# Out of space on /var ... then again maybe not



## chavez243ca (Oct 19, 2009)

reading some of my daily root mail, I find that /var is dangerously low on space


```
#df -h
```

indicates that sure enough, 90%+ capacity; 


```
#cd /var
#du -h -d1
```

tells me /var/log and /var/db are the culprits - so I do some cleaning - after which I notice df -h and du -h -d1 are giving me conflicting numbers.



```
cawinc99# df -h
Filesystem     Size    Used   Avail Capacity  Mounted on
/dev/da0s1a    458M    148M    274M    35%    /
devfs          1.0K    1.0K      0B   100%    /dev
/dev/da0s1e    440M     14K    404M     0%    /tmp
/dev/da0s1f    7.2G    4.2G    2.4G    63%    /usr
/dev/da0s1d    860M    713M     78M    90%    /var
devfs          1.0K    1.0K      0B   100%    /var/named/dev
cawinc99# du -h -d1 /var
2.0K    /var/.snap
2.0K    /var/account
6.0K    /var/at
2.0K    /var/audit
 12K    /var/backups
4.0K    /var/crash
4.0K    /var/cron
171M    /var/db
2.0K    /var/empty
2.0K    /var/heimdal
 33M    /var/log
 20K    /var/mail
4.0K    /var/msgs
 47K    /var/named
2.0K    /var/preserve
 40K    /var/run
2.0K    /var/rwho
 98K    /var/spool
4.0K    /var/tmp
 22K    /var/yp
2.0K    /var/games
204M    /var
cawinc99#
```

Why would that be?  More importantly, how do I reclaim my space?


----------



## DutchDaemon (Oct 19, 2009)

Restart syslogd and any service that may use /var/db (like MySQL). You may have some open file descriptors that need to be refreshed. If that doesn't help, drop to single-user mode and make sure /var is *not* mounted. Then check whether there's anything in /var.


----------



## chavez243ca (Oct 19, 2009)

looks like that did the trick - the squid PID took a while to kill off, might have been squid / squidGuard.

back to normal now, thanks


----------

