发表新帖
发表新帖

Ruby: Could not find a temporary directory

前端 未结
关注
3 1706
时光取名叫无心
时光取名叫无心 2020-12-17 16:40

I am getting some 500 errors in my Passenger Rails app. When looking at the log it appears passenger cannot access the /tmp dir. I have validated that it is there and has

相关标签:
3条回答
  • 被撕碎了的回忆
    2020-12-17 16:49 
    ls -l /

$drwxrwxrw   9 root     root      4096 Jun 26 11:34 tmp

    If you don't see that t at the end of the permissions column '/tmp'

    chmod o+t /tmp
chmod 1777 /tmp    
$ ls -l / 
drwxrwxrwt   9 root     root      4096 Jun 26 11:35 tmp

    reason is Fixing temporary dir problems with Ruby 2

    0 讨论(0)
  • 情话喂你
    2020-12-17 17:00

    The most significant part of the stack trace is the error message:

    could not find a temporary directory (ArgumentError)

    When you tell Ruby >= 2.0 to create a temporary file, it looks for a directory where it can create a file in a secure way. Creating a temporary files in a directory where anybody can replace the file while you are working on it would be a big (and common) security hole!

    You have two possibilites:

    • Tell ruby where it can securely create temporary files by setting one of the environment variables TMPDIR or TMP or TEMP to a directory that is secure.

    • Fix up the permissions on a directory that ruby tries to use anyway. Directories that Ruby tries to use anyway: systempdir ("/tmp") and the current directory

    Ruby deems a directory secure if the directory is either not world writeable or has the sticky bit set. (Do not confuse the sticky bit (t) with the seteuid/setgid bit (s)!)

    So instead of setting TMPDIR, you might either make your working directory not world writable or do:

    chmod +t /tmp

    The manual page of chmod explains the use of the sticky bit:

    [It] prevents unprivileged users from removing or renaming a file in the directory unless they own the file or the directory; this is called the restricted deletion flag for the directory, and is commonly found on world-writable directories like /tmp.

    Here is what can happen without the sticky bit: https://security.stackexchange.com/questions/9115/can-you-describe-a-real-life-scenario-of-exploiting-sticky-bits/108666#108666

    See also: https://blog.diacode.com/fixing-temporary-dir-problems-with-ruby-2

    0 讨论(0)
  • 旧时难觅i
    2020-12-17 17:01

    Not sure what happened here, but I believe it had something to do with the /tmp folder permissions. I thought my /tmp folder was corrupted so I looked around about deleteing that folder and restoring it (I wasn't sure if this folder was especially significant about the way it was created). I found this source that suggested you can simply make the /tmp folder, just as you would any other folder, and then do a chmod 1777 on the newly created folder.

    So, instead of deleting my current /tmp, I ran this chmod command and everything appeared to work.

    What is strange to me is that I had previously done a chmod 777 and that caused the folder to not work. Weird...

    0 讨论(0)
 看不清?
提交回复
热议问题