UnixServerAdmin

Server Administration & Management

How to clear /tmp partition

Here is following commands to clear unwanted stuff from the /tmp partition on the server?

# tmpwatch –mtime –all 48 /tmp

The above command will remove all files and folders from the /tmp which have not been accessed in the last couple of days (24×2=48). You can modify the number of hours as required.

Advertisements

July 2, 2011 Posted by | Tips & Tricks, Unix/Linux | , , , | Leave a comment

How to secure /tmp directory

Step 1: Backup your /etc/fstab file

# cp /etc/fstab /etc/fstab.bak

Step 2: Make a 3GB file for /tmp parition and an ext3 filesystem for tmp:

# dd if=/dev/zero of=/var/tempFS bs=1024 count=3072000 /sbin/mkfs.ext3 /var/tempFS

*Change the count= to something higher if you need more space*

Step 3: Create a backup copy of your current /tmp drive:

# cp -Rpf /tmp /tmpbackup

Step 4: Mount our new tmp parition and change permissions

# mount -o loop,noexec,nosuid,rw /var/tempFS /tmp

# chmod 1777 /tmp

Step 5: Copy the old data

# cp -Rpf /tmpbackup/* /tmp/

* If your /tmp was empty earlier, you might get this error : cp: cannot stat `/tmp.bak/*’: No such file or directory

Step 6: Edit /etc/fstab and add this

# vi /etc/fstab

And ADD this line:

/var/tempFS /    tmp    ext3    loop,nosuid,noexec,rw    0    0

Step 7: Test your fstab entry

# mount -o remount /tmp

Step 8: Verify that your /tmp mount is working

# df -h

Should look something like this

/var/tempFS           962M   18M  896M   2% /tmp

———————————————————————————————————-

Secure /var/tmp

Step 1: Use /tmp as /var/tmp

# mv /var/tmp /var/vartmp

# ln -s /tmp /var/tmp

Step 2: Copy the old data back

# cp /var/vartmp/* /tmp/

* If your /var/tmp was empty earlier, you might get this error : cp: cannot stat `/var/vartmp/*’: No such file or directory

———————————————————————————————————-

Secure /dev/shm

Step 1: Edit your /etc/fstab

# vi /etc/fstab

Locate: none /dev/shm tmpfs defaults,rw 0 0

Change it to: none /dev/shm tmpfs defaults,nosuid,noexec,rw 0 0

Step 2: Remount /dev/shm

# mount -o remount /dev/shm

You should restart services that uses /tmp partition

———————————————————————————————————-

For cPanel

# /scripts/securetmp

April 20, 2011 Posted by | cPanel, Security, Tips & Tricks | , , , | 4 Comments

Increasing the Size of /tmp Directory

By Default, cPanel’s /tmp partition size is 1024 MB to5120 MB, which in some cases can be way too small.  The /tmp partition on cPanel servers is a file-based partition that can easily be resized.

By default on most servers, /tmp is the temporary dumping place for a lot of things, for example:

  • PHP session files
  • PHP temporary file uploads
  • MySQL temporary files
  • Cache files for certain Apache modules
  • Others temporary files

Most software that uses temporary files or sessions will automatically prefer to use /tmp – this folder is usually set to 777  permissions and therefore writeable by every user on the server.

When your /tmp partition fills up, it can cause noticeable problems for your users. If you run a larger server, the /tmp folder can fill up quickly and be very annoying as far as maintenance is concerned. So there is a following way to increase the size of this partition on a standalone server.

  1. Stop MySQL, Apache, and cPanel services to prevent writing to the /tmp partition
  2. Copy the contents of /tmp to another location, such as /home or /root (cp -rfp /tmp /home)
  3. Unmount /tmp. If you’re unable to, you can do an lsof (lsof |grep /tmp) to see what processes are still writing to it, and kill them off. Or do a lazy unmount (umount -l /tmp)(-l options is use for focefully umount the partition) .
  4. Delete /usr/tmpDSK (rm -rf /usr/tmpDSK)

Now open /scripts/securetmp and look for this line:

#tmpdsksize     = 1024000;    # Must be larger than 250000

And change the “1024000″ value to your desired size in MB, and save the file. Now run the following script to recreate /tmp:

#/scripts/securetmp

This will recreate your /tmp (tmpDSK) partition using the size you specified. While the securetmp script may be overwritten in a cPanel update, the size of /tmp will not be affected one you alter its size.

January 5, 2011 Posted by | Unix/Linux | , , | 3 Comments