Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
[bug] Brew shouldn't be used with sudo
See original GitHub issueWhile I seldom use brew it would seem that it refuses to install packages with super user privileges. If that is indeed the case, then maybe the sudo setting of the package manager should be ignored when using brew.
Is there a known situation where the possibility to run brew with sudo is desired ? What do you think about removing this ability ?
Environment Details
- Operating System: macOS
11.6.8 - Conan version:
1.52.0 - Python version: CPython
3.10.6 - Brew version: Homebrew
3.5.10
(In fact the exact environment is the Github Action macos runner, all details can be found here)
Steps to reproduce
Create a conanfile that installs system packages with brew, e.g.:
from conan import ConanFile
from conan.tools.system.package_manager import Apt, Brew
class FooConan(ConanFile):
def system_requirements(self):
Apt(self).install(["help2man", "ghostscript"], update=True, check=True)
Brew(self).install(["help2man", "ghostscript"], update=True, check=True)
Use a profile that enables sudo for the package manager, e.g.:
$ conan profile update conf.tools.system.package_manager:mode=install default
$ conan profile update conf.tools.system.package_manager:sudo=True default
Then create the package:
$ conan create .
Logs
Error: Running Homebrew as root is extremely dangerous and no longer supported.
As Homebrew does not drop privileges on installation you would be giving all
build scripts full access to your system.
foo/system: ERROR: while executing system_requirements(): Command 'sudo brew update' failed
ERROR: Error in system requirements
Brew documentation
https://docs.brew.sh/FAQ#why-does-homebrew-say-sudo-is-bad
Homebrew refuses to work using sudo.
Possible workarounds
- Users conditionally enable sudo depending on the package manager expected to be used
- Conan package creators conditionally delete/modify the sudo setting depending on the package manager expected to be used
While these would work, it makes little sense to even allow brew to be run with sudo, as it seems to never make sense
Possible patch
https://github.com/conan-io/conan/blob/develop/conan/tools/system/package_manager.py#L201
class Brew(_SystemPackageManagerTool):
tool_name = "brew"
install_command = "{sudo}{tool} install {packages}"
update_command = "{sudo}{tool} update"
check_command = 'test -n "$({tool} ls --versions {package})"'
could be modified to :
class Brew(_SystemPackageManagerTool):
tool_name = "brew"
install_command = "{tool} install {packages}"
update_command = "{tool} update"
check_command = 'test -n "$({tool} ls --versions {package})"'
Thank you for your time.
Issue Analytics
- State:
- Created a year ago
- Comments:6 (4 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Hi @czoido, I understand your point now, that despite the likelihood of Brew allowing and then enforcing sudo being infinitesimally low, it is still a possibility, and your top priority is retro-compatibility.
I’m guessing that for now I will put the logic of deleting the sudo setting if needed in the conanfile that calls brew.
Hi @memsharded, Thank you for the heads up. Indeed, I will have to rethink how I handle configuration with those new constraints.
Thank you both
Thanks for the detailed feedback.
It would seem that it makes sense to have brew ignore
conf.tools.system.package_manager:sudo, if by default brew will error, and if for some exceptional case, it would be necessary, to re-enable it withconf.tools.system.package_manager:sudo_breakor something the like.Brew/OSX users, please feedback.