Feature request: Support customizing /dev/shm to a different path

Question

Feature request: Support customizing /dev/shm to a different path

samrocketman opened this issue 2 months ago · 1 comments

samrocketman commented 2 months ago

Describe the feature

Description

Same as... #3748

Background

I tend to harden my OS by locking down temporary spaces with noexec (/dev/shm, /tmp, and /var/tmp).

Because mediumtx requires exec on /dev/shm to operate I need to loosen my security habits. I would like to enable an alternate tmpfs just for mediumtx in a path other than /dev/shm so that I can lock it down with noexec.

Request

Provide an option on mediumtx binary which allows customizing /dev/shm to a different path.

Answer 1 · 2024-09-06T21:40:52.000Z

Here's an example /etc/fstab entry you can test with (failing) mediamtx

tmpfs /dev/shm tmpfs defaults,noexec,nodev,nosuid,seclabel,size=64M 0 0

You can mount -o remount /dev/shm without rebooting.