AXA Issue - Cannot start without exec on /tmp

book

Article ID: 103298

calendar_today

Updated On:

Products

CA App Experience Analytics

Issue/Introduction

We are experiencing an issue with our AXA environment which needs to have /tmp to have exec permissions, this goes against our internal security polices and as such we need to understand why this is the case, and how we can stop it.
It appears from my investigation that the Elasticsearch component uses the /tmp directory to create a executable file on startup called snappy-1.2.3-xxxx.so. with the exec on the /tmp fs this fails and the AXA startup doesn't complete.

Cause

A number of the AXA components need to use the snappy native libraries. By default the processes will try to run the library from the /tmp folder.

Environment

AXA 17.3

Resolution

The attached is suggested configuration to allow the AXA product to run where /tmp is mounted with noexec by overidding the location of java.io.tmpdir.
Suggested folders must be created manually

This will not allow the product to be installed with /tmp as noexec so that restriction will have to be applied once the product is installed.

Attachments

1558536534551AXA_noexec_temp_configuration.docx get_app