From cb9601029ea164b86bdf997f7160d494c15d344b Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <eelco.dolstra@logicblox.com>
Date: Wed, 2 Dec 2015 14:59:07 +0100
Subject: daemon: Use deterministic $TMPDIR in chroot.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Rather than using $<host-TMPDIR>/nix-build-<drvname>-<number>, the
temporary directory is now always /tmp/nix-build-<drvname>-0. This
improves bitwise-exact reproducibility for builds that store $TMPDIR
in their build output. (Of course, those should still be fixed...)

* nix/libstore/build.cc (DerivationGoal)[tmpDirInSandbox]: New field.
(DerivationGoal::startBuilder): Initialize 'useChroot' earlier.  Compute
'tmpDirInSandbox', and use it when populating 'dirsInChroot'.
* doc/guix.texi (Build Environment Setup): Document it.

Co-authored-by: Ludovic Courtès <ludo@gnu.org>
---
 doc/guix.texi | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'doc')

diff --git a/doc/guix.texi b/doc/guix.texi
index 97fddd025e..4b06b32232 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -600,6 +600,14 @@ user @file{nobody};
 a writable @file{/tmp} directory.
 @end itemize
 
+You can influence the directory where the daemon stores build trees
+@i{via} the @code{TMPDIR} environment variable.  However, the build tree
+within the chroot is always @file{/tmp/nix-build-@var{name}.drv-0},
+where @var{name} is the derivation name---e.g., @code{coreutils-8.24}.
+This way, the value of @code{TMPDIR} does not leak inside build
+environments, which avoids discrepancies in cases where build processes
+capture the name of their build tree.
+
 If you are installing Guix as an unprivileged user, it is still possible
 to run @command{guix-daemon} provided you pass @code{--disable-chroot}.
 However, build processes will not be isolated from one another, and not
-- 
cgit v1.2.3