"/tmp" folder have noexec rights and it's blocking AlarmNotifier that need to execute a file there
book
Article ID: 129976
calendar_today
Updated On:
Products
CA Spectrum
Issue/Introduction
CA Spectrum AlarmNoitfier - here especially the SD-Nofitier makes use of "/tmp" folder to create temporary scripting data and info. Then this dynamically created scripting is executed. On a Linux-OS which is at security level hardended, the "/tmp/" partition is loopback mounted with "noexec" permission.
Therefore the scripts are not executed anymore.
CA Spectrum AlarmNotifier (SD-Notifier) makes use of temporary scripting/file data placed to the "/tmp" directory by default. Those scripts are then not executable from /tmp.
Environment
This applies to all CA Spectrum releases when installed on Linux-OS with "hardened" partition handling.
Resolution
NotifyOneClick executable from ./Notifier/sd_notifier is a runtime self-extractor which makes use of "/tmp" directory to execute / self-extract and run. Also the Alarm-Notifier scripts may make use by default of "/tmp" directory.
You may edit the used AlarmNotifier or SD-Notifier scripts replacing the coded "/tmp" directory name by a directory name which is under the $HOME of the Spectrum install owner and mounted with "exec" rights.