Symptoms:
=======
‘yum update’ result
File â/usr/lib/python2.4/site-packages/yum/repos.pyâ, line 200, in populateSack
sack.populate(repo, with, callback, cacheonly)
File â/usr/lib/python2.4/site-packages/yum/yumRepo.pyâ, line 91, in populate
dobj = repo.cacheHandler.getPrimary(xml, csum)
File â/usr/lib/python2.4/site-packages/yum/sqlitecache.pyâ, line 100, in getPrimary
return self._getbase(location, checksum, âprimaryâ)
File â/usr/lib/python2.4/site-packages/yum/sqlitecache.pyâ, line 93, in _getbase
self.updateSqliteCache(db, parser, checksum, metadatatype)
File â/usr/lib/python2.4/site-packages/yum/sqlitecache.pyâ, line 382, in updateSqliteCache
cur.execute(âDELETE FROM â+table+ â where pkgKey in %sâ % delpkgs)
File â/usr/lib64/python2.4/site-packages/sqlite/main.pyâ, line 244, in execute
self.rs = self.con.db.execute(SQL)
_sqlite.DatabaseError: unable to open database file
Cause:
=====
Notice anything wrong? Yikes! we donât have a working /tmp or /var/tmp directory. Apparently the problem was inadvertendly caused by some cPanel scripts which try to help us by securing those directories, making them noexec so that attackers canât run rogue scripts directly from the tmp directories.
Resolutions:
========
First, let stop important services which use /tmp
service chkservd stop
service mysql stop
service postgresql stop
service httpd stop
Now, let make a copy of /tmp
mkdir /tmp_old
rsync -av /tmp/ /tmp_old/
Wipe out the tmp dir stuff that cpanel had setup:
/bin/umount -l /tmp
/bin/umount -l /var/tmp
/bin/rm -fv /usr/tmpDSK
I want to create a tmpDSK greater than 500MB (default), so I edit /scripts/securetmp on the line to anything I want, like 1024000
my $tmpdsksize = 1024000; # Must be larger than 250000
Now rebuild securetmp:
/scripts/securetmp âauto
mount -a
Check if /tmp and /var/tmp is mounted with
df -h
Restore our tmp copy:
rsync -av /tmp_old/ /tmp/
Starting services:
service mysql start
service postgresql start
service httpd start
service chkservd start
After everything fine remove tmp copy:
rm -rf /tmp_old/
😉
Read Full Post »