First, the usual permission bits for the /tmp directory are 1777
. The leading 1
indicates that the directory's sticky bit has been set, which means that although multiple users may write to the directory, they retain ownership of any files written there so that only they (or root) may delete them. Hence without sudo
you will only be able to delete your own files from /tmp. As well, some files in /tmp may be open and/or locked by other processes and you should not attempt to delete them unless you know the locks are 'stale' - you can check for open files with lsof
e.g.
$ sudo lsof +d /tmp
to see any open files at the top level of the directory, or
$ sudo lsof +D /tmp
to show open files anywhere in /tmp and its subdirectories - see the OUTPUT
section of the lsof manpages man lsof
for an explanation of what the various columns mean.
The second issue you are likely facing is that although commands like rm
can take multiple filename arguments (including expanded wildcards or shell globs), there is a limit to the allowed length of the argument list. For example, if we create 100,000 files in /tmp
# touch /tmp/file{000000..099999}
# ls /tmp/file* | wc -l
100000
(so far so good) but if we add a further 100,000 files, the expanded shell glob (i.e. the list of files to be deleted) becomes too long for the ls
command line
# touch /tmp/file{100000..199999}
# ls /tmp/file* | wc -l
-bash: /bin/ls: Argument list too long
0
and similarly we can't delete in one go with rm
# rm -f /tmp/file*
-bash: /bin/rm: Argument list too long
The solution is to break down the wildcard list into manageable subsets - you did that manually, but it is possible to do it automatically using the xargs
command e.g.
# echo /tmp/file* | xargs rm -f
You could also have used the find
command with a -exec
or -execdir
action and the {} +
argument replacement syntax - from man find
-exec command {} +
This variant of the -exec action runs the specified command on
the selected files, but the command line is built by appending
each selected file name at the end; the total number of invoca-
tions of the command will be much less than the number of
matched files. The command line is built in much the same way
that xargs builds its command lines. Only one instance of `{}'
is allowed within the command. The command is executed in the
starting directory.
for example
# find /tmp -maxdepth 1 -name 'file*' -type f -exec rm -f {} +
although the xargs
version will likely be faster if you only need to delete from the top level of /tmp
(i.e. not from any subdirectories).
If the directory continues to fill up you should really investigate which users / processes are creating the files and why. If you changed /tmp
's permissions you should reset them to 1777
.
Your current logs are fine, still, those without .1
. That is good, and you can remove it with:
sudo rm /var/log/*.1
Now you command doesn't work because of this:
sudo 'Everything here runs as root' > Everything here run as user
So if you wanted to do what you tried the correct would be:
sudo sh -c "echo '' > kern.log.1"
This is because the pipe opens a shell with the current user.
Best Answer
Unlearn the need for
logrotate
. You don't needlogrotate
in the first place. This is a problem that has been solved since the middle 1990s.Get yourself one or more of:
multilog
from daemontools, or Bruce Guenter'smultilog
from daemontools-encore, or Adam Sampson'smultilog
from freedt, ors6-log
from s6, orsvlogd
from runit, ortinylog
from perp, orcyclog
from nosh.and send script standard output and standard error through a pipe to their standard input, in the normal way:
They will write a set of automatically cycled, rotateable-on-demand, strictly size-capped logs in a directory that you specify, with no need for any additional log rotation programs at all. None of them need any superuser privileges. (In fact, far from needing or expecting superuser privileges it is best practice in their most widely known use case, logging dæmon output, to run them under unprivileged accounts.)
Further reading