Curious - where does systemd-nspawn store container /tmp files on the host?

soconfused · May 14, 2024, 6:31am

Does anyone know where systemd-nspawn containers store their /tmp files on the host by default? I cannot find contents of ls /tmp from within a container in the contents of ls /tmp on the host.

barryascott · May 14, 2024, 6:53am

My guess is that systemd uses PrivateTmp= as described here Using /tmp/ and /var/tmp/ Safely
You can use systemctl to look at details of the spawned unit to investigate.

zbyszek · May 14, 2024, 7:17am

/tmp is a tmpfs instance, similarly to what happens on the host, so it’s not visible anywhere on the host.
/var/tmp OTOH is up the the container, usually it’s just a subdirectory of /var, so it can be found somewhere under /var/lib/machines/ (the default place for container filesystems).

soconfused · May 14, 2024, 8:02am

I’m not finding it still.

So it’s in RAM?

When I enter the container folder from the host side, I do see tmp there but it is empty (it isn’t empty on the guest side).

zbyszek · May 14, 2024, 10:26am

Barry A Scott:

My guess is that systemd uses PrivateTmp= as described here Using /tmp/ and /var/tmp/ Safely
You can use systemctl to look at details of the spawned unit to investigate.

I’m not finding it still.

It’s not using PrivateTmp.

Zbigniew Jędrzejewski-Szmek:

/tmp is a tmpfs instance, similarly to what happens on the host, so it’s not visible anywhere on the host.

So it’s in RAM?

Possibly. tmpfs is swapped, so it could be in RAM and it could be in one of the swap areas.

When I enter the container folder from the host side, I do see tmp there but it is empty (it isn’t empty on the guest side).

When the container is running, contents of /var/tmp should be visible on the host.
For example, I have a rawhide machine, and on the host I see:

$ ls /var/lib/machines/rawhide/var/tmp/
systemd-private-e74ab66a7f364bf195cff170e5812a52-dbus-broker.service-sJsmZy
systemd-private-e74ab66a7f364bf195cff170e5812a52-systemd-hostnamed.service-bpSjr6
systemd-private-e74ab66a7f364bf195cff170e5812a52-systemd-oomd.service-p4hM4U
systemd-private-e74ab66a7f364bf195cff170e5812a52-systemd-resolved.service-HUZNWa
systemd-private-e74ab66a7f364bf195cff170e5812a52-systemd-timedated.service-8uVA6l

soconfused · May 14, 2024, 10:53am

That’s interesting. I have the container folder in my home folder. Showing nothing in ~/container/tmp/ on the host, and seeing a few folders in /tmp as a guest in that container. I’m launching the container with -U, maybe user namespace isolation has to do with it?

In general, I’m not having an issue because I can access the /tmp folder from the container. But a need arises once in a while to peek into the container’s folders from the host, and I didn’t expect to find a discrepancy.

zbyszek · May 14, 2024, 11:36am

It seems you are confusing /tmp and /var/tmp.

Topic		Replies	Views
Please help me learn Podman via setting up a NFS server inside a container? Ask Fedora podman	4	1736	March 23, 2021
Correct location for temporary files, to save write endurance on NVME Ask Fedora hardware , nvme , tmpfiles , sustainability	7	799	July 14, 2024
Cannot access host's /tmp from inside flatpak Ask Fedora flatpak , development	4	139	February 3, 2025
How to mount a directory into a container, where changes in the container don't propagate to host? Project Discussion silverblue-team	3	1011	August 26, 2019
BTRFS Raid1 with a copy in RAM Ask Fedora	0	70	April 29, 2024

Curious - where does systemd-nspawn store container /tmp files on the host?

Related topics