aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSamruddhi Khandale <skhandale@microsoft.com>2022-06-13 23:30:57 +0300
committerGitHub <noreply@github.com>2022-06-13 23:30:57 +0300
commitfa07406f4dccd482284cb9d8dbaca6533116dab8 (patch)
tree438c8fd7b17b3d69ecede41ea0bdea99fe0e4eea
parent19fd66af965b22f57fd59a0ba31136146b9542d1 (diff)
add missing user groups to fix permission issues for non root user (#45)
* add missing user groups * fix username * move chmod: anaconda
-rw-r--r--src/anaconda/install.sh15
-rw-r--r--src/dotnet/install.sh9
-rw-r--r--src/hugo/install.sh9
-rw-r--r--src/oryx/devcontainer-feature.json3
-rwxr-xr-xsrc/oryx/install.sh17
-rw-r--r--src/php/install.sh11
-rwxr-xr-xsrc/python/install.sh13
-rw-r--r--src/ruby/install.sh9
8 files changed, 74 insertions, 12 deletions
diff --git a/src/anaconda/install.sh b/src/anaconda/install.sh
index 272ba73..c9661d3 100644
--- a/src/anaconda/install.sh
+++ b/src/anaconda/install.sh
@@ -9,7 +9,6 @@
VERSION=${VERSION:-"latest"}
-
USERNAME=${USERNAME:-"automatic"}
UPDATE_RC=${UPDATE_RC:-"true"}
CONDA_DIR=${CONDA_DIR:-"/usr/local/conda"}
@@ -32,8 +31,8 @@ if [ "${USERNAME}" = "auto" ] || [ "${USERNAME}" = "automatic" ]; then
USERNAME=""
POSSIBLE_USERS=("vscode" "node" "codespace" "$(awk -v val=1000 -F ":" '$3==val{print $1}' /etc/passwd)")
for CURRENT_USER in "${POSSIBLE_USERS[@]}"; do
- if id -u ${CURRENT_USER} > /dev/null 2>&1; then
- USERNAME=${CURRENT_USER}
+ if id -u "${CURRENT_USER}" > /dev/null 2>&1; then
+ USERNAME="${CURRENT_USER}"
break
fi
done
@@ -72,11 +71,19 @@ check_packages() {
# Install Conda if it's missing
if ! conda --version &> /dev/null ; then
+ if ! cat /etc/group | grep -e "^conda:" > /dev/null 2>&1; then
+ groupadd -r conda
+ fi
+ usermod -a -G conda "${USERNAME}"
+
# Install dependencies
check_packages wget ca-certificates
mkdir -p $CONDA_DIR
- chown ${USERNAME}:root $CONDA_DIR
+ chown -R :conda "${CONDA_DIR}"
+ chmod -R g+r+w "${CONDA_DIR}"
+
+ find "${CONDA_DIR}" -type d | xargs -n 1 chmod g+s
echo "Installing Anaconda..."
CONDA_VERSION=$VERSION
diff --git a/src/dotnet/install.sh b/src/dotnet/install.sh
index 0a147bc..9484bbe 100644
--- a/src/dotnet/install.sh
+++ b/src/dotnet/install.sh
@@ -412,7 +412,16 @@ else
echo "Could not install dotnet from apt. Attempting to install dotnet from releases url"
fi
+ if ! cat /etc/group | grep -e "^dotnet:" > /dev/null 2>&1; then
+ groupadd -r dotnet
+ fi
+ usermod -a -G dotnet "${USERNAME}"
+
install_using_dotnet_releases_url "${DOTNET_SDK_OR_RUNTIME}"
+
+ chown -R :dotnet "${TARGET_DOTNET_ROOT}"
+ chmod -R g+r+w "${TARGET_DOTNET_ROOT}"
+ find "${TARGET_DOTNET_ROOT}" -type d | xargs -n 1 chmod g+s
fi
echo "Done!" \ No newline at end of file
diff --git a/src/hugo/install.sh b/src/hugo/install.sh
index 9e25aeb..11b2d6c 100644
--- a/src/hugo/install.sh
+++ b/src/hugo/install.sh
@@ -90,6 +90,11 @@ fi
# Install Hugo if it's missing
if ! hugo version &> /dev/null ; then
+ if ! cat /etc/group | grep -e "^hugo:" > /dev/null 2>&1; then
+ groupadd -r hugo
+ fi
+ usermod -a -G hugo "${USERNAME}"
+
echo "Installing Hugo..."
