/tmp folder being used even though -Djava.io.tmpdir points elsewhere[BUG] <title>

[tomusn83]

Describe the bug

-Djava.io.tmpdir=/usr/share/opensearch/tmp is set in jvm.options. However, OpenSearch is still creating a structure within /tmp. Local policy requires noexec attribute on /tmp mount. When noexec is set on /tmp, OpenSearch service will not start. When noexec is NOT on /tmp, OpenSearch service will start, hence pointing Djava.io.tmpdir elsewhere.

Related component

Other

To Reproduce

1. Set -Djava.io.tmpdir in jvm.options to other than /tmp
2. Start OpenSearch service
3. List /tmp folder contents
4. OpenSearch has created temp folder structure, presumably with executable code, despite the -Djava.io.tmpdir setting

Expected behavior

OpenSearch should use the -Djava.io.tmpdir location for temporary executable java code.

Additional Details

The following is created in /tmp, despite -Djava.io.tmpdir:

drwx------. 3 root root 17 Feb 28 18:58 systemd-private-e4c2...e63a-opensearch.service-pFuZ49

Host/Environment (please complete the following information):

• OS: RHEL 8.9
• OpenSearch 2.12

[tomusn83]

Resolved. Enter opensearch path (e.g. /usr/share/opensearch) as the home directory for the opensearch user in /etc/passwd.