cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-9551) Pull KVM agent's tmp folder usage within its own folder structure
Date Wed, 02 Nov 2016 17:41:58 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-9551?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15629774#comment-15629774
] 

ASF GitHub Bot commented on CLOUDSTACK-9551:
--------------------------------------------

Github user asfgit closed the pull request at:

    https://github.com/apache/cloudstack/pull/1728


> Pull KVM agent's tmp folder usage within its own folder structure
> -----------------------------------------------------------------
>
>                 Key: CLOUDSTACK-9551
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9551
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>    Affects Versions: 4.2.1, 4.7.1, 4.9.1.0
>            Reporter: Abhinandan Prateek
>            Assignee: Abhinandan Prateek
>
> We ran into an issue today where the sysadmins wanted to put /tmp on its own mount and
set the "noexec" mount flag as a security measure. This is incompatible with the CloudStack
KVM agent, because it stores JNA tmp files here and Java is unable to map into these objects.
To get around this we moved the agent's temp dir to live with the agent files, which seems
like a reasonable thing to do regardless of whether you're trying to secure /tmp.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message