Comment 133 for bug 1197395

(In reply to Martin Pitt from comment #65)

> No, but /run being a tmpfs, the next reboot or at least session restart will
> clean it up. Before you do that, you won't run the new PAM module anyway.

Right, for some reason I had been thinking files were written owned by root to /home/user, but that's not the case.

(In reply to Martin Pitt from comment #62)
>
> Does getuid() make any sense here? It's a PAM module, so do we ever expect
> this to be something else than root?

Yeah, I meant: pam_get_item(pamh, PAM_USER, &user);

But I'm unable to construct a scenario where this really matters, so let's just go with your lstat() approach.