From 35f541a7a0e1875582be556a7916f2671924a316 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <edolstra@gmail.com>
Date: Wed, 31 May 2017 13:39:27 +0200
Subject: [PATCH] OS X sandbox: Store .sb file in $TMPDIR rather than the Nix
 store
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The filename used was not unique and owned by the build user, so
builds could fail with

error: while setting up the build environment: cannot unlink ‘/nix/store/99i210ihnsjacajaw8r33fmgjvzpg6nr-bison-3.0.4.drv.sb’: Permission denied
---
 src/libstore/build.cc | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/src/libstore/build.cc b/src/libstore/build.cc
index dbc6e4896..f32132225 100644
--- a/src/libstore/build.cc
+++ b/src/libstore/build.cc
@@ -778,7 +778,6 @@ private:
 #if __APPLE__
     typedef string SandboxProfile;
     SandboxProfile additionalSandboxProfile;
-    AutoDelete autoDelSandbox;
 #endif
 
     /* Hash rewriting. */
@@ -2633,9 +2632,7 @@ void DerivationGoal::runChild()
             debug("Generated sandbox profile:");
             debug(sandboxProfile);
 
-            Path sandboxFile = drvPath + ".sb";
-            if (pathExists(sandboxFile)) deletePath(sandboxFile);
-            autoDelSandbox.reset(sandboxFile, false);
+            Path sandboxFile = tmpDir + "/.sandbox.sb";
 
             writeFile(sandboxFile, sandboxProfile);