zookepeer should not write JNA libraries to /tmp

Description

By default the JNA tmpdir is set to /tmp. This conflicts with some standard security policies that dictate that /tmp should be mounted as noexec.

My first thought is to use /run, but that is mounted noexec by default on Ubuntu 16.04 LTS, too.

We should set the JNA tmpdir to somewhere we control: /var/lib/dcos/exhibitor/tmp seems like a good option.

Activity

Show:
Gustav Paul
February 3, 2017, 10:53 AM

Assignee

Gustav Paul

Labels

None

Components