Advertisements

Problems installing PECL libraries when you have noexec /tmp and /var/tmp

At first I had all sorts of issues installing software on my VPS until I realized that my /tmp and /var/tmp were both mounted noexec. It’s a great security precaution, but if you’re not aware of it, it can cause all sorts of headaches, especially when trying to install using pecl. This is usually the case when your VPS is a Parallels Virtuozzo container. /tmp and /var/tmp are set noexec by Virtuozzo and even if you do mount they will not show that way.

Here’s a few of the example output errors indicating that you have a silently-mounted noexec /tmp or /var/tmp

#pecl install zip
.
.
.
checking whether the C compiler works… configure: error: cannot run C compiled programs.
If you meant to cross compile, use `–host’.
See `config.log’ for more details.
ERROR: `/tmp/tmpqZc37R/zip-1.8.0/configure’ failed

Another:

#pecl install zip
.
.
.
/usr/local/bin/phpize: /tmp/tmpnkcW3i/zip-1.8.0/build/shtool: /bin/sh: bad interpreter: Permission denied
Cannot find autoconf. Please check your autoconf installation and the $PHP_AUTOCONF
environment variable is set correctly and then rerun this script.

ERROR: `phpize’ failed

Here’s the solution: Rebinding mount points. As root, execute the following commands.

cd ~
mkdir tmp
mkdir vartmp
mount --bind ~/tmp /tmp
mount --bind ~/vartmp /var/tmp

This binds /tmp to /root/tmp and /var/tmp to /root/vartmp. This overcomes the noexec permission issues. Now you can run your pecl install. When you’re done, make sure you unmount your mountpoints.

umount /tmp
umount /var/tmp

All done.

Questions, comments, and feedback on this are welcome and appreciated!

Advertisements