DH-1: add BIOMEOS_SOCKET_DIR to announce, socket, and deployment paths

BiomeOS Developer · cursoragent · BiomeOS Developer · commit 844dada3128e · 2026-05-29T11:02:24.000-04:00
Fixes 4 files: identity.rs (primal_announce), socket.rs (capability
discovery), platform/mod.rs (get_runtime_dir), deployment.rs (zero
config). All now check BIOMEOS_SOCKET_DIR before XDG_RUNTIME_DIR and
use temp_dir() instead of literal "/tmp". Enables ProtectSystem=strict.

Co-authored-by: Cursor &lt;cursoragent@cursor.com&gt;
diff --git a/crates/cli/src/zero_config/deployment.rs b/crates/cli/src/zero_config/deployment.rs
@@ -204,7 +204,9 @@ enum SocketStatus {
 }
 
 fn verify_capability_socket(capability: &str) -> SocketStatus {
-    let runtime_dir = std::env::var(toadstool_common::interned_strings::socket_env::XDG_RUNTIME_DIR).unwrap_or_else(|_| "/tmp".into());
+    let runtime_dir = std::env::var(toadstool_common::interned_strings::socket_env::BIOMEOS_SOCKET_DIR)
+        .or_else(|_| std::env::var(toadstool_common::interned_strings::socket_env::XDG_RUNTIME_DIR))
+        .unwrap_or_else(|_| std::env::temp_dir().to_string_lossy().into_owned());
     let socket_path = std::path::PathBuf::from(&runtime_dir)
         .join("biomeos")
         .join(format!("{capability}.sock"));
diff --git a/crates/core/common/src/primal_integration/socket.rs b/crates/core/common/src/primal_integration/socket.rs
@@ -13,13 +13,16 @@ use crate::interned_strings::socket_env;
 ///
 /// Discovery order:
 /// 1. `{CAPABILITY}_SOCKET` environment variable (e.g., `SECURITY_SOCKET`)
-/// 2. XDG runtime directory: `$XDG_RUNTIME_DIR/{capability}.sock` (or `/tmp` fallback)
+/// 2. `$BIOMEOS_SOCKET_DIR/{capability}.sock`
+/// 3. `$XDG_RUNTIME_DIR/{capability}.sock`
+/// 4. `{temp_dir}/{capability}.sock` (fallback)
 #[must_use]
 pub fn discover_service_socket_by_capability(capability: &str) -> Option<String> {
     let env_key = format!("{}_SOCKET", capability.to_uppercase().replace('-', "_"));
     std::env::var(&env_key).ok().or_else(|| {
-        let runtime_dir =
-            std::env::var(socket_env::XDG_RUNTIME_DIR).unwrap_or_else(|_| "/tmp".to_string());
+        let runtime_dir = std::env::var(socket_env::BIOMEOS_SOCKET_DIR)
+            .or_else(|_| std::env::var(socket_env::XDG_RUNTIME_DIR))
+            .unwrap_or_else(|_| std::env::temp_dir().to_string_lossy().into_owned());
         let socket_path = format!("{runtime_dir}/{capability}.sock");
         if std::path::Path::new(&socket_path).exists() {
             Some(socket_path)
diff --git a/crates/core/toadstool/src/ipc/platform/mod.rs b/crates/core/toadstool/src/ipc/platform/mod.rs
@@ -177,15 +177,16 @@ fn is_android() -> bool {
 /// 1. `XDG_RUNTIME_DIR` (standard)
 /// 2. `/run/user/{uid}` via pure-Rust UID detection
 /// 3. `BIOMEOS_RUNTIME_DIR` env override
-/// 4. `/tmp/biomeos-runtime` (last resort)
+/// 4. `{temp_dir}/biomeos-runtime` (last resort)
 fn get_runtime_dir() -> String {
     if let Ok(dir) = std::env::var(socket_env::XDG_RUNTIME_DIR) {
         return dir;
     }
     if let Ok(uid) = toadstool_common::uid_detector::get_user_id() {
         return format!("/run/user/{uid}");
     }
-    std::env::var(socket_env::BIOMEOS_RUNTIME_DIR).unwrap_or_else(|_| "/tmp/biomeos-runtime".to_string())
+    std::env::var(socket_env::BIOMEOS_RUNTIME_DIR)
+        .unwrap_or_else(|_| std::env::temp_dir().join("biomeos-runtime").to_string_lossy().into_owned())
 }
 
 // ============================================================================
diff --git a/crates/server/src/pure_jsonrpc/handler/core/identity.rs b/crates/server/src/pure_jsonrpc/handler/core/identity.rs
@@ -212,10 +212,14 @@ pub(crate) async fn primal_announce(
 
     let methods = all_callable_methods(semantic_registry);
     let socket_name = format!("{}.sock", toadstool_common::constants::CAPABILITY_DOMAIN);
-    let socket = std::env::var(socket_env::XDG_RUNTIME_DIR).map_or_else(
-        |_| format!("/tmp/biomeos/{socket_name}"),
-        |d| format!("{d}/biomeos/{socket_name}"),
-    );
+    let socket = if let Ok(dir) = std::env::var(socket_env::BIOMEOS_SOCKET_DIR) {
+        format!("{dir}/{socket_name}")
+    } else {
+        std::env::var(socket_env::XDG_RUNTIME_DIR).map_or_else(
+            |_| std::env::temp_dir().join("biomeos").join(&socket_name).to_string_lossy().into_owned(),
+            |d| format!("{d}/biomeos/{socket_name}"),
+        )
+    };
 
     Ok(serde_json::json!({
         "primal": PRIMAL_NAME,

Original file line number	Diff line number	Diff line change
`@@ -177,15 +177,16 @@ fn is_android() -> bool {`
`177`	`177`	/// 1. `XDG_RUNTIME_DIR` (standard)
`178`	`178`	/// 2. `/run/user/{uid}` via pure-Rust UID detection
`179`	`179`	/// 3. `BIOMEOS_RUNTIME_DIR` env override
`180`		-/// 4. `/tmp/biomeos-runtime` (last resort)
	`180`	+/// 4. `{temp_dir}/biomeos-runtime` (last resort)
`181`	`181`	`fn get_runtime_dir() -> String {`
`182`	`182`	`if let Ok(dir) = std::env::var(socket_env::XDG_RUNTIME_DIR) {`
`183`	`183`	`return dir;`
`184`	`184`	`}`
`185`	`185`	`if let Ok(uid) = toadstool_common::uid_detector::get_user_id() {`
`186`	`186`	`return format!("/run/user/{uid}");`
`187`	`187`	`}`
`188`		`- std::env::var(socket_env::BIOMEOS_RUNTIME_DIR).unwrap_or_else(\|_\| "/tmp/biomeos-runtime".to_string())`
	`188`	`+ std::env::var(socket_env::BIOMEOS_RUNTIME_DIR)`
	`189`	`+ .unwrap_or_else(\|_\| std::env::temp_dir().join("biomeos-runtime").to_string_lossy().into_owned())`
`189`	`190`	`}`
`190`	`191`
`191`	`192`	`// ============================================================================`