The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Remove noexec,nosuid from /tmp partition

Discussion in 'General Discussion' started by MarkPW, Oct 7, 2006.

  1. MarkPW

    MarkPW Member

    Joined:
    Jun 8, 2003
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    I run CentOS 4.4 on my dedicated server and I'm trying to remove "noexec,nosuid" from my /tmp parition temporarily so I can install FFMPEG.

    I've ran "chmod 1777 /tmp" and removed these flags from my /etc/fstab file, but it doesn't work.

    When running "mount", it returns (I've left out all that's not related to tmp):

    Code:
    /dev/hda7 on /tmp type ext3 (rw,noexec,nosuid)
    
    /tmp on /var/tmp type none (rw,noexec,nosuid,bind)
    My provider assumes it's cPanel that is blocking the process of changing the permissions, so I wonder if anybody knows is this is true and how I'm supposed to get around it?

    Any help would be extremely appreciated.
     
  2. jester.ro

    jester.ro Well-Known Member
    PartnerNOC

    Joined:
    Feb 6, 2004
    Messages:
    304
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Bucharest, Romania
    cPanel Access Level:
    DataCenter Provider
    fstab is read only after a reboot, so maybe you didn't reboot after changing it?


    try
    mount -o remount /tmp

    after you modified fstab.
     
  3. designeru

    designeru Well-Known Member

    Joined:
    Nov 2, 2005
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    6
    Hint!

    ... or even better, try:

    # mount /tmp -o remount,rw
     
  4. MarkPW

    MarkPW Member

    Joined:
    Jun 8, 2003
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    @jester - I did reboot, and although fstab shows none of those permissions on, mount shows that they remain.

    Now you guys have given me two options for remounting, which one should I use? :confused:

    And will it be necessary to copy the files/directories and move them back into /tmp once remount has complete?

    Thanks for your help, it's truly appreciated. :cool:
     
  5. jester.ro

    jester.ro Well-Known Member
    PartnerNOC

    Joined:
    Feb 6, 2004
    Messages:
    304
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Bucharest, Romania
    cPanel Access Level:
    DataCenter Provider
    write "mount" in a ssh conole, and give us the output.

    i think you're using the /scripts/securetmp to create/secure the tmp partition.

    try designeru's command.(no, you don't need to copy any files)
     
  6. MarkPW

    MarkPW Member

    Joined:
    Jun 8, 2003
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    # mount
    /dev/hda2 on / type ext3 (rw,usrquota)
    none on /proc type proc (rw)
    none on /sys type sysfs (rw)
    none on /dev/pts type devpts (rw,gid=5,mode=620)
    usbfs on /proc/bus/usb type usbfs (rw)
    /dev/hda1 on /boot type ext3 (rw)
    none on /dev/shm type tmpfs (rw)
    /dev/hda8 on /home type ext3 (rw,usrquota)
    /dev/hda7 on /tmp type ext3 (rw,noexec,nosuid)
    /dev/hda6 on /usr type ext3 (rw,usrquota)
    /dev/hda5 on /var type ext3 (rw,usrquota)
    none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
    sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
    /tmp on /var/tmp type none (rw,noexec,nosuid,bind)

    /etc/fstab
    Code:
    /dev/hda2                 /                       ext3    defaults,usrquota        1 1
    /dev/hda1                 /boot                   ext3    defaults        1 2
    none                      /dev/pts                devpts  gid=5,mode=620  0 0
    none                      /dev/shm                tmpfs   defaults        0 0
    /dev/hda8                 /home                   ext3    defaults,usrquota        1 2
    none                      /proc                   proc    defaults        0 0
    none                      /sys                    sysfs   defaults        0 0
    /dev/hda7                 /tmp                    ext3    defaults        1 2
    /dev/hda6                 /usr                    ext3    defaults,usrquota        1 2
    /dev/hda5                 /var                    ext3    defaults,usrquota        1 2
    /dev/hda3                 swap                    swap    defaults        0 0
    So should I be ok to go ahead with designeru's command?

    Thanks again :)
     
  7. designeru

    designeru Well-Known Member

    Joined:
    Nov 2, 2005
    Messages:
    83
    Likes Received:
    0
    Trophy Points:
    6
    a little trust...

    you don't trust me? Actually, i won't trust me either... i don't know me.

