From 330218e69abaec3377cfe6537827542610a18069 Mon Sep 17 00:00:00 2001 From: h0m1 Date: Tue, 19 Nov 2019 20:41:56 +0100 Subject: [PATCH] stage-1: create temporary secrets directory in /tmp and not in cwd --- nixos/modules/system/boot/stage-1.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/system/boot/stage-1.nix b/nixos/modules/system/boot/stage-1.nix index 86bfde6349c..e133a357bb7 100644 --- a/nixos/modules/system/boot/stage-1.nix +++ b/nixos/modules/system/boot/stage-1.nix @@ -366,7 +366,7 @@ let } trap cleanup EXIT - tmp=$(mktemp -d initrd-secrets.XXXXXXXXXX) + tmp=$(mktemp -d ''${TMPDIR:-/tmp}/initrd-secrets.XXXXXXXXXX) ${lib.concatStringsSep "\n" (mapAttrsToList (dest: source: let source' = if source == null then dest else toString source; in