Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

Preferences
Contact Us
Feedback
AWS Documentation
Create an AWS Account
/var Persistent Variable System Data - Amazon Linux 2023
/var/cache/var/lib/var/log/var/spool/var/tmp

/var Persistent Variable System Data

PDFRSS

/var/cache

In contrast to /var/lib, erasing data in /var/cache will not result in data loss, as applications are required to be able to rebuild their /var/cache data from other sources.

/var/lib: Persistent system data

The /var/lib directory is used for persistent system data. Various system components will place data here which is private to that component. In contrast to /var/cache, erasing data in /var/lib will result in data loss.

For example, the PostgreSQL database server will by default store database data in /var/lib/pgsql. The layout and file formats of this data is private to PostgreSQL, and it is persistent data as if erased, the user experiences data loss.

/var/log: Persistent logs

This directory is used for storing persistent logs. It is recommended that software use the syslog(3) or sd_journal_print(3) API calls rather than directly storing log files under /var/log.

Note

In AL2023 the systemd journal replaces rsyslog, which is a notable difference from the default Amazon Linux 2 configuration.

For more information on reading logs using journalctl, see the journalctl manual page.

Many applications use their own mechanisms for writing, and sometimes rotating, log files found in /var/log. See the documentation for these applications on how to configure their log files.

/var/spool: Mail and Printer queues

This directory is used for persistent data such as mail or printer queues.

/var/tmp: larger temporary files

For small, size-bound temporary files, /tmp should possibly be used instead.

While /tmp is by default configured to be a tmpfs volume, /var/tmp is by default configured to be a path on the root file system, and is thus the place for larger and more persistent temporary files. By default, there is a cleanup job run on a regular schedule which removes files not recently accessed.

For information on how to configure the clean-up of temporary files, see the tmpfiles.d(5) and systemd-tmpfiles(8) man man pages.

As with /tmp, applications should prefer the path specified in the $TMPDIR environment variable over /var/tmp. Users can then set the $TMPDIR environment variable to override the path an application should use for /var/tmp.

Warning

Since /var/tmp is shared (as is /tmp, it is important to use safe methods of creating temporary files. For details, see the upstream systemd documentation on Using /tmp and /var/tmp Safely.

Note

It is best practice for systemd services to be configured with the PrivateTmp= directive set to yes or disconnected which runs the service in a sandbox where /tmp and /var/tmp are not shared with the host or other services.

For more information, including how to configure two services to share the same private temporary directories, see the systemd.exec(5) man page.

The /tmp and /var/tmp paths are closely related and exist for different purposes.

Next topic:

Updating AL2023

Previous topic:

/usr

Need help?

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.