From unknown Sat Aug 16 13:51:08 2025 X-Loop: help-debbugs@gnu.org Subject: bug#33171: TMPDIR and build containers Resent-From: "pelzflorian (Florian Pelz)" Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Sat, 27 Oct 2018 01:24:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 33171 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: 33171@debbugs.gnu.org X-Debbugs-Original-To: bug-guix@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.15406034359403 (code B ref -1); Sat, 27 Oct 2018 01:24:01 +0000 Received: (at submit) by debbugs.gnu.org; 27 Oct 2018 01:23:55 +0000 Received: from localhost ([127.0.0.1]:44463 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gGDKU-0002Ra-T8 for submit@debbugs.gnu.org; Fri, 26 Oct 2018 21:23:55 -0400 Received: from eggs.gnu.org ([208.118.235.92]:39587) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gGDKT-0002RO-Jl for submit@debbugs.gnu.org; Fri, 26 Oct 2018 21:23:53 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gGDKM-00071q-S4 for submit@debbugs.gnu.org; Fri, 26 Oct 2018 21:23:48 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_20 autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:50646) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gGDKL-00070p-Lk for submit@debbugs.gnu.org; Fri, 26 Oct 2018 21:23:46 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:49195) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gGDKK-0001Za-SY for bug-guix@gnu.org; Fri, 26 Oct 2018 21:23:45 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gGDKF-0006oi-R6 for bug-guix@gnu.org; Fri, 26 Oct 2018 21:23:44 -0400 Received: from pelzflorian.de ([5.45.111.108]:44182 helo=mail.pelzflorian.de) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gGDKF-0006o3-G0 for bug-guix@gnu.org; Fri, 26 Oct 2018 21:23:39 -0400 Received: from florianbeaglebone.fritz.box (ip5b434e10.dynamic.kabel-deutschland.de [91.67.78.16]) by mail.pelzflorian.de (Postfix) with ESMTPSA id 0A270360076 for ; Sat, 27 Oct 2018 03:23:37 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=pelzflorian.de; s=mail; t=1540603418; bh=rnkGFGYozFmZv/eERQrNthmk8Jgg9pnjYoJIvYIVm1c=; h=Date:From:To:Subject; b=0QsCP8koN2j2aSnfx0q4zvyb4hAtPYW8VRz2y9In0CceSDopnqA0M5fDLGPN5083Q baKvihsLeRyBZ4Im7YgC2kT199sL8kMTKtNPM+VwfyrUenxaax42fPIp4rb3C1urKg 90kH3zJ5mU9wKOyqiwkwXDPsfjaww1uEwUhK+/z8= Date: Sat, 27 Oct 2018 03:23:36 +0200 From: "pelzflorian (Florian Pelz)" Message-ID: <20181027012336.glawlvz63m6kiiuu@florianbeaglebone.fritz.box> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline User-Agent: NeoMutt/20180716 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.1 (----) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.1 (-----) Hello, The manual says that TMPDIR does not leak into the build environment: > You can influence the directory where the daemon stores build trees > via the =E2=80=98TMPDIR=E2=80=99 environment variable. However, the bu= ild tree within > the chroot is always called =E2=80=98/tmp/guix-build-NAME.drv-0=E2=80=99= , where NAME is > the derivation name=E2=80=94e.g., =E2=80=98coreutils-8.24=E2=80=99. Th= is way, the value of > =E2=80=98TMPDIR=E2=80=99 does not leak inside build environments, which= avoids > discrepancies in cases where build processes capture the name of their > build tree. However, later it says: > When the daemon performs a build on behalf of the user, it creates a > build directory under =E2=80=98/tmp=E2=80=99 or under the directory spe= cified by its > =E2=80=98TMPDIR=E2=80=99 environment variable; this directory is shared= with the > container for the duration of the build. Be aware that using a > directory other than =E2=80=98/tmp=E2=80=99 can affect build results=E2= =80=94for example, with a > longer directory name, a build process that uses Unix-domain sockets > might hit the name length limitation for =E2=80=98sun_path=E2=80=99, wh= ich it would > otherwise not hit. This seems like a contradiction, or do I misunderstand? Regards, Florian From unknown Sat Aug 16 13:51:08 