fix(qemu): set `TMPDIR` to writeable directory

QEMU attempts to write copy-on-write snapshots to `/var/tmp` because
they can be become large and `/tmp` is often `tmpfs` which may
not have enough space.

`/var/tmp` in a sandbox is read-only. This changes QEMU
to write into `./tmp` which is relative to the sandbox
root.