Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

remove various hardcoded usage of file in /tmp

Even if the files are not meant to be distributed and used now, it
is better to have clean and secure code so people who may look or
copy it do not copy or look at insecure code
  • Loading branch information...
commit 78b848a9fd071cad3eb334f8337e75fc47909e9d 1 parent 7f53981
Michael Scherer authored
Showing with 11 additions and 18 deletions.
  1. +5 −5 broker-util/oo-setup-bind
  2. +6 −13 broker/script/oss-bind-setup.sh
10 broker-util/oo-setup-bind
View
@@ -20,8 +20,8 @@ rm -f /var/named/K$node_domain*
sed "s/example.com/$node_domain/g" < $base_path/doc/examples/example.com.db > /var/named/dynamic/$node_domain.db
-mkdir -p /tmp/named
-pushd /tmp/named
+NAMED_TMP=$(mktemp -d /tmp/namedXXXXXXX)
+pushd $NAMED_TMP
if ! [ $dont_force_entropy ] ; then
rngd -r /dev/urandom
@@ -33,10 +33,10 @@ if ! [ $dont_force_entropy ] ; then
killall rngd
fi
-KEY=$( grep Key: /tmp/named/*.private | cut -d' ' -f 2 )
-mv /tmp/named/K$node_domain.* /var/named
+KEY=$( grep Key: $NAMED_TMP/*.private | cut -d' ' -f 2 )
+mv $NAMED_TMP/K$node_domain.* /var/named
popd
-rm -rf /tmp/named
+rm -rf $NAMED_TMP
cat <<EOF > /var/named/$node_domain.key
key $node_domain {
19 broker/script/oss-bind-setup.sh
View
@@ -30,18 +30,14 @@ service network stop
# copy files
mkdir -p /var/named/dynamic
pushd $li_repo/misc/devenv/var/named
-cp example.com.db.init /tmp/dummy
-sed 's/example/rhcloud/g' </tmp/dummy >/var/named/rhcloud.com.db.init
-cp example.com.key /tmp/dummy
-sed 's/example/rhcloud/g' </tmp/dummy >/var/named/rhcloud.com.key
-cp dynamic/example.com.db /tmp/dummy
-sed 's/example/rhcloud/g' </tmp/dummy >/var/named/dynamic/rhcloud.com.db
+sed 's/example/rhcloud/g' example.com.db.init >/var/named/rhcloud.com.db.init
+sed 's/example/rhcloud/g' example.com.key >/var/named/rhcloud.com.key
+sed 's/example/rhcloud/g' dynamic/example.com.db >/var/named/dynamic/rhcloud.com.db
#touch /var/named/dynamic/rhcloud.com.db.jnl
popd
pushd $li_repo/misc/devenv/etc
-cp named.conf /tmp/dummy
-sed 's/example/rhcloud/g' </tmp/dummy >/etc/named.conf
+sed 's/example/rhcloud/g' named.conf >/etc/named.conf
mkdir -p /var/named/data
touch /var/named/data/named.run
touch /var/named/data/queries.log
@@ -57,18 +53,15 @@ mkdir -p /etc/dhcp
for (( i=0; i < ${#ifc[@]}; i++ ))
do
cp dhclient-eth0.conf /etc/dhclient-${ifc[$i]}.conf
- cp dhcp/dhclient-eth0-up-hooks /tmp/dummy
- sed s/eth0/${ifc[$i]}/g </tmp/dummy >/etc/dhcp/dhclient-${ifc[$i]}-up-hooks
+ sed s/eth0/${ifc[$i]}/g <dhcp/dhclient-eth0-up-hooks >/etc/dhcp/dhclient-${ifc[$i]}-up-hooks
chmod 755 /etc/dhcp/dhclient-${ifc[$i]}-up-hooks
done
cp rndc.conf /etc/rndc.conf
popd
-sed /upstream_hints/d </etc/named.conf >/tmp/dummy
-cp /tmp/dummy /etc/named.conf
+sed -i /upstream_hints/d /etc/named.conf
chown -R named:named /var/named
-rm /tmp/dummy
echo "Setup dhcp update hooks"
cat <<EOF > /etc/dhcp/dhclient.conf
Please sign in to comment.
Something went wrong with that request. Please try again.