2

I'm working on a freshly installed CentOS7 with LVM. I want to bind mount /var/tmp to /tmp and added the following to /etc/fstab.

/tmp     /var/tmp     none     rw,nodev,noexec,nosuid,bind     0 0

After a reboot, the /var/tmp is now mounted but not with bind option. I've also tried following entry in /etc/fstab

/tmp     /var/tmp     none     bind     0 0

If I look at /etc/mtab. I can see my new mountpoint but no bind is displayed.

/dev/sda1 /boot ext4 rw,seclabel,relatime,data=ordered 0 0
/dev/mapper/system-var /var ext4 rw,seclabel,relatime,data=ordered 0 0
/dev/mapper/system-tmp /tmp ext4 rw,seclabel,relatime,data=ordered 0 0
/dev/mapper/system-home /home ext4 rw,seclabel,relatime,data=ordered 0 0
/dev/mapper/system-tmp /var/tmp ext4 rw,seclabel,relatime,data=ordered 0 0

Can anybody help me out with the correct /etc/fstab entry?

fr3ak4l
  • 21
  • As a rule of thumb, the first occurrence was not made with bind. – Rui F Ribeiro Jul 06 '16 at 18:18
  • this strange because this is the example solution provided by oscap ssg-rhel7-guide-C2S: see link : "Bind Mount /var/tmp To /tmp". But anyway, how I can bind /var/tmp to /tmp? I don't see any bind in /etc/mtab – fr3ak4l Jul 07 '16 at 06:45
  • mtab is showing clearly that /var and /var/tmp is mounted on the same physical partition... There is notably already one bind mount working. I am afraid I am not following you. – Rui F Ribeiro Jul 07 '16 at 07:08
  • yes that is true. And normaly I would say "ok, looks good" but there is a SCAP check which is searching for the keyword "bind" inside mtab. This is the check: <ns6:pattern operation="pattern match">^[\s]*/tmp[\s]+/var/tmp[\s]+.*bind.*$</ns6:pattern>. And we need to be SCAP compliant – fr3ak4l Jul 07 '16 at 08:42
  • 1
    wrong kernel? wrong version? who knows? My Debian Jessie does not put the bind keywork inside mtab too. – Rui F Ribeiro Jul 07 '16 at 08:46
  • Related: List only bind mounts – sebasth Oct 11 '17 at 12:27

0 Answers0