From c740c3ce500af2b7eb34651b5eeec01288d79dca Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <edolstra@gmail.com>
Date: Wed, 31 May 2017 13:39:27 +0200
Subject: OS X sandbox: Store .sb file in $TMPDIR rather than the Nix store
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The filename used was not unique and owned by the build user, so
builds could fail with

error: while setting up the build environment: cannot unlink ‘/nix/store/99i210ihnsjacajaw8r33fmgjvzpg6nr-bison-3.0.4.drv.sb’: Permission denied
---
 src/libstore/build.cc | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

(limited to 'src/libstore/build.cc')

diff --git a/src/libstore/build.cc b/src/libstore/build.cc
index 92471b228d00..8695850b3441 100644
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@@ -778,7 +778,6 @@ private:
 #if __APPLE__
     typedef string SandboxProfile;
     SandboxProfile additionalSandboxProfile;
-    AutoDelete autoDelSandbox;
 #endif
 
     /* Hash rewriting. */
@@ -2711,9 +2710,7 @@ void DerivationGoal::runChild()
             debug("Generated sandbox profile:");
             debug(sandboxProfile);
 
-            Path sandboxFile = drvPath + ".sb";
-            deletePath(sandboxFile);
-            autoDelSandbox.reset(sandboxFile, false);
+            Path sandboxFile = tmpDir + "/.sandbox.sb";
 
             writeFile(sandboxFile, sandboxProfile);
 
-- 
cgit 1.4.1