'Permission denied' to run /tmp/script_nnnn.sh on linux 2023

tienngu2 · October 26, 2024, 7:55am

I’m using HashiCorp Packer to create an image for AWS. The process works fine with Amazon Linux 2, but I encounter a “Permission denied” error when using Amazon Linux 2023.

It appears that there is the stricter permissions on the folder “/tmp” directory in Amazon Linux 2023 that prevents running shell scripts.

Is there a way that I can tell packer to use “/var/tmp” instead of “/tmp” to run the shell script?

I appreciate for any guidance and assistance to resolve this issue.

Here is the detail of the log that mentioned “Permission denied”

=============================
==> Connected to SSH!
==> Provisioning with shell script: /tmp/packer-shell179473623
==> bash: line 1: /tmp/script_4178.sh: Permission denied
==> Provisioning step had errors: Running the cleanup provisioner, if present…
==> Terminating the source AWS instance…
==> Cleaning up any extra volumes…
==> No volumes to clean up, skipping
==> Deleting temporary security group…
==> Deleting temporary keypair…
Build ‘ami.amazon-ebs.this’ errored after 1 minute 41 seconds: Script exited with non-zero exit status: 126.Allowed exit codes are: [0]

==> Wait completed after 1 minute 41 seconds

==> Some builds didn’t complete successfully and had errors:
→ Script exited with non-zero exit status: 126.Allowed exit codes are: [0]

==> Builds finished but no artifacts were created.

=============================

Thank you for your assistance.

Yamoksh · March 13, 2025, 4:04am

Using external shell script file worked for me. Refer - Permission denied on shell script provisioner - #4 by tbugfinder

YeniA · August 1, 2025, 2:43pm

hello, OP. Did you find a solution for this? Running scripts by packer in AL2023 /tmp folder ?

I get the same when trying to build an AMI with packer and the teragrunt plugin:

packer {
  required_plugins {
    amazon-ami-management = {
      version = ">= 1.0.0"
      source  = "github.com/wata727/amazon-ami-management"
    }
  }
  required_version = ">= 1.7.0"
}

source "amazon-ebs" "ami_al2023_eks" {
...

The error:

 ==> amazon-ebs.vf_pcs_al2023_eks: Provisioning with shell script:
│ /var/folders/m9/tg704wtx5gv9fxx6ptt5c2kcj79ww0/T/packer-shell2757996708
│ ==> amazon-ebs.ami_al2023_eks: bash: line 1: /tmp/script_4174.sh:  Permission denied

It seems it is relateed to Amazon Linux 2023 /tmp folder being “nonexec”. Just created an EC2 with AL2023 and:

ssm-user@ip-10-20-9-18 ~]$ sudo su
[root@ip-10-20-9-18 ssm-user]# mount | grep /tmp
tmpfs on /tmp type tmpfs (rw,nosuid,nodev,***noexec***,relatime,seclabel,size=2097152k)
[root@ip-10-20-9-18 ssm-user]# date
Fri Aug  1 14:29:53 UTC 2025

ChatGpt says:
"In Amazon Linux 2023:. /tmp is mounted with noexec by default. "

Topic		Replies	Views
Permission denied on shell script provisioner Packer	3	8723	April 9, 2021
Shell-local required permissions Packer	5	2263	February 15, 2022
Can the /tmp directory be changed for the shell-local post processor? Packer	1	889	September 26, 2022
Packer 1.5.4: SSH connection established to AWS EC2 RHEL7 instance but unable to a copy file or run inline shell command Packer	2	1162	July 9, 2020
AWS AMI Build Fails With Permission denied Packer	1	741	January 23, 2021

'Permission denied' to run /tmp/script_nnnn.sh on linux 2023

Related topics