Failed to lock proc mutex: Permission denied

The error : Failed to lock proc mutex: Permission denied can occur when using mod_ruid2 with mod_security where an IP session log is required. As modsec runs under the Apacher user account and ruid2 under the username running the process, this can result in write issues to global log files which are set to root or apache. To elliminate these errors from listing in the error_log file simply remove the security rules containing reference to global IP collections. Rules 900018-900021 typically follow under this classification.


#
# -- [[ Global and IP Collections ]] -----------------------------------------------------
#
# Create both Global and IP collections for rules to use
# There are some CRS rules that assume that these two collections
# have already been initiated.
#
SecRule REQUEST_HEADERS:User-Agent "^(.*)$" "id:'900018', phase:1, t:none,t:sha1,t:hexEncode, setvar:tx.ua_hash=%{matched_var}, nolog, pass"


SecRule REQUEST_HEADERS:x-forwarded-for "^\b(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\b" "id:'900019', phase:1, t:none, capture, setvar:tx.real_ip=%{tx.1}, nolog, pass"


SecRule &TX:REAL_IP "!@eq 0" "id:'900020', phase:1, t:none, initcol:global=global, initcol:ip=%{tx.real_ip}_%{tx.ua_hash}, nolog, pass"


SecRule &TX:REAL_IP "@eq 0" "id:'900021', phase:1, t:none, initcol:global=global, initcol:ip=%{remote_addr}_%{tx.ua_hash}, setvar:tx.real_ip=%{remote_addr}, nolog, pass"

  • 139 Users Found This Useful

Was this answer helpful?

Related Articles

error: db3 error(-) from dbenv->failchk: DB_RUNRECOVERY: Fatal error, run database recovery

error: db3 error(-) from dbenv->failchk: DB_RUNRECOVERY: Fatal error, run database recovery...

Failed to start tailwatchd. Unit tailwatchd.service entered failed state.

Failed to start tailwatchd. Unit tailwatchd.service entered failed state.  tailwatchd.service...

How to convert InnoDB to MyISAM

Although at times faster, you will find InnoDB a very large headache when it comes to table...

Clear cPanel Eximstats DB and Repairing the Eximstats DB

Over the time or due to spammers the eximstats database file may grow to a large size. To clear...

VPS Time not Correct with Time Server

If you have a problem with your VPS time not staying sync in a Xen VPS you will want to enable...