Bug 1886

Summary: Please move /tmp/ssh-XXXXXXXXXXXX directory to $XDG_RUNTIME_DIR if set
Product: Portable OpenSSH Reporter: Josh Triplett <josh>
Component: ssh-agentAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED INVALID    
Severity: normal CC: djm
Priority: P2    
Version: 5.8p1   
Hardware: All   
OS: All   

Description Josh Triplett 2011-04-02 10:50:52 AEDT 
ssh-agent creates $SSH_AUTH_SOCK within a temporary directory of the form /tmp/ssh-XXXXXXXXXXXX.  These directories often stick around and don't get cleaned up.  (Right now I have piles of them just from the past month.) These directories seem like a perfect fit for /var/run, rather than /tmp, since they exist primarily to provide a socket.  Moving them to /var/run should not break anything (since $SSH_AUTH_SOCK would point to the new location), and should allow these directories to get automatically cleaned up.  Furthermore, this reduces clutter in /tmp.
Comment 1 Damien Miller 2011-04-02 11:51:59 AEDT 
/var/run is not user-writable on most Unix variants. Furthermore, safely reaping stale files from /tmp is a long solved problem
Comment 2 Josh Triplett 2011-04-02 12:15:40 AEDT 
(In reply to comment #1)
> /var/run is not user-writable on most Unix variants.

ssh-agent could simply fall back to /tmp if /var/run fails.

> Furthermore,
> safely reaping stale files from /tmp is a long solved problem

Not entirely.  Some systems remove old files from /tmp at boot time, but that can result in unexpected data loss.  Furthermore, tmpreaper at least avoids removing sockets unless explicitly requested.
Comment 3 Josh Triplett 2011-04-02 19:26:03 AEDT 
A correction: this directory should move into $XDG_RUNTIME_DIR if set.  That variable will point to a user-writable (and user-specific) directory; if unset, ssh can fall back to $TMPDIR or /tmp as it does now.
Comment 4 Damien Miller 2011-04-12 15:19:39 AEST 
Recent ssh-agent already honors TMPDIR for this.
Comment 5 Josh Triplett 2011-04-12 17:27:02 AEST 
$XDG_RUNTIME_DIR, when configured, normally points to a user-private directory separate from $TMPDIR.  ssh-agent should use $XDG_RUNTIME_DIR in preference to $TMPDIR if set, and fall back to $TMPDIR.
Comment 6 Damien Miller 2011-09-06 15:33:04 AEST 
close resolved bugs now that openssh-5.9 has been released