The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

tmp folder

Discussion in 'Data Protection' started by mmscwebmaster, Mar 8, 2007.

  1. mmscwebmaster

    mmscwebmaster Member

    Joined:
    Mar 6, 2007
    Messages:
    14
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    UK
    There is a folder called tmp at the root level on the cPanel website which I am now managing. Can all these historic files be deleted without upsetting anything?
     
  2. 1a-Websolutions

    1a-Websolutions Active Member

    Joined:
    Aug 24, 2006
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    6
    Hi,

    don't delete mysql.sock - all other Data can you delete.

    If you delte mysql.sock you need to restart the Mysql - if it don't work - restart the Server.

    Regards
     
  3. shivinvijai

    shivinvijai Member

    Joined:
    Mar 1, 2007
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    1
    Securing /tmp Partition

    Hi,

    It would be worthwhile to give /tmp it's own partition and mount it using noexec- This would protect your system from MANY local and remote exploits of rootkits being run from your /tmp folder.

    What we are doing it creating a file that we will use to mount at /tmp. So log into SSH and SU to root so we may being!

    cd /dev

    dd if=/dev/zero of=tmpMnt bs=1024 count=100000

    Make an extended filesystem for our tmpMnt file

    /sbin/mke2fs /dev/tmpMnt

    Backup your /tmp dir- I had mysql.sock file that I needed to recreate the symbolic link for. Other programs may use it to store cache files or whatever.

    cd /

    cp -R /tmp /tmp_backup

    Mount the new /tmp filesystem with noexec

    mount -o loop,noexec,nosuid,rw /dev/tmpMnt /tmp

    chmod 1777 /tmp

    Copy everything back to new /tmp and remove backup

    cp -R /tmp_backup/* /tmp/

    rm -rf /tmp_backup

    Now we need to add this to fstab so it mounts automatically on reboots.

    vi /etc/fstab

    You should see something like this:

    /dev/hda3 / ext3 defaults,usrquota 1 1
    /dev/hda1 /boot ext3 defaults 1 2
    none /dev/pts devpts gid=5,mode=620 0 0
    none /proc proc defaults 0 0
    none /dev/shm tmpfs defaults 0 0
    /dev/hda2 swap swap defaults 0 0

    At the bottom add
    /dev/tmpMnt /tmp ext2 loop,noexec,nosuid,rw 0 0

    (Each space is a tab)
    Save it!

    Your done- /tmp is now mounted as noexec. You can sleep a little bit safer tonight. I created a hello world c++ and compiled it then moved it to /tmp. Upon trying to run it (even chmod +x'ed), it gives the following error:

    bash: ./a.out: Permission denied

    Thanks
     
  4. ramprage

    ramprage Well-Known Member

    Joined:
    Jul 21, 2002
    Messages:
    667
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Canada
  5. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,458
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    /scripts/securetmp also creates a loopback file to mount noexec on /tmp

    It does that if /tmp is not already a partition (slice for FreeBSD)

    It usually runs in /etc/rc.local
     
  6. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,451
    Likes Received:
    195
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    Lots of great stuff there too. :)



    typo check


    :p
     
Loading...

Share This Page