Issue 38: bosh agent resets /tmp dir access to 0770 on restart

Jan Zimbehl

Hello Team,

For your awareness, I was just creating a new issue:

Hello Team,
we are facing issues with insufficient access rights on /tmp which are set
to 0770 by default and 0700 on /var/tmp.

We figured out that the following line calls a function that sets the
access to /tmp to 0770:

func (p linux) changeTmpDirPermissions(path string) error {
_, _, _, err := p.cmdRunner.RunCommand("chown", "root:vcap", path)
if err != nil {
return bosherr.WrapErrorf(err, "chown %s", path)

_, _, _, err = p.cmdRunner.RunCommand("chmod", "0770", path)
if err != nil {
return bosherr.WrapErrorf(err, "chmod %s", path)

return nil

Many system related tasks require 1777 access to /tmp though, e.g. we are
using them for our DB backup jobs or also for running ssh-agent.

Could you please clarify what the rational behind the decision is to have
the access settings on 770 for /tmp and also in what cases they are
automatically being reset except for restarts?

We were just facing issues that hundreds of our VMs had access rights reset
for /tmp to 770 and we are tapping in the dark what has caused this (in
this case certainly not a restart)


Kind regards,

Jan Zimbehl
Software Engineer - IBM BlueMix Ops Engineering
Project Management Professional, ITIL v3, MSc

Phone: +1-905-413-3439 IBM Canada Ltd.

Email: jan(a) 8200 Warden

Markham, L3R 5Y6

Join { to automatically receive all group messages.