Unix Java Agent fails to start on noexec /tmp systems with /tmp/jnaID.tmp: failed to map segment from shared object
search cancel

Unix Java Agent fails to start on noexec /tmp systems with /tmp/jnaID.tmp: failed to map segment from shared object

book

Article ID: 378312

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine

Issue/Introduction

Automic Java Unix Agent is unable to be started after the installation on a Linux system where the /tmp has been mounted with the noexec flag.

The error that appears while starting it is the following:

./ucxjlx6
...
Exception in thread "main" java.lang.UnsatisfiedLinkError: /tmp/jna6190293387379681830.tmp: /tmp/jna6190293387379681830.tmp: failed to map segment from shared object
        at java.base/jdk.internal.loader.NativeLibraries.load(Native Method)

While checking the /etc/fstab or the command mount | grep tmp we could see that the flag noexec was used to prevent any application from running executables from the /tmp filesystem in order to harden the system.

 

Environment

Agent Unix Java 21.x or 24.x

Cause

Defect: by default the -Djna.tmpdir is set to /tmp so the agent tries to execute binaries on /tmp that had the noexec bit set so this would not be authorized.

Resolution

Workaround:

Modify the Agent startup line adding the flag  -Djna.tmpdir=/path/to/agent/bin

ie, on the service manager configuration file: 

/opt/automic/agents/linux/bin/ucxjlx6 -svc%port% -Djna.tmpdir=/opt/automic/agents/linux/bin

Solution:

The issue has been confirmed to be a bug by our Dev team.
A fix will be provided in a future version on which the default for the -Djna.tmpdir will be set to the agent bin folder so the workaround won't be necessary anymore.

Additional Information

Defect ID: DE154348

Defect Title: Agent Unix: JNA artifacts have to be extracted into agent's bin instead of /tmp