Facebook
Twitter
G
greyman56
Guest
Protecting /tmp in 8.1.1 does not seem to work properly
I have used the information in the following KB article to secure the /tmp directory:
http://kb.swsoft.com/article_38_1410_en.html
but it caused a failure in postgresql:
I had to stop the postgresql service in order to move all the files out of /tmp. Once I made the new /tmp and tried to restart postgresql, it failed to start. Have not found the logs so not sure why. But I solved it by using this method...
Since we have been hosting plain CentOS boxes in the past, I used the protection mechanism we use there and it **seems** to work. Not sure if there are any other implications at this point. If anyone can comment on whether there is a flaw in this or not I would appreciate it....
I did:
1/ put this line into /etc/fstab...
none /tmp tmpfs noexec,nosuid,nodev,size=100000000 1 2
2/ move all /tmp/.* and /tmp/* into another place.
3/ mount /tmp
4/ move all /tmp files back.
Note: I stopped postgresql before 2/ and started it at the end and all went well.
If this is OK, how do I size the /tmp filesystem? Is there a formula?
thanks
Graham
I have used the information in the following KB article to secure the /tmp directory:
http://kb.swsoft.com/article_38_1410_en.html
but it caused a failure in postgresql:
I had to stop the postgresql service in order to move all the files out of /tmp. Once I made the new /tmp and tried to restart postgresql, it failed to start. Have not found the logs so not sure why. But I solved it by using this method...
Since we have been hosting plain CentOS boxes in the past, I used the protection mechanism we use there and it **seems** to work. Not sure if there are any other implications at this point. If anyone can comment on whether there is a flaw in this or not I would appreciate it....
I did:
1/ put this line into /etc/fstab...
none /tmp tmpfs noexec,nosuid,nodev,size=100000000 1 2
2/ move all /tmp/.* and /tmp/* into another place.
3/ mount /tmp
4/ move all /tmp files back.
Note: I stopped postgresql before 2/ and started it at the end and all went well.
If this is OK, how do I size the /tmp filesystem? Is there a formula?
thanks
Graham
