guix package: Create profiles/per-user/$USER upfront.

Fixes <https://bugs.gnu.org/39194>.
Reported by Matt Wette <matt.wette@gmail.com>.

* guix/scripts/package.scm (build-and-use-profile): Move
'ensure-default-profile' call to...
(process-actions): ... here.

1 files changed, 6 insertions, 3 deletions

diff --git a/guix/scripts/package.scm b/guix/scripts/package.scm
index f4d92a649e..1cb0d382bf 100644
--- a/guix/scripts/package.scm
+++ b/guix/scripts/package.scm
@@ -137,9 +137,6 @@ denote ranges as interpreted by 'matching-generations'."
 specified in MANIFEST, a manifest object.  When ALLOW-COLLISIONS? is true,
 do not treat collisions in MANIFEST as an error.  HOOKS is a list of \"profile
 hooks\" run when building the profile."
-  (when (equal? profile %current-profile)
-    (ensure-default-profile))
-
   (let* ((prof-drv (run-with-store store
                      (profile-derivation manifest
                                          #:allow-collisions? allow-collisions?
@@ -865,6 +862,12 @@ processed, #f otherwise."
                      (package-version item)
                      (manifest-entry-version entry))))))
 
+  (when (equal? profile %current-profile)
+    ;; Normally the daemon created %CURRENT-PROFILE when we connected, unless
+    ;; it's a version that lacks the fix for <https://bugs.gnu.org/37744>
+    ;; (aka. CVE-2019-18192).  Ensure %CURRENT-PROFILE exists so that
+    ;; 'with-profile-lock' can create its lock file below.
+    (ensure-default-profile))
 
   ;; First, acquire a lock on the profile, to ensure only one guix process
   ;; is modifying it at a time.