Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add documentation to cover cloning with sudo #263

Closed
soulofmischief opened this issue Jun 6, 2019 · 3 comments
Closed

Add documentation to cover cloning with sudo #263

soulofmischief opened this issue Jun 6, 2019 · 3 comments

Comments

@soulofmischief
Copy link
Contributor

Hi,

When cloning / manipulating repos that have files in protected directories, sudo is required.

However, the environment must be preserved or vcsh will add configuration files into /root.

I figure we can save someone some potential future grief by mentioning the need for sudo -E in such cases.

Not sure what part of the docs you would want to stick that into so I haven't done a PR yet.
@GeneZharov
Copy link

GeneZharov commented Jul 13, 2019
edited
Loading

@soulofmischief Can you please share the commands/configuration that you use to work with files outside of $HOME? How can I work with files inside /etc, /usr/share, /usr/local?

@soulofmischief
Copy link
Contributor Author

@GeneZharov my available.d/<repo>.vcsh's checkout command sets the environment variable VCSH_BASE to the appropriate directory (/, /usr/local, etc)

When I run mr up, repos which require elevated priviliges fail, then I run sudo -E mr up to catch those.

It's inelegant and I worry about bugs hiding in the shadows. Perhaps the answer lies with overriding the config location when calling mr so that privileged repos aren't handled at all with mr up and sudo -E mr up only handles those privileged repos.

@alerque
Copy link
Collaborator

alerque commented Apr 2, 2021

I think this is effectively a duplicate of #110. I know it doesn't sound to similar but here is my reasoning:

  • Anything in $HOME should be owned by the user. Anything that isn't should be a special case and the user should understand what they are doing. Running sudo vcsh is simply not a supported or suggested workflow at this point, so there isn't a logical place to document it.

  • Any proper treatment of tracking directories outside of $HOME will inevitably need to address this properly. I imagine some kind of ownership check between the effective user and the repo directory with an error if they don't match will be in order.

By the way your mr up; sudo -E mr up is bound to eventually create problems in a race condition where something happened between the two invocations or the first one died with unfinished work for unrelated reasons and the second one writes a bunch of stuff to your home directory as root. I suggest you don't do that. As a temporary hack you should probably add a different set up commands to myrepos for handling root-owned vcsh repos that run sudo -E vcsh all the time for mr actions taken on those repos rather than ever running mr as root.

@alerque alerque closed this as completed Apr 2, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@alerque @GeneZharov @soulofmischief