First run experience always runs with `sudo`

[richlander]

This is my experience (on macOS). Same thing happens every time I call it.

$ sudo dotnet workload restore 

Welcome to .NET 8.0!
---------------------
SDK Version: 8.0.100-preview.4.23260.5

Telemetry
---------
The .NET tools collect usage data in order to help us improve your experience. It is collected by Microsoft and shared with the community. You can opt-out of telemetry by setting the DOTNET_CLI_TELEMETRY_OPTOUT environment variable to '1' or 'true' using your favorite shell.

Read more about .NET CLI Tools telemetry: https://aka.ms/dotnet-cli-telemetry

----------------
Installed an ASP.NET Core HTTPS development certificate.
To trust the certificate run 'dotnet dev-certs https --trust' (Windows and macOS only).
Learn about HTTPS: https://aka.ms/dotnet-https
----------------
Write your first app: https://aka.ms/dotnet-hello-world
Find out what's new: https://aka.ms/dotnet-whats-new
Explore documentation: https://aka.ms/dotnet-docs
Report issues and find source on GitHub: https://github.com/dotnet/core
Use 'dotnet --help' to see available commands or visit: https://aka.ms/dotnet-cli
--------------------------------------------------------------------------------------
Installing workloads: 

Skipping NuGet package signature verification.
Skipping NuGet package signature verification.
Skipping NuGet package signature verification.
Garbage collecting for SDK feature band(s) 8.0.100-preview.3...

Successfully installed workload(s) .

[tmds]

I was recently looking at another issue and then learned that under sudo the SDK can fake a temporary HOME directory. Because it's a new directory each time, you get the first time experience each time again.

This is the code responsible:

https://github.com/dotnet/sdk/blob/4e8e433c00d3cb07ba67a300c40af66a82ec36bb/src/Cli/dotnet/SudoEnvironmentDirectoryOverride.cs#L23-L43

I have not looked further into why this happens, or how it could be improved.

[richlander]

Perhaps just skip all the first-run stuff and everything associated with it when running under sudo altogether?

[marcpopMSFT]

I don't think we can skip the first run experience altogether when running under sudo as there are important notes about telemetry that we want to show customers. We could potentially write out the sentinel file for the first run to a common location when run under sudo and that might not run afoul of the prior security issues we had (which required moving this to a random folder).

Let's see if there is an option for that.

[nagilson]

Yes, this is probably fallout from an MSRC fix I made last year. I think we could re-introduce the sentinel file in a public location without additional security risk as long as we only check for the file existence, and it's minimal work, so we could fix this.

[richlander]

FYI: Benchmarkdotnet requires sudo for the best experience.

With dotnet run -c Release, you will see:

Failed to set up high priority. Make sure you have the right permissions. Message: Permission denied

If you use sudo then your test run gets high priority.

[LeaveNhA]

FYI: Benchmarkdotnet requires sudo for the best experience.

With dotnet run -c Release, you will see:

Failed to set up high priority. Make sure you have the right permissions. Message: Permission denied

If you use sudo then your test run gets high priority.

What if I don't wanna give it a permission?

[richlander]

You don't have to. If you try it you'll see that it is optional. I learned later that some people don't bother with that and so I stopped as well. Also, that's about benchmarkdotnet so out of scope for the conversation.

I propose that we disable telemetry and all the sentinel stuff when running under sudo. If it all gets re-written every time, what's the value anyway?