Merge pull request #207 from DeterminateSystems/shorter-tmpdirs

edolstra · web-flow · commit 044c43c6fe2c · 2025-09-17T19:06:32.000Z
don't include derivation name in temporary build directories
diff --git a/doc/manual/rl-next/shorter-build-dir-names.md b/doc/manual/rl-next/shorter-build-dir-names.md
@@ -0,0 +1,6 @@
+---
+synopsis: "Temporary build directories no longer include derivation names"
+prs: [13839]
+---
+
+Temporary build directories created during derivation builds no longer include the derivation name in their path to avoid build failures when the derivation name is too long. This change ensures predictable prefix lengths for build directories under `/nix/var/nix/builds`.
diff --git a/src/libstore/unix/build/derivation-builder.cc b/src/libstore/unix/build/derivation-builder.cc
@@ -717,7 +717,7 @@ void DerivationBuilderImpl::startBuilder()
 
     /* Create a temporary directory where the build will take
        place. */
-    topTmpDir = createTempDir(buildDir, "nix-build-" + std::string(drvPath.name()), 0700);
+    topTmpDir = createTempDir(buildDir, "nix", 0700);
     setBuildTmpDir();
     assert(!tmpDir.empty());
 
diff --git a/tests/functional/check.sh b/tests/functional/check.sh
@@ -52,10 +52,10 @@ test_custom_build_dir() {
   nix-build check.nix -A failed --argstr checkBuildId "$checkBuildId" \
       --no-out-link --keep-failed --option build-dir "$TEST_ROOT/custom-build-dir" 2> "$TEST_ROOT/log" || status=$?
   [ "$status" = "100" ]
-  [[ 1 == "$(count "$customBuildDir/nix-build-"*)" ]]
-  local buildDir=("$customBuildDir/nix-build-"*)
+  [[ 1 == "$(count "$customBuildDir/nix-"*)" ]]
+  local buildDir=("$customBuildDir/nix-"*)
   if [[ "${#buildDir[@]}" -ne 1 ]]; then
-    echo "expected one nix-build-* directory, got: ${buildDir[*]}" >&2
+    echo "expected one nix-* directory, got: ${buildDir[*]}" >&2
     exit 1
   fi
   if [[ -e ${buildDir[*]}/build ]]; then
diff --git a/tests/nixos/user-sandboxing/default.nix b/tests/nixos/user-sandboxing/default.nix
@@ -104,8 +104,8 @@ in
 
           # Wait for the build to be ready
           # This is OK because it runs as root, so we can access everything
-          machine.wait_until_succeeds("stat /nix/var/nix/builds/nix-build-open-build-dir.drv-*/build/syncPoint")
-          dir = machine.succeed("ls -d /nix/var/nix/builds/nix-build-open-build-dir.drv-*").strip()
+          machine.wait_until_succeeds("stat /nix/var/nix/builds/nix-*/build/syncPoint")
+          dir = machine.succeed("ls -d /nix/var/nix/builds/nix-*").strip()
 
           # But Alice shouldn't be able to access the build directory
           machine.fail(f"su alice -c 'ls {dir}/build'")
@@ -125,8 +125,8 @@ in
                 args = [ (builtins.storePath "${create-hello-world}") ];
             }' >&2 &
           """.strip())
-          machine.wait_until_succeeds("stat /nix/var/nix/builds/nix-build-innocent.drv-*/build/syncPoint")
-          dir = machine.succeed("ls -d /nix/var/nix/builds/nix-build-innocent.drv-*").strip()
+          machine.wait_until_succeeds("stat /nix/var/nix/builds/nix-*/build/syncPoint")
+          dir = machine.succeed("ls -d /nix/var/nix/builds/nix-*").strip()
 
           # The build ran as `nixbld1` (which is the only build user on the
           # machine), but a process running as `nixbld1` outside the sandbox
