EPrints Technical Mailing List Archive

Message: #07498

< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

Re: [EP-tech] Upload by URL floods /tmp

Temp file management varies; RHEL/Fedora have been deleting temp files for a long time, Debian hasn’t ever gone that route.

RHEL automatically runs tmpwatch

The equivalent on Debian appears to be tmp reaper; though considering it hasn’t had an update in 8 years it seems a ‘buyer beware’ situation.

MailScanner has detected a possible fraud attempt from "emea01.safelinks.protection.outlook.com" claiming to be https://packages.debian.org/search?keywords=tmpreaper 

I suggest systems-tmpfiles may be a better management mechanism for newer systems, and may be directly applicable to Yuri’s comment below

On a related note, I’ve just discovered that eprints calls wget directly, which I wasn’t expecting.

On 26 Sep 2018, at 5:31 pm, Yuri via Eprints-tech <eprints-tech@ecs.soton.ac.uk> wrote:

Also uploading can fill the "apache" tmp (this is debian, eprints 3.3.15):

# ls -lh
total 2,2G
-rw------- 1 www-data www-data 152K set 20 10:23 0q3cu3jxbk
-rw------- 1 www-data www-data  45K set 13 11:06 0xJWXvrMeQ
-rw------- 1 www-data www-data  41K set 19 15:24 1BsugzoYGG
-rw------- 1 www-data www-data  49K set 11 12:26 8W8w2f_Ha8
-rw------- 1 www-data www-data 161K set 20 10:05 blLb6kH2VI
-rw------- 1 www-data www-data 7,8M set 20 11:47 bN6gHQJOLk
-rw------- 1 www-data www-data 1,4G set 13 16:57 eXjmPVqRmL
-rw------- 1 www-data www-data  41M set 20 11:18 fieMadumzJ
-rw------- 1 www-data www-data 161M set 20 10:18 HAYoNR5DsR
-rw------- 1 www-data www-data 345K set 14 10:29 ntEJoSPI5v
-rw------- 1 www-data www-data 6,9M set 20 11:43 oSrLVzpz2d
-rw------- 1 www-data www-data 230M set 18 15:04 rfbO9v8IjM
-rw------- 1 www-data www-data 156M set 19 15:24 thM9gxJrFY
-rw------- 1 www-data www-data  41M set 20 11:19 v6Pa6Xauk3
-rw------- 1 www-data www-data 161M set 20 17:03 YMJ_gsuJSn
-rw------- 1 www-data www-data 161K set 20 10:19 _YzgIMPoVJ

this files never get deleted.

Il 26/09/18 08:53, Emilian Mitocariu via Eprints-tech ha scritto:
> Hi,
> Regarding this issue: 
MailScanner has detected a possible fraud attempt from "emea01.safelinks.protection.outlook.com" claiming to be https://github.com/eprints/eprints/issues/427
> Is it safe to simply delete the files generated in /tmp or what is the
> recommended way to clean /tmp without breaking something. In case it
> matters, I run eprints 3.3.15.

Karl Goetz,  Senior Library Officer (Library Systems)
University of Tasmania, Private Bag 25, Hobart 7001
Available Tuesday, Wednesday, Thursday

University of Tasmania Electronic Communications Policy (December, 2014).
This email is confidential, and is for the intended recipient only. Access, disclosure, copying, distribution, or reliance on any of it by anyone outside the intended recipient organisation is prohibited and may be a criminal offence. Please delete if obtained in error and email confirmation to the sender. The views expressed in this email are not necessarily the views of the University of Tasmania, unless clearly intended otherwise.