Most systems I've encountered have both tempfile(1)
and mktemp(1)
. There are syntactic differences, and mktemp
can also create directories, but they otherwise seem to do the same thing.
Is there any difference between the two? Why do both exist? Is one more standard than the other? If I just want to create a temporary file safely, is there any reason to prefer one over the other?
I suspect there's some interesting Unix lore behind this, but my searches turn up nothing.
It's the mktemp library function as would be used in a compiled program which isn't safe. And that has nothing to do with how modern the OS is, it was never safe it just wasn't realized originally.
The mktemp() function generates a unique temporary filename from template. The last six characters of template must be XXXXXX and these are replaced with a string that makes the filename unique.
tempfile. mkdtemp (suffix=None, prefix=None, dir=None) Creates a temporary directory in the most secure manner possible. There are no race conditions in the directory's creation. The directory is readable, writable, and searchable only by the creating user ID.
To create new directory use "mkdir" command. For example, to create directory TMP in the current directory issue either "mkdir TMP" or "mkdir ./TMP". It's a good practice to organize files by creating directories and putting files inside of them instead of having all files in one directory.
I suspect there's some interesting Unix lore behind this ...
The history of mktemp
can be traced to OpenBSD 2.1. However, it became a part of GNU coreutils much later. This post announced the inclusion of mktemp
for coreutils
.
Until then, tempfile
was being used by a number of programs. There was also a proposal to make tempfile
a wrapper around mktemp
, which was rejected to discourage use of tempfile
.
However, the following was added to tempfile
manual:
Exclusive creation is not guaranteed when creating files on NFS partitions.
tempfile
cannot make temporary directories.tempfile
is deprecated; you should usemktemp(1)
instead.
It says in tempfile's manual that:
tempfile - create a temporary file in a safe manner
While in mktemp:
mktemp - create a temporary file or directory
They're probably just almost the same, only that the implementation is a little different.
As said in the manual, tempfile
actually has some precautions like:
a) In case the environment variable
TMPDIR
exists and contains the name of an appropriate directory, that is used.b) Otherwise, if the
--directory
argument is specified and appropriate, it is used.c) Otherwise,
P_tmpdir
(as defined in<stdio.h>
) is used when appropriate.d) Finally an implementation-defined directory (
/tmp
) may be used.
It's actually useful if the script trusts mktemp
or tempfile
enough that it's certain that a temporary file or directory would be created. But I don't see much problem just using mktemp
if you run precautions in your script yourself. You can use [ -e ]
, [ -f ]
, [ -d ]
, [ -L ]
, etc. to verify if a file could actually be made/was already made. Even check if something's writable, readable, and/or executable with -r, -w and -x. In bash, see help test
.
Still for the sake of continuous runtime perhaps you would better rely on tempfile
when running your code in multiple environments. Just make sure that it's available everywhere enough. With which
or with type -P
you could check which one of them is available. An example:
create_temp() { if type -P tempfile >/dev/null; then # use tempfile based from $1 elif type -P mktemp > /dev/null; then # use mktemp based from $1 else echo "Can't find temporary file creator." exit 1 fi }
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With