mod_perl在/tmp中看不到文件 [英] mod_perl can't see files in /tmp

问题描述

我有一些mod_perl代码试图访问/tmp下的文件...但是它抛出没有这样的文件或目录"错误.我在代码中添加了"ls -al/tmp"，以查看Perl在目录中看到的内容，它只给了我.和..:

I have some mod_perl code trying to access a file under /tmp ... but it throws a 'no such file or directory' error. I added an 'ls -al /tmp' to my code to see what Perl was seeing inside the directory, and it only gave me . and .. :

drwxrwxrwt.  2 root root        6 Jan 21 13:36 .
drwxrwxrwx. 18 root sysadmin 4096 Nov 22 22:14 ..

实际上，/tmp下混合了一些文件，其中包括Apache用户拥有的文件.将我的代码更改为'ls -al/'可以给出正确的目录列表(不丢失任何内容).

In reality there are a mixture of files under /tmp, including some owned by the Apache user. Changing my code to 'ls -al /' gives a correct directory listing (nothing missing).

我尝试对Apache用户进行sudo'ing操作，并且可以在/tmp文件下看到它，因此它必须与mod_perl相关.

I tried sudo'ing to the Apache user, and can see under /tmp file, so it must be something mod_perl related.

想法?我在CentOS 7下运行mod_perl 2.0.8和Apache 2.4.SELinux设置为宽松.

Ideas? I'm running mod_perl 2.0.8 and Apache 2.4 under CentOS 7. SELinux is set to permissive.

推荐答案

因此，根据评论，这里的答案是-这是RHEL 7功能. https://securityblog.redhat.com/2014/04/09/new-red-hat-enterprise-linux-7-security-feature-privatetmp/

So based on comments the answer here is - it's an RHEL 7 feature. https://securityblog.redhat.com/2014/04/09/new-red-hat-enterprise-linux-7-security-feature-privatetmp/

PrivateTmp =

PrivateTmp=

采用布尔参数.如果为true，则建立新的文件系统 已执行进程的名称空间，并挂载私有的/tmp 其中的目录，该目录不被外部进程共享 命名空间.这对于保护对临时文件的访问很有用 的过程，但通过/tmp进行过程之间的共享 不可能的.默认为false.

Takes a boolean argument. If true sets up a new file system namespace for the executed processes and mounts a private /tmp directory inside it, that is not shared by processes outside of the namespace. This is useful to secure access to temporary files of the process, but makes sharing between processes via /tmp impossible. Defaults to false.

这篇关于mod_perl在/tmp中看不到文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！