various small fixes #1151
various small fixes #1151
Conversation
|
In tests I discovered that the systray app is not appropriate to run as root on linux and does not function as intended. It possibly could but it cannot directly launch the browser as root. I have disabled systray if the root user is detected on macOS or linux. privilege elevation for the vpn client / server is still yet to be addressed. |
we need to set andi think we should provide a |
|
One small change is needed for skywire windows. In windows |
… are not found at path specified in config during config gen with small exceptions
… are not found at path specified in config during config gen with small exceptions
|
On the systray app I changed the behavior from being disabled as root to only hiding the buttons that launch the browser when the process is run as root. on the config gen @ersonp I changed it to detect if the applications are at the bin path, and if not they are added to the list of apps to disabled exceptions to this behavior are in two instances;
most of the other stuff mentioned has been cleaned up |
… as root to non root-owned path and fail before attempted non-root write to root-owned path for skywire-cli config gen and skywire-visor
… as root to non root-owned path and fail before attempted non-root write to root-owned path for skywire-cli config gen and skywire-visor
|
I've prevented writing to non-root owned path as root and vice versa. With skywire-cli config gen and with skywire-visor @ersonp I had to revert the At issue is flags.Changed not working right.. my workaround was to have the output be actually unset and set the value after it's detected that it contains an empty string, as well as to record that it was unset into a boolean to be used for overriding the output of the I was otherwise unable to get the Tomorrow I need to add a flag which will generate one default config at a set location in the user space, which references the users.db and local folder along the same path as the config. |
|
Can we just limit the scope of this PR to flags and reading from STDIN because the changes with the path is not actually solving the problem but just shifting it. I think it would be better if we fixed it via the read and write functions of all the files in the |
…ging more descriptive around these errors. Add dtection of unpublised changes since commit in logging
|
@ersonp I've changed it to warn about writing with elevated permissions here:
I want to maintain the failure in the reverse instance as not failing means it runs but doesn't work, and just repeats "waiting for RPC get ready"
|
| @@ -261,6 +335,32 @@ var genConfigCmd = &cobra.Command{ | |||
| } | |||
| //don't write file with stdout | |||
| if !stdout { | |||
| thisUser, err := user.Current() | |||
There was a problem hiding this comment.
Something like userLvl or owner etc sounds better.
| @@ -261,6 +335,32 @@ var genConfigCmd = &cobra.Command{ | |||
| } | |||
| //don't write file with stdout | |||
| if !stdout { | |||
| thisUser, err := user.Current() | |||
There was a problem hiding this comment.
Something like userLvl or owner etc sounds better.
| @@ -261,6 +335,32 @@ var genConfigCmd = &cobra.Command{ | |||
| } | |||
| //don't write file with stdout | |||
| if !stdout { | |||
| thisUser, err := user.Current() | |||
| if err != nil { | |||
| panic(err) | |||
There was a problem hiding this comment.
What errors could this return? Are they clear enough in themselves? Should we exit cleanly and log something here instead?
| @@ -261,6 +335,32 @@ var genConfigCmd = &cobra.Command{ | |||
| } | |||
| //don't write file with stdout | |||
| if !stdout { | |||
| thisUser, err := user.Current() | |||
| if err != nil { | |||
| panic(err) | |||
There was a problem hiding this comment.
What errors could this return? Are they clear enough in themselves? Should we exit cleanly and log something here instead?
There was a problem hiding this comment.
no need to really error here & Ive changed it to fail transparently. This is only checking for root and it will just not change the default from false to true.
internal/gui/gui.go
Outdated
| initQuitBtn() | ||
|
|
||
| go handleUserInteraction(conf, doneCh) | ||
| if checkRoot() { |
internal/gui/gui_unix.go
Outdated
|
|
||
| func platformExecUninstall() error { | ||
| return osutil.Run("/bin/bash", "-c", deinstallerPath) | ||
| } | ||
|
|
||
| func checkRoot() bool { | ||
| thisUser, err := user.Current() |
There was a problem hiding this comment.
Same suggestion as above. Using this sounds odd to me.
internal/gui/gui_unix.go
Outdated
| func checkRoot() bool { | ||
| thisUser, err := user.Current() | ||
| if err != nil { | ||
| panic(err) |
There was a problem hiding this comment.
I would prefer to not panic here and log a fatal err with some context.
There was a problem hiding this comment.
the logging overhead is unnecessary and it doesn't really need to fail, only to return true if root is detected.
this check is for limiting the available buttons in the systray to ones that are appropriate to launch by the current user. The browser won't be allowed to run as root in the userspace by the system, typically.
| @@ -169,3 +169,9 @@ func Version() string { | |||
| } | |||
| return v | |||
| } | |||
|
|
|||
| // HomePath gets the current user's home folder | |||
| func HomePath() string { | |||
There was a problem hiding this comment.
What if this returns an error? Will the visor start? If so, where will it start?
There was a problem hiding this comment.
You are correct, this could cause an odd configuration to be produced if HomePath returns an empty string.
I've now implemented a check on the config gen command to not offer the -u --user flag if HomePath returns an empty string. Similarly to how the visor determines if the -u flag should be an option based on the presence of the config or not.
if HomePath returned empty before these changes it would have been obvious from the config gen help menu as it's displayed in the flag description.
pkg/skyenv/values_darwin.go
Outdated
| var usrconfig PkgConfig | ||
| usrconfig.Launcher.BinPath = "/Library/Application Support/Skywire/apps" | ||
| usrconfig.LocalPath = HomePath() + "/.skywire/local" | ||
| usrconfig.Hypervisor.DbPath = HomePath() + "/.skywire/users.db" //permissions errors if the process is not run as root. |
There was a problem hiding this comment.
What are you trying to say with the comment? It seems it was copied from previous implementation for opt. Does it indeed fail if not run as root in HOME?
There was a problem hiding this comment.
accidental inclusion, and the original comment issue is now basically resolved
pkg/skyenv/values_windows.go
Outdated
| var usrconfig PkgConfig | ||
| usrconfig.Launcher.BinPath = "C:/Program Files/Skywire/apps" | ||
| usrconfig.LocalPath = HomePath() + "/.skywire/local" | ||
| usrconfig.Hypervisor.DbPath = HomePath() + "/.skywire/users.db" //permissions errors if the process is not run as root. |
There was a problem hiding this comment.
Same question about the validity of the comment as above.
There was a problem hiding this comment.
accidental inclusion, and the original comment issue is now basically resolved
Changes:
run-source&run-vpnsrvmakefile directives and related subdirectivesOn that last one, runVisor now can accept a config passed to it as input (or nil). Running with systray was trying to read the config a second time, calling for initConfig . When the config comes via stdin there is no second read possible.
Additions:
prepareandprepare-systraymakefile directivesrun-systraymakefile directiverun-systray-testmakefile directiveHow to test this PR: