From 0cda13e083e4c9c922d496c8623aa4ce62b635f1 Mon Sep 17 00:00:00 2001 From: Matt Craddock <5796417+craddm@users.noreply.github.com> Date: Wed, 15 Nov 2023 13:49:21 +0000 Subject: [PATCH 1/3] use tmpfs on SRD --- .../cloud_init/cloud-init-srd.mustache.yaml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/deployment/secure_research_environment/cloud_init/cloud-init-srd.mustache.yaml b/deployment/secure_research_environment/cloud_init/cloud-init-srd.mustache.yaml index 2f71773134..d4cad74518 100644 --- a/deployment/secure_research_environment/cloud_init/cloud-init-srd.mustache.yaml +++ b/deployment/secure_research_environment/cloud_init/cloud-init-srd.mustache.yaml @@ -592,6 +592,9 @@ runcmd: - systemctl enable data.automount - systemctl enable output.automount + - echo ">=== Configure tmpfs... ===<" + - echo "tmpfs /tmp tmpfs rw,nosuid,nodev,noexec" | tee -a /etc/fstab + # List fstab and the volume mount order. Note that blobfuse mounts are not using fstab - echo ">=== Checking disk mounts... ===<" - grep -v -e '^[[:space:]]*$' /etc/fstab | sed 's|^| /etc/fstab |' From 67df27b504f3a3555eebf162d2f60c7c86123a73 Mon Sep 17 00:00:00 2001 From: Matt Craddock <5796417+craddm@users.noreply.github.com> Date: Thu, 16 Nov 2023 13:36:03 +0000 Subject: [PATCH 2/3] Add explanatory comment --- .../cloud_init/cloud-init-srd.mustache.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/deployment/secure_research_environment/cloud_init/cloud-init-srd.mustache.yaml b/deployment/secure_research_environment/cloud_init/cloud-init-srd.mustache.yaml index d4cad74518..a02378b3e6 100644 --- a/deployment/secure_research_environment/cloud_init/cloud-init-srd.mustache.yaml +++ b/deployment/secure_research_environment/cloud_init/cloud-init-srd.mustache.yaml @@ -591,7 +591,8 @@ runcmd: - systemctl enable backup.automount - systemctl enable data.automount - systemctl enable output.automount - + + # Use tmpfs so tmp is in memory where possible rather than entirely on disk - echo ">=== Configure tmpfs... ===<" - echo "tmpfs /tmp tmpfs rw,nosuid,nodev,noexec" | tee -a /etc/fstab From 94641d851b8cf4cea560f860e3e17665e85a1710 Mon Sep 17 00:00:00 2001 From: Matt Craddock <5796417+craddm@users.noreply.github.com> Date: Fri, 17 Nov 2023 14:17:27 +0000 Subject: [PATCH 3/3] delete trailing space --- .../cloud_init/cloud-init-srd.mustache.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployment/secure_research_environment/cloud_init/cloud-init-srd.mustache.yaml b/deployment/secure_research_environment/cloud_init/cloud-init-srd.mustache.yaml index a02378b3e6..52bac4e00f 100644 --- a/deployment/secure_research_environment/cloud_init/cloud-init-srd.mustache.yaml +++ b/deployment/secure_research_environment/cloud_init/cloud-init-srd.mustache.yaml @@ -591,7 +591,7 @@ runcmd: - systemctl enable backup.automount - systemctl enable data.automount - systemctl enable output.automount - + # Use tmpfs so tmp is in memory where possible rather than entirely on disk - echo ">=== Configure tmpfs... ===<" - echo "tmpfs /tmp tmpfs rw,nosuid,nodev,noexec" | tee -a /etc/fstab