From f83af95f8a54d0375ac6e159b663de887ba5b6a6 Mon Sep 17 00:00:00 2001 From: aszlig Date: Mon, 25 Aug 2014 15:00:55 +0200 Subject: [PATCH] build-support: Use mktemp -d in nix-prefetch-*. Instead of relying on $$ to not collide with an existing path. Quoting the Bash manual about $$: > Expands to the process ID of the shell. In a () subshell, it expands > to the process ID of the current shell, not the subshell. So, this is different from $BASHPID: > Expands to the process ID of the current bash process. This differs > from $$ under certain circumstances, such as subshells that do not > require bash to be re-initialized. But even $BASHPID is prone to race conditions if the process IDs wrap around, so to be on the safe side, we're using mktemp here. Closes #3784. Signed-off-by: aszlig --- pkgs/build-support/fetchbzr/nix-prefetch-bzr | 7 +++---- pkgs/build-support/fetchgit/nix-prefetch-git | 8 ++++---- pkgs/build-support/fetchhg/nix-prefetch-hg | 7 +++---- pkgs/build-support/fetchsvn/nix-prefetch-svn | 7 +++---- 4 files changed, 13 insertions(+), 16 deletions(-) diff --git a/pkgs/build-support/fetchbzr/nix-prefetch-bzr b/pkgs/build-support/fetchbzr/nix-prefetch-bzr index 2f46819323f2..346c2b05cbdd 100755 --- a/pkgs/build-support/fetchbzr/nix-prefetch-bzr +++ b/pkgs/build-support/fetchbzr/nix-prefetch-bzr @@ -43,11 +43,10 @@ fi # If we don't know the hash or a path with that hash doesn't exist, # download the file and add it to the store. if test -z "$finalPath"; then - tmpPath=/tmp/bzr-checkout-tmp-$$ - tmpFile=$tmpPath/$dstFile - mkdir $tmpPath + tmpPath="$(mktemp --tmpdir -d bzr-checkout-tmp-XXXXXXXX)" + trap "rm -rf \"$tmpPath\"" EXIT - trap "rm -rf $tmpPath" EXIT + tmpFile="$tmpPath/$dstFile" # Perform the checkout. bzr -Ossl.cert_reqs=none export $revarg --format=dir "$tmpFile" "$url" diff --git a/pkgs/build-support/fetchgit/nix-prefetch-git b/pkgs/build-support/fetchgit/nix-prefetch-git index b3cd3488735c..0d2536e225c3 100755 --- a/pkgs/build-support/fetchgit/nix-prefetch-git +++ b/pkgs/build-support/fetchgit/nix-prefetch-git @@ -256,11 +256,11 @@ else # download the file and add it to the store. if test -z "$finalPath"; then - tmpPath=/tmp/git-checkout-tmp-$$ - tmpFile=$tmpPath/git-export - mkdir $tmpPath $tmpFile + tmpPath="$(mktemp --tmpdir -d git-checkout-tmp-XXXXXXXX)" + trap "rm -rf \"$tmpPath\"" EXIT - trap "rm -rf $tmpPath" EXIT + tmpFile="$tmpPath/git-export" + mkdir "$tmpFile" # Perform the checkout. clone_user_rev "$tmpFile" "$url" "$rev" diff --git a/pkgs/build-support/fetchhg/nix-prefetch-hg b/pkgs/build-support/fetchhg/nix-prefetch-hg index 075dbc9c367b..7d4c0c8d7413 100755 --- a/pkgs/build-support/fetchhg/nix-prefetch-hg +++ b/pkgs/build-support/fetchhg/nix-prefetch-hg @@ -35,11 +35,10 @@ fi # download the file and add it to the store. if test -z "$finalPath"; then - tmpPath=/tmp/hg-checkout-tmp-$$ - tmpArchive=$tmpPath/hg-archive - mkdir $tmpPath + tmpPath="$(mktemp --tmpdir -d hg-checkout-tmp-XXXXXXXX)" + trap "rm -rf \"$tmpPath\"" EXIT - trap "rm -rf $tmpPath" EXIT + tmpArchive="$tmpPath/hg-archive" # Perform the checkout. if [[ $url != /* ]]; then diff --git a/pkgs/build-support/fetchsvn/nix-prefetch-svn b/pkgs/build-support/fetchsvn/nix-prefetch-svn index a2ee3ac6052f..74de0a14c801 100755 --- a/pkgs/build-support/fetchsvn/nix-prefetch-svn +++ b/pkgs/build-support/fetchsvn/nix-prefetch-svn @@ -41,11 +41,10 @@ fi # If we don't know the hash or a path with that hash doesn't exist, # download the file and add it to the store. if test -z "$finalPath"; then - tmpPath=/tmp/svn-checkout-tmp-$$ - tmpFile=$tmpPath/$dstFile - mkdir $tmpPath + tmpPath="$(mktemp --tmpdir -d svn-checkout-tmp-XXXXXXXX)" + trap "rm -rf \"$tmpPath\"" EXIT - trap "rm -rf $tmpPath" EXIT + tmpFile="$tmpPath/$dstFile" # Perform the checkout. if test "$NIX_PREFETCH_SVN_LEAVE_DOT_SVN" != 1