10000 fix(si): support self update through symbolic links on macOS by fnichol · Pull Request #2689 · systeminit/si · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

fix(si): support self update through symbolic links on macOS #2689

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 23, 2023
Merged

fix(si): support self update through symbolic links on macOS #2689

merged 1 commit into from
Aug 23, 2023

Conversation

fnichol
Copy link
Contributor
@fnichol fnichol commented Aug 23, 2023

When the launcher (i.e. the si program) is installed from a non-root user and when they don't have either $HOME/.local/bin or $HOME/bin currently in their $PATH, the launcher is installed to $HOME/.si/bin/si and a symlink is created at /usr/local/bin/si with a sudo call (that is, the root user owns the symlink as it is a system directory).

Prior to this change, when a self update was attempted (via calling si update --self) under the scenario above, the new binary would attempt to write itself to a temp file under the *symlink*'s parent directory of /usr/local/bin`. This would cause an permissions error that looks like:

Downloading new binary
Replacing '/usr/local/bin/si' with new binary
Error:
   0: io: Permission denied (os error 13) at path "/usr/local/bin/.si.__temp__6DqCUt"
   1: Permission denied (os error 13) at path "/usr/local/bin/.si.__temp__6DqCUt"

Location:
   <unknown>

Backtrace omitted. Run with RUST_BACKTRACE=1 environment variable to display it.
Run with RUST_BACKTRACE=full to include source snippets.

Additionally, if the non-root user happened to have write permission on /usr/local/bin, then the new binary would overwrite the symlink and install itself to /usr/local/bin/si, thus eliminating the symlink.

The detection of a symlink and its resolution by calling std::fs::read_link is provided via a fix in the upstream self-replace crate.

References: mitsuhiko/self-replace#18

@fnichol
fix(si): support self update through symbolic links on macOS
b19d6f1 
When the launcher (i.e. the `si` program) is installed from a non-root
user and when they don't have either `$HOME/.local/bin` or `$HOME/bin`
currently in their `$PATH`, the launcher is installed to
`$HOME/.si/bin/si` and a symlink is created at `/usr/local/bin/si` with
a sudo call (that is, the root user owns the symlink as it is a system
directory).

Prior to this change, when a self update was attempted (via calling `si
update --self) under the scenario above, the new binary would attempt to
write itself to a temp file under the *symlink*'s  parent directory of
`/usr/local/bin`. This would cause an permissions error that looks like:

```
Downloading new binary
Replacing '/usr/local/bin/si' with new binary
Error:
   0: io: Permission denied (os error 13) at path "/usr/local/bin/.si.__temp__6DqCUt"
   1: Permission denied (os error 13) at path "/usr/local/bin/.si.__temp__6DqCUt"

Location:
   <unknown>

Backtrace omitted. Run with RUST_BACKTRACE=1 environment variable to display it.
Run with RUST_BACKTRACE=full to include source snippets.
```

Additionally, if the non-root user happened to have write permission on
`/usr/local/bin`, then the new binary would overwrite the symlink and
install itself to `/usr/local/bin/si`, thus eliminating the symlink.

The detection of a symlink and its resolution by calling
`std::fs::read_link` is provided via a fix in the upstream
[self-replace](https://crates.io/crates/self-replace) crate.

References: mitsuhiko/self-replace#18

Signed-off-by: Fletcher Nichol <fletcher@systeminit.com>
@fnichol
Copy link
Contributor Author
fnichol commented Aug 23, 2023

I made sure to test this out on macOS by building the binary and getting the path to it with buck2 build bin/si --show-output, then making a symlink to it owned by root (i.e. chown 0:0) in a directory owned by root (so my user wouldn't be able to write the tempfile in the symlink's parent directory). That's how I was able to reproduce the error message in the commit before making the code change.

@fnichol
Copy link
Contributor Author
fnichol commented Aug 23, 2023

bors merge

@si-bors-ng
8000
Copy link
Contributor
si-bors-ng bot commented Aug 23, 2023

Build succeeded:

@si-bors-ng si-bors-ng bot merged commit 5738254 into main Aug 23, 2023
@si-bors-ng si-bors-ng bot deleted the fnichol/cli-update-through-symlink-on-macos branch August 23, 2023 22:55
@fnichol
Copy link
Contributor Author
fnichol commented Aug 23, 2023

I'll add that for anyone affected by this issue, you'll want to re-run the shell download script with:

curl -sSfL https://auth.systeminit.com/install.sh | sh

Or re-downloading a new release from the download page.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
A-buck2-resources A-bytes-lines-codec A-config-file A-council A-cyclone Area: Function execution engine [Rust] A-dal A-dal-test A-deadpool-cyclone Area: Pooling support for Cyclone instances [Rust] A-module-index A-nats-subscriber A-object-tree A-pinga A-sdf Area: Primary backend API service [Rust] A-si A-si-data-nats A-si-data-pg A-si-pkg A-si-posthog-rs A-si-settings Area: Backend service settings management [Rust] A-si-std A-si-test-macros A-telemetry-application-rs A-telemetry-rs A-veritech Area: Task execution backend service [Rust]
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@fnichol
0