TemporaryDirectoryForBigFiles() can still ignore $TMPDIR about image HOT 2 OPEN

TMPDIR is explicitly defined to be a /tmp equivalent: https://pubs.opengroup.org/onlinepubs/9699919799/xrat/V4_xbd_chap10.html . I don’t think it makes any sense to define a c/image-specific semantics of TMPDIR which is different, causing users to possibly have a general TMPDIR setting and a Podman-specific TMPDIR override.

Yes, Podman did decide to interpret TMPDIR that way, and *shrug*, that can’t be resolved in this c/image repo.

I think this needs to be handled in Podman proper; it is not too onerous to structure the SystemContext creation in a way that there are some values shared process-wide, consistently, without unmaintainable code duplication.

In fact, looking at the code as it is right now, AFAICS the relevant code path uses vendor/github.com/containers/buildah/pkg/parse/parse.go:SystemContextFromFlagSet, which always sets BigFilesTemporaryDir to some value. So adding an extra environment read into temporaryDirectoryForBigFiles would not change the behavior at all, it seems to me. (There could well be other code paths that don’t work exactly the same way, and some things might need fixing; just not this one.)

from image.

Thanks for the reply! :)

TMPDIR is explicitly defined to be a /tmp equivalent: https://pubs.opengroup.org/onlinepubs/9699919799/xrat/V4_xbd_chap10.html.

Yes, but (AFAIK) /var/tmp isn't a POSIX standard at all, so I guess it should be no surprise that /var/tmp isn't mentioned there, right?
Also: https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_03 uses a generic definition (that doesn't exclude /var/tmp, at least IMO):

TMPDIR: This variable shall represent a pathname of a directory made available for programs that need a place to create temporary files.

I'm not sure where /var/tmp originates from (maybe it was first formalized in the FHS?) but standards that are aware of it do state that $TMPDIR should be used:

https://www.freedesktop.org/software/systemd/man/latest/file-hierarchy.html:

/var/tmp/
The place for larger and persistent temporary files. In contrast to /tmp/, this directory is usually mounted from a persistent physical file system and can thus accept larger files. (Use /tmp/ for small ephemeral files.) This directory is generally not flushed at boot-up, but time-based cleanup of files that have not been accessed for a certain time is applied.

If applications find the environment variable $TMPDIR set, they should use the directory specified in it instead of /var/tmp/ (see environ(7) for details).

The same security restrictions as with /tmp/ apply: mkstemp(3), mkdtemp(3), and similar calls should be used. For further details about this directory, see Using /tmp/ and /var/tmp/ Safely.

Added in version 215.

https://systemd.io/TEMPORARY_DIRECTORIES/:

If the $TMPDIR environment variable is set, use that path, and neither use /tmp/ nor /var/tmp/ directly

So I would argue that, at least on modern Linux+systemd systems, the correct (/ standard conformant) behavior would actually be to use $TMPDIR over /var/tmp (and this should also make it easier and more intuitive for users to change the temporary files directory - IMO there should be a way to override the default path, even if $TMPDIR wouldn't be used but I guess sys.BigFilesTemporaryDir should be sufficient in that case).
It should also be more in line with the Windows specific logic and the user could easily ensure that all temporary files end up in the desired $TMPDIR.

I think this needs to be handled in Podman proper

IMO it would ideally be handled in both repos/projects but it should certainly be possible to only change it there.

from image.