gpg-agent creates $GPG_AUTH_SOCK within a temporary directory of the
form /tmp/gpg-XXXXXX. These directories often stick around and don't
get cleaned up. (Right now I have piles of them just from the past
month.) These directories seem like a perfect fit for /var/run, rather
than /tmp, since they exist primarily to provide a socket. Moving them
to /var/run should not break anything (since $GPG_AUTH_SOCK would point
to the new location), and should allow these directories to get
automatically cleaned up. Furthermore, this reduces clutter in /tmp.
Description
Description
Event Timeline
Comment Actions
We won't do that. The socket is per user and thus /var/run can't be used (no
sticky bit). In any case GnuPG is moving away from random directories to a
weel-known per-user socket. GnuPG 2.1 will have this as the default.
Comment Actions
Hence my followup correcting that to $XDG_RUNTIME_DIR, which if set points to a
user-specific writable directory intended for this kind of purpose (sockets and
other runtime files for user-specific daemons).
Comment Actions
In particular, $XDG_RUNTIME_DIR only allows writing by the user, so if you want
to have a socket with a fixed name and no random component, you can safely do that.
Comment Actions
If this XDG_RUNTIME_DIR is supported on most posix platforms we may look at this
again.
Comment Actions
If this XDG_RUNTIME_DIR is supported on most posix platforms we may look at this
again.
As an environment variable, it can exist (or not exist) on any platform. gnupg
could put its socket in XDG_RUNTIME_DIR when the environment variable exists,
and fall back to a directory in /tmp otherwise.