[
https://issues.apache.org/jira/browse/CLOUDSTACK-9551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15629773#comment-15629773
]
ASF subversion and git services commented on CLOUDSTACK-9551:
-------------------------------------------------------------
Commit bd85e5b4da0be5177f7fd766641c75dabaf9c45d in cloudstack's branch
refs/heads/4.9 from [~abhi_shapeblue]
[ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=bd85e5b ]
CLOUDSTACK-9551: Move java tmp dir to cloudstack-agent's path to avoid
noexec on /tmp
> Pull KVM agent's tmp folder usage within its own folder structure
> -----------------------------------------------------------------
>
> Key: CLOUDSTACK-9551
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9551
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Affects Versions: 4.2.1, 4.7.1, 4.9.1.0
> Reporter: Abhinandan Prateek
> Assignee: Abhinandan Prateek
>
> We ran into an issue today where the sysadmins wanted to put /tmp on its own
> mount and set the "noexec" mount flag as a security measure. This is
> incompatible with the CloudStack KVM agent, because it stores JNA tmp files
> here and Java is unable to map into these objects. To get around this we
> moved the agent's temp dir to live with the agent files, which seems like a
> reasonable thing to do regardless of whether you're trying to secure /tmp.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
