Add 'allow-different-user' flag and configuration option #471#1599
Add 'allow-different-user' flag and configuration option #471#1599mgsloan merged 1 commit intocommercialhaskell:masterfrom
Conversation
|
I'd be interested in opinions on the flag name Edit: Please comment on everything else, too! ;) The flag name and message are just the things I'm feeling particularly unsure about. |
|
Yeah, I don't think Another reason is that it looks better as a stack.yaml configuration field - |
The problem with The flag I'm implementing here is only concerned with
Given that there don't seem to be so many use cases for the new flag I'm wondering whether there's even a point in making adding it to the configuration:
|
|
I guess a question is why prevent |
Can you explain how |
|
A couple I can think of: |
Ah ok, thanks! Somehow I missed To summarize the necessary changes:
Does this sound right? I should get around to this in the next 1-2 weeks. |
|
That sounds right. One other thing would be to check stackRoot's parent directory before creating it (if the stackRoot doesn't already exist), to avoid putting a new root-owned .stack in a user's home directory. |
|
Would it make sense to generally error out when |
|
Yes, I think that probably would make sense and would cover the root case as well. |
|
Misc note: For a moment, I thought it'd be tricky to get this working right with docker, since the current user is |
|
Docker didn't actually make that easy at all, the magic is all in Stack itself :) |
sjakobi
force-pushed
the
471-check-for-sudo
branch
from
fe5813d to
ac04afd
Compare
sjakobi
changed the title
|
I haven't actually done any testing with Docker yet. (I haven't actually used Docker at all yet!) What would be a typical workflow that is changed by this PR? |
There was a problem hiding this comment.
Is there anything that we can do about this? Would there be a point in splitting Stack.Constants into a part that is actually constant and a part that depends on other stack modules?
There was a problem hiding this comment.
Yes, I think such a change is probably overdue.
|
The one Docker case that I think this could effect is if you're running Stack on a different machine than the Docker Engine. When that's the case, the in-container Stack runs as root because the assumption is that however you've mounted the "client" OS's filesystem to the Docker host will take care of any user ID mapping (the common cases being boot2docker or Vagrant "synced" filesystems). This is an obscure and not officially supported corner case and I'm not really sure how best to handle it, so I'm leaning toward just requiring anyone doing this to set the flag that allows another user. |
Sounds like it would be rather difficult for me to test this. For more conventional cases with Should #1678 be fixed and Is there anything else that I need to take care of? |
There was a problem hiding this comment.
Can you please wrap up this "search parent directories till a predicate is met" into a utility in Path.IO? Another place this crops up is https://github.com/fpco/stack/blob/54fa4999905f9469c87ffefaeaddbd6bf2308c4f/src/Stack/Config.hs#L653https://github.com/fpco/stack/blob/54fa4999905f9469c87ffefaeaddbd6bf2308c4f/src/Stack/Config.hs#L653https://github.com/fpco/stack/blob/54fa4999905f9469c87ffefaeaddbd6bf2308c4f/src/Stack/Config.hs#L653
I'm thinking something with the signature findParent :: MonadIO m => (Path Abs Dir -> Maybe a) -> Path Abs Dir -> m (Maybe a)
It'd best to avoid this nubOrd / iterate pattern, because it cannot leverage laziness, and will always compute the 100 intermediate paths.
There was a problem hiding this comment.
Can you please wrap up this "search parent directories till a predicate is met" into a utility in Path.IO?
Will do. There's something wrong with your link though. Is this the spot you were referring to?
Line 674 in 0347cd1
Regarding the type, we'd need to allow monadic predicates, so that would be MonadIO m => (Path Abs Dir -> m (Maybe a)) -> Path Abs Dir -> m (Maybe a).
It'd best to avoid this nubOrd / iterate pattern, because it cannot leverage laziness, and will always compute the 100 intermediate paths.
I'm not quite sure I understand this correctly but wouldn't the following result in an infinite loop if it were true?
λ> let xs = nubOrd $ iterate succ (1 :: Int)
λ> head xs
1
λ> :sprint xs
xs = 1 : _
But terminating when we the directory is the same as the previous one, as the other implementation does, is much better anyways.
|
Hi! Sorry for letting this languish!
I don't think this is necessary.
The comment I added, and one more thing: I think #471 specifies that this check would also happen for How about having a check when loading the config, for the project .stack-work. Then, when building, within |
You're right. I'll look into this in the next few days. |
…skell#471 Users other than the owner of the ~/.stack directory are now prevented from using a stack installation in order to avoid problems with file permissions. To disable this precaution users can pass the --allow-different-user flag or use the 'allow-different-user' configuration option in their ~/.stack/config.yaml. On Windows, the new flag and configuration options have no effect.
sjakobi
force-pushed
the
471-check-for-sudo
branch
from
ac04afd to
2c2e15a
Compare
|
I think this should do the trick. I still need to do some testing, maybe even write some integration tests – this should be possible with I should adjust the commit message, too. |
There was a problem hiding this comment.
On a second look, I wonder if this couldn't cause some hard to find Windows-only bugs.
I guess we should better get the file status on Windows, too, so it will cause an exception when the file or directory doesn't exist.
|
LGTM, thanks! There's a GHC 7.8 build error, but I'll fix it. Feel free to commit tests and tweaks directly to the repo. |
Add 'allow-different-user' flag and configuration option #471
3 participants
No description provided.