/run/cryptsetup access denied
Issue description
I have granted write access to the target device to a non root user but when I run cryptsetup it tries to use /run/cryptsetup which is only accessible to root. Is there any reason we could not use a /run location that is accessible to the current user. ie. /run/user/${UID}/cryptsetup ? of course root would still use /run/cryptsetup
Steps for reproducing the issue
whoami randomuser cryptsetup --type luks2 luksFormat /dev/sdb2 Command failed with code -1 (wrong or missing parameters).
Additional info
Kubuntu 21.04 Cryptsetup 2.3.4
Debug log
cryptsetup --type luks2 luksFormat /dev/sdb2 --debug
# cryptsetup 2.3.4 processing "cryptsetup --type luks2 luksFormat /dev/sdb2 --debug"
# Running command luksFormat.
# Locking memory.
# setpriority -18 failed: Permission denied
# Installing SIGINT/SIGTERM handler.
# Unblocking interruption on signal.
# Allocating context for crypt device /dev/sdb2.
# Trying to open and read device /dev/sdb2 with direct-io.
# Initialising device-mapper backend library.
WARNING!
========
This will overwrite data on /dev/sdb2 irrevocably.
Are you sure? (Type 'yes' in capital letters): YES
# Interactive passphrase entry requested.
Enter passphrase for /dev/sdb2:
Verify passphrase:
# Crypto backend (OpenSSL 1.1.1j 16 Feb 2021) initialized in cryptsetup library version 2.3.4.
# Detected kernel Linux 5.11.0-22-generic x86_64.
# PBKDF argon2i, time_ms 2000 (iterations 0), max_memory_kb 1048576, parallel_threads 4.
# Formatting device /dev/sdb2 as type LUKS2.
# Topology: IO (512/0), offset = 0; Required alignment is 1048576 bytes.
# Checking if cipher aes-xts-plain64 is usable.
# Using userspace crypto wrapper to access keyslot area.
# Formatting LUKS2 with JSON metadata area 12288 bytes and keyslots area 16744448 bytes.
# Creating new digest 0 (pbkdf2).
# Setting PBKDF2 type key digest 0.
# Running pbkdf2(sha256) benchmark.
# PBKDF benchmark: memory cost = 0, iterations = 712347, threads = 0 (took 46 ms)
# PBKDF benchmark: memory cost = 0, iterations = 836185, threads = 0 (took 627 ms)
# Benchmark returns pbkdf2(sha256) 836185 iterations, 0 memory, 0 threads (for 512-bits key).
# Segment 0 assigned to digest 0.
# Wiping LUKS areas (0x000000 - 0x1000000) with zeroes.
# Wiping keyslots area (0x008000 - 0x1000000) with random data.
# Reusing open rw fd on device /dev/sdb2
# Device size 1907359744, offset 16777216.
# Acquiring write lock for device /dev/sdb2.
# Failed to open directory /run/cryptsetup: (13: Permission denied)
Cannot format device /dev/sdb2.
# Releasing crypt device /dev/sdb2 context.
# Releasing device-mapper backend.
# Closing read only fd for /dev/sdb2.
# Closing read write fd for /dev/sdb2.
# Unlocking memory.
Command failed with code -1 (wrong or missing parameters).