I’ve been watching a disk space leakage creep slowly upwards for months now; finally, I figured out where it was going!
Whenever I set up a VPS, I follow Brian Kennedy’s excellent My First 5 Minutes On A Server; Or, Essential Security for Linux Servers. It covers setting up a number of initial tools that make server administration much easier:
- fail2ban, for blocking suspicious log in activity
- setting up a non-root user
- ufw, a simple firewall program
- unattended-upgrades, which installs security upgrades periodically
- logwatch, so you can read a digest of what’s happened in your logs
Ever since I set up my VPS, I’d seen the disk space creep up in the daily logwatch digest. I had looked a few times and figured it must be related to some sort of misconfiguration of the Ruby app server I have running on it right now.
Recently, it got up to more than half of my disk space gone. For a VPS that I
used maybe twice a month, this was ridiculous. I investigated once more and
finally came up with the culprit:
unattended-upgrades wasn’t autoremoving
packages. I had gigabytes worth of packages that could be autoremoved.
There’s a one-line config file fix. Add this to /etc/apt/apt.conf.d/50unattended-upgrades:
Update: It looks like a bug in unattented-upgrades is preventing it from
automatically removing header packages. For the time being you will have
to either manually auto-remove these packages, or add
sudo apt-get autoremove
-y to your crontab.
Update: The bug has been addressed and closed. It now correctly removes header packages!
Jake on the Web
If you cared enough to read that far, you should consider following me on GitHub or paying a visit to my homepage. If this post was about one of my open source projects, make sure to star it on GitHub! I love hearing what people think, so feel free to open an issue or send me an email.