Hey, have you ever got this email from cPanel?
Attempts to create new directories or files whose file-names begin with numbers have failed. This is indicative of a root compromise of the server. The exact error encountered was: Failed to create directory /dev/null: No such file or directory
Are you worried of this email? Hey, don’t be tensed, here is the solution. Actually, it is not a root level compromise. Try the following steps to fix this problem.
Just check the disk space of your server especially the disk space usage of /tmp using df command. Try the following:
#df -h or df -h /tmp
In most cases, there will be enough disk space in /tmp. Please see a sample output given below:
[email protected] [~]# df -h Filesystem Size Used Avail Use% Mounted on /dev/sda3 909G 78G 785G 10% / tmpfs 3.9G 0 3.9G 0% /dev/shm /dev/sda1 194M 129M 56M 70% /boot /usr/tmpMnt 7.6G 1.1G 6.1G 15% /tmp [email protected] [~]# df -h /tmp Filesystem Size Used Avail Use% Mounted on /usr/tmpMnt 7.6G 1.1G 6.1G 15% /tmp
Now, try df -i
[email protected] [~]# df -i Filesystem Inodes IUsed IFree IUse% Mounted on /dev/sda3 60481536 709298 59772238 2% / tmpfs 173825 1 173824 1% /dev/shm /dev/sda1 51200 59 51141 1% /boot /usr/tmpMnt 500960 500425 535 100% /tmp
Yes, the problem for receiving this email is /tmp has reached its inode limit. Now, you need to clear some unnecessary files from /tmp to fix this problem.
Hope this helps!!!
One thought on “Possible root compromise detected: Failed to create directory /dev/null – cPanel”
Can you please mention which files from /tmp can be delete with out any issues. Because /tmp consist many files. Which files are important and which is not important.