lix-project/lix

Fork 59

`nix-build`/`nix-shell` tmpdir unnecessarily long #1044

New issue

Closed

opened 2025-11-21 11:59:02 +00:00 by pennae · 8 comments

pennae commented

2025-11-21 11:59:02 +00:00

Owner

TMPDIR=/tmp/nix-shell-31cm5aj8fp7p0395f0lb055n23/build-top-3n5jpa6cl9nszvxjl8kmjnc4hn is an unnecessarily long tempdir for builds or shells. the second random bit is unnecessary because the first random bit already guarantees uniqueness. this is ironic because the change to this happened to make darwin paths shorter for unix socket reasons, but now anything built in a shell that places unix sockets in a tmpdir only has 30(ish) bytes total for the unix socket path where previously it could have had a lot more

cc @emilazy

`TMPDIR=/tmp/nix-shell-31cm5aj8fp7p0395f0lb055n23/build-top-3n5jpa6cl9nszvxjl8kmjnc4hn` is an unnecessarily long tempdir for builds or shells. the second random bit is unnecessary because the first random bit already guarantees uniqueness. this is ironic because the change to this happened to make darwin paths shorter for unix socket reasons, but now anything built in a shell that places unix sockets in a tmpdir only has 30(ish) bytes *total* for the unix socket path where previously it could have had a lot more cc @emilazy

pennae added the

Area/cli

Affects/Stable

Affects/Nightly

labels

2025-11-21 11:59:02 +00:00

qyriad commented

2025-11-24 18:10:53 +00:00

Owner

We get very different values with nix-shell than with nix-build. nix-build -E 'with import <nixpkgs> { }; runCommand "foo" { } "declare -p TMPDIR"' yields declare -x TMPDIR="/nix/var/nix/b/0fkd0xmsly1p4pqf6fi05isy1s", but nix-shell --run 'declare -p TMPDIR' -p yields that long as fuck path on Linux, but on my macOS machine it yields my normal shell's TMPDIR, unless I unset it first

$ nix-shell --run 'declare -p TMPDIR' -p
declare -x TMPDIR="/var/folders/jz/tbv2q66167q5k8v_xtz726q80000gn/T/"

$ env -u TMPDIR nix-shell --run 'declare -p TMPDIR' -p
declare -x TMPDIR="/private/tmp/nix-shell-68brq2c7w31ppr2zm6q3p43f7g/build-top-3p2bab9aswz49j9894w2f7a1l3"

We get very different values with `nix-shell` than with `nix-build`. `nix-build -E 'with import <nixpkgs> { }; runCommand "foo" { } "declare -p TMPDIR"'` yields `declare -x TMPDIR="/nix/var/nix/b/0fkd0xmsly1p4pqf6fi05isy1s"`, but `nix-shell --run 'declare -p TMPDIR' -p` yields that long as fuck path on Linux, but on my macOS machine it yields my normal shell's `TMPDIR`, *unless* I unset it first ```bash $ nix-shell --run 'declare -p TMPDIR' -p declare -x TMPDIR="/var/folders/jz/tbv2q66167q5k8v_xtz726q80000gn/T/" $ env -u TMPDIR nix-shell --run 'declare -p TMPDIR' -p declare -x TMPDIR="/private/tmp/nix-shell-68brq2c7w31ppr2zm6q3p43f7g/build-top-3p2bab9aswz49j9894w2f7a1l3" ```

raito commented

2025-11-24 18:38:36 +00:00

Owner

This is due to my nix-shell's fixes, $NIX_BUILD_TOP is a temporary directory in the tmpDirRoot now if no $TMPDIR is provided to avoid the fallback on /tmp, causing things like /tmp/env-vars to be written and breaking the shell.

We could rebase the build top directory one directory above, there's nothing that forces it to live inside tmpDirRoot per se, saving 36 chars again.

This is due to my nix-shell's fixes, `$NIX_BUILD_TOP` is a temporary directory in the tmpDirRoot now if no `$TMPDIR` is provided to avoid the fallback on `/tmp`, causing things like `/tmp/env-vars` to be written and breaking the shell. We could rebase the build top directory one directory above, there's nothing that forces it to live inside tmpDirRoot per se, saving 36 chars again.

pennae commented

2025-11-24 18:40:02 +00:00

Author

Owner

we could also call it just build-top instead of appending a long-ass random string, that would also help a lot

we could also call it just `build-top` instead of appending a long-ass random string, that would also help a lot

raito commented

2025-11-24 21:46:37 +00:00

Owner

As long as we can prove that temp dir cannot produce itself a build-top directory.

As long as we can prove that temp dir cannot produce itself a `build-top` directory.

pennae commented

2025-11-25 15:27:40 +00:00

Author

Owner

the tmpdir otherwise only contains result, rc, and a bunch of dotfiles. not using the full tmpdir randomness treatment for build-top will be totally fine

the tmpdir otherwise only contains `result`, `rc`, and a bunch of dotfiles. not using the full tmpdir randomness treatment for `build-top` will be totally fine

👍 1

lix-bot commented

2025-11-30 12:22:35 +00:00

Member

This issue was mentioned on Gerrit on the following CLs:

commit message in cl/4663 ("lix/legacy/nix-build: save up 30ish chars in $NIX_BUILD_TOP")

This issue was mentioned on Gerrit on the following CLs: * commit message in [cl/4663](https://gerrit.lix.systems/c/lix/+/4663) ("lix/legacy/nix-build: save up 30ish chars in $NIX_BUILD_TOP")