TMPDIR: to set or not to set?

I’ve run into a couple scenarios where stuff broke because nix-shell sets TMPDIR and I’ve left it unset outside of that context. In a nix-shell run my user, TMPDIR gets set to:


(the value of XDG_RUNTIME_DIR).

I’m running NixOS – I don’t think that’s relevant, but I mention it in case I’m wrong.

This can be problematic. For example, I use the op 1Password CLI, and when you sign into an account, it stores some encrypted session data in TMPDIR, or /tmp if not set.

If I sign in, then enter a nix-shell, I can’t access the existing 1Password session unless I explicitly unset TMPDIR or set it to /tmp, because op will expect to find session data in /run/user/1000 otherwise. I actually think 1Password should try XDG_RUNTIME_DIR before /tmp, but I digress.

I’m wondering if I should just set TMPDIR explicitly in my configuration.nix.

The thing is, my /run/user/1000 is a tmpfs with only 787M of space, and I’m pretty sure I’d run into a bunch of “No space left on device” errors if I set TMPDIR to that. It’s a shame, because I like the fact that it starts fresh on each reboot. My /tmp is getting cluttered and I’m never sure what I should or should not delete.

I’m curious whether others have run into this and how they’ve navigated it.

you may wrap 1Password to set TMPDIR to XDG_RUNTIME_DIR, right?

That’s a very interesting idea!

The “first” time you use 1Password, you have to go through a slightly more involved signin process. Subsequent uses just require a password to get a session token.

I’m pretty sure that if I set 1Password’s TMPDIR to the XDG_RUNTIME_DIR, I’d have to go through the more onerous signin after every reboot, since nothing would persist across boots.

I’ll keep that idea in mind though. It might be a handy solution for other tools.

But TMPDIR isn’t guaranteed to survive a reboot as well…

huh, then set it to whatever persistent tmpdir you have. Maybe even set TMPDIR=$HOME/.cache/1password.
The point is, that this program assumes TMPDIR is state dir, which is not correct.

And saving password session in /tmp is… well, I hope it uses 0600 permissions and not 0644

As for the question - I can’t find a reason why TMPDIR shouldn’t be XDG_RUNTIME_DIR on my machine, but setting it as NixOS default may break someone’s setup.

1 Like