installation_dir="$HUGO_DIR/bin"
mkdir -p "$installation_dir"
@@ -108,6 +113,10 @@ if ! hugo version &> /dev/null ; then
rm "$hugo_filename"
updaterc "export HUGO_DIR=${installation_dir}"
+
+ chown -R :hugo "${HUGO_DIR}"
+ chmod -R g+r+w "${HUGO_DIR}"
+ find "${HUGO_DIR}" -type d | xargs -n 1 chmod g+s
fi
echo "Done!"
diff --git a/src/oryx/devcontainer-feature.json b/src/oryx/devcontainer-feature.json
index f42e9ce..5c3be58 100644
--- a/src/oryx/devcontainer-feature.json
+++ b/src/oryx/devcontainer-feature.json
@@ -4,7 +4,8 @@
"containerEnv": {
"ORYX_SDK_STORAGE_BASE_URL": "https://oryx-cdn.microsoft.io",
"ENABLE_DYNAMIC_INSTALL": "true",
- "DYNAMIC_INSTALL_ROOT_DIR": "/tmp/oryx-platforms",
+ "DYNAMIC_INSTALL_ROOT_DIR": "/usr/local/oryx-platforms",
+ "ORYX_PREFER_USER_INSTALLED_SDKS": "true",
"ORYX_DIR": "/usr/local/oryx",
"PATH": "${ORYX_DIR}:${PATH}"
},
diff --git a/src/oryx/install.sh b/src/oryx/install.sh
index c0e04d2..5eeaf18 100755
--- a/src/oryx/install.sh
+++ b/src/oryx/install.sh
@@ -86,6 +86,11 @@ check_packages git sudo wget ca-certificates
if ! oryx --version > /dev/null ; then
echo "Installing Oryx..."
+ if ! cat /etc/group | grep -e "^oryx:" > /dev/null 2>&1; then
+ groupadd -r oryx
+ fi
+ usermod -a -G oryx "${USERNAME}"
+
# Install dotnet unless available
if ! dotnet --version > /dev/null ; then
echo "'dotnet' was not detected. Attempting to install the latest version of the dotnet sdk to build oryx."
@@ -104,7 +109,6 @@ if ! oryx --version > /dev/null ; then
mkdir -p ${BUILD_SCRIPT_GENERATOR}
mkdir -p ${ORYX}
- chown -R ${USERNAME} ${BUILD_SCRIPT_GENERATOR} ${ORYX}
git clone --depth=1 https://github.com/microsoft/Oryx $GIT_ORYX
$GIT_ORYX/build/buildSln.sh
@@ -118,11 +122,16 @@ if ! oryx --version > /dev/null ; then
ln -s ${BUILD_SCRIPT_GENERATOR}/GenerateBuildScript ${ORYX}/oryx
cp -f $GIT_ORYX/images/build/benv.sh ${ORYX}/benv
- ORYX_INSTALL_DIR="/tmp/oryx-platforms"
+ ORYX_INSTALL_DIR="/usr/local/oryx-platforms"
mkdir -p "${ORYX_INSTALL_DIR}"
- chown -R ${USERNAME} "${ORYX_INSTALL_DIR}"
- updaterc "export ORYX_SDK_STORAGE_BASE_URL=https://oryx-cdn.microsoft.io && export ENABLE_DYNAMIC_INSTALL=true && DYNAMIC_INSTALL_ROOT_DIR=$ORYX_INSTALL_DIR"
+ updaterc "export ORYX_SDK_STORAGE_BASE_URL=https://oryx-cdn.microsoft.io && export ENABLE_DYNAMIC_INSTALL=true && DYNAMIC_INSTALL_ROOT_DIR=$ORYX_INSTALL_DIR && ORYX_PREFER_USER_INSTALLED_SDKS=true"
+
+ chown -R :oryx "${ORYX_INSTALL_DIR}" "${BUILD_SCRIPT_GENERATOR}" "${ORYX}"
+ chmod -R g+r+w "${ORYX_INSTALL_DIR}" "${BUILD_SCRIPT_GENERATOR}" "${ORYX}"
+ find "${ORYX_INSTALL_DIR}" -type d | xargs -n 1 chmod g+s
+ find "${BUILD_SCRIPT_GENERATOR}" -type d | xargs -n 1 chmod g+s
+ find "${ORYX}" -type d | xargs -n 1 chmod g+s
fi
echo "Done!"
