13

I've been trying to make a temporary named fifo and after referencing Bash: create anonymous fifo I see they are using mktemp -u to get the file name for the fifo. The man page states this is unsafe.

-u, --dry-run
       do not create anything; merely print a name (unsafe)

Why is this unsafe and how do I use this technique responsibly?

Community
  • 1
Jon
  • 231
  • 2
  • 7

2 Answers2

10

What they meant by "unsafe" above is the following. Say you have this scenario:

  • You run mktemp -u
  • It prints a name, say /tmp/tmp.njxOsokU9u
  • You save that name somewhere, presumably in a bash variable (e.g. tmp)
  • Your script does some work unrelated to that file
  • Your script then attempts to use the temporary file (echo hello > $tmp)

Nothing wrong, yes? Here's a similar scenario:

  • You run mktemp -u
  • It prints a name, say /tmp/tmp.njxOsokU9u
  • You save that name somewhere, presumably in a bash variable (e.g. tmp)
  • Your script does some work unrelated to that file
  • Some other process unrelated to your script creates the file with the same name (i.e. /tmp/tmp.njxOsokU9u)
  • Your script then attempts to use the temporary file (echo hello > $tmp)

Now your script and the other process could be writing to the same file, which likely will not end up well. That's why it's marked unsafe.

steady rain
  • 648
6

In the context of mktemp, "safe" means protected from inadvertent interference from other programs, especially as a result of name collision. mktemp tries to give you some assurance that even though your file is in a file system shared with numerous other programs, your script will probably be the only one interacting with the file. mktemp handles this for you in three ways:

  1. It creates names with random characters so they are unlikely to have the same name as other programs (or other running instances of the same script).
  2. It sets the permissions on the file so that it is only readable and writable by its owner, limiting the number of other programs which could disrupt it.
  3. It checks that the name isn't already in use. In other words, it checks that the file doesn't already exist.

A dry-run of mktemp can't handle permissions for you (#2), but that's easy enough to do yourself with chmod if you want.

The problem the mktemp documentation is warning you about is #3. While the invocation of mktemp in the current script will ensure the name isn't in use yet, it doesn't communicate this to other programs. Therefore, another program, or another invocation of the same script running concurrently, may invoke mktemp again and get the same temporary file path.

The only time you should use mktemp --dry-run is is for programs which will not allow their output file or directory to exist already. Many programs have an option like -f or --force to ignore and overwrite an output file, although this may also have other undesirable effects.

If you do use mktemp --dry-run, you should consider other actions to decrease the likelihood of name collision, namely:

  1. Increase the number of random characters in the filename (mktemp function #1, above).
  2. Minimize the amount of time between the invocation of mktemp --dry-run and the moment when the file is created. Similarly, you can let mktemp create the file, and delete it just before another command will create a file at the temporary path.
sondra.kinsey
  • 218