CIS Can't exec /tmp/landscape-common.config.8br9ON when /tmp has noexec mount option
Bug #1877992 reported by
Gábor Mészáros
This bug affects 4 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Landscape Client |
New
|
Undecided
|
Unassigned |
Bug Description
In a cloud deployment, where the nodes are hardened with CIS scripts, landscape cannot execute it's initial installation DB configuration (update-
summary: |
- CIS Can't exec /tmp/landscape-0common.config.8br9ON when /tmp has noexec + CIS Can't exec /tmp/landscape-common.config.8br9ON when /tmp has noexec mount option |
description: | updated |
To post a comment you must log in.
Ran into this with security hardening rules, CIS or DISA has rules to disable exec for /tmp mount which script execution from landscape is ran in.
It would make sense to have an ability to define where scripts are ran via /etc/landscape/ client. conf. So this would be feature request for that.