Currently, Watchman requires a single stateDir that is configured at compile time. Moreover, there is no way (that I have discovered, at least) to change the location of stateDir via any sort of runtime config (like a flag or environment variable).
This makes watchman rather difficult to package - the only secure way that I can see to set up watchman for unprivileged users would be to pre-create a stateDir ahead of time by a privileged user.
There already is a well known, privately-writable-per-user location on most linux machines: $HOME. As far as I can tell, though, it is impossible to configure watchman to write to a well-known path under $HOME.
All of this makes Watchman difficult to use securely by unprivileged users - either each user must compile their own version of Watchman from scratch, setting WATCHMAN_STATE_DIR to a path they control. Or they must use a generic binary that writes to a less secure location (like /tmp -- which was removed as a default for security reasons).
Please let me know if I missed something, and there is a way to use watchman both securely and without the aid of a privileged user/package manager.
Currently, Watchman requires a single stateDir that is configured at compile time. Moreover, there is no way (that I have discovered, at least) to change the location of stateDir via any sort of runtime config (like a flag or environment variable).
This makes watchman rather difficult to package - the only secure way that I can see to set up watchman for unprivileged users would be to pre-create a stateDir ahead of time by a privileged user.
There already is a well known, privately-writable-per-user location on most linux machines: $HOME. As far as I can tell, though, it is impossible to configure watchman to write to a well-known path under $HOME.
All of this makes Watchman difficult to use securely by unprivileged users - either each user must compile their own version of Watchman from scratch, setting
WATCHMAN_STATE_DIRto a path they control. Or they must use a generic binary that writes to a less secure location (like/tmp-- which was removed as a default for security reasons).Please let me know if I missed something, and there is a way to use watchman both securely and without the aid of a privileged user/package manager.