Oct 022010

From gnode.net

cPanel’s new securetmp script is handy to prevent users from executing malicious code in /tmp or /var/tmp but if your software is like a lot out there and doesn’t have any garbage collection, you’ll find your /tmp partition filling up quickly. By default, cPanel’s script uses a limit of 512MB, and for those with large session data files (storing image data, for instance) this amount is fairly small. I played around with the script and although the 512MB value is easily changed, a good amount of the code would have to be tweaked in order to re-do an existing secured /tmp.

So en lieu of that, I have included below the sequence of commands I used to expand the “partition” to 1GB. I quote it because it’s not really a partition in the normal sense, but a 1GB file mounted as a loop block device. Note that in the instructions below I only stop MySQL, which is due the mysql.sock file it uses, however you will want to stop any other processes using /tmp as well. You can find these by running lsof|grep /tmp and using the output PID/process name to stop accordingly (commonly you will also need to stop the cpanel and apache services as well).

Here are the steps:

# /etc/init.d/mysql stop
# cp -af /var/tmp /var/tmp.bak
# umount /var/tmp
# umount /tmp
# rm -f /usr/tmpDSK
# dd if=/dev/zero of=/usr/tmpDSK bs=1024 count=1048576
# mkfs /usr/tmpDSK
# tune2fs -j /usr/tmpDSK
# mount -t ext3 -o nosuid,noexec,loop /usr/tmpDSK /tmp
# mount -o bind,noexec,nosuid /tmp /var/tmp
# cp -a /var/tmp.bak/* /tmp/
# rm -rf /var/tmp.bak/
# chmod 1777 /tmp
# /etc/init.d/mysql start

You should now see the increase /tmp partition size:

root@server [~]# df -h|grep tmp
/usr/tmpDSK           1006M   13M  993M   1% /tmp
Share This!
 Posted by at 2:31 pm

Sorry, the comment form is closed at this time.