From 6bab8321b44db260f9e001d8276a660d1ff56ed4 Mon Sep 17 00:00:00 2001
From: Dirk Mueller <dirk@dmllr.de>
Date: Fri, 2 Mar 2018 21:13:12 +0100
Subject: [PATCH] Remove references to hardcoded file writing in /tmp

/tmp is a world writeable directory, so using hardcoded filenames
in there is just a bad coding style (susceptible to symlink attacks).
Avoid using it to not give a bad precedent.

Change-Id: Ia66763a0e4714f2226e98dbd85600b2035bd5088
---
 functions | 4 +---
 stack.sh  | 6 ++----
 2 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/functions b/functions
index 3fcc38dc4b..24994c0470 100644
--- a/functions
+++ b/functions
@@ -810,13 +810,11 @@ function get_random_port {
 #
 # Write out various useful state information to /etc/devstack-version
 function write_devstack_version {
-    cat - > /tmp/devstack-version <<EOF
+    cat - <<EOF | sudo tee /etc/devstack-version >/dev/null
 DevStack Version: ${DEVSTACK_SERIES}
 Change: $(git log --format="%H %s %ci" -1)
 OS Version: ${os_VENDOR} ${os_RELEASE} ${os_CODENAME}
 EOF
-    sudo install -m 644 /tmp/devstack-version /etc/devstack-version
-    rm /tmp/devstack-version
 }
 
 # Restore xtrace
diff --git a/stack.sh b/stack.sh
index 1d1f12e116..c02b663646 100755
--- a/stack.sh
+++ b/stack.sh
@@ -962,17 +962,15 @@ fi
 if [[ $SYSLOG != "False" ]]; then
     if [[ "$SYSLOG_HOST" = "$HOST_IP" ]]; then
         # Configure the master host to receive
-        cat <<EOF >/tmp/90-stack-m.conf
+        cat <<EOF | sudo tee /etc/rsyslog.d/90-stack-m.conf >/dev/null
 \$ModLoad imrelp
 \$InputRELPServerRun $SYSLOG_PORT
 EOF
-        sudo mv /tmp/90-stack-m.conf /etc/rsyslog.d
     else
         # Set rsyslog to send to remote host
-        cat <<EOF >/tmp/90-stack-s.conf
+        cat <<EOF | sudo tee /etc/rsyslog.d/90-stack-s.conf >/dev/null
 *.*		:omrelp:$SYSLOG_HOST:$SYSLOG_PORT
 EOF
-        sudo mv /tmp/90-stack-s.conf /etc/rsyslog.d
     fi
 
     RSYSLOGCONF="/etc/rsyslog.conf"