Forum Discussion

Former Member's avatar
Former Member
4 years ago

[Linux] Use $XDG_RUNTIME_DIR instead of $HOME/.1password?

I like to try (although not very successfully) to keep my home directory clean of unnecessary dotfiles. While this is a very cool feature, I think it makes more sense to keep the socket in $XDG_RUNTIME_DIR. This seems to be what the directory is made for, and would prevent another folder under the home directory.

From the https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html:

$XDG_RUNTIME_DIR defines the base directory relative to which user-specific non-essential runtime files and other file objects (such as sockets, named pipes, ...) should be stored. The directory MUST be owned by the user, and he MUST be the only one having read and write access to it. Its Unix access mode MUST be 0700.

1Password Version: 8.6.0~26.BETA
Extension Version: 2.3.0
OS Version: Fedora Linux 35 (Workstation Edition)

SSH

6 Replies

    • 1P_Phil's avatar
      1P_Phil
      Icon for Moderator rankModerator
      2 months ago

      Hi ragectl​ ,

      Thanks for bumping this. I'll re-share this with the team. 

      Just to confirm, you are looking for a way to personalize the "~/.1password/" directory location from "~" to potentially the env's $XDG_RUNTIME_DIR or elsewhere.

      Let me know if I got that wrong.

      Cheers,
      Phil & Team

      • ragectl's avatar
        ragectl
        Occasional Contributor
        2 months ago

        Yes, please.

        I checked the documentation and even tested this on current BETA release for Linux and there is no documented way to move this SSH agent socket file out of ~/.1password/ directory.

        As the other comment noted, this value in the SSH config file should be supported:

        ${XDG_RUNTIME_DIR}/1Password-ssh-agent.sock

        ssh_config shows that environment variables are supported for IdentityAgent in modern releases:

        Arguments to IdentityAgent may use the tilde syntax to refer to a user's home directory, the tokens described in the “TOKENS” section and environment variables as described in the “ENVIRONMENT VARIABLES” section

        Which allows the SSH config file to be set like this:

        Host *
IdentityAgent ${XDG_RUNTIME_DIR}/1Password-ssh-agent.sock

        That would put the SSH agent socket file in the same directory the browser integration socket file is already using:

        ${XDG_RUNTIME_DIR}/1Password-BrowserSupport.sock

        So it's clear this directory is supported by 1Password on Linux, just needs to be updated for configuration of SSH Agent socket file.

        Ideally, XDG_RUNTIME_DIR would be used by default, with a fallback to the current location.

        Alternatively, less user-friendly would be to allow us to specify the socket file location in the SSH Agent config file ~/.config/1Password/ssh/agent.toml

  • XIII's avatar
    XIII
    Super Contributor
    4 years ago

    I’d like this too, but on macOS.

    • ashugg's avatar
      ashugg
      New Contributor
      2 months ago

      Instead of ~/Library/Application Support/1Password ?

  • Former Member's avatar
    Former Member
    4 years ago

    Quick follow up, I just tried it myself (by symlinking $HOME/.1password/agent.sock -> $XDG_RUNTIME_DIR/1password-ssh-agent.sock and updating my SSH config file to


    Host *
    IdentityAgent ${XDG_RUNTIME_DIR}/1password-ssh-agent.sock

    and it still works fine. The 1Password app actually already has a socket in there (1Password-BrowserSupport.sock), so it doesn't seem like a stretch to add another.