LinkBack URL
About LinkBacksThere is a folder called tmp at the root level on the cPanel website which I am now managing. Can all these historic files be deleted without upsetting anything?
tmp folder
There is a folder called tmp at the root level on the cPanel website which I am now managing. Can all these historic files be deleted without upsetting anything?
Hi,
don't delete mysql.sock - all other Data can you delete.
If you delte mysql.sock you need to restart the Mysql - if it don't work - restart the Server.
Regards
1a-Websolutions - Schweizer Qualitäts-Hosting mit Cpanel
Securing /tmp Partition
Hi,
It would be worthwhile to give /tmp it's own partition and mount it using noexec- This would protect your system from MANY local and remote exploits of rootkits being run from your /tmp folder.
What we are doing it creating a file that we will use to mount at /tmp. So log into SSH and SU to root so we may being!
cd /dev
dd if=/dev/zero of=tmpMnt bs=1024 count=100000
Make an extended filesystem for our tmpMnt file
/sbin/mke2fs /dev/tmpMnt
Backup your /tmp dir- I had mysql.sock file that I needed to recreate the symbolic link for. Other programs may use it to store cache files or whatever.
cd /
cp -R /tmp /tmp_backup
Mount the new /tmp filesystem with noexec
mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp
chmod 1777 /tmp
Copy everything back to new /tmp and remove backup
cp -R /tmp_backup/* /tmp/
rm -rf /tmp_backup
Now we need to add this to fstab so it mounts automatically on reboots.
vi /etc/fstab
You should see something like this:
/dev/hda3 / ext3 defaults,usrquota 1 1
/dev/hda1 /boot ext3 defaults 1 2
none /dev/pts devpts gid=5,mode=620 0 0
none /proc proc defaults 0 0
none /dev/shm tmpfs defaults 0 0
/dev/hda2 swap swap defaults 0 0
At the bottom add
/dev/tmpMnt /tmp ext2 loop,noexec,nosuid,rw 0 0
(Each space is a tab)
Save it!
Your done- /tmp is now mounted as noexec. You can sleep a little bit safer tonight. I created a hello world c++ and compiled it then moved it to /tmp. Upon trying to run it (even chmod +x'ed), it gives the following error:
bash: ./a.out: Permission denied
Thanks
shivinvijai - it would be nice if you mentioned you didn't write this and you copied and pasted the article from my site http://www.webhostgear.com/34.html
Upload Guardian 2.0 - Sign up for our early beta
ServerProgress - Server security, consulting and assistance
/scripts/securetmp also creates a loopback file to mount noexec on /tmp
It does that if /tmp is not already a partition (slice for FreeBSD)
It usually runs in /etc/rc.local
Lots of great stuff there too.Originally Posted by ramprage
shivinvijai - it would be nice if you mentioned you didn't write this and you copied and pasted the article from my site http://www.webhostgear.com/34.html
typo check
So log into SSH and SU to root so we may being!
Fav cPlinks this week: Blog - cPanel & WHM 11.32 we love it! | cPanel University study for it! | Attracta is coming! we want this!
Reply With Quote
