socket_vmnet install should mkdir $(brew --prefix)/var/run as non-root and cleanup on uninstall

[tmoschou]

brew gist-logs <formula> link OR brew config AND brew doctor output

❯ brew gist-logs socket_vmnet
Error: No logs.

❯ brew doctor
Your system is ready to brew.

❯ brew config
HOMEBREW_VERSION: 4.0.6-85-g0d5e291
ORIGIN: https://github.com/Homebrew/brew
HEAD: 0d5e291fe1cb036024e8bd1fcea5dba4227f1f16
Last commit: 8 hours ago
Core tap origin: https://github.com/Homebrew/homebrew-core
Core tap HEAD: 6bbed3caa504890feeef0f656ae9b0a83cd2d4db
Core tap last commit: 3 hours ago
Core tap branch: master
Core tap JSON: 15 Mar 01:53 UTC
HOMEBREW_PREFIX: /opt/homebrew
HOMEBREW_CASK_OPTS: []
HOMEBREW_MAKE_JOBS: 10
Homebrew Ruby: 2.6.10 => /System/Library/Frameworks/Ruby.framework/Versions/2.6/usr/bin/ruby
CPU: 10-core 64-bit arm_firestorm_icestorm
Clang: 14.0.0 build 1400
Git: 2.40.0 => /opt/homebrew/bin/git
Curl: 7.86.0 => /usr/bin/curl
macOS: 13.2-arm64
CLT: 14.2.0.0.1.1668646533
Xcode: 14.2
Rosetta 2: false

Verification

• My "brew doctor output" says Your system is ready to brew. and am still able to reproduce my issue.
• I ran brew update and am still able to reproduce my issue.
• I have resolved all warnings from brew doctor and that did not fix my problem.

What were you trying to do (and why)?

Im trying to install via brew socket_vmnet and run the launchd service as root for use with minikube qemu driver as per socket_vmnet installation docs and minikube docs.

What happened (include all command output)?

Installing the socket_vmnet formula and starting the service with sudo brew service start as mentioned in the caveats section, creates the parent directory if missing $(brew --prefix)/var/run with wrong permission root:admin 744 instead of user:group 755. Further uninstalling doesn't make any attempt to clear up the socket/log files.

CC @AkihiroSuda

What did you expect to happen?

1. /opt/homebrew/var/run should be created as non-root. It looks like the service is creating all parent directories if they don't exist, so solution would be to to have (post)install step pre-create the parent directories as non-root

2. The Caveats should not mention to run service twice - once with and without sudo. I'm not sure why brew does that that - formula does have require_root true.

3. Uninstalling should mention to delete socket and log files too - these are left over

❯ brew uninstall socket_vmnet
Uninstalling /opt/homebrew/Cellar/socket_vmnet/1.1.1... (14 files, 120.3KB)
Error: Could not remove socket_vmnet keg! Do so manually:
  sudo rm -rf /opt/homebrew/Cellar/socket_vmnet/1.1.1
  sudo rm -f /opt/homebrew/var/run/socket_vmnet.stderr
  sudo rm -f /opt/homebrew/var/run/socket_vmnet.stdout
  sudo rm -f /opt/homebrew/var/run/socket_vmnet

Ideally I would think it would also make more sense for socket / logs to be written to own folder /opt/homebrew/var/run/socket_vmnet/ (logs could even go in /opt/homebrew/var/log/socket_vmnet/). Maybe something like dnsmasq

Step-by-step reproduction instructions (by running brew commands)

