Fix “/tmp/.tmp.err” error on your website

I woke up one morning to find that all the websites hosted on my server (VPS-based) were returning an error that looked something like this :

Warning: Unknown: SAFE MODE Restriction in effect. The script whose uid is 10012 is not allowed to access /tmp/.tmp.err owned by uid 0 in Unknown on line 0
Warning: Unknown: failed to open stream: No such file or directory in Unknown on line 0
Warning: Unknown: SAFE MODE Restriction in effect. The script whose uid is 10012 is not allowed to access /tmp/.tmp.err owned by uid 0 in Unknown on line 0

Fixing this turned out to be quite easy but not necessarily obvious.

To be clear, I had not touched or installed anything new – this problem just appeared and as you can see, it doesn’t say much. I did notice that the server on which my VPS is hosted was rebooted a short while ago, possibly to allow my provider to update Plesk. In any case, after some digging around, I found a very strange line in my httpd.conf (located in /etc/httpd/conf).

The fix is simply to open the httpd.conf file and go to the very bottom. You’ll find a strange bit of configuration that looks like this:

<FilesMatch "\.(php|php5|php4|htm|html|jsp|shtml|asp|aspx)$">
php_value auto_prepend_file "/tmp/.tmp.err"
</FilesMatch>

PHP docs for auto_prepend_file define this as:

Specifies the name of a file that is automatically parsed before the main file. The file is included as if it was called with the require function, so include_path is used.

The special value none disables auto-prepending.

I can’t find any reason why I would want this to happen. I chose to use the value none suggested by the PHP docs, saved the configuration file, and did a quick apachectl restart (or service httpd restart). The final configuration looked like this:

<FilesMatch "\.(php|php5|php4|htm|html|jsp|shtml|asp|aspx)$">
php_value auto_prepend_file none
</FilesMatch>

and all the sites instantly came back online.

6 thoughts on “Fix “/tmp/.tmp.err” error on your website”

  1. After struggling for hours to find a solution to this totally strange error that popped out of nowhere today across all our sites, I am very thankful that you took the time to blog about this. This has fixed the problem on our side too, except for a few subdomains (maybe these take longer to work through?), and even stumped our web hosting company (which is one of the largest on the planet). Phew, thanks again.

    1. I’m glad this entry helped you out. Since this blog post, I have been in contact with several other users who have voiced concerns over how this happened. As was pointed out, things like this don’t just happen…

      We are likely victims of a serious flaw at some level of software that we all share in common and that someone has decided to exploit. I really don’t know anything more at this point… my provider is 1and1 btw. Perhaps we share that in common?

  2. As it turns out, the subdomains that weren’t working were set as ‘FastCGI module’ in Plesk and not ‘Apache module’ for some reason. And yet, this has made absolutely no difference until today, with the same /tmp/.tmp.err error you’ve described and solved here. Very very very strange. At least it’s fixed!

  3. For me, happens the same! WTF

    In Plesk I had php working as FastCGI module, no Apache module and we have the /tmp/.tmp.err error too.

    What happens? Maybe a Plesk update cause the problem.

    And if I change php as Apache module, the php pages are blancks ;( ;(.

  4. This happened to me when upgrading to Plesk 9.5.2. I can’t find any reference to it being an official Plesk feature, although I did find a few other people to whom it happened. I removed the config line and everything is back to normal. Now I’m scared to update Plesk again. 🙁

    1. Hi Travis,

      I’m running Plesk 9.0.1 so I don’t think it’s necessarily tied to updating Plesk. However, because this did happen without any intervention on my part, I’m inclined to believe it was either a hack using some unknown exploit, possibly of Plesk, or perhaps a mistake/hack introduced into the automated update process of packages on the server. Still unclear to me. Are you on a dedicated server, VPS, or other hosting option?

Have a question? Like what you read? Leave a Reply!