    P.S. The worse that could happen can be resolved with a reboot...
     
  8. MarkPW

    MarkPW Member

    Joined:
    Jun 8, 2003
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    I didn't mean to offend you designeru ;) I trust you, but I want to make sure you have all the info just incase I need to do something differently.

    EDIT: You were correct designeru... thank you so much! :D

    EDIT 2: For some reason, when I reboot, I can't write anything to /tmp, yet permissions noexec,nosuid do not re-appear on mount or fstab. So I have to run the command above everytime I need write access to /tmp. Is that normal?
     
    #8 MarkPW, Oct 7, 2006
    Last edited: Oct 7, 2006
  9. wookiee

    wookiee Well-Known Member

    Joined:
    Feb 28, 2005
    Messages:
    48
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Las Vegas
    As the original poster wrote, I, too, am trying to install ffmpeg.
    I tried all the above steps but still get an error

    fstab line is...

    /dev/hda7 /tmp ext3 defaults 1 2

    mount /tmp -o remount,rw

    mount shows /tmp on /var/tmp type none (rw,noexec,nosuid,bind)

    tried ./configure --enable-shared

    Unable to create and execute files in /tmp. Set the TMPDIR environment
    variable to another directory and make sure that /tmp is not mounted
    noexec.
    Sanity test failed.
     
  10. ramprage

    ramprage Well-Known Member

    Joined:
    Jul 21, 2002
    Messages:
    667
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Canada
    If you used the securetmp script you need to remove it from boot up:

    Check these files for securetmp

    /etc/rc.d/rc.local
    /etc/rc.local

    Remove if it you see it. This runs the /scripts/securetmp upon booting.
     
  11. psychodreams

    psychodreams Well-Known Member

    Joined:
    Apr 14, 2004
    Messages:
    84
    Likes Received:
    0
    Trophy Points:
    6
    Hmm

    Im having the same issue. I have commented out secruetemp out of both those files and changed the fstab and something on bootup still keeps securing the tmp drive any suggestions on any other files that might force securetemp on bootup
     
  12. cPanelNick

    cPanelNick Administrator
    Staff Member

    Joined:
    Mar 9, 2015
    Messages:
    3,426
    Likes Received:
    2
    Trophy Points:
    38
    cPanel Access Level:
    DataCenter Provider
    Why do you want to unsecure tmp ?
     
  13. psychodreams

    psychodreams Well-Known Member

    Joined:
    Apr 14, 2004
    Messages:
    84
    Likes Received:
    0
    Trophy Points:
    6
    :)

    FFMPEG will not allow you to install without doing it
    Unable to create and execute files in /tmp. Set the TMPDIR environment
    variable to another directory and make sure that /tmp is not mounted
    noexec.
    Sanity test failed.

    I was going to renable immediatly after installation
     
  14. jdlightsey

    jdlightsey Perl Developer III
    Staff Member

    Joined:
    Mar 6, 2007
    Messages:
    126
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Houston Texas
    cPanel Access Level:
    Root Administrator
    Setting TMPDIR would be far easier

    export TMPDIR=~/tmp-ffmpeg
    mkdir $TMPDIR
    ./configure <whatever flags>
    make
    make install
    rm -rf $TMPDIR
    export TMPDIR=
     
  15. psychodreams

    psychodreams Well-Known Member

    Joined:
    Apr 14, 2004
    Messages:
    84
    Likes Received:
    0
    Trophy Points:
    6
    lol

    Could you be a little more desriptive when it comes to cpanel Im very familiar about what configurations to do but Ive never got the fstab and mount down correctly
    what exactly will this do, as i said i just need to allow it fro the install then switch back to defaults
     
  16. psychodreams

    psychodreams Well-Known Member

    Joined:
    Apr 14, 2004
    Messages:
    84
    Likes Received:
    0
    Trophy Points:
    6
    :)

    was able to relcove by
    commaneting out thses lines in the configure file

    # set temporary file name
    #if test ! -z "$TMPDIR" ; then
    # TMPDIR1="${TMPDIR}"
    #elif test ! -z "$TEMPDIR" ; then
    # TMPDIR1="${TEMPDIR}"
    #else
    #TMPDIR1="/home/username/tmp"
    #fi
     
Loading...

Share This Page