Glam Prestige Journal

Bright entertainment trends with youth appeal.

I want to mount a tmpfs to /tmp and make it writable to users (or a specific user). The machine is a Raspberry Pi 3 with Debian 8.0 (Raspian). Whatever I try, /tmp is always mounted with permissions only for root.

I've tried the following fstab entries:

tmpfs /tmp tmpfs nosuid,nodev,noatime 0 0
tmpfs /tmp tmpfs nosuid,nodev,noatime,user,uid=1000,gid=1001,mode=1777 0 0

This always results in the following permissions:

$ ls -alh /tmp
total 36K
drwxr-xr-x 14 root root 500 Jul 19 10:17 .

But if I mount a tmpfs to any other location instead of /tmp (eg. /var/opt), it is writable to everyone:

$ ls -alh /var/opt
total 4.0K
drwxrwxrwt 2 root root 40 Jul 3 12:18 .

How can I mount a tmpfs to /tmp so that it is writable to everyone?

Output of mount:

tmpfs on /tmp type tmpfs (rw,nosuid,nodev,relatime)
tmpfs on /var/opt type tmpfs (rw,nosuid,nodev,relatime)

If mounted with all the uid, gid and mode options:

tmpfs on /tmp type tmpfs (rw,nosuid,nodev,noexec,noatime,uid=1000,gid=1001)

Edit: Does any Linux service set permissions to 755 on the /tmp directory on boot? Because these permissions are set even if I just symlink /tmp to /var/opt, which by itself was writable to anyone. After booting with a symlink from /tmp to /var/opt, the permissions on /var/opt are set to 755.

2 Answers

My tmpfs setting is:

tmpfs /tmp tmpfs rw,mode=1777,size=12g

The sizing is for a system with much more memory and swap that you are likely to have. noatime or relatime shouldn't matter as the inodes will be memory structures and unlikely to be written to disk. tmpfs is paged out to swap if necessary.

The permissions of 755 on /tmp are likely the default permissions on the mount point. The traditional permissions are 1777 allowing anyone to create files, but securing them from manipulation by other users.

Your original /etc/fstab line is correct:

tmpfs /tmp tmpfs nosuid,nodev,noatime 0 0

For symlinks to /tmp, such as /var/spool, /var/tmp, and perhaps /var/opt (not sure), remove the symlink, replace it with an empty directory, and add a new line to /etc/fstab which creates another mount, e.g.:

tmpfs /var/spool tmpfs defaults,noatime,nosuid,nodev,noexec,mode=0755,size=64M 0 0

To find all such symlinks:

sudo find / -lname '/tmp*' 2>/dev/null

The reason this is necessary is that, at boot, permissions on some directories such as /var/spool are changed, and chmod on a symlink changes the target directory.

See also Why is /tmp mounted with permissions 0755 when fstab has 1777?

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

Related Journals