files/etc/systemd/system/tmp.mount is switching /tmp to tmpfs #89
Comments
|
The default tmp.mount that comes with rhel7 is tmpfs, but it is disabled by default. |
|
ram consumption. i am going to leave it as for the majority of our boxes and flip the configuration on our oracle boxes |
|
@erpadmin I have the same concern. Will you just override the file from within another role, and call systemd to reload? |
|
yes that is the plan for an oracle role which runs after CIS. we already already having issues with Oracle and noexec on /tmp since Oracle's runinstaller has a habit of coping the installer to /tmp and then executes it. |
|
You shouldn't need a separate role, just set the following to false in your group_vars rhel7cis_rule_1_1_2 |
|
in the context of only CIS sure no separate role would be needed. i use a common roles and application specific roles during initial build outs so its simpler for me to to add "nonstandard" changes elsewhere otherwise sooner or later those CIS variables get left set incorrectly by someone |
|
closing issue |
I just noticed /tmp is being mounted as tmpfs, but I don't see a requirement by CIS for /tmp to be tmpfs.
I don't know what is the new default for RHEL installs as we are still using the same kickstart file. Has this been an issue for anyone?
my main concern is oracle and other heavy ram use boxes
The text was updated successfully, but these errors were encountered: