Im in the process of investigating and moving our code base to Puppet 4.
I came across something very interesting today, in that Puppet 4 does not like /tmp to be mounted noexec.
Now, we mount /tmp with nosuid and noexec as per the recommendation in the Securing Debian Manual.
After much hours of trouble shooting I came across "Puppet Server run issue when /tmp/ directory mounted noexec" (And I dont know why I didnt read this in the first place.)
As per the recommendation, you basically need to add to /etc/default/puppetserver.
JAVA_ARGS="-Xms2g -Xmx2g -Djava.io.tmpdir=/var/tmp"
HTH
Brent
No comments:
Post a Comment