Setting and securing the tmp directory for the agent
The DataStax agent requires exec permissions to the JDK tmpdir. Map to a different executable directory before mounting the tmp directory with the noexec flag. If the tmp directory has the noexec flag set, the agent cannot start.
Many enterprise security policies require mounting /tmp
directories with the no execution (noexec
) flag. OpsCenter runs the
JVM using Jython, which requires access to its
temporary directory to which it can copy executable files. The JDK requires an
executable directory to start and is mapped to /tmp by default.
If the /tmp directory has the noexec
flag set,
the agent cannot start.
By default, the DataStax agent when installed by deb or rpm packages runs as the same
user as DSE, which is cassandra
. If you are running the agent as a
different user (tarball install), see Setting permissions to run the agent as a different user.
Remap the default temporary directory to a different (executable) directory and change its permissions to allow full access for the agent. Follow this procedure to securely mount a /tmp directory for OpsCenter and the DataStax agent.
datastax-agent-env.sh
The default location of the DataStax agent environment shell script datastax-agent-env.sh depends on the type of installation:
- Package installations: /etc/datastax-agent/datastax-agent-env.sh
- Tarball installations: install_location/agent/conf/datastax-agent-env.sh