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: "pelzflorian (Florian Pelz)" Subject: bug#33171: closed (Re: bug#33171: TMPDIR and build containers) Message-ID: References: <87efc4u969.fsf@gnu.org> <20181027012336.glawlvz63m6kiiuu@florianbeaglebone.fritz.box> X-Gnu-PR-Message: they-closed 33171 X-Gnu-PR-Package: guix Reply-To: 33171@debbugs.gnu.org Date: Thu, 01 Nov 2018 15:10:03 +0000 Content-Type: multipart/mixed; boundary="----------=_1541085003-22184-1" This is a multi-part message in MIME format... ------------=_1541085003-22184-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #33171: TMPDIR and build containers which was filed against the guix package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 33171@debbugs.gnu.org. --=20 33171: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D33171 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1541085003-22184-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 33171-done) by debbugs.gnu.org; 1 Nov 2018 15:09:14 +0000 Received: from localhost ([127.0.0.1]:58625 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gIEav-0005kk-LP for submit@debbugs.gnu.org; Thu, 01 Nov 2018 11:09:13 -0400 Received: from eggs.gnu.org ([208.118.235.92]:44330) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gIEat-0005kW-6v for 33171-done@debbugs.gnu.org; Thu, 01 Nov 2018 11:09:12 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gIEam-0004Fr-Uv for 33171-done@debbugs.gnu.org; Thu, 01 Nov 2018 11:09:05 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=disabled version=3.3.2 Received: from fencepost.gnu.org ([2001:4830:134:3::e]:59979) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gIEam-0004Fm-R3; Thu, 01 Nov 2018 11:09:04 -0400 Received: from [2a01:e0a:1d:7270:6a6c:dc17:fc02:cfda] (port=52288 helo=ribbon) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1gIEam-000474-Fy; Thu, 01 Nov 2018 11:09:04 -0400 From: ludo@gnu.org (Ludovic =?utf-8?Q?Court=C3=A8s?=) To: "pelzflorian \(Florian Pelz\)" Subject: Re: bug#33171: TMPDIR and build containers References: <20181027012336.glawlvz63m6kiiuu@florianbeaglebone.fritz.box> X-URL: http://www.fdn.fr/~lcourtes/ X-Revolutionary-Date: 11 Brumaire an 227 de la =?utf-8?Q?R=C3=A9volution?= X-PGP-Key-ID: 0x090B11993D9AEBB5 X-PGP-Key: http://www.fdn.fr/~lcourtes/ludovic.asc X-PGP-Fingerprint: 3CE4 6455 8A84 FDC6 9DB4 0CFB 090B 1199 3D9A EBB5 X-OS: x86_64-pc-linux-gnu Date: Thu, 01 Nov 2018 16:09:02 +0100 In-Reply-To: <20181027012336.glawlvz63m6kiiuu@florianbeaglebone.fritz.box> (pelzflorian's message of "Sat, 27 Oct 2018 03:23:36 +0200") Message-ID: <87efc4u969.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 2001:4830:134:3::e X-Spam-Score: -5.0 (-----) X-Debbugs-Envelope-To: 33171-done Cc: 33171-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -6.0 (------) Hello Florian, "pelzflorian (Florian Pelz)" skribis: > The manual says that TMPDIR does not leak into the build environment: > >> You can influence the directory where the daemon stores build trees >> via the =E2=80=98TMPDIR=E2=80=99 environment variable. However, the bui= ld tree within >> the chroot is always called =E2=80=98/tmp/guix-build-NAME.drv-0=E2=80=99= , where NAME is >> the derivation name=E2=80=94e.g., =E2=80=98coreutils-8.24=E2=80=99. Thi= s way, the value of >> =E2=80=98TMPDIR=E2=80=99 does not leak inside build environments, which = avoids >> discrepancies in cases where build processes capture the name of their >> build tree. > > > However, later it says: > >> When the daemon performs a build on behalf of the user, it creates a >> build directory under =E2=80=98/tmp=E2=80=99 or under the directory spec= ified by its >> =E2=80=98TMPDIR=E2=80=99 environment variable; this directory is shared = with the >> container for the duration of the build. Be aware that using a >> directory other than =E2=80=98/tmp=E2=80=99 can affect build results=E2= =80=94for example, with a >> longer directory name, a build process that uses Unix-domain sockets >> might hit the name length limitation