From f8e97dea1bee4557ea0b181e12c0f438871d53e2 Mon Sep 17 00:00:00 2001
From: Vlastimil Holer <vholer@opennebula.org>
Date: Mon, 17 Jul 2017 12:27:54 +0200
Subject: [PATCH] Place START_SCRIPT*/INIT_SCRIPTS into /tmp

With new systemd, /var/run/ is mounted with noexec.
---
 src/etc/one-context.d/net-97-start-script    | 7 +++----
 src/etc/one-context.d/net-98-execute-scripts | 9 +++++----
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/src/etc/one-context.d/net-97-start-script b/src/etc/one-context.d/net-97-start-script
index 3302a90..0c5b865 100755
--- a/src/etc/one-context.d/net-97-start-script
+++ b/src/etc/one-context.d/net-97-start-script
@@ -1,11 +1,11 @@
 #!/bin/bash
 
 MOUNT_DIR=${MOUNT_DIR:-/mnt}
-TMP_DIR=$(mktemp -d "${RUNTIME_DIR:-/tmp}.XXXX")
+TMP_DIR=$(mktemp -d "/tmp/one-context.XXXXXX")
 TMP_FILE="${TMP_DIR}/one-start-script"
 START_SCRIPT_AVAILABLE=no
 
-mkdir -p $TMP_DIR
+chmod 700 "${TMP_DIR}"
 
 if [ -n "$START_SCRIPT_BASE64" ]; then
     echo -en "$START_SCRIPT_BASE64" | openssl enc -d -base64 -A > $TMP_FILE
@@ -18,8 +18,7 @@ fi
 if [ "$START_SCRIPT_AVAILABLE" = "yes" ]; then
     cd $MOUNT_DIR
     chmod +x $TMP_FILE
-
     $TMP_FILE
 fi
 
-rm -rf ${TMP_DIR}
+rm -rf "${TMP_DIR}"
diff --git a/src/etc/one-context.d/net-98-execute-scripts b/src/etc/one-context.d/net-98-execute-scripts
index 3cf0977..62da86e 100755
--- a/src/etc/one-context.d/net-98-execute-scripts
+++ b/src/etc/one-context.d/net-98-execute-scripts
@@ -1,7 +1,9 @@
 #!/bin/bash
 
 MOUNT_DIR=${MOUNT_DIR:-/mnt}
-TMP_DIR=$(mktemp -d "${RUNTIME_DIR:-/tmp}.XXXX")
+TMP_DIR=$(mktemp -d "/tmp/one-context.XXXXXX")
+
+chmod 700 "${TMP_DIR}"
 
 if [ -z "$INIT_SCRIPTS" ]; then
     if [ -f "$MOUNT_DIR/init.sh" ]; then
@@ -9,13 +11,12 @@ if [ -z "$INIT_SCRIPTS" ]; then
     fi
 fi
 
-mkdir -p $TMP_DIR
 cd $MOUNT_DIR
 
 for f in $INIT_SCRIPTS; do
-    cp $f $TMP_DIR
+    cp "$f" "${TMP_DIR}/"
     chmod +x $TMP_DIR/$f
     $TMP_DIR/$f
 done
 
-rm -rf ${TMP_DIR}
+rm -rf "${TMP_DIR}"