From 9da43ddfc09e56b772e4304eef430e56aaf6013e Mon Sep 17 00:00:00 2001
From: Zhijiang Hu <hu.zhijiang@zte.com.cn>
Date: Thu, 4 Jan 2018 17:11:43 -0500
Subject: Fix tmp dir security risks in image build code

Change-Id: I2b909101ead10e26d2ec00a0ba3eb4ca63dc226a
Signed-off-by: Zhijiang Hu <hu.zhijiang@zte.com.cn>
---
 ci/kolla-build.sh | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

(limited to 'ci/kolla-build.sh')

diff --git a/ci/kolla-build.sh b/ci/kolla-build.sh
index b3b9fca3..cca98db5 100755
--- a/ci/kolla-build.sh
+++ b/ci/kolla-build.sh
@@ -31,7 +31,10 @@ error_trap()
     exit $exitcode
 }
 
-WORK_DIR=/tmp
+SCRIPT_PATH=$(readlink -f $(dirname $0))
+WORKSPACE=$(cd ${SCRIPT_PATH}/..; pwd)
+
+WORK_DIR=$WORKSPACE
 while getopts "l:b:j:t:e:w:h" OPTION
 do
     #Only get what we need
@@ -46,8 +49,6 @@ BUILD_OUTPUT_DIR=$WORK_DIR/kolla-build-output
 
 ############Builder VM operations################
 
-SCRIPT_PATH=$(readlink -f $(dirname $0))
-WORKSPACE=$(cd ${SCRIPT_PATH}/..; pwd)
 DEPLOY_PATH=$WORKSPACE/deploy
 
 # VM configurations
@@ -64,7 +65,7 @@ PARAS_IMAGE=${PARAS_FROM_DEPLOY#* * * }
 # qcow2 image modifier location
 CREATE_QCOW2_PATH=$WORKSPACE/tools
 # temp storage for qcow2 image modifier
-IMWORKDIR=${IMWORKDIR:-/tmp/workdir/daisy}
+IMWORKDIR=${IMWORKDIR:-$WORKSPACE/img}
 
 # set extra ssh paramters
 SSH_PARAS="-o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
-- 
cgit 1.2.3-korg