issues starting service after suggested security changes
i run csf on and modified the tmp filesystem per recommendations ...
csf was previously complaining about the following:
- /tmp should be mounted as a separate filesystem with the noexec,nosuid options set
- /var/tmp should either be symlinked to /tmp or mounted as a filesystem
i followed the guide here which worked well on other non asterisk/fop2 systems but in doing so the fop2 service will no longer start nor can i seem to retrieve any meaningful info on the failure, before rolling back to the snapshot prior to the changes i thought someone may have some suggestions
here are the changes i implemented:
http://ptihosting.com/blog/it-blog/how- ... ec-nosuid/
any thoughts ?
csf was previously complaining about the following:
- /tmp should be mounted as a separate filesystem with the noexec,nosuid options set
- /var/tmp should either be symlinked to /tmp or mounted as a filesystem
i followed the guide here which worked well on other non asterisk/fop2 systems but in doing so the fop2 service will no longer start nor can i seem to retrieve any meaningful info on the failure, before rolling back to the snapshot prior to the changes i thought someone may have some suggestions
here are the changes i implemented:
http://ptihosting.com/blog/it-blog/how- ... ec-nosuid/
any thoughts ?
Comments
When I try to run fop2_server it does not do anything at all.
fop2_server requires /tmp directory to allow execution. Some systems mount the /tmp directory with the noexec option for security reasons. In that case you need to create a special temp directory for FOP2 and modify the init script to export an environment variable so it uses that directory. So, you can create a temp directory:
mkdir /usr/local/fop2/temp
And then modify the init script by adding the highlighted line:
case "$1" in
start)
echo -n "Starting Flash Operator Panel 2: "
export PAR_GLOBAL_TMPDIR=/usr/local/fop2/temp
daemon $DAEMON $OPTIONS