sx: use XDG_RUNTIME_DIR for xauthority file

[62832]

Relatively minor PR to move the default location of xauthority to $XDG_RUNTIME_DIR rather than $XDG_DATA_HOME as per typical recommendation, hopefully to better comply with the current XDG Base Directory spec.

$XDG_RUNTIME_DIR defines the base directory relative to which user-specific non-essential runtime files and other file objects (such as sockets, named pipes, ...) should be stored. The directory MUST be owned by the user, and he MUST be the only one having read and write access to it. Its Unix access mode MUST be 0700.

The lifetime of the directory MUST be bound to the user being logged in. It MUST be created when the user first logs in and if the user fully logs out the directory MUST be removed. If the user logs in more than once he should get pointed to the same directory, and it is mandatory that the directory continues to exist from his first login to his last logout on the system, and not removed in between. Files in the directory MUST not survive reboot or a full logout/login cycle.

If there are any problems with the current approach being proposed then please let me know.

[Earnestly]

I had considered this approach in earlier iterations but eventually decided against it.

Ultimately because it relies on too many assumptions about the environment/system, such as assuming /run/user. The XDG_RUNTIME_DIR variable is quite an odd duck compared to the rest of the specification and certainly doesn't follow the spirit of it; the most notable distinction being that it has no well defined fallback and is required to be set, nevermind the laundry list of other incidental requirements.

If it were up to me I would remove XDG_RUNTIME_DIR from the XBDS entirely. It would be more appropriate to have it formalised under the umbrella of systemd instead and have them maintain its definition: https://www.freedesktop.org/wiki/Software/systemd/InterfacePortabilityAndStabilityChart

This all means that realistically if XDG_RUNTIME_DIR was not set an implementation would have to resort to de facto /tmp usage much like plan9port with a directory readable and writable to only the user (0700).

As a result, and because the old location was HOME/.Xauthority, I decided to make it a bit less surprising and just keep it in the user's directory.

This is not an unreasonable PR but I'd like to keep it under XDG_DATA_HOME for now.

[62832]

That's fair enough, and I do like the rationale you gave with regards to how XDG_RUNTIME_DIR sits within the rest of the spec in general. Given the current definition of the spec, xauthority might just have to stay where it is for now.

[equwal]

setting xauth like this can lead to very confusing bugs

#31