perlcgifile-permissionstmp

Invisible files in /tmp directory


I have a CGI::Session script that writes the session id to the /tmp file. The script doesn't error out, but when I check the /tmp directory, I don't find the cgisess* file. This is the permission of /tmp:

info@linux-web-server [tmp]# ls -ld /tmp
drwxrwxrwt 14 root root 4096 Jul 31 00:00 /tmp

I added this command to the script:

my $userexecuting = getpwuid( $< );
Logger::debug("cgiscript: csv_auth : userexecuting : $userexecuting");

And this is the result:

2023-07-31 02:06:01 : cgiscript: csv_auth : userexecuting : www-data

I tried doing this but it didn't work:

chmod +t csvauth
chattr +i csvauth

The directory wasn't deleted but the file that is supposed to be there isn't there.

If I have cgi::session write the cgisess* file to my home directory then it works but I don't want to put the file in my home directory and I would like to understand why it is doing this.

I added this to script and the files showed up. So the files are there but I can't see them when I issue the ls command on a linux terminal:

 my @cgisessfiles = `ls -l /tmp/csvauth/*`;
    print "<!DOCTYPE html>\n";
    print "<html>\n";
    foreach my $cgisessfile (@cgisessfiles) {
      print "<h3>$cgisessfile</h3>\n";
    }

-rw-r----- 1 www-data www-data 223 Jul 31 11:12 /tmp/csvauth/cgisess_23ad19ddc8f00f1a31dc72e54ea3205d
-rw-r----- 1 www-data www-data 189 Jul 31 11:16 /tmp/csvauth/cgisess_38f7ae2b68e39f6a16a869517007b963
-rw-r----- 1 www-data www-data 210 Jul 30 21:06 /tmp/csvauth/cgisess_3938ea95909e78e3e718edf45460c6b7
-rw-r----- 1 www-data www-data 210 Jul 30 21:12 /tmp/csvauth/cgisess_3ab70e080cda071bcc061d8d63d6565c
-rw-r----- 1 www-data www-data 187 Jul 30 16:39 /tmp/csvauth/cgisess_3e7a9e0b68ff69849ed43a1865f62f04
-rw-r--r-- 1 www-data www-data 45140 Jul 31 10:57 /tmp/csvauth/csv_auth_log.txt 

What do I need to do to make it work? The permissions seem to be correct.


Solution

  • The script doesn't error out, but when I check the /tmp directory, I don't find the cgisess* file

    This is because the cgi script is running with a private /tmp directory (see systemd man page, under subsection Sandboxing/PrivateTmp). This private /tmp is not directly visible from outside the script, but see this blog post for an example of how to locate the files.

    but I don't want to put the file in my home directory and I would like to understand why it is doing this.

    You do not need to put the files somewhere else, as you also showed in your question the files do exist. If you really do need access to the temporary files written by the cgi script from the outside (for example for inspecting them from a terminal for debugging purposes) you could try to locate the real directory, which would be something like /tmp/systemd-private-*-apache2.service-* where the * are some kind of id as shown in the above linked blog post.