Hi,
Please guide me how to add nodev option for /dev/shm partition.
I am new to scripting and looking to do via command line.
Thanks
Litu
Hi,
To do this from the command line, you will have to use the mount command, it will be something like.
mount -t tmpfs -o remount,nodev /dev/shm
But this will be OS specific and you will need to do this as the root user.
A good place to start will be;
cat /etc/fstab
That will give you some information and you should be able to get the rest using;
man mount
Regards
Dave
Actually, I think that the OP wants to alter /etc/fstab via a shell script to make this change permanent. I had to make a similar change because our security auditors requested it. In my case i had to modify our kickstart file so that "nodev,nosuid,noexec" was added to /dev/shm during the OS installation. What I did was:
awk ' $2=="/dev/shm" { $4=$4",nodev,nosuid,noexec" ;} 1' < fstab > fstab.new
cp fstab.new fstab
rm fstab.new
There were other, similiar changes to other file systems. I gave each one it's own paragraph. This makes it easy to modify later. That awk statement is very easy to understand which means that I don't need to waste time explaining code to an auditor who is reviewing my kickstart.
Hi Perderabo,
Inclined to agree with you having had a second look at the original post, the being new to scripting is actually a clue I realise now.
Regards
Dave
Hi Perderabo/ gull04,
Thanks for the response. I will try this out and update this thread. I am using RHEL 5 and RHEL 6 Version.
Hopefully, gu1104's solution will work. currently we are avoiding use of awk command as we have huge no (in thousands)of servers and doing it so via scripting may impact performance.
Hi Litu1988,
If your infratructure will stand the scripting, that is the way to go - hand editing "(in thousands)" of /etc/fstab files will be a real pain.
I'd bite the bullet and work on the script if you can.
Regards
Dave
Hi Gull04,
I tried your way. But changes were not reflected in /etc/fstab or /etc/mtab file.
do i need to restart the server for changes to reflect in the file ?
I have fstab in below format
tmpfs /dev/shm tmpfs defaults 0 0
expected result after command executed.
tmpfs /dev/shm tmpfs defaults,nodev 0 0
Kindly guide.
Hi Litu1988,
You could try the mount command as follows;
mount -t tmpfs -o remount,nodev /dev/shm
Failing that you will probably have to go for a reboot on the server, however I would try this in a sandbox first - especially if this is running any kind of production applications.
Regards
Dave
when i tried manually executing from command line
am i doing something wrong?
Hi,
Looks like you missed part of the post.
Regards
Dave
I executed the same command you suggested. Not sure where its going wrong.
Hi,
Is there any output from the command?
Regards
Dave
the above screen shot is the output of the command . see the very 1st line ...it's the same command you suggested.
Hi,
Time to take an other tack here, do you have an other server with the same OS etc that can be used as a sandbox?
Dave