1.\" $OpenBSD: mktemp.1,v 1.34 2024/03/03 15:24:45 millert Exp $ 2.\" 3.\" Copyright (c) 1996, 2000, 2001, 2003, 2010, 2013, 2024 4.\" Todd C. Miller <millert@openbsd.org> 5.\" 6.\" Permission to use, copy, modify, and distribute this software for any 7.\" purpose with or without fee is hereby granted, provided that the above 8.\" copyright notice and this permission notice appear in all copies. 9.\" 10.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17.\" 18.Dd $Mdocdate: March 3 2024 $ 19.Dt MKTEMP 1 20.Os 21.Sh NAME 22.Nm mktemp 23.Nd make temporary file or directory (unique) 24.Sh SYNOPSIS 25.Nm mktemp 26.Op Fl dqtu 27.Op Fl p Ar directory 28.Op Ar template 29.Sh DESCRIPTION 30The 31.Nm mktemp 32utility takes the specified file name 33.Ar template 34and overwrites a portion of it to create a unique file name. 35The 36.Ar template 37may be any file name containing at least six 38.Ql X Ns s 39in the last component of the path, for example 40.Pa /tmp/tfile.XXXXXXXXXX 41or 42.Pa /tmp/editor.XXXXXXXXXX.txt . 43If there is more than one run of 44.Ql X Ns s 45in the 46.Ar template , 47only the last one will be considered. 48If no 49.Ar template 50is specified, a default value of 51.Pa tmp.XXXXXXXXXX 52is used and the 53.Fl t 54flag is implied (see below). 55.Pp 56The final 57.Ql X Ns s 58are replaced with a unique digit and letter combination. 59The name chosen depends both on the number of 60.Ql X Ns s 61in the 62.Ar template 63and the number of collisions with pre-existing entries. 64The number of unique names 65.Nm 66can return depends on the number of 67.Ql X Ns s 68provided; ten 69.Ql X Ns s 70will 71result in 72.Nm 73testing roughly 26 ** 10 combinations. 74.Pp 75If 76.Nm 77successfully generates a unique name, the file (or directory) 78is created with permissions such that it is only readable and writable 79by its owner (unless the 80.Fl u 81flag is given) and the name is printed to the standard output. 82.Pp 83.Nm mktemp 84is provided to allow shell scripts to safely use temporary files. 85Traditionally, many shell scripts take the name of the program with 86the PID as a suffix and use that as a temporary file name. 87This kind of naming scheme is predictable and the race condition it creates 88is easy for an attacker to win. 89A safer, though still inferior approach, 90is to make a temporary directory using the same naming scheme. 91While this does allow one to guarantee that a temporary file will not be 92subverted, it still allows a simple denial of service attack. 93For these reasons it is suggested that 94.Nm 95be used instead. 96.Pp 97The options are as follows: 98.Bl -tag -width Ds 99.It Fl d 100Make a directory instead of a file. 101.It Fl p Ar directory 102Use the specified 103.Ar directory 104as a prefix when generating the temporary name. 105The 106.Ar directory 107will be overridden by the user's 108.Ev TMPDIR 109environment variable if it is set. 110This option implies the 111.Fl t 112flag (see below). 113.It Fl q 114Fail silently if an error occurs. 115This is useful if 116a script does not want error output to go to standard error. 117.It Fl t 118Generate a path rooted in a temporary directory. 119This directory is chosen as follows: 120.Bl -bullet 121.It 122If the user's 123.Ev TMPDIR 124environment variable is set, the directory contained therein is used. 125.It 126Otherwise, if the 127.Fl p 128flag was given the specified directory is used. 129.It 130If none of the above apply, 131.Pa /tmp 132is used. 133.El 134.Pp 135In this mode, the 136.Ar template 137(if specified) should be a directory component (as opposed to a full path) 138and thus should not contain any forward slashes. 139.It Fl u 140Operate in 141.Dq unsafe 142mode. 143The temp file will be unlinked before 144.Nm 145exits. 146This is slightly better than 147.Xr mktemp 3 148but still introduces a race condition. 149Use of this option is not encouraged. 150.El 151.Sh ENVIRONMENT 152.Bl -tag -width TMPDIR 153.It Ev TMPDIR 154directory in which to place the temporary file when in 155.Fl t 156mode 157.El 158.Sh EXIT STATUS 159.Ex -std mktemp 160.Sh EXAMPLES 161The following 162.Xr sh 1 163fragment illustrates a simple use of 164.Nm 165where the script should quit if it cannot get a safe 166temporary file: 167.Bd -literal -offset indent 168TMPFILE=`mktemp /tmp/example.XXXXXXXXXX` || exit 1 169echo "program output" >> $TMPFILE 170.Ed 171.Pp 172The same fragment with support for a user's 173.Ev TMPDIR 174environment variable can be written as follows: 175.Bd -literal -offset indent 176TMPFILE=`mktemp -t example.XXXXXXXXXX` || exit 1 177echo "program output" >> $TMPFILE 178.Ed 179.Pp 180This can be further simplified if we don't care about the actual name of 181the temporary file. 182In this case the 183.Fl t 184flag is implied: 185.Bd -literal -offset indent 186TMPFILE=`mktemp` || exit 1 187echo "program output" >> $TMPFILE 188.Ed 189.Pp 190In some cases, it may be desirable to use a default temporary directory 191other than 192.Pa /tmp . 193In this example the temporary file will be created in 194.Pa /extra/tmp 195unless the user's 196.Ev TMPDIR 197environment variable specifies otherwise: 198.Bd -literal -offset indent 199TMPFILE=`mktemp -p /extra/tmp example.XXXXXXXXXX` || exit 1 200echo "program output" >> $TMPFILE 201.Ed 202.Pp 203In other cases, we want the script to catch the error. 204For instance, if we attempt to create two temporary files and 205the second one fails we need to remove the first before exiting: 206.Bd -literal -offset indent 207TMP1=`mktemp -t example.XXXXXXXXXX.1` || exit 1 208TMP2=`mktemp -t example.XXXXXXXXXX.2` 209if [ $? -ne 0 ]; then 210 rm -f $TMP1 211 exit 1 212fi 213.Ed 214.Pp 215Or perhaps you don't want to exit if 216.Nm 217is unable to create the file. 218In this case you can protect that part of the script thusly: 219.Bd -literal -offset indent 220TMPFILE=`mktemp -q -t example.XXXXXXXXXX` && { 221 # Safe to use $TMPFILE in this block 222 echo data > $TMPFILE 223 ... 224 rm -f $TMPFILE 225} 226.Ed 227.Sh DIAGNOSTICS 228One of the following error messages may be displayed if 229.Nm 230does not succeed and the 231.Fl q 232option was not specified: 233.Bl -tag -width indent 234.It Li "insufficient number of Xs in template" 235The specified 236.Ar template 237contained fewer than six 238.Ql X Ns s 239at the end. 240.It Li "template must not contain directory separators in -t mode" 241The 242.Ar template 243contained one or more directory components and the 244.Fl t 245option was specified. 246.It Li "cannot make temp dir" 247.Nm 248was unable to create the temporary directory for any of the reasons 249specified by 250.Xr mkdtemp 3 . 251.It Li "cannot make temp file" 252.Nm 253was unable to create the temporary file for any of the reasons 254specified by 255.Xr mkstemp 3 . 256.It Li "cannot allocate memory" 257.Nm 258was unable to allocate memory for any of the reasons specified by 259.Xr malloc 3 . 260.El 261.Sh SEE ALSO 262.Xr mktemp 3 263.Sh HISTORY 264The 265.Nm 266utility first appeared in 267.Ox 2.1 . 268