[bug#57016] [PATCH] scripts: Bail out when running pull/package commands as root.

[Tobias Geerinckx-Rice]

Hi (,

"( via Guix-patches" via 写道：
> A pretty common beginner mistake, it seems, is assuming that 
> since
> every other package manager you've used requires root for 
> installing,
> removing, and upgrading packages, Guix must too.
>
> This is an especially dangerous assumption when applied to `guix 
> pull`,

Running ‘guix pull’ as root is fine.  There was danger in running 
‘sudo guix pull’ (with Guix System defaulting to ‘sudo -E’), but 
that was addressed in 7c52cad0464175370c44bd4695e4c01a62b8268f. 
If it doesn't trigger reliably, let's fix that.

Running ‘guix package’ and ‘guix upgrade’ as root is also fine. 
If improper use of sudo/doas/… is the real issue, address *that*, 
not this loose proxy.

Ludo' factored out some of the bits in 
9be470b5d2bab7ad2048c95815fee2916d45f4ad.  It could make sense to 
factor it out further to check, e.g., whether the effective UID 
matches that of the profile's parent directory.  Why should 
OpenBSD packages get to hoard all the pedantic ownership checks?

> since I seem to recall

A good trigger to go investigate; not sufficient to (wrongly) 
imply ‘root bad’ and throw fatal errors at perfectly legitimate 
use(r)s.

Conversely, if we reliably detect and report the true issue, 
there's no need for ‘--allow-root’, which by the logic of this 
patch would knowingly break things.  We do not provide such 
options.

Huge NAK on v2 I'm afraid, but looking forward to your thoughts,

T G-R

signature.asc
Description: PGP signature