search

fgrehm / vagrant-cachier

Caffeine reducer
http://fgrehm.viewdocs.io/vagrant-cachier
MIT License
1.08k stars 111 forks source link

Ownership issues of cache buckets for non-root installs #61

Closed maxlinc closed 10 years ago

maxlinc commented 10 years ago

I'm using chef-solo to setup rubies via rbenv/ruby-build. It is a system-wide install with ownership set to rbenv:rbenv instead of root:root, so that users in the rbenv can install gems.

I believe a similar issue could exist for any bucket, but rbenv provides a clear example. Here's the end result:

vagrant@ubuntu1310:~$ gem install bundler
Fetching: bundler-1.3.5.gem (100%)
ERROR:  While executing gem ... (Gem::FilePermissionError)
    You don't have write permissions for the /opt/rbenv/versions/2.0.0-p247/lib/ruby/gems/2.0.0 directory.
vagrant@ubuntu1310:~$ ls -l /opt/rbenv/versions/2.0.0-p247/lib/ruby/gems/2.0.0
total 16
drwxr-xr-x 2 rbenv rbenv 4096 Nov 28 09:24 build_info
lrwxrwxrwx 1 root  root    28 Nov 28 09:25 cache -> /tmp/vagrant-cache/gem/2.0.0
drwxr-xr-x 2 rbenv rbenv 4096 Nov 28 09:24 doc
drwxr-xr-x 5 rbenv rbenv 4096 Nov 28 09:24 gems
drwxr-xr-x 3 rbenv rbenv 4096 Nov 28 09:24 specifications

Notice that the cache directory has different ownership than all the other directories. This is true of the symlink itself, and the files under the symlink target.

Here's the chef recipe that results in this situation:

if node[:instance_role] == 'vagrant'
  node.override[:rbenv][:group_users] = ['vagrant']
end

include_recipe "rbenv::default"
include_recipe "rbenv::ruby_build"
include_recipe "rbenv::rbenv_vars"

rbenv_ruby "1.9.3-p448"
rbenv_ruby "2.0.0-p247" do
  ruby_version "2.0.0-p247"
  global true
end

Any ideas for a solution? Make ownership configurable? Detect the user/group to use based on the parent gems folder?

fgrehm commented 10 years ago

Making ownership configurable is a good idea, but that would require a change to our configs. The less intrusive would be to detect the user/group based on the parent gems folder.

Anyone up for submitting a PR? :smiley:

fgrehm commented 10 years ago

This would be a nice feature to have in place but since it haven't received much attention neither we received other reports about it I'm going to close it for now. If someone else is experiencing this issue please raise your hand!