SOLVED Help with unknown file in /tmp folder

[hello-electro]

Hi, I started getting the following error for one of my sites. It occurs every time I log into WordPress from the domain. And is thrown on virtually every backend page.

[Wed Dec 07 02:12:11.236353 2016] [cgi:error] [pid 1523] [client 108.XX.XX.XX:38962] AH01215: PHP Warning:  Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct () in Unknown on line 0: /usr/local/cpanel/cgi-sys/ea-php70, referer: https://XXXXX.co/wp-admin/admin.php?page=mainwp_tab

Also:

[Wed Dec 07 02:10:50.363361 2016] [cgi:error] [pid 1936] [client XXX.XX.XX.XX:XXXXX] AH01215: PHP Warning:  Unknown: Failed to write session data (files). Please verify that the current setting of session.save_path is correct () in Unknown on line 0: /usr/local/cpanel/cgi-sys/ea-php70, referer: https://XXXXXX.co/

I tought it was one of my plugins, but the error shows up for more than just the mainwp_tab.

When I went into my /tmp folder, there is a file that looks like this:

-rw-r--r-- 1 XXXXXX      XXXXXXX          0 Dec  7 01:49 lock103218.txt

The XXXXXX is my domain. What is does the lock....txt mean? Is this file supposed to be here?

Any help would be greatly appreciated!

 

[cPanelMichael]

Hello,

You can upload a PHPINFO file to that account to verify the "session.save_path" that's configured. If it's /tmp, verify the partition is not at it's disk space or inode limit:

df -h
df -i

Regarding the .txt files in the /tmp directory, you can see additional threads where similar questions are answered by entering a term such as this on Google:

txt files /tmp site:forums.cpanel.net

Let us know if this helps.

Thank you.

 

[hello-electro]

Thanks for responding! Not sure this matters but FYI, this is only occuring with my reseller user. I have about 30 other vhosts that dont have this issue. Here are the results:

phpinfo: session.save_path Local and Master value = null

Size of directories:

df -h
Filesystem      Size  Used Avail Use% Mounted on
/dev/vda1        79G   35G   40G  47% /
devtmpfs        3.9G     0  3.9G   0% /dev
tmpfs           3.9G     0  3.9G   0% /dev/shm
tmpfs           3.9G   33M  3.8G   1% /run
tmpfs           3.9G     0  3.9G   0% /sys/fs/cgroup
tmpfs           783M     0  783M   0% /run/user/0
tmpfs           783M     0  783M   0% /run/user/988

df -i
Filesystem      Inodes  IUsed   IFree IUse% Mounted on
/dev/vda1      5171200 472804 4698396   10% /
devtmpfs        999094    323  998771    1% /dev
tmpfs          1001366      1 1001365    1% /dev/shm
tmpfs          1001366    513 1000853    1% /run
tmpfs          1001366     13 1001353    1% /sys/fs/cgroup
tmpfs          1001366      1 1001365    1% /run/user/0
tmpfs          1001366      1 1001365    1% /run/user/988

Thanks also for the search terms, I really wasn't sure where to start. I did look at ownership for this file and it shows for the user I am having the issue with and following permissions:

-rw-r--r-- 1 MYUSER      MYSUSER           0 Dec  7 03:03 lock103218.txt

I also ran securetmp script.

I believe that seemed to fix the issue. NewRelic had a seizure but we worked it out. I looked through the various google search, but still am unsure of what "lock103218.txt" is. Is this safe to delete? Is it related to me being in the directory?

Thanks for your help so far!

 

[cPanelMichael]

I looked through the various google search, but still am unsure of what "lock103218.txt" is. Is this safe to delete? Is it related to me being in the directory?

It's difficult to know for sure the purpose or source of that file . You could review the scripts uploaded to the account of the username it's associated with to see if any of them are writing files to the /tmp directory. Deleting it shouldn't cause any problems as it's stored in the /tmp partition and is an empty file.

Thank you.