-
Notifications
You must be signed in to change notification settings - Fork 369
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
$KREW_ROOT/store/<plugin>/* has wrong permissions, 0700 instead of 0755 #840
Comments
Feel free to dig into the code to figure out why this might be happening. However, I'm not seeing (in a setup with default paths) that
This might have something to do with /kind support |
@ahmetb Thanks for your answer. My Go skills are not that good anymore. I coded something way back in 2011 at university. Can you maybe point me to the right source file that creates these paths? I will also do more tests with that. Maybe directly as |
I created a complete script so it can be tested very easily. It downloads the installer, installs krew, shows the content of #!/bin/bash
KREW_ROOT=/usr/local/krew
KREW_URL="https://github.com/kubernetes-sigs/krew/releases/latest/download/krew-linux_amd64.tar.gz"
KREW_INSTALL_BIN_FILENAME="krew-linux_amd64"
# END OF CONFIG
set -e
if (( "$(id -u)" != 0 )); then
echo "Please run as root." >&2
exit 1
fi
TMP_DIR="$(mktemp -d)"
KREW_INSTALL_BIN="${TMP_DIR}/${KREW_INSTALL_BIN_FILENAME}"
# Download
curl -sL "${KREW_URL}" | tar -C "${TMP_DIR}" --gzip --file=- --extract "./${KREW_INSTALL_BIN_FILENAME}"
export PATH="${KREW_ROOT}/bin:$PATH"
export KREW_ROOT
${KREW_INSTALL_BIN} install krew
ls -la "${KREW_ROOT}/store/krew/"
rm -rf "${TMP_DIR}"
rm -rf "${KREW_ROOT}" The output on my machine is:
As you can see the directory |
By replacing the line
with
I found out that at some point during the installation process a folder created in
And as you can see in the very first line of that snippet, the temporary folder that later is renamed was created with the permissions |
I guess the line in question is this one:
Renaming/copying then happens here:
So I think at this point it would be good to also call a |
The background is that a default |
🤔 but why do dirs in |
On my system it has not. I just installed it without setting
I can only think of differences in the underlying operating system. Maybe there are settings for creating temporary folders somewhere? At least I found this statement:
|
Btw this is my system:
|
Ah I see, the dirs directly under |
Because we're doing `mktemp` (which gives 0700) and then moving it to `$KREW_ROOT/store/PLUGIN/VERSION`, we need to make sure that the directory is 0755 like the other dirs in `store`. Fixes kubernetes-sigs#840.
Because we're doing `mktemp` (which gives 0700) and then moving it to `$KREW_ROOT/store/PLUGIN/VERSION`, we need to make sure that the directory is 0755 like the other dirs in `store`. Fixes kubernetes-sigs#840.
Because we're doing `mktemp` (which gives 0700) and then moving it to `$KREW_ROOT/store/PLUGIN/VERSION`, we need to make sure that the directory is 0755 like the other dirs in `store`. Fixes kubernetes-sigs#840.
Do you know when this will be solved and included in the next release? |
Do you know it now? |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
/remove-lifecycle stale |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
/remove-lifecycle stale |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
/remove-lifecycle stale |
The Kubernetes project currently lacks enough contributors to adequately respond to all issues. This bot triages un-triaged issues according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
/remove-lifecycle stale |
Hi there,
I tried to install
krew
using a differentKREW_ROOT
, exactly like documented here: https://krew.sigs.k8s.io/docs/user-guide/advanced-configuration/I basically ran this command from a
sudo
user:After that the binary was not accessible from a normal user. This is because the symlink pointed to a file that was only accessible from
root
:After a
sudo chmod 750 /usr/local/krew/store/krew/v0.4.4
it worked fine.Unfortunately this happens with every plugin that is installed this way. The subdirectories in
/usr/local/krew/store/*/v*
always have the wrong permissions.For example I installed
resource-capacity
from thesudo
user like this:Then the new directory had the wrong permissions again:
The text was updated successfully, but these errors were encountered: