Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Failed to access DBM file Permission denied

Discussion in 'Security' started by Benjamin D., Jul 28, 2018.

  1. Benjamin D.

    Benjamin D. Well-Known Member

    Joined:
    Jan 28, 2016
    Messages:
    104
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Canada
    cPanel Access Level:
    Root Administrator
    CentOS 7.5 WHM 72.0 Apache 2.4 suphp (7.1)

    Logs are filling with this, following a server migration. Logs never showed that on the older server, same configuration (at least what I think it is, but obviously SOMETHING is different now) :

    ModSecurity: collections_remove_stale: Failed to access DBM file "/var/cpanel/secdatadir/global": Permission denied

    No, I do not use mod_ruid2
     
    #1 Benjamin D., Jul 28, 2018
    Last edited: Jul 28, 2018
  2. 24x7server

    24x7server Well-Known Member

    Joined:
    Apr 17, 2013
    Messages:
    1,834
    Likes Received:
    85
    Trophy Points:
    78
    Location:
    India
    cPanel Access Level:
    Root Administrator
    Hi,

    Can you share with the output of the below command:
    # ls -ld /var/cpanel/secdatadir/global
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Benjamin D.

    Benjamin D. Well-Known Member

    Joined:
    Jan 28, 2016
    Messages:
    104
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Canada
    cPanel Access Level:
    Root Administrator
    No, because: ls: cannot access /var/cpanel/secdatadir/global: No such file or directory
     
  4. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    2,230
    Likes Received:
    161
    Trophy Points:
    143
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Benjamin D.

    Does /var/cpanel/secdatadir/ exist? If so can you give me the output of the following:

    Code:
    ls -lah /var/cpanel/secdatadir/
    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Benjamin D.

    Benjamin D. Well-Known Member

    Joined:
    Jan 28, 2016
    Messages:
    104
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Canada
    cPanel Access Level:
    Root Administrator
    [root@secure ~]# ls -lah /var/cpanel/secdatadir/
    total 16K
    drwxrwx--T 2 root nobody 4.0K Jul 30 12:00 .
    drwx--x--x 106 root root 12K Jul 30 12:42 ..
    -rw-r----- 1 root root 0 Jul 23 21:34 global.dir
    -rw-r----- 1 root root 0 Jul 23 21:34 global.pag
    -rwxr-xr-x 1 nobody nobody 0 Jul 30 12:00 ip.dir
    -rwxr-xr-x 1 nobody nobody 0 Jul 30 12:00 ip.pag
     
  6. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    2,230
    Likes Received:
    161
    Trophy Points:
    143
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Benjamin D.

    Can you please change the ownership of the global.dir and the global.pag files to nobody UID/GID:


    Code:
    chown nobody:nobody global.pag
    chown nobody:nobody global.dir
    and let me know if that resolves the issue.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #6 cPanelLauren, Jul 30, 2018
    Last edited: Jul 30, 2018
  7. Benjamin D.

    Benjamin D. Well-Known Member

    Joined:
    Jan 28, 2016
    Messages:
    104
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Canada
    cPanel Access Level:
    Root Administrator
    FINALLY. Thank god, this will give a break to the hard drives... now please cPanel, can anybody add these 2 aforementioned commands to the WHM installation process?

    THANK GOD (and/or @cPanelLauren !) this is resolved ;-)

    Please mark as resolved. Why so fast? Because the second I chown'ed the previously mentioned files, hundreds of these lines a second stopped filling up the log :P
     

    Attached Files:

    cPanelLauren likes this.
  8. cPanelLauren

    cPanelLauren Forums Analyst
    Staff Member

    Joined:
    Nov 14, 2017
    Messages:
    2,230
    Likes Received:
    161
    Trophy Points:
    143
    Location:
    Houston
    cPanel Access Level:
    DataCenter Provider
    Hi @Benjamin D.

    I'm pretty sure I haven't laughed that hard in a while, I'm glad that resolved the issue. I need to do some more testing but I found a ticket internally where this occurred as well. That shouldn't be happening. For my information can you tell me the MPM you're using, how long ago this server was provisioned as well (i know it's the new server but was it live before you migrated your sites to it?), can you also tell me what version of the OWASP ruleset you're using, as well as any alternates/custom rulesets that may be provisioned?

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. Benjamin D.

    Benjamin D. Well-Known Member

    Joined:
    Jan 28, 2016
    Messages:
    104
    Likes Received:
    10
    Trophy Points:
    18
    Location:
    Canada
    cPanel Access Level:
    Root Administrator
    The server's hard drives were partitioned, formated and its OS (CentOS 7.5) was installed on wednesday the 25th (5 days ago). No sites were running on this server before cPanel was installed. Sites were running on the older server for years. Installing cPanel was the very first thing I did immediately after booting successfully in CentOS 7.5 for the first time following the hard drive partitionning and OS installation. Sites were all transferred using the "Transfer Tool" from server-A to server-B both on WHM 72.0 and this transfer process generated a bunch of issues that I still get to slowly fix, many of these were reported as forum posts on here by me over the last 5 days. Some still unresolved SO FEEL FREE TO CHECK THEM OUT! ;-) ;-)

    MPM = Apache 2.4 is that what you wanted? Please explain further if this is not what you're after.

    OWASP = OWASP ModSecurity Core Rule Set V3.0 / 100% vanilla/default rules set (no additional rule, no custom rule) except that I had to disable 4 rules that are really annoying, almost totally useless and interfering A LOT with my sites, basically generating 100% false positives and blanking out multiple pages of my sites. Something as silly as a script containing $_GET['user']. Rules like these are way too vague/abstract. They restrict a lot and don't block many attacks. It's not like the browser tried to mess with a SESSION var or a COOKIE. It's just a GET parameter... and one that the PHP programmer legitimately wants to use. /end of ranting
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice