Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 12-10-2004, 09:55 AM   #1
Registered: Jun 2002
Posts: 411

Rep: Reputation: 30
permissions suddenly changed for /tmp

I'm not sure this is the right forum. I have some software installed on several different virtually hosted sites using Fedora Core 2(spec's below). They recently all stopped working at the same time even though this sofware (gallery) has not changed.

The error complains variously about the inability to write to files or directories. This makes me think that I have activated the SE features in Linux or that a recent rpm update rpm (i use the automated yum system) may have had a similar effect. . I think it's a security setting because the software is looking for tmp/root-tmp.4882549/files. This is not a file I have ever created or seen. The original setting was simply /tmp/gallery.

My /var/log/httpd/ file gives these errors:

[client] PHP Warning: File upload error - unable to create a temporary file in Unknown on line 0, referer:

In searching google and forums, I have come up against similar issues for this software and they all seem to be related to Fedora. I have responded to the error messages by confirming the settings for the permissions but the software still gives the same error message. It's my guess that there is some sort of security policy being inforced here but it's really a wild guess since I have never enabled SE on my box and have never worked with it. When I was reading an article SE Linux from a google search, the format of the files looked similar:

user faye creates a file named test in her home directory. She then runs the command ls --context test and sees

-rw-r--r-- faye faye faye:object_r:user_home_t test

She then creates a file in /tmp called tmptest and runs the command ls --context /tmp/tmptest This time, the result is

-rw-r--r-- faye faye faye:object_r:user_tmp_t /tmp/tmptest

In the first example, the security context includes the type "user_home_t" which is the default type for the home directory of an unprivileged user in the user_r role. After running the second ls --context command, you can see that the type is user_tmp_t which is the default type that is used for files created by a user_t process, in a directory with a tmp_t type.

Galllery URL:
Gallery version:
gallery. versions (1.41-1.44 and 1.4.5-cvs-b253)
Apache version: apache-2.0.51-2.9
PHP version (don't just say PHP 4, please):
PHP Version 4.3.8
Graphics Toolkit:
Operating system:
Fedora Core 2

Last edited by rioguia; 12-10-2004 at 09:58 AM.
Old 12-12-2004, 01:34 PM   #2
Registered: Jun 2002
Posts: 411

Original Poster
Rep: Reputation: 30
ecurity settings established by bastille

I solved my version of this problem. It appears to be related to the security settings established by bastille. With this feature disabled, i ran the weekly cron job with a setting to delete all tmp files older than one day. after that everything worked fine.
/usr/sbin/tmpwatch 24 /tmp # one day


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
start menu has suddenly changed pomelo Mandriva 3 11-21-2003 04:24 PM
suddenly unable to change permissions (very strange) hobylinux Linux - Hardware 5 09-15-2003 07:30 PM
permissions in /tmp directory linux_pioneer Linux - Software 1 08-30-2003 11:43 PM
vim suddenly changed colors??? spyghost Linux - Software 5 08-27-2003 11:13 AM
I changed /tmp permissions for Wine, now evolution doesn't work edverb Linux - Software 3 02-28-2003 01:05 AM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 05:09 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration