What's the best strategy to keep /var from filling up?

I’ve substantially cleaned out my /home directory, deleted all trash, etc. but /var is still 84% full and has triggered warnings in the past. I tried a simple restart to see if that cleared temp data but there was no change. I’ve seen suggestions about logrotate but is that the ideal solution? How about cd var > $CLEANUP ? A related concern is how to remove or avoid unwanted fonts e.g. Abyssinian? There seem to be a ton of these.

Fonts are stored in two places, in your home folder
and in root

For your /var syslog filling, you will want to know what is causing errors that are filling the log. Clear your log to

  • create some free space
  • isolate the latest and most probable errors causing it to fill

sudo cat /dev/null > /var/log/syslog

Next use the tail command to check the log a while after clearing it out to see the last entries and see what new errors are persistent

tail -f /var/log/syslog

1 Like

[result:] bash: /var/log/syslog: Permission denied.
I tried entering my password on sudo apt remove and then tried the quoted string again but am still denied, with no further password challenge.
It’d be great to clear the logs as they occupy about 730MB.

Could you please try:

sudo -i

Enter PW then

cat /dev/null > /var/log/syslog

All I get is this:

cliff@cliff-Latitude-E5430-non-vPro:~$ sudo -i
[sudo] password for cliff:
\root@cliff-Latitude-E5430-non-vPro:~# cat /dev/null > /var/log/syslog
root@cliff-Latitude-E5430-non-vPro:~# tail -f /var/log/syslog

doesn’t seem to invoke any visible actions on the logs

1 Like

Cliffe, you rock.

This is one of those things I learned early on but never bothered to question.
A bit like when you run ‘sudo apt clean’ and it does not do anything fancy in terminal- when I would run the above in elevated terminal, I assumed it did what I intended it to do.
My assumption was incorrect and it goes to show why we must always question our assumptions or accept correction from others.

I found this Ask Ubuntu thread which explains it:

Thanks. I went through those posts and tried the more recent ones, which may have worked tho not visibly on the terminal window. However, still get warnings that /var is nearly full despite these and other measures like removing a number of snaps (e.g. games) from /var/lib which should’ve increased var free space but hasn’t. Ultimately, I’ve GOT to teach myself how to expand the partition using Gparted. I saved your earlier instructions. Been in hospital, but hope to focus on that soon.

1 Like

Hope you are well, or at least healthy enough to tolerate living.
Can I ask, how large is your home partition?

Although I usually shun GUI frills, I admit I use simple “ubuntu-cleaner” on my machine when I feel like being lazy. It clears out thumbnails, apt-cache, old kernels and the like. Frees up some space. I do it once a week just to do it.

Hey thanks, I’ll see if I can find that! My /home ptn was set at 20GB when I installed Zorin last Jan. I don’t recall seeing other options. I kind of assumed my whole 320GB hard drive would be utilized and available but as it turned out there are at least a couple hundred GB I can’t access.
Health challenges persist but I can still very much appreciate being alive. Thanks for asking.

With 15.3 Core in a confined root partition, I am keeping an eye on creeping occupation, or should I call it infestation.
I have discovered that my var/lib/snapd contains over 500MB. Are those normal and necessary occupants for Core? If true I will say no more, as it is not a serious problem (yet).

In a chance encounter, I stumbled across this entry in a search:

I will admit to something here: I removed snapd. I removed everything associated with it.
This has not caused me any problems, yet.

1 Like

That askabuntu link was interesting, but focused on wifi towards the end.
It did have a link to this 6yr old thread:

Crosslink to Swarfendors post about removing snapd

Any important distinction here between removing and disabling?

I installed sshguard, but haven’t disabled snapd.
Another chapter in the saga of repeated warnings that /var is running low on space. When I checked this time, I found these possible culprits within snapd:

contents of /var/lib/snapd/snaps/ (4.2GB) include similar snap versions with different dates, e.g.:

chromium_1373.snap [252.5MB, date modified Oct 20]
chromium_1382.snap [252.5MB mod Nov 5] [current ver 86.0.4240.183 64-bit]

deja-dup_413.snap [111.3MB mod Oct 23]
deja-dup_420.snap [ditto, Nov 3]

gimp_292.snap [263.2MB mod Aug 24]
gimp_297.snap [ditto, Sep 26]

libreoffice_194.snap [452.3MB, Oct 15]
libreoffice_196.snap [631.0MB, Oct 31]

zoom-client_106.snap [151.4MB, Oct 15]
zoom-client_108.snap [157.2MB, Oct 30]

So-- Can the older ones be deleted to recover space on /var?

Hi @cliffe,
That is a very good question to ask. I would also be very interested in the answer.

I only have multiple snaps for core and gnome, they are not that big, but assume older ones maybe redundant to needs.

Have you been installing apps from Software as snap versions instead of apt? I check the app listing on Software and avoid any Snap versions.

No, I always prefer the automatic installs from Software. I thought they WERE considered snaps. Once or twice tried to download and manually install something from Sourceforge (I think it was an OCR utility) and it was just too much hassle.

Not all apps in Software are presented as snaps, well not yet anyway, so sometimes it is worth doing a search in Software for the program you want, as you may find a non-snap alternative. You have to read the version description to find out.
I suppose you may get latest versions of software as snaps than normal apt versions. But there are some downsides.
I have minimal root storage capacity, so I prefer to avoid snap versions as they are bloated. Also we have seen a few problems reported on here, corresponding with snap version of app being used.