meza icon indicating copy to clipboard operation
meza copied to clipboard

Published 20 hours ago verified publisher icon nasa

shtool at '/var/tmp/memcached/build/shtool' does not exist or is not executable

Open cowen23 opened this issue 2 years ago • 1 comments

Environment

VMware Red Hat Enterprise Linux release 8.8 (Ootpa) d103da8

Issue details

During "meza monolith deploy", TASK [apache-php : Install memcached PECL packages] fails:

fatal: [localhost]: FAILED! => { "changed": true, "cmd": "pecl install --configureoptions 'with-libmemcached-dir="no" with-zlib-dir="no" with-syste m-fastlz="no" enable-memcached-igbinary="no" enable-memcached-msgpack="no" enable-memcached-json="no" e nable-memcached-protocol="no" enable-memcached-sasl="yes" enable-memcached-session="yes"' memcached\n",

"delta": "0:00:01.199410",
"end": "2023-03-20 15:59:39.181133",
"rc": 1,
"start": "2023-03-20 15:59:37.981723"

}

STDOUT:-(22%)

pecl/memcached can optionally use PHP extension "igbinary" (version >= 2.0) pecl/memcached can optionally use PHP extension "msgpack" (version >= 2.0) downloading memcached-3.2.0.tgz ... Starting to download memcached-3.2.0.tgz (90,722 bytes) .....................done: 90,722 bytes 18 source files, building running: phpize Configuring for: PHP Api Version: 20190902 Zend Module Api No: 20190902 Zend Extension Api No: 320190902 shtool at '/var/tmp/memcached/build/shtool' does not exist or is not executable. Make sure that the file exists and is executable and then rerun this script.

ERROR: `phpize' failed

MSG:re--(22%)

non-zero return code ...ignoring%)

This occurs because NASA-SPEC-2601OS.RHEL8 (RED HAT ENTERPRISE LINUX 8 SECURITY CONFIGURATION SPECIFICATION) has the control "NASA-ASCS-20238: Add noexec Option to /var/tmp".

The mount command can be used to determine if there is a noexec option on the file system:

mount | grep /var/tmp

/dev/sdb6 on /var/tmp type ext4 (rw,nosuid,nodev,noexec,relatime,seclabel)

If noexec is in the list of options, then the /var/tmp file system has to be remounted with the "exec" option for the task to be completed without error: mount -o remount,exec /var/tmp

At the end of the task, /var/tmp should be changed back to noexec to remain compliant with NASA-SPEC-2601OS.RHEL8: mount -o remount,noexec /var/tmp

NASA-SPEC-2601OS.RHEL8_v1.7.pdf

cowen23 avatar Aug 16 '23 14:08 cowen23

great catch. I will endeavor to add this to meza soon.

In the mean time. the work-around has been added to the CMTE at https://www.mediawiki.org/wiki/Meza/Common_Meza_Test_Environment_(CMTE)

revansx avatar Aug 16 '23 21:08 revansx