I'm attempting to manually provision a GG2 core device, however I'm hitting the
Failed to map segment from shared object: operation not permitted
as my tmp folder does not have executable permissions. I've changed my nucleus installer config to look like the following so that I can point the installer at a folder with the appropriate permissions however after the installation the crt file is in the tmp folder and not the one set by my config, and the greengrass log file shows the above issue. If I manually remount tmp as executable greengrass core starts working and the deploy goes through changing where the crt file is located. Am I wrong in thinking that I can use this config when installing to work around this issue? Does the installer always use default configs for nucleus no matter what I specify?
---
system:
certificateFilePath: "/greengrass/v2/ggc.cert.pem"
privateKeyPath: "/greengrass/v2/ggc.private.key"
rootCaPath: "/greengrass/v2/root.ca.pem"
rootpath: "/greengrass/v2"
thingName: "$UNIQUE_NAME"
services:
aws.greengrass.Nucleus:
componentType: "NUCLEUS"
version: "2.12.1"
configuration:
awsRegion: "$REGION"
iotRoleAlias: "$UNIQUE_NAME-tes-role-alias"
iotDataEndpoint: "$IOT_HOST"
iotCredEndpoint: "$IOT_CRED_HOST"
jvmOptions: "-Daws.crt.lib.dir=\"/greengrass\""