HPE Community
Operating System - HP-UX
1752288 Members
4691 Online
108786 Solutions
New Discussion юеВ

Re: /tmp change permission

 
Diyana
Occasional Contributor

тАО06-20-2011 12:20 AM

тАО06-20-2011 12:20 AM

/tmp change permission

I gave permission 777 to directory /tmp but unexpectedly the permission change. How to investigate this?
0 Kudos
Reply
9 REPLIES 9
g3jza
Esteemed Contributor

тАО06-20-2011 12:26 AM

тАО06-20-2011 12:26 AM

Re: /tmp change permission

Hi,

/tmp should be recreated each time the server reboots, as it should be 'temporary' , maybe that's the reason why it was changed....
0 Kudos
Reply
Diyana
Occasional Contributor

тАО06-20-2011 12:56 AM

тАО06-20-2011 12:56 AM

Re: /tmp change permission

the permission of /tmp was change without server rebooted...
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

тАО06-20-2011 01:07 AM

тАО06-20-2011 01:07 AM

Re: /tmp change permission

What was the permissions changed to?
For security, it should be 777 plus the sticky bit: 1777
0 Kudos
Reply
Diyana
Occasional Contributor

тАО06-20-2011 01:13 AM

тАО06-20-2011 01:13 AM

Re: /tmp change permission

/tmp was changed from 777 to 755..our batch job was failed due to this permission change..
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

тАО06-20-2011 01:29 AM

тАО06-20-2011 01:29 AM

Re: /tmp change permission

>/tmp was changed from 777 to 755.

Hmm, this isn't a reasonable security change from a tool like Bastille.
Who is the owner of /tmp/? I.e. can only root change the permissions?
If so, you need to track down some root crontab script that may be doing that.
0 Kudos
Reply
Dennis Handly
Acclaimed Contributor

тАО06-20-2011 01:35 AM

тАО06-20-2011 01:35 AM

Re: /tmp change permission

If you can't find the root crontab that's changing the permissions, you may have to turn on auditing for chmod, until you find it.
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО06-26-2011 06:32 PM

тАО06-26-2011 06:32 PM

Re: /tmp change permission

The permissions for /tmp can only be changed by the root user -- unless root has changed the permission of / to alllow other users to destroy your system. The top level directories should not be changed. You need to locate either the root user that is making these changes or look for some program or script that is causing this error. There may be a misguided reason to changing a directory from 777 to 755 -- 777 means that any user can add or delete files or directories, not often a desirable feature. But for /tmp (and /var/tmp), it is mandatory. The only valid change would be to prevent users from removing or renaming files or directories that they do not own. In this case, 1777 permission is a valid solution. But as you have seen, 755 is incorrect for /tmp and /var/tmp and will break a lot of programs.



Bill Hassell, sysadmin
0 Kudos
Reply
Steven E. Protter
Exalted Contributor

тАО06-27-2011 06:35 AM

тАО06-27-2011 06:35 AM

Re: /tmp change permission

/tmp file system is designed to be open. Many applications, oracle for example, need /tmp to be open in order to function correctly.

This is one of those things you probably don't want to play around with. Great way to break programs.
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Hakki Aydin Ucar
Honored Contributor

тАО06-28-2011 04:17 AM

тАО06-28-2011 04:17 AM

Re: /tmp change permission

if any advise does not work recommended here, may be you can try to use HP HIDS (Host Intruder Detection System) to catch who did what to the files OR dircetories. it is my favorite software from HP. I believe it is free of charge.

Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.