You are not logged in.

#1 2023-02-05 15:20:13

D3vil0p3r
Member
Registered: 2022-11-05
Posts: 196

[SOLVED] Run post_install() script functions as current user

Hello,
I noted that, when I install a package by "makepkg -si" by my standard user (non-root), the commands inside "package()" function seems not to be run as root but as the current user installing the package. For example, if I add "git config --global --add safe.directory /usr/share/evil-winrm" in the "package()" function of PKGBUILD, after the installation, the git variable "safe.directory" is set for the current user (indeed it can be seen by running "git config --list" instead of "sudo git config --list").

Since I need to manage also the removal of "safe.directory" git variable when the package is uninstalled, a good option could be using a $pkgname.install script. An example of it is this one related to Evil WinRM package:

post_install() {
  set -e
  cd /usr/share/evil-winrm
  rm -f Gemfile.lock
  bundle config build.nokogiri --use-system-libraries
  bundle config set --local path 'vendor/bundle'
  bundle install
  git config --global --add safe.directory /usr/share/evil-winrm
}

post_upgrade() {
  post_install "$@"
}

post_remove() {
   echo "Uninstalling Evil WinRM..."
   git config --global --unset safe.directory /usr/share/evil-winrm
}

This time, when I install the package by the current user, after the installation the "safe.directory" variable is not set to the git global variable list of the current user, but to the list of root user, because the .install script is run as root. Indeed, the variable is not shown when I run "git config -l" but only if I run "sudo config -l". In this manner, the variables specified for the root user are not applied to the current user so this change is useless for the application when it is run by the current user.

Is there a way to run the .install script on behalf of the current user instead of the root one?

Last edited by D3vil0p3r (2023-02-05 17:21:09)

Offline

#2 2023-02-05 15:53:19

Scimmia
Fellow
Registered: 2012-09-01
Posts: 12,169

Re: [SOLVED] Run post_install() script functions as current user

You can't. Packages are completely independent of the non-system users, you can't be messing with them. You have no idea what user is being used and no way of handling things like users being created later.

Online

#3 2023-02-05 16:20:15

D3vil0p3r
Member
Registered: 2022-11-05
Posts: 196

Re: [SOLVED] Run post_install() script functions as current user

Scimmia wrote:

You can't. Packages are completely independent of the non-system users, you can't be messing with them. You have no idea what user is being used and no way of handling things like users being created later.

In theory I expect that the system is not agnostic at all about the current user, because there is a calling user that is installing the package, and then, after the run of .install script, it switches to root user (maybe it works in chroot environment).

According to my last tests, I note that when it works in the .install script, one of the environment variables is $SUDO_USER that seems to be the caller of the package installation. It means that the solution could be the following:

post_install() {
  set -e
  cd /usr/share/evil-winrm
  rm -f Gemfile.lock
  bundle config build.nokogiri --use-system-libraries
  bundle config set --local path 'vendor/bundle'
  bundle install
  if ! su $SUDO_USER -c "git config --global --get safe.directory /usr/share/evil-winrm"; then
      su - $SUDO_USER -c "git config --global --add safe.directory /usr/share/evil-winrm"
  fi
}

post_upgrade() {
  post_install "$@"
}

post_remove() {
   echo "Uninstalling Evil WinRM..."
   if su $SUDO_USER -c "git config --global --get safe.directory /usr/share/evil-winrm"; then
      su $SUDO_USER -c "git config --global --unset-all safe.directory /usr/share/evil-winrm"
   fi
}

Last edited by D3vil0p3r (2023-02-05 16:20:40)

Offline

#4 2023-02-05 16:21:21

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 30,330
Website

Re: [SOLVED] Run post_install() script functions as current user

D3vil0p3r wrote:

... the commands inside "package()" function seems not to be run as root but as the current user

"seems"?  I don't know what makes it seem that way, but it isn't.  The package function is also run as root.

You can (and probably should for this use) use the post install/remove functions to print a message instructing the user what they need to do to prepare their user account for using the packaged software and / or to clean up after it's removal.

D3vil0p3r wrote:

I expect that the system is not agnostic at all about the current user, because there is a calling user that is installing the package

The user installing the package is always root. Period.

D3vil0p3r wrote:

I note that when it works in the .install script, one of the environment variables is $SUDO_USER

That would be very specific to cases of end users using sudo.  I don't even have sudo installed, nor do many others.  Even if you get that to "work" it would fail to do anything for any other users on that same system in which case you aren't really installing the software system-wide and there should be no (system) package.

