-   Linux - Security (
-   -   permissions suddenly changed for /tmp (

rioguia 12-10-2004 09:55 AM

permissions suddenly changed for /tmp
I'm not sure this is the right forum. I have some software installed on several different virtually hosted sites using Fedora Core 2(spec's below). They recently all stopped working at the same time even though this sofware (gallery) has not changed.

The error complains variously about the inability to write to files or directories. This makes me think that I have activated the SE features in Linux or that a recent rpm update rpm (i use the automated yum system) may have had a similar effect. . I think it's a security setting because the software is looking for tmp/root-tmp.4882549/files. This is not a file I have ever created or seen. The original setting was simply /tmp/gallery.

My /var/log/httpd/ file gives these errors:


[client] PHP Warning: File upload error - unable to create a temporary file in Unknown on line 0, referer:

In searching google and forums, I have come up against similar issues for this software and they all seem to be related to Fedora. I have responded to the error messages by confirming the settings for the permissions but the software still gives the same error message. It's my guess that there is some sort of security policy being inforced here but it's really a wild guess since I have never enabled SE on my box and have never worked with it. When I was reading an article SE Linux from a google search, the format of the files looked similar:


user faye creates a file named test in her home directory. She then runs the command ls --context test and sees

-rw-r--r-- faye faye faye:object_r:user_home_t test

She then creates a file in /tmp called tmptest and runs the command ls --context /tmp/tmptest This time, the result is

-rw-r--r-- faye faye faye:object_r:user_tmp_t /tmp/tmptest

In the first example, the security context includes the type "user_home_t" which is the default type for the home directory of an unprivileged user in the user_r role. After running the second ls --context command, you can see that the type is user_tmp_t which is the default type that is used for files created by a user_t process, in a directory with a tmp_t type.

Galllery URL:
Gallery version:
gallery. versions (1.41-1.44 and 1.4.5-cvs-b253)
Apache version: apache-2.0.51-2.9
PHP version (don't just say PHP 4, please):
PHP Version 4.3.8
Graphics Toolkit:
Operating system:
Fedora Core 2

rioguia 12-12-2004 01:34 PM

ecurity settings established by bastille
I solved my version of this problem. It appears to be related to the security settings established by bastille. With this feature disabled, i ran the weekly cron job with a setting to delete all tmp files older than one day. after that everything worked fine.
/usr/sbin/tmpwatch 24 /tmp # one day

All times are GMT -5. The time now is 02:41 AM.