xref: /netbsd-src/usr.bin/mktemp/mktemp.1 (revision 1045db0b2f4be23275c7f73142ebacbd29e754b5)

.\" $NetBSD: mktemp.1,v 1.24 2021/07/25 08:52:03 simonb Exp $
.\" From: $FreeBSD: src/usr.bin/mktemp/mktemp.1,v 1.5 1999/08/28 01:04:13 peter Exp $
.\" From: $OpenBSD: mktemp.1,v 1.8 1998/03/19 06:13:37 millert Exp $
.\"
.\" Copyright (c) 1989, 1991, 1993
.\"	The Regents of the University of California.  All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\"    notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\"    notice, this list of conditions and the following disclaimer in the
.\"    documentation and/or other materials provided with the distribution.
.\" 3. Neither the name of the University nor the names of its contributors
.\"    may be used to endorse or promote products derived from this software
.\"    without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.\" $FreeBSD: src/usr.bin/mktemp/mktemp.1,v 1.5 1999/08/28 01:04:13 peter Exp $
.\"
.Dd July 25, 2021
.Dt MKTEMP 1
.Os
.Sh NAME
.Nm mktemp
.Nd make temporary file name (unique)
.Sh SYNOPSIS
.Nm mktemp
.Op Fl dqu
.Op Fl p Ar tmpdir
.Bro
.Fl t Ar prefix
.No |
.Ar template ...
.Brc
.Sh DESCRIPTION
The
.Nm
utility
is provided to allow shell scripts to safely use temporary files.
It creates temporary files or directories using unique names,
and prints the names.
.Pp
The name of each temporary file or directory is derived from a
template that includes several trailing
.Ql X
characters, such as
.Pa /tmp/prefix.XXXX .
The trailing
.Ql X
characters in the template are replaced with a unique letter and number
combination.
Any
.Ql X
characters other than at the end of the template are taken literally.
The number of unique file names
.Nm
can return depends on the number of trailing
.Ql X Ns s
in the template; six
.Ql X Ns s
will result in
.Nm
testing roughly 62 ** 6 (56800235584) combinations.
.Pp
The templates used to create the unique names are derived from the
.Fl t Ar prefix
option, or the
.Ar template
arguments, possibly modified by other options.
Any number of temporary files or directories may be created
in a single invocation using multiple
.Ar template
arguments.
It is possible to specify both a
.Fl t Ar prefix
option and one or more
.Ar template
arguments,
but this is not usually done.
.Pp
If neither a
.Fl t Ar prefix
option, nor any
.Ar template
arguments are specified, then the default is equivalent to
.Fl t Li mktemp .
.Pp
If
.Nm
can successfully generate a unique file name, the file
is created with mode 0600 (unless the
.Fl u
flag is given) and the filename is printed to standard output.
.Sh OPTIONS
The available options are as follows:
.Bl -tag -width indent
.It Fl d
Make a directory instead of a file.
.It Fl p Ar tmpdir
Specifies a directory in which temporary files should be created.
If this option is specified, then it applies to all temporary files,
including those created as a result of a
.Fl t Ar prefix
option, and those created as a result of a
.Ar template
argument.
.Pp
If the
.Fl p Ar tmpdir
option is not specified, then
temporary files created as a result of a
.Fl t Ar prefix
option will use a default temporary directory
(as described under the
.Fl t
option),
but temporary files created as a result of a
.Ar template
argument will not use a default temporary directory
(so they will be created relative to the current working directory, if the
.Ar template
does not begin with
.Ql \&/ ) .
.It Fl t Ar prefix
Generate a template using an appropriate directory name, followed by the
supplied
.Ar prefix ,
followed by
.Ql \&.XXXXXXXX .
Any
.Ql X
characters in the supplied
.Ar prefix
are taken literally, but the trailing
.Ql X
characters in the appended
.Ql \&.XXXXXXXX
are replaced by unique values.
.Pp
The directory name used for the template generated by the
.Fl t Ar prefix
option is taken from the
.Fl p Ar tmpdir
option, or from the
.Ev TMPDIR
environment variable, or
.Pa /tmp
as a default.
.Pp
If one or more
.Ar template
arguments are used in addition to the
.Fl t Ar prefix
option, then the
.Ar prefix
does not apply to the
.Ar template
arguments.
.It Fl q
Fail silently if an error occurs.
This is useful if
a script does not want error output to go to standard error.
.It Fl u
Operate in
.Dq unsafe
mode.
The temp file will be unlinked before
.Nm
exits.
This is slightly better than
.Xr mktemp 3
but still introduces a race condition.
Use of this option is not encouraged.
.El
.Sh NOTES
.Nm
takes care to create the files or directories in a way that is
safe from race conditions (provided the
.Fl u
option is not used).
.Pp
Traditionally, without
.Nm ,
many shell scripts created temporary files
using the name of the program with
the pid as a suffix.
This kind of naming scheme is predictable and creates a race condition that
allows an attacker to subvert the program by
creating a different file, directory, or symbolic link
under the same name.
A safer, though still inferior, approach
is to make a temporary directory using the same naming scheme
While this does allow one to guarantee that a temporary file will
not be subverted, it still allows a simple denial of service attack.
For these reasons it is recommended that
.Nm
be used instead of simpler schemes.
.Pp
Care should be taken to ensure that it is appropriate to use an
environment variable potentially supplied by the user.
.Sh EXIT STATUS
The
.Nm
utility exits with a value of 0 on success, and 1 on any failure.
.Sh EXAMPLES
The following
.Xr sh 1
fragment illustrates a simple use of
.Nm
where the script should quit if it cannot get a safe
temporary file.
.Bd -literal -offset indent
TMPFILE=`mktemp /tmp/${0##*/}.XXXXXX` || exit 1
echo "program output" >> $TMPFILE
.Ed
.Pp
To allow the use of $TMPDIR:
.Bd -literal -offset indent
TMPFILE=`mktemp -t ${0##*/}` || exit 1
echo "program output" >> $TMPFILE
.Ed
.Pp
In this case, we want the script to catch the error itself.
.Bd -literal -offset indent
TMPFILE=`mktemp -q /tmp/${0##*/}.XXXXXX`
if [ $? -ne 0 ]; then
	echo "$0: Can't create temp file, exiting..."
	exit 1
fi
.Ed
.Sh SEE ALSO
.Xr mkdtemp 3 ,
.Xr mkstemp 3 ,
.Xr mktemp 3 ,
.Xr environ 7
.Sh HISTORY
The
.Nm
utility appeared in
.Nx 1.5 .
It was imported from
.Fx ,
and the idea and the manual page were taken from
.Ox .