From c42386a8c8e50a93ff006af456c9a5547577977d Mon Sep 17 00:00:00 2001
From: Prakash Surya <prakash.surya@perforce.com>
Date: Thu, 12 Sep 2024 09:42:11 -0700
Subject: [PATCH] DLPX-86541 CIS: /dev/shm filesystem and mount options

PR URL: https://www.github.com/delphix/delphix-platform/pull/493
---
 .../roles/delphix-platform/tasks/main.yml                  | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/files/common/var/lib/delphix-platform/ansible/10-delphix-platform/roles/delphix-platform/tasks/main.yml b/files/common/var/lib/delphix-platform/ansible/10-delphix-platform/roles/delphix-platform/tasks/main.yml
index 58d68b19..743af9b7 100644
--- a/files/common/var/lib/delphix-platform/ansible/10-delphix-platform/roles/delphix-platform/tasks/main.yml
+++ b/files/common/var/lib/delphix-platform/ansible/10-delphix-platform/roles/delphix-platform/tasks/main.yml
@@ -706,6 +706,13 @@
       # Set default umask value.
       umask 027
 
+- posix.mount:
+    path: /dev/shm
+    src: tmpfs
+    fstype: tmpfs
+    opts: defaults,noexec,nosuid,nodev
+    state: mounted
+
 - service:
     name: "nullmailer"
     state: "stopped"