On Sun, Dec 12, 2010 at 07:49:27PM -0800, John Reiser wrote:
> How did /dev/shm get noexec in Fedora 15 rawhide?
> $ grep /dev/shm /proc/mounts
> tmpfs /dev/shm tmpfs rw,seclabel,nosuid,nodev,noexec,relatime 0 0
> $ grep -srl noexec /etc
> /etc/alternatives/ld
> /etc/fstab ## derived from /proc/mounts
> /etc/mtab ## derived from /proc/mounts
>
> This is a change from Fedora 14, and I cannot find documentation.
> The only 'noexec' that I can find in the source to systemd-15
> is two mentions in units/var-{lock,run}.mount.
the MS_NOEXEC flags is in private systemd fstab, see
systemd/src/mount-setup.c:
static const MountPoint mount_table[] = {
{ "proc", "/proc", "proc", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, true },
{ "sysfs", "/sys", "sysfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, true },
{ "devtmpfs", "/dev", "devtmpfs", "mode=755", MS_NOSUID, true },
{ "tmpfs", "/dev/shm", "tmpfs", "mode=1777", MS_NOSUID|MS_NOEXEC|MS_NODEV, true },
{ "devpts", "/dev/pts", "devpts", NULL, MS_NOSUID|MS_NOEXEC, false },
{ "tmpfs", "/sys/fs/cgroup", "tmpfs", "mode=755", MS_NOSUID|MS_NOEXEC|MS_NODEV, true },
{ "cgroup", "/sys/fs/cgroup/systemd", "cgroup", "none,name=systemd", MS_NOSUID|MS_NOEXEC|MS_NODEV, true },
};
> As a site administrator, how can I change the default to omit 'noexec'?
mount -o remount,exec ?
Karel
--
Karel Zak <kzak@xxxxxxxxxx>
http://karelzak.blogspot.com
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