❯ brew tap homebrew/services

❯ brew services
Name      Status User File
cassandra none
unbound   none

❯ brew install socket_vmnet
==> Downloading https://formulae.brew.sh/api/formula.jws.json
######################################################################## 100.0%
==> Downloading https://formulae.brew.sh/api/cask.jws.json
######################################################################## 100.0%
==> Fetching socket_vmnet
==> Downloading https://ghcr.io/v2/homebrew/core/socket_vmnet/manifests/1.1.1
Already downloaded: /Users/<user>/Library/Caches/Homebrew/downloads/6cfb3e45cdfd0c53530171e4d356ddc202e948eaa53308426bae06b42c9a12f3--socket_vmnet-1.1.1.bottle_manifest.json
==> Downloading https://ghcr.io/v2/homebrew/core/socket_vmnet/blobs/sha256:01ab44a93ed874d4500ac8a7f8ef44252fe5ff96a2e78df35ed4c4da837b848f
Already downloaded: /Users/<user>/Library/Caches/Homebrew/downloads/6011e66a7819927fe05597cca3594e3bed115e8c9f9d9a64e3578bdd97cb6c01--socket_vmnet--1.1.1.arm64_ventura.bottle.tar.gz
==> Pouring socket_vmnet--1.1.1.arm64_ventura.bottle.tar.gz
==> Caveats
To install an optional launchd service, run the following command (sudo is necessary):
sudo brew services start socket_vmnet

socket_vmnet is keg-only, which means it was not symlinked into /opt/homebrew,
because /usr/local/bin is often writable by a non-admin user.

If you need to have socket_vmnet first in your PATH, run:
  echo 'export PATH="/opt/homebrew/opt/socket_vmnet/bin:$PATH"' >> ~/.zshrc


To start socket_vmnet now and restart at login:
  brew services start socket_vmnet
==> Summary
🍺  /opt/homebrew/Cellar/socket_vmnet/1.1.1: 14 files, 120.3KB
==> Running `brew cleanup socket_vmnet`...
Disable this behaviour by setting HOMEBREW_NO_INSTALL_CLEANUP.
Hide these hints with HOMEBREW_NO_ENV_HINTS (see `man brew`).

❯ ls -l $(brew --prefix)/var
total 0
drwxr-xr-x  3 <user>  admin   96 24 Dec 18:29 cache
drwxrwxr-x  4 <user>  admin  128  7 Oct 18:03 homebrew
drwxr-xr-x  3 <user>  admin   96 15 Feb 17:20 lib
drwxr-xr-x  2 <user>  admin   64 24 Dec 21:45 locate
drwxr-xr-x  3 <user>  admin   96 15 Feb 17:20 log

❯ sudo brew services start socket_vmnet
Password:
Warning: Taking root:admin ownership of some socket_vmnet paths:
  /opt/homebrew/Cellar/socket_vmnet/1.1.1/bin
  /opt/homebrew/Cellar/socket_vmnet/1.1.1/bin/socket_vmnet
  /opt/homebrew/opt/socket_vmnet
  /opt/homebrew/opt/socket_vmnet/bin
This will require manual removal of these paths using `sudo rm` on
brew upgrade/reinstall/uninstall.
Warning: socket_vmnet must be run as non-root to start at user login!
==> Successfully started `socket_vmnet` (label: homebrew.mxcl.socket_vmnet)

❯ ls -l $(brew --prefix)/var
total 0
drwxr-xr-x  3 <user>  admin   96 24 Dec 18:29 cache
drwxrwxr-x  4 <user>  admin  128  7 Oct 18:03 homebrew
drwxr-xr-x  3 <user>  admin   96 15 Feb 17:20 lib
drwxr-xr-x  2 <user>  admin   64 24 Dec 21:45 locate
drwxr-xr-x  3 <user>  admin   96 15 Feb 17:20 log
drwxr--r--  5 root           admin  160 15 Mar 13:46 run

❯ ls -l $(brew --prefix)/var/run
total 0
ls: fts_read: Permission denied

❯ sudo ls -l $(brew --prefix)/var/run
total 0
srwxrwx---  1 root  staff  0 15 Mar 13:46 socket_vmnet
-rw-r--r--  1 root  admin  0 15 Mar 13:46 socket_vmnet.stderr
-rw-r--r--  1 root  admin  0 15 Mar 13:46 socket_vmnet.stdout

❯ brew uninstall socket_vmnet
Uninstalling /opt/homebrew/Cellar/socket_vmnet/1.1.1... (14 files, 120.3KB)
Error: Could not remove socket_vmnet keg! Do so manually:
  sudo rm -rf /opt/homebrew/Cellar/socket_vmnet/1.1.1

[SMillerDev]

All of this is expected behaviour for services running as root as far as I can tell.

[carlocab]

Precreating the necessary directories and putting the socket and logs in dedicated directories is handled in #125725. We'll review pull requests for items 2 and 3 in your issue.