From 5945edc9e3bc0e258d8d0e573262bf227f566334 Mon Sep 17 00:00:00 2001
From: kpcyrd <git@rxv.cc>
Date: Thu, 2 Nov 2017 16:15:47 +0100
Subject: reproducible-archlinux: avoid possible TOCTOU issue

---
 bin/reproducible_setup_archlinux_schroot.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'bin/reproducible_setup_archlinux_schroot.sh')

diff --git a/bin/reproducible_setup_archlinux_schroot.sh b/bin/reproducible_setup_archlinux_schroot.sh
index c2485ce6..5b74db12 100755
--- a/bin/reproducible_setup_archlinux_schroot.sh
+++ b/bin/reproducible_setup_archlinux_schroot.sh
@@ -39,8 +39,10 @@ bootstrap() {
         rm -rf --one-file-system "$SCHROOT_BASE/root.x86_64/"
         tar xzf archlinux-bootstrap-$BOOTSTRAP_DATE-x86_64.tar.gz -C $SCHROOT_BASE
 
-        rm -rf --one-file-system "$SCHROOT_BASE/$TARGET"
+        mv "$SCHROOT_BASE/$TARGET" "$SCHROOT_BASE/$TARGET.old"
         mv $SCHROOT_BASE/root.x86_64 $SCHROOT_BASE/$TARGET
+        rm -rf --one-file-system "$SCHROOT_BASE/$TARGET.old"
+
         rm archlinux-bootstrap-$BOOTSTRAP_DATE-x86_64.tar.gz -rf
     fi
 
-- 
cgit v1.2.3-54-g00ecf