[Owasp-modsecurity-core-rule-set] Input filter: failed to create temporary file

Ryan Barnett ryan.barnett at breach.com
Mon Jan 11 11:57:45 EST 2010


On Friday 08 January 2010 08:26:35 pm Matthew Saltzman wrote:
> Hello, I hope I'm in the right place--I'm a complete newbie at this and
> it's not my day job.
> 
> Could someone please explain to me what's going on with the following:
> 
>         [Fri Jan 08 13:07:45 2010] [error] [client 129.138.19.192]
>  ModSecurity: Input fi lter: Failed to create temporary file:
>  /tmp/httpd/20100108-130745-EHX6ekKtxHEAAC F9asQAAAAB-request_body-RFm2a5
>  [hostname "projects.coin-or.org"] [uri "/Csdp/att
>  achment/wiki/WikiStart/"] [unique_id "EHX6ekKtxHEAACF9asQAAAAB"] [Fri Jan
>  08 13:07:45 2010] [error] [client 129.138.19.192] ModSecurity: Input fi
>  lter: Failed to delete temporary file:
>  /tmp/httpd/20100108-130745-EHX6ekKtxHEAAC F9asQAAAAB-request_body-RFm2a5
>  [hostname "projects.coin-or.org"] [uri "/Csdp/att
>  achment/wiki/WikiStart/"] [unique_id "EHX6ekKtxHEAACF9asQAAAAB"]
> 
> I have a pristine installation of mod_security-2.5.9-1.el5 from the EPEL
> repository on a Red Hat Enterprise 5 system.  The problem is from a
> trac-0.11.5-1.el5.rf project page.
> 
> If you need more info to help, I'm glad to provide whatever I can, or if
> I should be asking elsewhere, please let me know.  TIA for your kind
> assistance.
> 

Matt,
Looking at the error message and the temporary path/filename ModSecurity is attempting to 
create, this looks like it is related to either the SecTmpDir or SecUploadDir directives - 

http://www.modsecurity.org/documentation/modsecurity-apache/2.5.11/modsecurity2-apache-
reference.html#N10C18

Check your mod configs and see where you have specified /tmp/httpd in those directives.  You 
will need to follow the ownership/perms requirements for these directives related to the 
Apache user.

-Ryan


More information about the Owasp-modsecurity-core-rule-set mailing list