Subject: Don't attempt to create temporary files in the user's home directory
Origin: v9-2-gdc292ff
Upstream-Author: Javier Martinez Canillas <javierm@redhat.com>
Date: Tue Feb 20 16:51:10 2018 +0100

    To use the tpm2 pin, some temporary files need to be created due how the
    tpm2-tools work. Currently they are created in the user's home directory
    but the commands can be executed by a user that doesn't have a home dir.
    
    So it's better to just create the temporary directory in /tmp, which is
    mktemp default. The mktemp default permissions are u+rwx anyways, so it
    isn't less secure to have the temp dir at /tmp instead of the home dir.
    
    Fixes: #30
    
    Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>

--- a/src/clevis-decrypt-tpm2
+++ b/src/clevis-decrypt-tpm2
@@ -82,7 +82,7 @@
     exit 1
 fi
 
-if ! TMP=`mktemp -d -p ~`; then
+if ! TMP=`mktemp -d`; then
     echo "Creating a temporary dir for TPM files failed!" >&2
     exit 1
 fi
--- a/src/clevis-encrypt-tpm2
+++ b/src/clevis-encrypt-tpm2
@@ -92,7 +92,7 @@
     exit 1
 fi
 
-if ! TMP=`mktemp -d -p ~`; then
+if ! TMP=`mktemp -d`; then
     echo "Creating a temporary dir for TPM files failed!" >&2
     exit 1
 fi