Good default for XDG_RUNTIME_DIR?

Solution 1:

SystemD makes /run/user/$USER kinda mandatory.

Unprivileged Write Access

Unprivileged processes generally lack write access to most of the hierarchy.

The exceptions for normal users are /tmp, /var/tmp, /dev/shm, as well as the home directory $HOME (usually found below /home) and the runtime directory $XDG_RUNTIME_DIR (found below /run/user) of the user, which are all writable.

For unprivileged system processes only /tmp, /var/tmp and /dev/shm are writable. If an unprivileged system process needs a private, writable directory in /var or /run, it is recommended to either create it before dropping privileges in the daemon code, to create it via tmpfiles.d(5) fragments during boot, or via the RuntimeDirectory= directive of service units (see systemd.unit(5) for details).

Solution 2:

/tmp is used by plenty of programs in a similar way already. On my system I can see the /tmp/orbit-$USER (used by Gnome's ORBit2) and /tmp/.X11-unix/ (Xorg and X11) directories with plenty of pipes, ehm, sockets, in them. I am sure there are also others, so I see nothing wrong with what you are doing. Just be prepared that since it is a world writeable location a malicious process can hijack the location (verify the permissions before you write to it).

I can also recommend $TMPDIR for those who use pam_mktemp, as this directory is only accessible by the user.

Solution 3:

Create directory /tmp/service-$ with unique id. For exsmple, in shell:

mktemp -d /tmp/service-"$USER".XXX