The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

securetmp script

Discussion in 'General Discussion' started by sh4ka, Aug 19, 2005.

  1. sh4ka

    sh4ka Well-Known Member

    Joined:
    May 12, 2005
    Messages:
    442
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    US
    cPanel Access Level:
    DataCenter Provider
    I tried the "securetmp" script... the process finished OK, then I "cat /etc/fstab" and the partition is not there ?

    root@server [~]# cat /etc/fstab
    /dev/hda3 / ext3 defaults,usrquota 1 1
    /dev/hda1 /boot ext3 defaults 1 2
    none /dev/pts devpts gid=5,mode=620 0 0
    none /proc proc defaults 0 0
    none /dev/shm tmpfs defaults 0 0
    /dev/hda2 swap swap defaults 0 0


    Do I have to run "mount -o loop,noexec,nosuid,rw /usr/tmpDSK /tmp" in the shell ?

    And do I have to add to the bottom of fstab this "/usr/tmpDSK /tmp ext2 loop,noexec,nosuid,rw 0 0"..... ¿?¿?

    Do I have to run this command or the "securetmp" script do it all by itself ?


    How can I ensure that the script made the changes ?


    thkz!
     
    #1 sh4ka, Aug 19, 2005
    Last edited: Aug 19, 2005
  2. Blue|Fusion

    Blue|Fusion Well-Known Member

    Joined:
    Sep 12, 2004
    Messages:
    378
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Cleveland, Ohio
    You should have /scripts/securetmp --auto in /etc/rc.local.

    It doesn't use /etc/fstab. And you can see the partion with mount and the sizes and space used with df -h
     
  3. kofi

    kofi Well-Known Member
    PartnerNOC

    Joined:
    Feb 3, 2004
    Messages:
    72
    Likes Received:
    0
    Trophy Points:
    6
    I'd do the following:

    cd /usr
    dd if=/dev/zero of=tmpMnt bs=1024k count=512
    /sbin/mke2fs /usr/tmpMnt

    cd /
    cp -R /tmp /tmp_backup
    mount -o loop,noexec,nosuid,rw /usr/tmpMnt /tmp
    chmod 0777 /tmp
    cp -R /tmp_backup/* /tmp/
    rm -rf /tmp_backup

    Add the following line to your /etc/fstab (and make sure you also remove the previous entry for /tmp):
    /usr/tmpMnt /tmp ext2 loop,noexec,nosuid,rw 0 0

    This way the cPanel script does not need to run everytime on startup, it also creates a 512MB /tmp drive which is more practical.
     
  4. sh4ka

    sh4ka Well-Known Member

    Joined:
    May 12, 2005
    Messages:
    442
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    US
    cPanel Access Level:
    DataCenter Provider
    ok

    the cpanel script works great!
    i know the other method to secure the tmp but this is more faster :) and just as well as the other.

    thanks guys.
     
  5. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    That should be:

    chmod 1777 /tmp

    Or you will have problems (esp. security ones).
     
Loading...

Share This Page