Last edited by Trilby (2023-02-05 16:25:41)


"UNIX is simple and coherent" - Dennis Ritchie; "GNU's Not Unix" - Richard Stallman

Offline

#5 2023-02-05 16:35:20

D3vil0p3r
Member
Registered: 2022-11-05
Posts: 196

Re: [SOLVED] Run post_install() script functions as current user

Thank you @Trilby.

Here my impressions:

Trilby wrote:
D3vil0p3r wrote:

... the commands inside "package()" function seems not to be run as root but as the current user

"seems"?  I don't know what makes it seem that way, but it isn't.  The package function is also run as root.

Trilby wrote:
D3vil0p3r wrote:

I expect that the system is not agnostic at all about the current user, because there is a calling user that is installing the package

The user installing the package is always root. Period.

At the beginning I was thinking the same, but when I put an "echo "$USER" inside "package()", as printed output I get the current username instead of root.

Trilby wrote:

You can (and probably should for this use) use the post install/remove functions to print a message instructing the user what they need to do to prepare their user account for using the packaged software and / or to clean up after it's removal.

I agree with this approach.

Trilby wrote:
D3vil0p3r wrote:

I note that when it works in the .install script, one of the environment variables is $SUDO_USER

That would be very specific to cases of end users using sudo.  I don't even have sudo installed, nor do many others.  Even if you get that to "work" it would fail to do anything for any other users on that same system in which case you aren't really installing the software system-wide and there should be no (system) package.

I should test this case with multiple users.

Offline

#6 2023-02-05 16:39:12

Scimmia
Fellow
Registered: 2012-09-01
Posts: 12,169

Re: [SOLVED] Run post_install() script functions as current user

The package function uses fakeroot, so not really root. Doesn't really matter, though, as running that in the package function does nothing for the package, so it's useless.

Online

#7 2023-02-05 16:43:16

D3vil0p3r
Member
Registered: 2022-11-05
Posts: 196

Re: [SOLVED] Run post_install() script functions as current user

Scimmia wrote:

The package function uses fakeroot, so not really root. Doesn't really matter, though, as running that in the package function does nothing for the package, so it's useless.

It had an impact on the git variables of the current user when I run it there. Btw I decided to remove that kind of git command from there. I'm trying to act only on the ".install" file.

Offline

#8 2023-02-05 16:45:38

Scimmia
Fellow
Registered: 2012-09-01
Posts: 12,169

Re: [SOLVED] Run post_install() script functions as current user

But again, that does nothing for the package. The user building the package in many cases isn't the user that's going to run it.

Online

#9 2023-02-05 16:49:14

D3vil0p3r
Member
Registered: 2022-11-05
Posts: 196

Re: [SOLVED] Run post_install() script functions as current user

D3vil0p3r wrote:

Thank you @Trilby.

Trilby wrote:
D3vil0p3r wrote:

I note that when it works in the .install script, one of the environment variables is $SUDO_USER

That would be very specific to cases of end users using sudo.  I don't even have sudo installed, nor do many others.  Even if you get that to "work" it would fail to do anything for any other users on that same system in which case you aren't really installing the software system-wide and there should be no (system) package.

I should test this case with multiple users.

You're right, this approach is good only for specific use case because if the user1 installs evil-winrm and the specified git variables are set, the command with $SUDO_USER refers only to it. If I switch to user2 and I run evil-winrm, the git variables are still related to user1, so the specified git variables don't take effect on the user2.

So here the problem is that I don't know if git command can set global variables for all users.

Offline

#10 2023-02-05 16:59:27

Trilby
Inspector Parrot
Registered: 2011-11-29
Posts: 30,330
Website

Re: [SOLVED] Run post_install() script functions as current user

D3vil0p3r wrote:

So here the problem is that I don't know if git command can set global variables for all users.

Such settings would go in /etc/gitconfig and can be acheived with the --system flag as documented in the man page.  But still, this is not something a package should do - just provide instructions to the user on what they need to do.

Last edited by Trilby (2023-02-05 17:00:11)


"UNIX is simple and coherent" - Dennis Ritchie; "GNU's Not Unix" - Richard Stallman

Offline

#11 2023-02-05 17:05:02

D3vil0p3r
Member
Registered: 2022-11-05
Posts: 196

Re: [SOLVED] Run post_install() script functions as current user

Trilby wrote:
D3vil0p3r wrote:

So here the problem is that I don't know if git command can set global variables for all users.

Such settings would go in /etc/gitconfig and can be acheived with the --system flag as documented in the man page.  But still, this is not something a package should do - just provide instructions to the user on what they need to do.

Yes, I'm thinking I could follow that approach.

Last edited by D3vil0p3r (2023-02-05 17:11:04)

Offline

Board footer

Powered by FluxBB