pub fn atomic_write_private(path: &Path, data: &[u8]) -> Result<()>Expand description
Write data to path via a crash-safe replace: write to <path>.tmp (0o600 on
Unix), fsync the tmp file, rename it over the target, then fsync the parent directory.
Using Path::with_added_extension preserves the original extension:
secrets.age → secrets.age.tmp (not secrets.tmp).
On error during write or rename the .tmp file is removed to avoid orphan sidecars.
Any stale .tmp from a prior crash is removed before creating the exclusive tmp file.
§Errors
Returns the underlying io::Error if any step fails. The target file is untouched
when an error is returned.
§Examples
use zeph_common::fs_secure;
fs_secure::atomic_write_private(std::path::Path::new("/tmp/state.json"), b"{}")?;