Possible root compromise detected, failed to create /dev/null:

Discussions related with hosting control panels used, which include cPanel, Plesk, Directadmin etc..
Post Reply
stark
Posts: 0
Joined: Fri Sep 16, 2016 10:00 am

Possible root compromise detected, failed to create /dev/null:

Post by stark »

Hi,

I received an email from my cpanel said :

Attempts to create new directories or files whose filenames begin with numbers have failed.
This is indicative of a root compromise of the server.

The exact error encountered was:

Failed to create directory /dev/null: No such file or directory

Any help?
Many thanks!



Ashlin
Posts: 0
Joined: Fri Sep 16, 2016 10:10 am

Re: Possible root compromise detected, failed to create /dev/null:

Post by Ashlin »

I received this email also

Is my server get compromised ?



chris ben
Posts: 0
Joined: Fri Sep 16, 2016 10:09 am

Re: Possible root compromise detected, failed to create /dev/null:

Post by chris ben »

Hi,

Actually the issue occur when inode or disk usage is full on /tmp directory, you can check it using following link.

Check disk usage

#df -h /tmp

Check inode usage

#df -i /tmp

If you found directory full you should clear some unnecessary files from /tmp to fix this problem.



Brandon N
Posts: 0
Joined: Thu Apr 05, 2018 11:19 pm

Re: Possible root compromise detected, failed to create /dev/null:

Post by Brandon N »

Hi,

Yes, you try installing tmpwatch on server , it will help to clean /tmp directory

Installing tmpwatch

yum install tmpwatch -y

Use this command to delete all files over 12 hours old

tmpwatch -am 12 /tmp

Do you need professional help with this? Please open a support ticket to support@nixtree.com we'll fix it for you!

Brandon N
Linux Support Engineer.
Nixtree Solutions
Managed Full Server Backups
https://www.nixtree.com/managed-backups.php
Follow us on : https://twitter.com/nixtree



stark
Posts: 0
Joined: Fri Sep 16, 2016 10:00 am

Re: Possible root compromise detected, failed to create /dev/null:

Post by stark »

That's Works!
Many thanks



Post Reply