Hey guys,
I am far from the server admin, but the guy who looks after my server is trying to run redbox, he responded to me with the following error....
It says:
/usr/bin/java: line 67: /tmp/javaEZb657: Permission denied
I have /tmp mounted noexec. I don't see any config options to change that temp directory.
I think he likes to have noexec on his tmp directory, is there any way around this?? Would appreciate your help very much.
Thanks,
Nathan
Red Box Installation
-
- Posts: 17
- Joined: 06 May 2008, 04:42
Hi Lucas, I've never heard about this problem but I understand that your temp folder has strict permissions.
This problem is however related with the Red5 internals and as far as I can see there's no external setting for changing the use of a temp folder.
Btw, it's not entirely clear what is being executed in the tmp folder... I thought it was used for writing temporary files only
This problem is however related with the Red5 internals and as far as I can see there's no external setting for changing the use of a temp folder.
Btw, it's not entirely clear what is being executed in the tmp folder... I thought it was used for writing temporary files only
-
- Posts: 17
- Joined: 06 May 2008, 04:42
You could check the red5 website and relative support board/mailing-list to see if other people have encountered the same issue... or convince your admin to loosen the permissions
btw... are you sure you can actually write in that folder? Because I can't think of a good reason why red5 should execute files from the directory. Still sounds strange to me.
btw... are you sure you can actually write in that folder? Because I can't think of a good reason why red5 should execute files from the directory. Still sounds strange to me.
-
- Posts: 17
- Joined: 06 May 2008, 04:42
Loosening permissions I don't think is going to be done. Here is the response my the admin as to what happens when he tries to run it
OK, so what's happening is that red5 creates a script in /tmp which it then tries to execute. Probably as a means of forking.
But I have my /tmp partition mounted noexec for security reasons so this script fails.
[root@sjc01 RedBox]# grep tmp conf/ehcache.xml
* java.io.tmpdir - Default temp file path
Subdirectories can be specified below the property e.g. java.io.tmpdir/one
<diskStore path="java.io.tmpdir"/>
[root@sjc01 RedBox]# ./red5.sh
/usr/bin/java: line 67: /tmp/javaO15307: Permission denied
/usr/bin/java: line 67: /tmp/javaO15307: Success
[root@sjc01 RedBox]# cat /tmp/javaO15307 rm /tmp/javaO15307 exec /usr/bin/gij -Djava.version=1.4.2 -Djava.home=/usr/lib/jvm/java-1.4.2-gcj-1.4.2.0/jre
"-Djava.security.manager" "-Djava.security.policy=conf/red5.policy"
"org.red5.server.Standalone"
[root@sjc01 RedBox]#
I also tried this change to the red5.sh script (i.e. adding
java.io.tmpdir):
[root@sjc01 RedBox]# grep tmp red5.sh
exec $JAVA
-Djava.io.tmpdir=/usr/local/lib/SFSPRO_linux_1.6.2/SFS_PRO_1.6.2/Server/RedBox/tmp
-Djava.security.manager -Djava.security.policy=conf/red5.policy -cp red5.jar:conf:$CLASSPATH org.red5.server.Standalone
[root@sjc01 RedBox]# ./red5.sh
/usr/bin/java: line 67: /tmp/javaX15566: Permission denied
/usr/bin/java: line 67: /tmp/javaX15566: Success
[root@sjc01 RedBox]# cat /tmp/javaX15566 rm /tmp/javaX15566 exec /usr/bin/gij -Djava.version=1.4.2 -Djava.home=/usr/lib/jvm/java-1.4.2-gcj-1.4.2.0/jre
"-Djava.io.tmpdir=/usr/local/lib/SFSPRO_linux_1.6.2/SFS_PRO_1.6.2/Server/RedBox/tmp"
"-Djava.security.manager" "-Djava.security.policy=conf/red5.policy"
"org.red5.server.Standalone"
[root@sjc01 RedBox]#
Interesting that you can see the tmp dir from the startup script specified in the script, however the script isn't in that tmp dir!
I would agree that the script should be in the conf dir or alternatively in the java.io.tmpdir.
Please forward this email intact to your technical contact, as it contains sufficient detail for him to track down the problem.
OK, so what's happening is that red5 creates a script in /tmp which it then tries to execute. Probably as a means of forking.
But I have my /tmp partition mounted noexec for security reasons so this script fails.
[root@sjc01 RedBox]# grep tmp conf/ehcache.xml
* java.io.tmpdir - Default temp file path
Subdirectories can be specified below the property e.g. java.io.tmpdir/one
<diskStore path="java.io.tmpdir"/>
[root@sjc01 RedBox]# ./red5.sh
/usr/bin/java: line 67: /tmp/javaO15307: Permission denied
/usr/bin/java: line 67: /tmp/javaO15307: Success
[root@sjc01 RedBox]# cat /tmp/javaO15307 rm /tmp/javaO15307 exec /usr/bin/gij -Djava.version=1.4.2 -Djava.home=/usr/lib/jvm/java-1.4.2-gcj-1.4.2.0/jre
"-Djava.security.manager" "-Djava.security.policy=conf/red5.policy"
"org.red5.server.Standalone"
[root@sjc01 RedBox]#
I also tried this change to the red5.sh script (i.e. adding
java.io.tmpdir):
[root@sjc01 RedBox]# grep tmp red5.sh
exec $JAVA
-Djava.io.tmpdir=/usr/local/lib/SFSPRO_linux_1.6.2/SFS_PRO_1.6.2/Server/RedBox/tmp
-Djava.security.manager -Djava.security.policy=conf/red5.policy -cp red5.jar:conf:$CLASSPATH org.red5.server.Standalone
[root@sjc01 RedBox]# ./red5.sh
/usr/bin/java: line 67: /tmp/javaX15566: Permission denied
/usr/bin/java: line 67: /tmp/javaX15566: Success
[root@sjc01 RedBox]# cat /tmp/javaX15566 rm /tmp/javaX15566 exec /usr/bin/gij -Djava.version=1.4.2 -Djava.home=/usr/lib/jvm/java-1.4.2-gcj-1.4.2.0/jre
"-Djava.io.tmpdir=/usr/local/lib/SFSPRO_linux_1.6.2/SFS_PRO_1.6.2/Server/RedBox/tmp"
"-Djava.security.manager" "-Djava.security.policy=conf/red5.policy"
"org.red5.server.Standalone"
[root@sjc01 RedBox]#
Interesting that you can see the tmp dir from the startup script specified in the script, however the script isn't in that tmp dir!
I would agree that the script should be in the conf dir or alternatively in the java.io.tmpdir.
Please forward this email intact to your technical contact, as it contains sufficient detail for him to track down the problem.
Who is online
Users browsing this forum: No registered users and 34 guests