rpm-build-vm-checkinstall-1.77-alt1.noarch	unsafe-tmp-usage-in-scripts	fail	The test discovered scripts with errors which may be used by a user for damaging important system files. For example if a script uses in its work a temp file which is created in /tmp directory, then every user can create symlinks with the same name (pattern) in this directory in order to destroy or rewrite some system or another user's files. Scripts _must_ _use_ mktemp/tempfile or must use $TMPDIR. mktemp/tempfile is safest. $TMPDIR is safer than /tmp/ because libpam-tmpdir creates a subdirectory of /tmp that is only accessible by that user, and then sets TMPDIR and other variables to that. Hence, it doesn't matter nearly as much if you create a non-random filename, because nobody but you can access it. Found error in /usr/lib/vm-run.ci/checkinstall: $ grep /tmp/ /usr/lib/vm-run.ci/checkinstall # Bringing up secondary CPUs" message. ls /dev/kvm set | grep ^LD_ # Simulate filetrigger run find /boot > /tmp/filelist /usr/lib/rpm/posttrans-filetriggers /tmp/filelist rm /tmp/filelist # Remove trigger so it does not re-create '/tmp/vm-ext4.img'. > /usr/lib/rpm/z-vm-createimage.filetrigger kvm-ok timeout 300 vm-run <<-'EOF' uname else echo >&2 "No busybox thus --initrd test skipped." fi ! timeout --preserve-status 300 vm-run "true; false; true" || exit 1 # Delete artifacts after failed runs. rm /tmp/vm.* /tmp/initramfs-*-*-alt*.img timeout 300 vm-run --mem=max free -g timeout 300 vm-run --cpu=max lscpu df -h /tmp timeout 300 vm-run --tmp=max df -h /tmp ! rm /tmp/vm-tmpfs.qcow2 || exit 1 timeout 300 vm-run --verbose --overlay=ext4 uname -a ! rmdir /mnt/0 || exit 1 ! rm /usr/src/ext4.0.img || exit 1 timeout 300 vm-run --rootfs --verbose df # The image is created by rpm-build-vm-createimage rm /tmp/vm-ext4.img timeout 300 vm-run --hvc --no-quiet 'dmesg -r | grep -E "printk:( legacy)? console \[hvc0\] enabled"' timeout 300 vm-run --tcg --mem='' --cpu=1 cat /proc/cpuinfo if [ "$ALT_BRANCH_ID" = sisyphus ]; then rpm -qa PROVIDES=kernel-latest | grep '^kernel-image-' fi ! rm /tmp/initramfs-*-*-alt*.img || exit 1 ! rm /tmp/vm.* || exit 1 exit 0;