...
systemd:
Code Block title /etc/systemd/system/omkd.service # edit omkd service sudo systemctl edit omkd # redefine the /tmp directory for omkd by adding the following entry to [Service] - add [Service] section if it is not already present: [Service] Environment="TMPDIR=/newtmp" # reload the edited service sudo systemctl daemon-reload # restart the service sudo systemctl restart omkd
init.d:
Code Block title /etc/init.d/omkd # Add them at line 18 (after the line # Do NOT "set -e"). TMPDIR="/newtmp" export TMPDIR
Each OMK and NMIS9 daemon will need similar treatment.
...
We can use the knowledge that OMK Daemons and scripts create a directory structure in their temp directory which will be of pattern /path/to/tmp/par-<hash_of_user>/ to check our implementation is complete.Since NMIS does not implement PAR, this procedure cannot be used to debug NMIS daemons and NMIS scripts.
Code Block |
---|
# After your installation has completed the steps in previous paragraph "Alternative procedure if your /tmp/ should be mounted noexec", # clean up the /tmp/par-*/ pattern directories: sudo rm -rf /tmp/par-*/ # Start each daemon, one at a time, checking after each start whether there are any directories of pattern /tmp/par-*/ have been created. sudo ls -lAth /tmp/par-* # There shouldn't be: these directories should be in the /newtmp/ directory we have set to be used as /tmp/ with the TMPDIR setting: sudo ls -lAth /newtmp/par-* # Execute each OMK cronjob, one at a time, as the user they would run as in the cronjob, checking whether any directories of pattern /tmp/par-*/ have been created. sudo ls -lAth /tmp/par-* # If at any stage directories are found in this implementation with pattern sudo ls -lAth /tmp/par-* # closer inspection of that found directory can possibly provide details as to which executable was executed without correct TMPDIR setting. # Each script will be in a subdirectory of pattern /cache-*/inc/script/ in theĀ /tmp/par-*/ directories. # Here is an example pointing to the OMK script baseline.pl (main.pl will always be present in this directory): sudo ls -lAth /tmp/par-726f6f74/cache-39badc82ee407081680b01a8ed0ceb61c80c45cf/inc/script/ total 68K -rw-r--r--. 1 root root 62K Nov 10 22:58 baseline.pl -rw-r--r--. 1 root root 3.8K Nov 10 22:58 main.pl |
...