ssh-agent creates $SSH_AUTH_SOCK within a temporary directory of the form /tmp/ssh-XXXXXXXXXXXX. These directories often stick around and don't get cleaned up. (Right now I have piles of them just from the past month.) These directories seem like a perfect fit for /var/run, rather than /tmp, since they exist primarily to provide a socket. Moving them to /var/run should not break anything (since $SSH_AUTH_SOCK would point to the new location), and should allow these directories to get automatically cleaned up. Furthermore, this reduces clutter in /tmp.
/var/run is not user-writable on most Unix variants. Furthermore, safely reaping stale files from /tmp is a long solved problem
(In reply to comment #1) > /var/run is not user-writable on most Unix variants. ssh-agent could simply fall back to /tmp if /var/run fails. > Furthermore, > safely reaping stale files from /tmp is a long solved problem Not entirely. Some systems remove old files from /tmp at boot time, but that can result in unexpected data loss. Furthermore, tmpreaper at least avoids removing sockets unless explicitly requested.
A correction: this directory should move into $XDG_RUNTIME_DIR if set. That variable will point to a user-writable (and user-specific) directory; if unset, ssh can fall back to $TMPDIR or /tmp as it does now.
Recent ssh-agent already honors TMPDIR for this.
$XDG_RUNTIME_DIR, when configured, normally points to a user-private directory separate from $TMPDIR. ssh-agent should use $XDG_RUNTIME_DIR in preference to $TMPDIR if set, and fall back to $TMPDIR.
close resolved bugs now that openssh-5.9 has been released