1

I am writing a piece of software (C++) which generates Python scripts. Where should these temporarily existing scripts be placed in the file system?

I read a couple pages about the Filesystem Hierarchy Standard, but I didn't find any reference to generated scripts.

/usr/bin does not seem to be a good idea as it might be read-only for certain users. My idea would be to place them under /var/run/my_program.

Is that right/ok? Or what is the "right place"?

Edit: The scripts are only used while the creating programs runs. That means they do not have to live past a reboot.

Improve this question
6
  • 1
    /var/lib seems to be one place - that's where dpkg keeps all the maintainer scripts. Commented Mar 25, 2015 at 8:46
  • How temporary are they? Should they persist across boots? Commented Mar 25, 2015 at 8:49
  • @muru: Thought about that one. But I was thrown off by the description: "State information. Persistent data modified by programs as they run, e.g., databases, packaging system metadata, etc." Commented Mar 25, 2015 at 8:56
  • @bdowning: Clarified my question: They don't have to live past a reboot. Commented Mar 25, 2015 at 8:57
  • 2
    Please note that, according to FHS 2.3, "/var/run should be unwritable for unprivileged users (root or users running daemons); it is a major security problem if any user can write in this directory.". I would go for /tmp or /var/tmp according to persistence needs. Commented Mar 25, 2015 at 9:11

1 Answer 1

Reset to default
1

Temporary files whose lifetime doesn't exceed that of the program that creates them, and in particular aren't supposed to survive a reboot, go into /tmp. Or rather, the convention is to use the directory indicated by the environment variable TMPDIR, and fall back to /tmp if it isn't set.

You can execute files in /tmp. While a system administrator could mount it without executable permissions, this would be a hardening configuration for a system that only runs specific applications: it is to be expected that preventing execution under /tmp would break some applications, and it typically wouldn't improve security anyway.

Keep in mind that this directory is often shared between users, so you need to be careful when creating files there not to accidentally start using an existing file owned by another user. Use the mktemp utility or the mkstemp function, or better, create a private temporary directory with mktemp or mkdtemp and work in that directory.

/run or /var/run are not appropriate because you may not have the permission to create files there (in fact, you will not have the permission to create files there unless granted by the system administrator). They're for system use, not for applications.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.