Auto-delete Files

jenuine 2023-05-11 11:34:02 UTC #1

Hello Team.

Is bigfix capable of creating a fixlet or action of automatic deleting of files in a client machine?

Thank you.

JasonWalker 2023-05-11 12:31:35 UTC #2

Yes. We’ll need more details on what you’re trying to do though.

jenuine 2023-05-11 12:48:46 UTC #3

We just want to auto-delete files under /tmp directory of our linux machines. We’ve noticed that there are .txt files whixh are auto-generated and stored in the /tmp folder.

JasonWalker 2023-05-11 12:56:34 UTC #4

I’d recommend using a cron job for that, and checking the last accessed times of the files to ensure you aren’t deleting something that’s still in use. The answer at https://askubuntu.com/a/609396 looks like a pretty good method to me.

Then I’d use BigFix to distribute that cron job to your servers

jenuine 2023-05-11 13:07:51 UTC #5

Great. How to distribute that scheduled jobs through bigfix?

find /tmp -type ‘*.txt’ -mtime +10 -exec rm -rf {} ;

FatScottishGuy 2023-05-11 14:21:20 UTC #6

Just to expand on this and automate it - I’d follow this flow…

Create a policy action to run at whatever frequency you want…

The relevance of the policy action should check the cron file to see if there is an entry already there for your file removal and if not then create the following action

not exists file "/etc/cron.d/bigfix_delete_txt_files"

//Check that there are text files to delete
continue if exists files whose (name of it ends with ".txt" and parent folder of it as string = "/tmp"

//Create the cron job to delete the files every 1 hour
delete __appendfile
appendfile 0 * * * * /bin/rm -f /tmp/*.txt
wait chmod 644 /etc/cron.d/bigfix_delete_txt_files
wait mv __appendfile /etc/cron.d/bigfix_delete_txt_files

Now it does it all automatically

Obviously be careful what you are deleting as you may inadvertently delete something important from /tmp. I’d advise being more specific about the txt files like checking what’s in them or who / what created them maybe.

JasonWalker 2023-05-11 14:33:40 UTC #7

Thanks very much, I was just digging in to that. I like this answer, but I’d change the the content of ‘bigfix_delete_txt_files’ slightly based on the Ubuntu answer I linked earlier

appendfile 0 * * * * find /tmp -xdev -type f -atime +10 -delete

This uses ‘find’ to list out only the files that have not been accessed in more than 10 days. Directories are left behind, to prevent accidental deletion of active files if their parent directory has not been accessed but the child file has been accessed recently.

-xdev : Do not traverse into other filesystems (hopefully you're not putting mounts under /tmp, but it's possible, and if so don't traverse through those mountpoints)

-type f : Only 'file' type, skip directories, block devices, etc.

-atime +10 : Only where the 'last accessed time' (atime) is more than 10 days old

-delete  : Delete the files that match all the criteria.  This uses the built-in 'delete' functionality of 'find', rather than spawning an additional process for each file found.