Audio Temp Files Fill /tmp After Upload

Podcast, video, and media-generation workers often write composed output to a temp file, upload it, then forget to remove the temp file. The safe fix is not a broad rm -rf /tmp; first prove which generated files are stale, then delete only temp outputs whose upload already succeeded.

Cleanup request

Get the exact cleanup step.

Leave your email now. The scan summary can follow after the first reply; we send the $29 Deep Cleanup step only if review-first storage remains.

See sample result

Measure The Temp File Backlog

Start with read-only checks. They list temp-dir capacity and the largest composed audio files without opening file contents.

Read-only check

Find generated audio files that are filling temp storage.

Use this before deleting anything. It works on Linux/macOS workers and stays scoped to likely composed audio outputs.

tmp="${TMPDIR:-/tmp}"
echo "tmp=$tmp"
df -h "$tmp" 2>/dev/null || true
df -i "$tmp" 2>/dev/null || true

find "$tmp" -maxdepth 1 -type f \( -name 'composed_*.mp3' -o -name 'composed_*.wav' -o -name 'composed_*.m4a' \) -print0 2>/dev/null \
  | xargs -0 du -h 2>/dev/null \
  | sort -hr \
  | head -40

Safe Cleanup Boundary

Keep failed-upload temp files so retries still have source bytes.
Delete only after the upload returns success and the object key is recorded.
Restrict cleanup to the system temp directory after resolving the real path.
Require regular files with expected generated names such as composed_*.mp3.
Never delete user uploads, project assets, data/, or working directories from this cleanup path.
Log path, byte size, episode ID, and cleanup result, but not audio contents.

Emergency reclaim

Move only old generated temp files to a quarantine folder.

Use this only after confirming these files are stale or already uploaded. It moves files instead of permanently deleting them.

tmp="${TMPDIR:-/tmp}"
quarantine="$tmp/safedisk-audio-temp-quarantine-$(date +%Y%m%d-%H%M%S)"
mkdir -p "$quarantine"

find "$tmp" -maxdepth 1 -type f \( -name 'composed_*.mp3' -o -name 'composed_*.wav' -o -name 'composed_*.m4a' \) -mmin +120 -print0 2>/dev/null \
  | while IFS= read -r -d '' file; do
      mv "$file" "$quarantine/"
    done

du -sh "$quarantine" 2>/dev/null || true

Implementation Guardrails

Put cleanup on the upload success path, not in a broad finally block.
Resolve tempfile.gettempdir() and the candidate file with realpath before comparing directories.
Use a helper that returns a boolean and logs cleanup failure without failing the completed upload.
Test success-upload deletes temp output, failed-upload keeps it, non-temp path is kept, and symlink/path traversal is refused.
Add a metric for bytes quarantined or deleted so recurring leaks are visible before temp storage is full.

Need a cleanup order for a live worker?

Copy the read-only check first. Request the $29 Deep Cleanup only if the output, app state, or cleanup boundary is still not obvious.

Send cleanup request See sample result

Deep Cleanup

Need a safe cleanup order?

Send the issue link, log excerpt, or storage summary first. We reply with the next safe move and offer the $29 Deep Cleanup only if the incident still needs review.