Make default rvm1_user as a non root user

[lpaulmp]

By default rvm is installing as a root, that setup is no the most secure, because root should have just the tools/binaries that he uses no less and no more, that creates a secure environment, I see in so many cases where the user root is not accessible.

Have someone any concern about this?

[pkuczynski]

Feel free to send PR to fix this issue. RVM should not require root access...

[pvlltvk]

@lpaulmp Do you mean single user installation?

[lpaulmp]

@pkuczynski yes so instead of install by default system wide make an user installation.

[pvlltvk]

@lpaulmp I think it's resonable, cause single user installation is recommended by documentation. But what user should be choosen by default? ansible_ssh_user ?

[pvlltvk]

I've seen #116. Does that means ubuntu user should be present at system or role will be failed?

[lpaulmp]

@pkuczynski For ansible_ssh_user is a valid parameter for ansible up to 1.9. In the other hand with at least ansible in the latest versions the inventory parameters are not able to include in the defaults vars, getting this error The error was: {{ ansible_user }}: 'ansible_user' is undefined". I got the same error using {{ remote_user }}.

[pkuczynski]

How about ansible_user_id?

[allomov]

I've just met this issue. I was surprised that you need to use root user to manage rvm directory, it was the only way to run the playbook with Ansible 2 for me.

[pkuczynski]

We actually do not need root user.

[lpaulmp]

I tested with diferentes ansible vars in the defaults file and it does read from there.

[thbar]

I'm a newcomer to rvm1-ansible (but not to RVM itself). I've been attracted here by the fact that it was mentioned as the "official" ansible package. Since the single-user is always recommended I tried to do that and it wasn't as easy as I'd thought, so I documented exactly what I had to do:

In my variables:

rvm1_user: "{{ application_user }}"
rvm1_install_flags: '--auto-dotfiles --user-install'
rvm1_install_path: '/home/{{ application_user }}/.rvm'
# avoids the need for root, see http://stackoverflow.com/a/18285986/20302
rvm1_ruby_install_flags: --autolibs=read-fail
rvm1_autolib_mode: read-fail

The autolib mode "read-fail" helps providing a slightly clearer error message. I had to debug quite a bit of time to figure out why I got an error without that.

Having read-fail means I can get a better output with what needs to be installed, which I install via the sudoer ansible user (my application user isn't sudoer), so for Ubuntu Xenial this gives:

- name: Install RVM autolibs manually
  action: apt pkg={{item}} state=installed update_cache=true
  become: yes
  with_items:
    - autoconf
    - automake
    - libyaml-dev
    - libsqlite3-dev
    - sqlite3
    - bison
    - pkg-config
    - libgmp-dev
    - libgdbm-dev
    - libncurses5-dev
    - libtool
    - libffi-dev

Just providing hopefully useful feedback, in hope we can smooth out the edges for other newcomers later.

EDIT: my application user is also using "bash" as shell rather than "sh", but no idea if this makes a difference or not.

[lpaulmp]

@thbar which version of the galaxy are you using?

FYI: I just opened a PR to update the readme https://github.com/rvm/rvm1-ansible/pull/119 to solve this kind of issues.

[thbar]

@lpaulmp I struggled a bit to figure out which version it was, since it was installed without my requirements.yml, but ultimately saw that there is a meta/.galaxy_install_info with the information. It was version v1.3.8. I see that a new v1.3.9 is out and will try again with this.

Re: #119, will add a note on "multi-single-users" installs.

[lpaulmp]

@thbar Did you have problems to use the galaxy? Otherwise I'll close this issue.

[lpaulmp]

I'm closing this issue since was already addressed.

[jogaco]

@thbar it should not be necessary to specify the dependencies manually as rvm should handle that. Check #127 for a cleaner solution IMO