New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
install-nix: Adding HOME checks #1554
Conversation
d8f3097
to
d2c97b4
Compare
To be honest, if the user has a non-existent or otherwise invalid |
I've made a rewrite of script at this stage. But it is in local git, I hit a PR buffer. I look at it like this: Users on some systems can not have HOME, plethora of users can have single HOME, there are a lot of occasions. If that are required conditions, they need to be checked, and installer needs to fallback/rollback. It is how I see it. Better to check for default, expected conditions, that fit 95%, and then get reports that 5% had errors, and work with them, to make it cover ->100%. This is simple checks that does need no maintenance, and I am ready to pour time and wrote them. I aim to make installer work in unknown Linux conditions. So it will work on any distribution/environment. And also work on already running servers. This is a bar I set for myself. |
One time I done secure system that created a lot of users, for every client of the company. |
@ edolstra It should ease the migration of available admins/systems to Nix. Thank you for everything. |
Please, let me unveil some I am not making 4 000+ shell script here. Thou I've could make much more portable, advanced and safe install, using But the aim here is that - sh - already installed on any even the most bare system, and compatible with itself (almost). |
So it is bad, to do requirements checks and report to the user the status before doing work on his setup? I am trying to do unattended Linux install on any distribution and setup. The more portable, polished and user friendly it will be - the bigger fame, community and project you will get. Since Nix is perfectly fitting to do portable script (it installs separate infrastructure in I just see, that you developed initial version of the script, and since than, - contribution to it was sporadic. And there is a lot can be done in regard to improve user experience and automation of install. I am trying to send a little by little pull requests to get chain of process going. |
@Anton-Latukha actually, the only thing that matters is that you can write the requisite files into $HOME. It doesn't matter where $HOME is or who owns it, just that you can write, and only when you need to do the write. So I think the only useful test is to check if $HOME is defined, and then let errors during installation just happen. |
$ mkdir /tmp/test_folder
$ chmod 0200 /tmp/test_folder
$ touch /tmp/test_folder/file
touch: cannot touch '/tmp/test_folder/file': Permission denied
$ chmod 0300 /tmp/test_folder
$ echo "Hello, I'm here!" >> /tmp/test_folder/file
$ cat /tmp/test_folder/file
Hello, I'm here!
If we allow errors just happen as script go now. Someone adds something before the line that traps error. And now we have uncontrolled side-effect. As I started in "install-nix: Full progress of Linux installation #1565". All checks go before doing any actions.
And when people would come with bugreport of esoteric case, when HOME is not owned by user, - it can be modified to also permit that legitimate but esoteric use. I can agree that last point is debatable. But, check, does HOME is folder or soft-link to folder, and folder also needing 'x' to write anything to folder - I'm solid on that. |
Ok. I close this. |
Core part: It is possible HOME can be set even by system config, but there can be no directory in reality.
I found no bugreports. But I solve error I did couple of times myself through years. And making installation robust by enabling requirement checks for the right installation process is a great idea. I try to not interfere with any functional use cases.
How HOME var can be set, but directory not exist:
Example, admin in
adduser
don't provided '-m' key.This is possible to mixup, because
usermod -d
creates HOME directories, butadduser -d
- not.echo
messages - self-explanatory of checks they do.In this same script we do:
use HOME - so it needs to exist, be directory, and be executable
create $HOME/.nix-profile - so it needs to be writable
since script is
echo "performing a single-user installation of Nix..." >&2
- we can require that HOME is user owned.in 99% read permissions also needed, but technically it is possible to operate and have a case when HOME can not have read permissions for user though (if admin not trust even user itself). HOME -wx is enough to go to known path ($HOME/.nix-profile) and it should have rwx for user, so user can operate as long, as he knows path.