mrclary
commented
10 months ago
- Add a
post-link.shscript to themenuinstv2 package to add the.nonadminfile to$CONDA_ROOTin Unix systems. The logic would be something like "if it's not there, try to add it; if we could do it, it was a nonadmin install; if we failed, that's ok, it was an admin install".
Does any other package use .nonadmin? Or does constructor add this for the sole benefit of menuinst?
- Change how we approach the "superuser permissions needed" on Unix systems. Maybe we can ignore the
.nonadminfile and instead check whether theCONDA_ROOTpath is in a system-wide location (/opt,/usr/local...), outside of the current user home (~/), while handling if we are sudo already or not. This might have a few rough edges though; e.g. what if the user installed to a non-standard location like/my-stuff/conda. Is that user-only? All users? Maybe it's world writable but, does that mean that the shortcuts I am processing should be available to all users?
Maybe we consider two possible solutions:
- Provide user input to
menuinstspecifying user|all user treatment. This would allow users to dictate behavior under in any situation. - Put
.nonadminin the package environment, not necessarily the root environment. This seems more natural to me anyway, since shortcuts are created for a package in a particular environment. This could address circumstances where root environments are "all users" and user environments are not.
marcoesters
jaimergp
The context:
menuinstv1 has some super user permissions elevation logic to enable the creation of shortcut items in the Start Menu for "All Users" installations.menuinstanticipates whether it needs superuser permissions or not is by checking the presence of a.nonadminfile in the root conda installation (aka%PREFIX%\.nonadmin). The presence of the file dictates that no extra permisions are needed. The absence means superuser was needed at installation time..nonadmindoesn't exist in Linux or macOS, even if no special permissions were needed to installconda.The problem:
menuinstv2 extends shortcut creation to all platforms, Linux and macOS included..nonadminfile even if no special permissions were needed.menuinstbelieve that, since.nonadminis absent, it indeed NEEDS superuser permissions, and will requestsudopowers, when it doesn't technically need them.Possible solutions:
post-link.shscript to themenuinstv2 package to add the.nonadminfile to$CONDA_ROOTin Unix systems. The logic would be something like "if it's not there, try to add it; if we could do it, it was a nonadmin install; if we failed, that's ok, it was an admin install"..nonadminfile and instead check whether theCONDA_ROOTpath is in a system-wide location (/opt,/usr/local...), outside of the current user home (~/), while handling if we are sudo already or not. This might have a few rough edges though; e.g. what if the user installed to a non-standard location like/my-stuff/conda. Is that user-only? All users? Maybe it's world writable but, does that mean that the shortcuts I am processing should be available to all users?I feel we need to rethink how this is approached outside Windows, specially because HPC users will probably run Linux and in those setups you can find system-wide conda installations with per-user environments that should NOT ask for superuser permissions to process their own shortcuts.
Maybe it's all way simpler: if the installation is running with superuser permissions already, then install to an "All users" location. If it's not, we'll install to current user directories. But we should not depend on the state of the
$CONDA_ROOTfolder.Thoughts? Tagging a few folks that have shown interest in the project or the superuser elevation issue before: @aganders3 @mrclary @marcoesters. Thanks!