From a3e0d90a509ed98850797dd7deb2543af8327525 Mon Sep 17 00:00:00 2001
From: Jeremy Jongepier <jeremy.jongepier@cyso.com>
Date: Thu, 14 Apr 2016 10:59:12 +0200
Subject: [PATCH] Added check for noexec mount of /tmp on master

---
 cluster/ubuntu/util.sh | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/cluster/ubuntu/util.sh b/cluster/ubuntu/util.sh
index 28a485be428..32fa615bc3c 100755
--- a/cluster/ubuntu/util.sh
+++ b/cluster/ubuntu/util.sh
@@ -121,6 +121,14 @@ function verify-prereqs() {
   fi
 }
 
+# Check if /tmp is mounted noexec
+function check-tmp-noexec() {
+  if ssh $SSH_OPTS "$MASTER" "grep '/tmp' /proc/mounts | grep -q 'noexec'" >/dev/null 2>&1; then
+    echo "/tmp is mounted noexec on $MASTER_IP, deploying master failed"
+    exit 1
+  fi
+}
+
 # Install handler for signal trap
 function trap-add() {
   local handler="$1"
@@ -412,6 +420,8 @@ function provision-master() {
 
   echo -e "\nDeploying master on machine ${MASTER_IP}"
 
+  check-tmp-noexec
+
   ssh $SSH_OPTS "$MASTER" "mkdir -p ~/kube/default"
 
   # copy the binaries and scripts to the ~/kube directory on the master