FortiSIEM provides Security Information and Event Management (SIEM) and User and Entity Behavior Analytics (UEBA)
Article Id 244076

This article describes the process for mounting /tmp to a separate disk in order to complete an upgrade.  

During the upgrade process, the CMDB is copied to /tmp - which is normally on the same mount point as /.  

If the size of the CMDB is greater than the remaining free space on /, the upgrade will fail. 

Scope FortiSIEM.

How to move /tmp as new mount point with downtime:

Make sure to have a valid backup of the server before proceeding.


This process includes optional steps that would allow to permanently move /tmp to its own mount point.  

Alternatively, to revert back to the original /tmp - comment out or remove the line added to /etc/fstab in step 4-4 below. 


Check processes using /tmp with the  lsof command.

The following command should return no data - if it does return data, wait for that process to be completed.

lsof /tmp/*


In this example /dev/sdb is the new disk for the mount point.

Use  lsblk to find the correct device for your instance.

Run  lsblk to establish the baseline, attach the new disk, then run  lsblk once more.


The new device can be determined from the difference of the outputs. 


- Prepare a new disk for /tmp.

- Create LV on a new disk (pvcreate, lvcreate):


pvcreate /dev/sdb

vgcreate vg_tmp /dev/sdb

lvcreate -l 100%FREE -n lv_tmp vg_tmp


- Format LV with the filesystem chosen (ext4 used here):


mkfs.ext4 /dev/vg_tmp/lv_tmp


- (Optional) Mount it on a temporary mount:


mount /dev/vg_tmp/lv_tmp /mnt


- (Optional) Copy data from /tmp directory to the new disk:


cp -pr /tmp/* /mnt

s -lrt /mnt

ls -lrt /tmp


- Reboot the server into single-user mode.

- Prepare new /tmp mount point.

- (Optional) Delete or move existing /tmp directory depending on space availability in /


rm -rf /tmp OR

mv /tmp /data/tmp.orig THEN after step 5.

mv /data/ /tmp


- Create new /tmp for the mount point:


mkdir /tmp


- Set permission and ownership:


chmod 1777 /tmp

chown root:root /tmp


- Add entry in /etc/fstab:


echo “/dev/vg_tmp/lv_tmp /tmp defaults 1 2″>>/etc/fstab


- Reboot the server normally.

- Log in and check /tmp is mounted as the separate mount point.


Setting up permission 1777 (all users can read, write, and search the directory, only the root and the file’s owner may delete a file in the directory)is an important step in this.

Otherwise /tmp will not function as it is expected to.