pub fn atomic_write(path: &Path, content: &[u8]) -> Result<()>Expand description
Atomic write: write content to a PID-suffixed temp file with chmod 600, then rename. Uses O_EXCL (create_new) to prevent symlink attacks on the temp file path. Cleans up the temp file on failure.
When the target file already exists, its mode is preserved across the rename — clamped to a minimum of 0o600 so a write never widens the permission set of an SSH config file. A target with mode 0o644 stays 0o644; a target with mode 0o400 is tightened from 0o600 (the temp file’s initial mode) up to 0o600 — i.e. the more restrictive of the two wins only when it’s still at least 0o600.
Logs a warning when the target is a hard link with more than one name:
rename(2) substitutes the inode atomically, so any sibling hard link
silently keeps the OLD content. Common dotfiles managers (chezmoi, stow)
use symlinks rather than hard links so this is rare, but worth surfacing.