Why systemd‑tmpfiles --purge Can Erase Your Home Directory and How the Fix Was Implemented

Systemd is a widely adopted init system and service manager in Linux distributions, and it includes the systemd-tmpfiles command for creating, deleting, and cleaning volatile and temporary files and directories.

In a recent incident, a user ran systemd-tmpfiles --purge on version 256, intending to clean /var/tmp. The command emitted warnings, including paths under /home, and despite aborting with Ctrl‑C, some files were permanently lost. The user reported the problem on the systemd GitHub project page.

A systemd developer, also a Microsoft employee, responded sharply, reminding the user that all files and directories created by entries in tmpfiles.d/ will be removed, and that the user should have reviewed the existing tmpfiles.d entries before running an unfamiliar command.

The core issue lies in how systemd-tmpfiles processes configuration files located in /usr/lib/tmpfiles.d/, especially the home.conf file. Users unfamiliar with these deep configuration details may not realize that the --purge option can affect directories beyond temporary locations, and the documentation does not sufficiently warn about this risk.

The discussion attracted attention from core developers, including Lennart Poettering. The community proposed adding clearer warnings and modifying the command’s behavior to prevent execution without an explicit configuration path. A pull request was submitted to refine the command’s scope, ensuring that critical areas such as the home directory are excluded unless explicitly specified by the system administrator.

These changes aim to reduce the chance of accidental data loss by improving documentation and adding safeguards to systemd-tmpfiles operations.