diff --git a/src/php/install.sh b/src/php/install.sh
index 6956292..847f50f 100644
--- a/src/php/install.sh
+++ b/src/php/install.sh
@@ -40,7 +40,7 @@ if [ "${USERNAME}" = "auto" ] || [ "${USERNAME}" = "automatic" ]; then
fi
done
if [ "${USERNAME}" = "" ]; then
- USERNAME=vscode
+ USERNAME=root
fi
elif [ "${USERNAME}" = "none" ]; then
USERNAME=root
@@ -122,6 +122,11 @@ if [ -d "${PHP_INSTALL_DIR}" ]; then
exit 1
fi
+if ! cat /etc/group | grep -e "^php:" > /dev/null 2>&1; then
+ groupadd -r php
+fi
+usermod -a -G php "${USERNAME}"
+
PHP_URL="https://www.php.net/distributions/php-${VERSION}.tar.gz"
PHP_INI_DIR="${PHP_INSTALL_DIR}/ini"
@@ -192,4 +197,8 @@ rm -rf ${PHP_SRC_DIR}
updaterc "if [[ \"\${PATH}\" != *\"${CURRENT_DIR}\"* ]]; then export PATH=${CURRENT_DIR}/bin:\${PATH}; fi"
+chown -R :php "${PHP_DIR}"
+chmod -R g+r+w "${PHP_DIR}"
+find "${PHP_DIR}" -type d | xargs -n 1 chmod g+s
+
echo "Done!"
diff --git a/src/python/install.sh b/src/python/install.sh
index c976671..5bc3a18 100755
--- a/src/python/install.sh
+++ b/src/python/install.sh
@@ -341,6 +341,11 @@ check_packages curl ca-certificates gnupg2 tar make gcc libssl-dev zlib1g-dev li
# Install Python from source if needed
if [ "${PYTHON_VERSION}" != "none" ]; then
+ if ! cat /etc/group | grep -e "^python:" > /dev/null 2>&1; then
+ groupadd -r python
+ fi
+ usermod -a -G python "${USERNAME}"
+
CURRENT_PATH="${PYTHON_INSTALL_PATH}/current"
# If the os-provided versions are "good enough", detect that and bail out.
if [ ${PYTHON_VERSION} = "os-provided" ] || [ ${PYTHON_VERSION} = "system" ]; then
@@ -357,6 +362,10 @@ if [ "${PYTHON_VERSION}" != "none" ]; then
fi
updaterc "if [[ \"\${PATH}\" != *\"${CURRENT_PATH}/bin\"* ]]; then export PATH=${CURRENT_PATH}/bin:\${PATH}; fi"
+
+ chown -R :python "${PYTHON_INSTALL_PATH}"
+ chmod -R g+r+w "${PYTHON_INSTALL_PATH}"
+ find "${PYTHON_INSTALL_PATH}" -type d | xargs -n 1 chmod g+s
fi
# Install Python tools if needed
@@ -403,6 +412,10 @@ if [ "${INSTALL_PYTHON_TOOLS}" = "true" ]; then
updaterc "export PIPX_HOME=\"${PIPX_HOME}\""
updaterc "export PIPX_BIN_DIR=\"${PIPX_BIN_DIR}\""
updaterc "if [[ \"\${PATH}\" != *\"\${PIPX_BIN_DIR}\"* ]]; then export PATH=\"\${PATH}:\${PIPX_BIN_DIR}\"; fi"
+
+ chown -R :python "${PIPX_HOME}"
+ chmod -R g+r+w "${PIPX_HOME}"
+ find "${PIPX_HOME}" -type d | xargs -n 1 chmod g+s
fi
# Install JupyterLab if needed
diff --git a/src/ruby/install.sh b/src/ruby/install.sh
index e68197a..ade545c 100644
--- a/src/ruby/install.sh
+++ b/src/ruby/install.sh
@@ -270,8 +270,6 @@ if [ "${SKIP_RBENV_RBUILD}" != "true" ]; then
if [ "${USERNAME}" != "root" ]; then
mkdir -p /home/${USERNAME}/.rbenv/plugins
- sudo chown -R ${USERNAME} /home/${USERNAME}/.rbenv
- sudo chown -R ${USERNAME} /usr/local/rvm/
if [[ ! -d "/home/${USERNAME}/.rbenv/plugins/ruby-build" ]]; then
ln -s /usr/local/share/ruby-build /home/${USERNAME}/.rbenv/plugins/ruby-build
@@ -279,9 +277,16 @@ if [ "${SKIP_RBENV_RBUILD}" != "true" ]; then
ln -s /usr/local/rvm/rubies/default/bin/ruby /usr/local/rvm/gems/default/bin
+ chown -R :rvm "/home/${USERNAME}/.rbenv"
+ chmod -R g+r+w "/home/${USERNAME}/.rbenv"
+ find "/home/${USERNAME}/.rbenv" -type d | xargs -n 1 chmod g+s
fi
fi
+chown -R :rvm "/usr/local/rvm"
+chmod -R g+r+w "/usr/local/rvm"
+find "/usr/local/rvm" -type d | xargs -n 1 chmod g+s
+
# Clean up
rvm cleanup all
${ROOT_GEM} cleanup