Temporary Writable Directory for Builds

onemoresuza · November 1, 2023, 9:16pm

Some package builds need a temporary writable directory, be it because $HOME must be accessible, it relies on some caching or any other reason.

I went looking around on the nixpkgs repo and found at least three different solutions:

mktemp — e. g., r2modman
$TMPDIR — e. g., build-support/go/module.nix
$NIX_BUILD_TOP — e. g., hare

Would there be a correct solution?

Regarding the ones above, I’ve managed to found at least an issue in regards to $NIX_BUILD_TOP:

github.com/NixOS/nixpkgs

Use of $NIX_BUILD_TOP considered harmful

opened 06:57AM - 04 Sep 22 UTC

bjornfor

0.kind: bug 6.topic: developer experience

### Describe the bug Nix expressions that rely on `$NIX_BUILD_TOP` may break un…der `nix-shell` (or when using `nativeBuildInputs = [ keepBuildTree ]`), so let's try to avoid it. ### Steps To Reproduce Steps to reproduce the behavior: 1. Find a package that uses `$NIX_BUILD_TOP`, e.g. `spotifyd` via cargo setup hook: `nix-shell -A spotifyd` 2. Run `genericBuild` inside the shell. 3. Watch it fail trying to work with files inside `$NIX_BUILD_TOP` (when the files actually are in `$PWD`). ### Expected behavior Builds work both with `nix-build` _and_ `nix-shell` (not fail in the latter case). ### Additional context A workaround for the `nix-shell` breakage could be exporting `$NIX_BUILD_TOP` before invoking any build code. (`nix develop` has code for that?) But it wouldn't fix the `keepBuildTree` case. ### Notify maintainers  ### TODO list * [x] cargo setup hook: https://github.com/NixOS/nixpkgs/issues/138554 * [ ] [buildBazelPackage](https://github.com/NixOS/nixpkgs/blob/master/pkgs/build-support/build-bazel-package/default.nix) * [ ] Most other packages referring to `$NIX_BUILD_TOP`. (Some are harmless, need to check them.)

However, its stated harmfulness is related to the use of nix-shell, not the build process.

Infinisil · November 1, 2023, 9:50pm

mktemp -d is definitely the way to go! Most notably mktemp -d ensures that it’s a fresh directory. So you don’t have to worry about the path potentially being polluted already.

rhendric · November 1, 2023, 9:57pm

Does Nix do anything to ensure that mktemp -d directories are cleaned up after a build? Or are package authors responsible for putting a trap 'rm -rf $whatever' EXIT in the relevant phase script?

Infinisil · November 1, 2023, 10:09pm

Only the build directory ($NIX_BUILD_TOP, also the same as $TMPDIR) is writable by the build, and it’s definitely being cleaned up after the build

bjornfor · November 1, 2023, 10:30pm

nix-shell doesn’t have any clean-up phase like nix-build, so I think it’s best if temporary directories are created inside the build directory/current working directory and/or using trap 'rm -rf...' EXIT.

onemoresuza · November 2, 2023, 1:09am

Thanks for the clarification!, @Infinisil.

onemoresuza · November 2, 2023, 1:14am

Do nix-shell and nix-build have the same value for TMPDIR? Because if nix-shell sets it to a tmpfs partition — e. g., /run —, the created directory would be cleaned up after a reboot and, thus, there would be no need for the trap call.