It is my understanding that the inactive memory is actually memory
freed up but not yet clean by the OS and put back in the free memory
pool.
This is false. 'inactive' memory is actively mapped memory which has not been utilized by any application for some time. When its time to swap, memory is taken from pages marked like this and swapped out. It can also be used to swap out in favour of page cache.
As you can see the amount of committed memory increases gradually
causing the swap file to be use. What strikes me odd is that the
amount of inactive memory keeps growing as well.
The two dont necessarily correlate, but to me this strongly looks as if something is leaking memory. The fact that you have pages not being accessed by any applications growing, and swap growing too suggests something is allocating memory, forgetting about it then not freeing it afterwards.
Memory could be 'inactive', for example if malloc() is called. This is a libc call that may allocate a chunk of memory, but only a portion of it is actually utilized to do any work (less than the number of pages allocated anyway). Even if you free in malloc it doesnt actually mean you free the memory by asking the operating system to do so, its just mallocs tables might mark is as 'reusable', it might free it after.
Most of my requirements have already been available in Debian.
By default, /etc/default/rcS
sets environment variable TMPTIME=0
.
$ man rcS
:
TMPTIME
On boot the files in /tmp will be deleted if their modification time is more than TMPTIME days ago. A value of 0 means that files are removed regardless of age. If you don't want the system to clean /tmp then set TMPTIME to a negative value (e.g., -1) or to the word infinite.
Looking in /lib/init/bootclean.sh
, I found out that the quota file './aquota.user(owned by root) is excluded from removing. Conclusion: quota settings will persist during reboots and
TMPTIME=0can safely be set in
/etc/default/rcS`.
To keep /tmp
clean while running, I installed tmpreaper
.
To activate it, SHOWWARNING=true
should be commented. Furthermore, TMPREAPER_TIME=7d
should be uncommented in order to clean files older than 7 days.
A 1GB temp disk was created and formatted ext3 with:
# dd if=/dev/zero of=/var/tmpdisk bs=1K count=1000000
# mkfs.ext3 -F /var/tmpdisk
Mounting it at boot-time required a change in /etc/fstab
:
# /var/tmpdisk /tmp ext3 loop,rw,nosuid,noexec,nodev,quota 0 0
Since /var/tmpdisk
is not a real device, it should be mounted as loop device, hence loop
. nosuid,noexec,nodev
have been added as a layer of security to prevent common exploit kits from abusing /tmp
. Finally, quota
enables quota for the disk.
After modifying /etc/fstab
, I ran mount -a
to mount the new /tmp
disk. Since /tmp
should be world-writable, and users should not be able to delete files they do not own, the directory permissions should be changed too:
# chmod 1777 /tmp
Activate quotas:
# quotacheck /tmp
# quotaon /tmp
Now /tmp
fully suits my needs with quotas activated and auto-cleaning junk files. The only thing I have to do is adding quotas for each user by running edquota username
.
Best Answer
I found off why, well, someone gave me the global hint.
It's neither the fault of php or tmpfs. The culprit was systemd and his security system
PrivateTmp
.For those who get in the same issue that I did, the service php (and probably some others) have the
PrivateTmp
option totrue
in the systemd script (/usr/lib/systemd/system
).In that case, a new
/tmp
is created and isolated from the other one. All the data save inside are deleted once the service is stopped.It's a security measure since
/tmp
can contain a lot a sensitive informations and php script are not always secure.To deactivate this, simply copy the script inside
/etc/systemd/system
(to avoid overwriting of your changes after an update) and setPrivateTmp
tofalse
.You can also set two or more services to share the same /tmp using
JoinsNamespaceOf
.For more information >
man systemd.exec