The latest libffi (at time of writing) adds support for specifying its temporary directory via the LIBFFI_TMPDIR environment variable. Earlier versions only use more generally-applicable locations such as TMPDIR and HOME. In Elasticsearch we'd like to be able to control where libffi writes its executables by setting LIBFFI_TMPDIR rather than TMPDIR, because administrators of locked-down systems may prefer to keep TMPDIR pointing somewhere that's mounted noexec.
Relates #1378 which fixes a segfault if TMPDIR is mounted noexec, but doesn't solve the underlying problem that libffi needs to write executables somewhere.
Relates elastic/elasticsearch#77014 which tracks the changes we intend to make in Elasticsearch once JNA is using a sufficiently-recent libffi.
The latest
libffi(at time of writing) adds support for specifying its temporary directory via theLIBFFI_TMPDIRenvironment variable. Earlier versions only use more generally-applicable locations such asTMPDIRandHOME. In Elasticsearch we'd like to be able to control wherelibffiwrites its executables by settingLIBFFI_TMPDIRrather thanTMPDIR, because administrators of locked-down systems may prefer to keepTMPDIRpointing somewhere that's mountednoexec.Relates #1378 which fixes a segfault if
TMPDIRis mountednoexec, but doesn't solve the underlying problem thatlibffineeds to write executables somewhere.Relates elastic/elasticsearch#77014 which tracks the changes we intend to make in Elasticsearch once JNA is using a sufficiently-recent
libffi.