[Qa-jenkins-scm] [jenkins.debian.net] 02/03: reproducible-archlinux: avoid possible TOCTOU issue

[Mattia Rizzolo]

This is an automated email from the git hooks/post-receive script.

mattia pushed a commit to branch master
in repository jenkins.debian.net.

commit 5945edc9e3bc0e258d8d0e573262bf227f566334
Author: kpcyrd <git at rxv.cc>
Date:   Thu Nov 2 16:15:47 2017 +0100

    reproducible-archlinux: avoid possible TOCTOU issue
---
 bin/reproducible_setup_archlinux_schroot.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/bin/reproducible_setup_archlinux_schroot.sh b/bin/reproducible_setup_archlinux_schroot.sh
index c2485ce..5b74db1 100755
--- a/bin/reproducible_setup_archlinux_schroot.sh
+++ b/bin/reproducible_setup_archlinux_schroot.sh
@@ -39,8 +39,10 @@ bootstrap() {
         rm -rf --one-file-system "$SCHROOT_BASE/root.x86_64/"
         tar xzf archlinux-bootstrap-$BOOTSTRAP_DATE-x86_64.tar.gz -C $SCHROOT_BASE
 
-        rm -rf --one-file-system "$SCHROOT_BASE/$TARGET"
+        mv "$SCHROOT_BASE/$TARGET" "$SCHROOT_BASE/$TARGET.old"
         mv $SCHROOT_BASE/root.x86_64 $SCHROOT_BASE/$TARGET
+        rm -rf --one-file-system "$SCHROOT_BASE/$TARGET.old"
+
         rm archlinux-bootstrap-$BOOTSTRAP_DATE-x86_64.tar.gz -rf
     fi
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/qa/jenkins.debian.net.git