Skip to content

.NET stack temporary folder cannot be accessed after running under sudo #20195

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wli3 opened this issue Aug 26, 2021 · 0 comments
Closed

.NET stack temporary folder cannot be accessed after running under sudo #20195

wli3 opened this issue Aug 26, 2021 · 0 comments
Labels
Area-NetSDK untriaged Request triage from a team member

Comments

@wli3
Copy link

wli3 commented Aug 26, 2021

Issues like
#19823
#19523

.NET stack creates many temporary folder as part of the command execution. In many cases, if the command is running under sudo, the temp directory will be shared with the non-sudo user. If files or folders are shared between sudo and non sudo command. And if the command is first run under sudo, the folder would be default set to ROOT user access only. So then next command run without sudo will not be able to access.

Most of these temporary folder use $HOME as base, while sudo on mac does not change $HOME when run under sudo. https://unix.stackexchange.com/a/91572

Temp folder potentially have the issues:

runtime

  • dotnet folder under Path.GetTempPath() (Path.GetTempPath() would be changed to /tmp/ vs user dir under sudo. So that is currently fine)

sdk

  • .dotnet folder under $HOME
  • sdk-advertising-temp under Path.GetTempPath()

nuget

template engine

  • .templateengine folder under $HOME

short term solution

While we have this behavior since 1.0. There are not many scenarios require .NET run under sudo. This issue become significate when we integrate with mac installer for workload install. It need to be run under sudo. We decided to override $HOME directory to /tmp/dotnet_sudo_home/ when we detect the command is running under sudo. And therefor "simulate" the behavior sudo -i. So sudo vs non sudo command won't share the same directory

long term solution

Not fully discussed. One direction is to have an file system abstraction across the stack.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Area-NetSDK untriaged Request triage from a team member
Projects
None yet
Development

No branches or pull requests

2 participants