsewhere.
    * swap might alleviate this.

 * Yes, swap (ideally, growable swapfiles, see other spec on swapfiles). Also, I think we should provide a toggle-able configuration parameter, that allows an administrator to switch between tmp-on-disk and tmp-in-ram.

:-Dustin

re: minimum RAM sizes - my 5 year old laptop had 2GB of RAM, my 8 month old laptop has 4GB. I think memory sizes have grown to the point that this may not be a significant concern. I already use a tmpfs on /tmp on all of my machines. I've also replaced the HDDs with SSDs, and it's even more important there to minimize traffic to the drives. I also have swap disabled by default; because I don't want paging activity to wear out the SSDs prematurely. I only enable swap just before hibernating.
  -- Howard

Notes from UDS Session (Dustin Kirkland)
/tmp as tmpfs

Advantages
 - blazingly fast
 - faster boot speed (no need to clean out /tmp on boot)
 - security in some cases (can have readonly root, tmp data doesn't hit disk)
 - power savings
 - better for ssd's (actually you want ramfs)

Disadvantages
 - much smaller than traditional /tmp

swapd - dynamic swapfiles, configurable, could grow memory to disk as necessary

should preserve ability for admin's to preserve /tmp across boots
 - 2 steps
  * comment out /tmp as tmpfs in /etc/fstab
  * edit /etc/defaults

document how /tmp traditionally works, document how tmpfs works, how to switch back and forth

default install behavior
 - default install should use a single / partition, swapfiles managed by swapd, /tmp as a tmpfs
upgrade
 - leave things alone

2009-08-27 robbie.w: BLOCKED because of kernel Bug 386554 . Once this bug is resolved we can quickly enabled.

http://pqxx.org/development/swapspace (comparing to swapd and others) “Robustness and user-friendliness are the first priorities in developing this program. For example, all alternatives we looked at perversely needed to allocate multiple chunks of memory in dealing with low-memory situations; allocation failure would typically crash these programs. It turned out that none of these allocations were really necessary, and Swapspace manages to avoid them categorically.”
 – ion

(?)

Work Items