Create $XDG_RUNTIME_DIR in /run/user/{uid}

dramforever · dramforever · commit 183f414e18f9 · 2025-10-26T13:06:52.000+08:00
Using tempfile::Builder::tempdir() defaults to creating this directory
in /tmp, which is shared with the host and often somewhat persistent.
This causes one extra directory to be created in the host /tmp every
time muvm runs.

Since we mount /run as a tmpfs now in the guest now, just create
$XDG_RUNTIME_DIR in /run/user/{uid}, a common default. Specifically:

- Create /run/user as 0o755 (rwxr-xr-x) owned by root:root
- Create /run/user/{uid} as 0o700 (rwx------) owned by uid:gid

Signed-off-by: Vivian Wang &lt;dramforever@live.com&gt;
diff --git a/crates/muvm/src/guest/user.rs b/crates/muvm/src/guest/user.rs
@@ -1,25 +1,34 @@
 use std::env;
-use std::fs::{self, Permissions};
-use std::os::unix::fs::{chown, PermissionsExt as _};
+use std::fs::{self, DirBuilder};
+use std::os::unix::fs::{chown, DirBuilderExt as _};
 use std::path::{Path, PathBuf};
 
 use crate::guest::hidpipe::UINPUT_PATH;
 use anyhow::{anyhow, Context, Result};
 use nix::sys::wait::{waitpid, WaitStatus};
 use nix::unistd::{fork, setresgid, setresuid, ForkResult, Gid, Uid, User};
 
+fn mkdir_mode(path: &Path, mode: u32) -> Result<()> {
+    DirBuilder::new()
+        .mode(mode)
+        .create(path)
+        .with_context(|| format!("Failed to create {path:?}"))
+}
+
 pub fn setup_user(uid: Uid, gid: Gid) -> Result<PathBuf> {
     setup_directories(uid, gid)?;
 
+    let path = PathBuf::from("/run/user").join(format!("{uid}"));
+
+    mkdir_mode(&path.parent().unwrap(), 0o755)?;
+    mkdir_mode(&path, 0o700)?;
+
+    chown(&path, Some(uid.into()), Some(gid.into()))
+        .with_context(|| format!("Failed to chown {path:?}"))?;
+
     setresgid(gid, gid, Gid::from(0)).context("Failed to setgid")?;
     setresuid(uid, uid, Uid::from(0)).context("Failed to setuid")?;
 
-    let path = tempfile::Builder::new()
-        .prefix(&format!("muvm-run-{uid}-"))
-        .permissions(Permissions::from_mode(0o700))
-        .tempdir()
-        .context("Failed to create temp dir for `XDG_RUNTIME_DIR`")?
-        .into_path();
     // SAFETY: Safe if and only if `muvm-guest` program is not multithreaded.
     // See https://doc.rust-lang.org/std/env/fn.set_var.html#safety
     env::set_var("XDG_RUNTIME_DIR", &path);
