Centos 7 no exec on /tmp

[Ben R 0]

Hi Guys,

Long term browser, first time poster here.

We run a whole lot of Centos Linux boxes, majority on Centos 7.

As all our boxes are providing internet based service we're keen to keep the noexec attribute on our /tmp folders which as many of you Linux buffs would know causes pain with the ESET products.

I've got the ERA Agent installed finally (after adding custom environment variables to the systemd service file) and tried to deploy File Security but am still getting reference to /tmp permission issues -

Observe:

tail: /var/log/eset/RemoteAdministrator/Agent/software-install.log:
sh: /tmp/7aaf-7958-4cc7-2df7/ueavbe_x86_64_enu.linux: Permission denied

This is the Linux |AV product which has been downloaded and then is trying to be installed but failing because of the /tmp location.

How can I change this /tmp temporary location for the ERA Agent?

Please help!

Thanks

Ben

 

[The Tech Lounge 0]

Hi,

Same Boat. We have a bunch of Centos boxes. Interested to know how you managed to get the ERA agent installed in the first place.

[Ben R 0]

Hi Tech Lounge,

oh that was so easy that part... not!

1. Search Replaced modified the EraAgentInstaller.sh file for all the mktemp bits and set the variable -tmpdir e.g:    local_cert_path="$(mktemp -q -u --tmpdir=/cabs/eset)"
2. Then (so it would start), I modified the /etc/systemd/system/eraagent.service systemd launcher to use the Environment variable as follows:

Environment="MODMAPDIR=/var/opt/eset/RemoteAdministrator/Agent/"
Environment="HOME=/var/opt/eset/RemoteAdministrator/Agent/"

I think I did something else too.. but I can't remember.

 

I have managed to get ESET AV installed but it would be nice to get a response so I can roll this out to our many other Linux Servers.