PHP safelock failed to create a lockfile

[Flyer]

I have WHM v102.0.14 with PHP 8.0.18. Since upcp ran last night, PHP reports the following error on startup:

warn

 safelock: Failed to create a lockfile '/etc/userdatadomains.lock-b232a7f711a9-4100a619-1250' in the directory '/etc' that isn't writable: Permission denied at /usr/local/cpanel/Cpanel/SafeFile.pm line 430.

This only happens with the user that I log in to the server with using ssh.  root and other users with their own cPanel domains are OK.  How do I fix it?

 

[kodeslogic]

Which OS you are using?
If by chance you are using CloudLinux then you try disabling/reenabling CageFS for that account.

 

[Flyer]

I'm using CentOS 7.9.2009 on an Azure VM and haven't knowingly done anything with CageFS.

 

[kodeslogic]

Please share the output for the following command:

# ls -ld /etc

# ls -l /etc/userdatadomains

 

[Flyer]

$ ls -ld /etc
drwxr-xr-x. 118 root root 12288 May 4 14:50 /etc
$ ls -l /etc/userdatadomains
-rw-r-----. 1 root mail 873 May 4 09:14 /etc/userdatadomains

/etc/userdatadomains doesn't contain any information about the account I use to login to the server via ssh.

 

[cPRex]

/etc/userdatadomains doesn't contain any information about the account I use to login to the server via ssh.

This could be the key here - is your SSH user also a cPanel user?

 

[Flyer]

This could be the key here - is your SSH user also a cPanel user?

It's a non-root account that was created before cPanel was installed. It's been able to run PHP programs, until today. PHP was last updated on 20. April. It's not obvious from last night's cpup log that anything was updated then.

 

[cPRex]

I'm not sure there's going to be much help we can provide with that. Since cPanel doesn't control or manage those types of users, and we don't recommend anything is created before the cPanel installation takes place, you'll have to check things on your side.

You can check the Yum logs on the machine in /var/log/yum.log on a CentOS 7 machine and that would list any packages that were updated.

 

[Flyer]

$ sudo tail /var/log/yum.log
Apr 26 23:28:26 Updated: mysql-connector-c++-jdbc-8.0.29-1.el7.x86_64
Apr 26 23:28:27 Updated: mysql-connector-odbc-8.0.29-1.el7.x86_64
Apr 26 23:28:28 Updated: mysql-community-icu-data-files-8.0.29-1.el7.x86_64
Apr 26 23:28:38 Updated: mysql-community-server-8.0.29-1.el7.x86_64
Apr 26 23:28:38 Updated: mysql-connector-odbc-setup-8.0.29-1.el7.x86_64
Apr 26 23:28:41 Updated: mysql-connector-c++-devel-8.0.29-1.el7.x86_64
Apr 26 23:28:41 Updated: mysql-community-libs-compat-8.0.29-1.el7.x86_64
Apr 26 23:28:41 Updated: mysql-community-devel-8.0.29-1.el7.x86_64
Apr 26 23:28:42 Updated: 1:mysql-connector-java-8.0.29-1.el7.noarch
Apr 26 23:28:56 Updated: mysql-shell-8.0.29-1.el7.x86_64

This has been working for a couple of years. I'm not sure at what stage the ssh user was created, but it existed when I was first able to access the Azure VM with Centos 7 and cPanel already installed, after it was created from a stock Azure image. The lock file must be a feature of cPanel, as /usr/local/cpanel/Cpanel/SafeFile.pm is failing to create it, so I don't agree that this is not a cPanel issue. Why is it getting involved when simply running this command?

$ php --version

 

[cPRex]

Oh I definitely think a change to something in cPanel caused the issue, but this isn't a type of access we would normally support so I'm not able to sure what that was or how you'd go about fixing it.

 

[dad-min]

Hello, I just registered this account to let you know I'm running into the same problem as of today 05/04/22 (the same CLI commands yesterday did not throw error)
Godaddy gen 4 VPS
CentOS v7.9.2009
cPanel & WHM v102.0.14 (STANDARD)

warn

 safelock: Failed to create a lockfile '/etc/userdatadomains.lock-259bee0982fbf-cf99c699-166cb' in the directory '/etc' that isn't writable: Permission denied at /usr/local/cpanel/Cpanel/SafeFile.pm line 430.
        Cpanel::SafeFile::_write_temp_lock_file("/etc/userdatadomains.lock", "/etc/userdatadomains") called at /usr/local/cpanel/Cpanel/SafeFile.pm line 794
        Cpanel::SafeFile::_lock_wait("/etc/userdatadomains", Cpanel::SafeFileLock=ARRAY(0x243fee0), "/etc/userdatadomains.lock") called at /usr/local/cpanel/Cpanel/SafeFile.pm line 349

 

[cPRex]

@dad-min - can you let me know what operation you're performing that leads to this error? Are just restarting the PHP service in WHM or performing some work in cPanel?

 

[Flyer]

I've submitted a support request.

 

[cPRex]

Can you post the ticket number here once you have it so I can follow along?

 

[dad-min]

@dad-min - can you let me know what operation you're performing that leads to this error? Are just restarting the PHP service in WHM or performing some work in cPanel?

Actually, I was just running the reindex command via cli for my magento 2 store

php bin/magento indexer:reindex​

Although it throws error using any php command via CLI... (which luckily end up getting executed still so I was able to reindex the catalog)

ls -ld /etc
drwxr-xr-x. 106 root root 12288 May 4 13:00 /etc
ls -l /etc/userdatadomains
-rw-r----- 1 root mail 253 May 4 11:36 /etc/userdatadomains

 

[cPRex]

Much like in a cron command, you'll likely get better results when calling the full path to the PHP binary, as outlined here:

EasyApache 4 and the ea-php-cli Package | cPanel & WHM Documentation

The ea-php-cli package is EasyApache 4's replacement for the system-provided /usr/bin/php binary.

docs.cpanel.net

 

[dad-min]

Much like in a cron command, you'll likely get better results when calling the full path to the PHP binary, as outlined here:

EasyApache 4 and the ea-php-cli Package | cPanel & WHM Documentation

The ea-php-cli package is EasyApache 4's replacement for the system-provided /usr/bin/php binary.

docs.cpanel.net

Interesting, I appreciate the articles, although I use the command:

source /opt/cpanel/ea-php74/enable​

which I'm pretty sure adds the full php path to my PATH file (at leastz my ssh instance)

Regardless, the same command has worked fine for years

 

[cPRex]

And this was when you were logged in to SSH as the cPanel user directly, correct?

 

[dad-min]

And this was when you were logged in to SSH as the cPanel user directly, correct?

No, my Cpanel user doesn't have shell access. I have a file system owner and a web server user - as per magento 2.4 docs.
I ssh in with one user to run composer, php commands, etc. The other user is the owner of the directory. They are both in the same user group.

 

[cPRex]

I checked both System requirements | Adobe Commerce Developer Guide and Installation flow | Adobe Commerce Developer Guide and I didn't see anything about a user. Can you point me to the correct documentation?