Article ID: 648, created on Oct 6, 2008, last review on May 11, 2014

Resolution

Since Parallels Virtuozzo Containers (hereafter Virtuozzo) 3.0 SP1 it is very easy to mount /tmp (and /var/tmp if needed) dir on VEs with noexec, nosuid, nodev options using introduced 'bindmout' technology. You can follow the steps below to mount /tmp and /var/tmp directories on all VEs with noexec,nosuid options:

1. Update Virtuozzo installation to Virtuozzo 3 SP1 using 'vzup2date' utility.

2. If you want to mount /tmp and /var/tmp on all VEs with noexec,nosuid,nodev options then do the following:

Insert the following line into the main Virtuozzo configuration file /etc/sysconfig/vz:
BINDMOUNT="/tmp,nosuid,noexec,nodev /var/tmp,nosuid,noexec,nodev "
and restart all VEs.

3. If you want to mount /tmp and /var/tmp in this way on some particular VE only, you should insert the line above into the VE configuration file /etc/sysconfig/vz-scripts/VEID.conf manually or do it using 'vzctl' utility:
# vzctl set VEID --bindmount_add /tmp,nosuid,noexec,nodev --bindmount_add /var/tmp,nosuid,noexec,nodev --save
where VEID is an ID of VE you want to apply changes to. VE must be restarted for the changes to take effect.

Email subscription for changes to this article
Save as PDF