[Bug 2950] New: Store user runtime files in /run/user/ rather than in /tmp/
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Sat Jan 5 03:22:37 AEDT 2019
https://bugzilla.mindrot.org/show_bug.cgi?id=2950
Bug ID: 2950
Summary: Store user runtime files in /run/user/ rather than in
/tmp/
Product: Portable OpenSSH
Version: 7.9p1
Hardware: Other
URL: https://bugzilla.redhat.com/show_bug.cgi?id=1658642
OS: Linux
Status: NEW
Keywords: patch
Severity: enhancement
Priority: P5
Component: Miscellaneous
Assignee: unassigned-bugs at mindrot.org
Reporter: jjelen at redhat.com
Created attachment 3220
--> https://bugzilla.mindrot.org/attachment.cgi?id=3220&action=edit
proposed patch
In utilized servers and desktops, it is not uncommon that /tmp
directory gets full and ssh services can not write any needed files in
there. This affects the authentication information, local and forwarded
ssh-agent sockets and forwarded kerberos tickets.
This is solved for many applications [1], services and daemons already
by using XDG_RUNTIME_DIR environment variable, which points to the
location under /run/user, that is already private for a specific user.
The advantage is that this variable is available both from PAM after
authentication and in the user session.
The attached patch implements using this environment variable if
available and makes the above use cases more reliable (especially the
authentication information files). On systems not providing this
variable, there should be no overhead and fallback to the current
method.
[1]
https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list