chdir to /home/virtfs/username failed

[BottyZ]

Hi all,

I setup my first VPS back in July and it has been running smoothly ever since. I have it set with mod_ruid2/jail shell and use this VPS to only host a single work website. In the apache error_log (accessed from within lfd) I have had a number of "chdir to /home/virtfs failed" messages since setting up the VPS. I've tried numerous times to Google the issue but have never come back with anything useful to stop the errors appearing.

Examples from yesterday as below:

[Mon Jan 04 18:16:15.111600 2016] [:error] [pid 11862] mod_ruid2 subdomain.website.com GET /images/A.jpeg HTTP/1.1 chdir to /home/virtfs/username failed
[Mon Jan 04 18:16:15.215839 2016] [:error] [pid 10420] mod_ruid2 subdomain.website.com GET /images/B.png HTTP/1.1 chdir to /home/virtfs/username failed
[Mon Jan 04 18:16:15.331926 2016] [:error] [pid 11324] mod_ruid2 subdomain.website.com GET /images/C.jpg HTTP/1.1 chdir to /home/virtfs/username failed
[Mon Jan 04 19:30:58.911452 2016] [:error] [pid 12092] mod_ruid2 subdomain.website.com GET /images/D.png HTTP/1.1 chdir to /home/virtfs/username failed
[Mon Jan 04 19:30:58.914813 2016] [:error] [pid 11949] mod_ruid2 subdomain.website.com GET /images/E.png HTTP/1.1 chdir to /home/virtfs/username failed

The errors always appear for files on a static subdomain I setup for the website which serves the images and CSS for site speed/seo improvement. I.e. from a browser the files would load from static.website.com/images/whatever.jpg

If I open a browser and load the above files directly, they work fine and no entries are inserted into the error log for these visits. And I haven't had any users complain that the files haven't loaded when they've visited the site.

Another point that might or might not be worth mentioning is that I migrated this website cpanel account from a shared host to this VPS back in July. Everything went smoothly there also. Not sure if that would make a difference to any of you experts?

If you need more info, please let me know I'll answer as best I can.
If someone could point me in the right direction to fix the errors or confirm that this isn't even a problem, it would be much appreciated.

Thanks for your time.

 

[cPanelMichael]

Hello

Please try creating /home/virtfs/$username if it does not yet exist and let us know if the issue continues:

/scripts/update_users_jail $username

Thank you.

 

[BottyZ]

Hello

Please try creating /home/virtfs/$username if it does not yet exist and let us know if the issue continues:

/scripts/update_users_jail $username

Thank you.

Hi Michael,

Sorry for the late reply, I've only just seen your post (didn't get the usual email notification of a reply). The username for the account is the one that was migrated and is the only one on the server except for root. So it does already exist.

Would running the script you mentioned harm the system if the username does already exist?

 

[cPanelMichael]

Could you verify if you are using Mod_Security, and if so, if you have enabled the OWASP ruleset?

Thank you.

 

[BottyZ]

Hi Michael,

I had mod_security enabled but no vendors such as OWASP set. I didn't realise I needed to install the OWASP since I was using mod_ruid2 which I confused for not needing any.

I've just installed the OWASP now, do you think that would have been the issue? I'll monitor the logs over the next few days to see if it clears up and let you know.

Thanks.

 

[BottyZ]

Hi again,

Only had this running very briefly with the OWASP and already seeing numerous errors in the error_log such as:

ModSecurity: Geo Lookup: Failed to lock proc mutex: Permission denied [hostname "www.HIDDEN.com"] [uri "/shop/images/ABC.jpg"] [unique_id "VriQ5y4RXxUAAAgKTEsAAAAB"]
ModSecurity: Rule processing failed. [hostname "www.HIDDEN.com"] [uri "/shop/images/ABC.jpg"] [unique_id "VriQ5y4RXxUAAAgKTEsAAAAB"]
ModSecurity: collection_store: Failed to access DBM file "/var/cpanel/secdatadir/ip": Permission denied [hostname "www.HIDDEN.com"] [uri "/shop/images/ABC.jpg"] [unique_id "VriQ5y4RXxUAAAgKTEsAAAAB"]
ModSecurity: Audit log: Failed to create subdirectories: /usr/local/apache/logs/modsec_audit/USERHIDDEN/20160208/20160208-1258 (Read-only file system) [hostname "www.HIDDEN.com"] [uri "/shop/images/ABC.jpg"] [unique_id "VriQ5y4RXxUAAAgKTEsAAAAB"]
ModSecurity: Warning. Operator EQ matched 0 at REQUEST_HEADERS. [file "/usr/local/apache/conf/modsec_vendor_configs/OWASP/rules/REQUEST-20-PROTOCOL-ENFORCEMENT.conf"] [line "283"] [id "960008"] [rev "2"] [msg "Request Missing a Host Header"] [severity "WARNING"] [ver "OWASP_CRS/3.0.0"] [maturity "9"] [accuracy "9"] [tag "Host: "] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/MISSING_HEADER_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "server.HIDDEN.com"] [uri "/"] [unique_id "VriQQS4RXxUAAAgARroAAAAJ"]

So not sure if this is even working properly, but I would hope to have not seen any errors to be honest.
Are the above ok? Or are there further underlying issues with the setup??

 

[cPanelMichael]

I didn't realise I needed to install the OWASP since I was using mod_ruid2 which I confused for not needing any.

Hello

You do not have to enable this ruleset. The reason I asked is because this ruleset often conflicts with Mod_Ruid2:

Mod RUID 2 and ModSecurity

Thus, I suggest disabling the ruleset.

Thank you.

 

[BottyZ]

Hi Michael,

I've disabled the OWASP again and left mod_security with no vendors listed, after seeing your revised suggestion and now I'm back to my original problem in the first post.

Any further thoughts? Or is this a cpanel assistance job for one of your techs to fix?

 

[cPanelMichael]

Feel free to open a support ticket using the link in my signature so we can take a closer look at your system. You can post the ticket number here so we can update this thread with the outcome.

Thank you.

 

[BottyZ]

Feel free to open a support ticket using the link in my signature so we can take a closer look at your system. You can post the ticket number here so we can update this thread with the outcome.

Thank you.

Hi Michael,
As requested the support ticket is as follows: Ticket ID: 7461819 Error Logs showing: chdir to /home/virtfs/username failed

Hopefully, one of you experts can figure out what is wrong and fix it for me. I would be keen to know what exactly (if anything) I've set up wrong to generate this issue.

Thanks.