ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.
AXA Issue - Cannot start without exec on /tmp
Article ID: 103298
Updated On:
Products
CA App Experience Analytics
Issue/Introduction
We are experiencing an issue with our AXA environment which needs to have /tmp to have exec permissions, this goes against our internal security polices and as such we need to understand why this is the case, and how we can stop it.
It appears from my investigation that the Elasticsearch component uses the /tmp directory to create a executable file on startup called snappy-1.2.3-xxxx.so. with the exec on the /tmp fs this fails and the AXA startup doesn't complete.
It appears from my investigation that the Elasticsearch component uses the /tmp directory to create a executable file on startup called snappy-1.2.3-xxxx.so. with the exec on the /tmp fs this fails and the AXA startup doesn't complete.
Cause
A number of the AXA components need to use the snappy native libraries. By default the processes will try to run the library from the /tmp folder.
Environment
AXA 17.3
Resolution
The attached is suggested configuration to allow the AXA product to run where /tmp is mounted with noexec by overidding the location of java.io.tmpdir.
Suggested folders must be created manually
This will not allow the product to be installed with /tmp as noexec so that restriction will have to be applied once the product is installed.
Suggested folders must be created manually
This will not allow the product to be installed with /tmp as noexec so that restriction will have to be applied once the product is installed.
Attachments
Feedback
Yes
No
Powered by
