Articles in this section

See more

[BUG] Errors in /var/log/modsec_audit.log: collections_remove_stale: Failed to access DBM file "/var/asl/data/msa/global": Permission denied

Avatar
Alexander Tsmokalyuk
Updated
Follow

Applicable to:

  • Plesk Onyx for Linux

Symptoms

  1. Plesk is running on Debian or Ubuntu.
  2. Atomic Basic ModSecurity ruleset is enabled at Tools & Settings > Web Application Firewall (ModSecurity) 
  3. Error in /var/log/modsec_audit.log :

    CONFIG_TEXT: --b8876e6d-H-- Message: collections_remove_stale: Failed to access DBM file "/var/asl/data/msa/global": Permission denied
    Stopwatch: 1494012668966140
    Stopwatch2: 1494012668966140 3289; combined=1756, p1=90, p2=1487, p3=20, p4=49, p5=62, sr=7, sw=0, l=0, gc=48
    ModSecurity for Apache/2.9.0 (http://www.modsecurity.org/); 201705041602.
    Server: Apache
    Engine-Mode: "ENABLED"

Cause

This is Plesk bug with ID #PPPM-6202 which will be fixed in future updates.

Resolution

As a workaround, log in to Plesk server via SSH and change the permissions:

# chown www-data.www-data /var/asl/data/msa
# chown www-data.www-data /var/asl/data/audit
# chown www-data.www-data /var/asl/data/suspicious
# chmod o-rx -R /var/asl/data/*
# chmod ug+rwx -R /var/asl/data/*

If the issue persists, turn off the affected rule by the rule's ID in Plesk.

Comments

4 comments

Sort by Date Votes
  • Avatar
    Tim Howard

    After applying the workaround, is there any thing around this bug that would cause the permissions to revert back to what caused the error? In other words, until this bug (#PPPM-6202)  is delivered, do I need to anticipate applying the workaround again?

    Thank you!

    0
    Comment actions Permalink
  • Avatar
    Bulat Tsydenov

    Hi Tim,

    The permissions and ownership on these folders and files can be changed only on update of 'aum' package. However, I cannot confirm 100% that it will be changed on update of this package. I suggest you verifying it on the next update of this package.

    0
    Comment actions Permalink
  • Avatar
    Piotr Mirecki

    I have similar issue on centos: 

    Message: collections_remove_stale: Failed to access DBM file "/var/cache/modsecurity/apache-global": Permission denied

    Message: collections_remove_stale: Failed to access DBM file "/var/cache/modsecurity/apache-ip": Permission denied

    Can you tell me how to fix this?

    0
    Comment actions Permalink
  • Avatar
    Maxim Krasikov

    Hi @Piotr Mirecki,

    Please contact Plesk support for assistance and investigation of this issue:
    https://support.plesk.com/hc/en-us/requests/new

    0
    Comment actions Permalink

Please sign in to leave a comment.

Have more questions? Submit a request

Related articles