mod_perl can't see files in /tmp

By | December 11, 2017
Questions:

I have some mod_perl code trying to access a file under /tmp … but it throws a ‘no such file or directory’ error. I added an ‘ls -al /tmp’ to my code to see what Perl was seeing inside the directory, and it only gave me . and .. :

drwxrwxrwt.  2 root root        6 Jan 21 13:36 .
drwxrwxrwx. 18 root sysadmin 4096 Nov 22 22:14 ..

In reality there are a mixture of files under /tmp, including some owned by the Apache user. Changing my code to ‘ls -al /’ gives a correct directory listing (nothing missing).

I tried sudo’ing to the Apache user, and can see under /tmp file, so it must be something mod_perl related.

Ideas? I’m running mod_perl 2.0.8 and Apache 2.4 under CentOS 7. SELinux is set to permissive.

Answers:

So based on comments the answer here is – it’s an RHEL 7 feature.
https://securityblog.redhat.com/2014/04/09/new-red-hat-enterprise-linux-7-security-feature-privatetmp/

PrivateTmp=

Takes a boolean argument. If true sets up a new file system
namespace for the executed processes and mounts a private /tmp
directory inside it, that is not shared by processes outside of
the namespace. This is useful to secure access to temporary files
of the process, but makes sharing between processes via /tmp
impossible. Defaults to false.

Leave a Reply

Your email address will not be published. Required fields are marked *