for =E2=80=98sun_path=E2=80=99, whi= ch it would >> otherwise not hit. > > > This seems like a contradiction, or do I misunderstand? Indeed. The sentences that starts with =E2=80=9CBe aware=E2=80=9D is inacc= urate; I=E2=80=99ll remove it. Thank you! Ludo=E2=80=99. ------------=_1541085003-22184-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 27 Oct 2018 01:23:55 +0000 Received: from localhost ([127.0.0.1]:44463 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gGDKU-0002Ra-T8 for submit@debbugs.gnu.org; Fri, 26 Oct 2018 21:23:55 -0400 Received: from eggs.gnu.org ([208.118.235.92]:39587) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gGDKT-0002RO-Jl for submit@debbugs.gnu.org; Fri, 26 Oct 2018 21:23:53 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gGDKM-00071q-S4 for submit@debbugs.gnu.org; Fri, 26 Oct 2018 21:23:48 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-0.0 required=5.0 tests=BAYES_20 autolearn=disabled version=3.3.2 Received: from lists.gnu.org ([2001:4830:134:3::11]:50646) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gGDKL-00070p-Lk for submit@debbugs.gnu.org; Fri, 26 Oct 2018 21:23:46 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:49195) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gGDKK-0001Za-SY for bug-guix@gnu.org; Fri, 26 Oct 2018 21:23:45 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gGDKF-0006oi-R6 for bug-guix@gnu.org; Fri, 26 Oct 2018 21:23:44 -0400 Received: from pelzflorian.de ([5.45.111.108]:44182 helo=mail.pelzflorian.de) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gGDKF-0006o3-G0 for bug-guix@gnu.org; Fri, 26 Oct 2018 21:23:39 -0400 Received: from florianbeaglebone.fritz.box (ip5b434e10.dynamic.kabel-deutschland.de [91.67.78.16]) by mail.pelzflorian.de (Postfix) with ESMTPSA id 0A270360076 for ; Sat, 27 Oct 2018 03:23:37 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=pelzflorian.de; s=mail; t=1540603418; bh=rnkGFGYozFmZv/eERQrNthmk8Jgg9pnjYoJIvYIVm1c=; h=Date:From:To:Subject; b=0QsCP8koN2j2aSnfx0q4zvyb4hAtPYW8VRz2y9In0CceSDopnqA0M5fDLGPN5083Q baKvihsLeRyBZ4Im7YgC2kT199sL8kMTKtNPM+VwfyrUenxaax42fPIp4rb3C1urKg 90kH3zJ5mU9wKOyqiwkwXDPsfjaww1uEwUhK+/z8= Date: Sat, 27 Oct 2018 03:23:36 +0200 From: "pelzflorian (Florian Pelz)" To: bug-guix@gnu.org Subject: TMPDIR and build containers Message-ID: <20181027012336.glawlvz63m6kiiuu@florianbeaglebone.fritz.box> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline User-Agent: NeoMutt/20180716 Content-Transfer-Encoding: quoted-printable X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x X-Received-From: 2001:4830:134:3::11 X-Spam-Score: -4.1 (----) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -5.1 (-----) Hello, The manual says that TMPDIR does not leak into the build environment: > You can influence the directory where the daemon stores build trees > via the =E2=80=98TMPDIR=E2=80=99 environment variable. However, the bu= ild tree within > the chroot is always called =E2=80=98/tmp/guix-build-NAME.drv-0=E2=80=99= , where NAME is > the derivation name=E2=80=94e.g., =E2=80=98coreutils-8.24=E2=80=99. Th= is way, the value of > =E2=80=98TMPDIR=E2=80=99 does not leak inside build environments, which= avoids > discrepancies in cases where build processes capture the name of their > build tree. However, later it says: > When the daemon performs a build on behalf of the user, it creates a > build directory under =E2=80=98/tmp=E2=80=99 or under the directory spe= cified by its > =E2=80=98TMPDIR=E2=80=99 environment variable; this directory is shared= with the > container for the duration of the build. Be aware that using a > directory other than =E2=80=98/tmp=E2=80=99 can affect build results=E2= =80=94for example, with a > longer directory name, a build process that uses Unix-domain sockets > might hit the name length limitation for =E2=80=98sun_path=E2=80=99, wh= ich it would > otherwise not hit. This seems like a contradiction, or do I misunderstand? Regards, Florian ------------=_1541085003-22184-1--