From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 0F13815800A for ; Tue, 15 Aug 2023 16:38:31 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id CEEF52BC039; Tue, 15 Aug 2023 16:38:24 +0000 (UTC) Received: from s1.swsch.de (s1.swsch.de [IPv6:2a01:4f8:a0:8074::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 76E422BC013 for ; Tue, 15 Aug 2023 16:38:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xss.de; s=s1; h=Content-Transfer-Encoding:Content-Type:MIME-Version:Subject:To: Message-ID:From:Date:Sender:Reply-To:Cc; bh=5yocb13bMGfIa6hViqtnP8NGLP7NEWnbalDlX8kkkTI=; b=dnn/SK++psGzb2xHmWqsK1GsJg j3AO5bQYHy3lyesP7GSiNkudeuitXhNo6qYdfW0ctPWycYu4A22nvq3iMwaovPgwWT3XTydr3hgjs hDE6mCF9bJH6UME8Mbd9Yori/lt70V/VnzuGMCEqK8L+kO2PMrLGTWe8Wygp710JLEiE=; Received: from [2003:d4:4724:9c01:ec67:e721:5892:41fd] (helo=pc23.fritz.box) by s1.swsch.de with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1qVx3m-0001Xz-21; Tue, 15 Aug 2023 18:38:22 +0200 Date: Tue, 15 Aug 2023 18:38:20 +0200 From: Stefan Schmiedl Message-ID: <587907205.20230815183820@xss.de> To: Peter Humphrey , gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Permissions problem In-Reply-To: <13353429.uLZWGnKmhe@wstn> References: <13353429.uLZWGnKmhe@wstn> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: text/plain; charset=windows-1250 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 03ab0a2a-490e-488d-9c10-267d2a7d4000 X-Archives-Hash: 21af1f65adf1d3d055a5f091d1953bbf =20 Dienstag, 15. August 2023 16:55: =20 >=A0Hello list, > I'd like to develop a blog using www-apps/jekyll, which makes extensive u= se of=20 > ruby gems, of which I have no experience. On trying to install a new defa= ult=20 > theme I get copious permission errors. > The ruby gems live in /usr/lib64/ruby/gems/3.1.0/gems, and to install any= thing=20 > in that tree I need write permission on the destination directory and exe= cute=20 > permission on all those above it. > This poses an obvious security problem. > When I emerged jekyll and ran its installation routine, I found I had a n= ew ~/ > bin directory with nine executable files in it. ~/bin/update_rubygems has= =20 > similar permission problems but is more concise in reporting them > I can't add myself to a group and grant it permissions, because there see= ms=20 > not to be any such group. > How do Gentoo Ruby users get around this? Hello Peter, first make sure that you don't have any "suspicious" rubygem based executables in your path that might confuse things. Some time ago I found some ancient such files in /usr/local/bin ... Next, with a default ruby/rubygems installation, a normal user should be able to install gems into their own $HOME/.gem directory. I'm doing this on several gentoo boxes, never had a problem with that approach. On one of the servers, I can run the following command, to which you can compare your environment $ gem environment RubyGems Environment: - RUBYGEMS VERSION: 3.3.26 - RUBY VERSION: 3.1.4 (2023-03-30 patchlevel 223) [x86_64-linux] - INSTALLATION DIRECTORY: /usr/lib64/ruby/gems/3.1.0 - USER INSTALLATION DIRECTORY: /home/.../.gem/ruby/3.1.0 - RUBY EXECUTABLE: /usr/bin/ruby31 - GIT EXECUTABLE: /usr/bin/git - EXECUTABLE DIRECTORY: /usr/bin - SPEC CACHE DIRECTORY: /home/.../.gem/specs - SYSTEM CONFIGURATION DIRECTORY: /etc - RUBYGEMS PLATFORMS: - ruby - x86_64-linux - GEM PATHS: - /usr/lib64/ruby/gems/3.1.0 - /home/.../.gem/ruby/3.1.0 - /usr/local/lib64/ruby/gems/3.1.0 - GEM CONFIGURATION: - :update_sources =3D> true - :verbose =3D> true - :backtrace =3D> true - :bulk_threshold =3D> 1000 - "install" =3D> "--install-dir /home/.../.gem/ruby/3.1.0 --bindir /ho= me/.../bin" - "uninstall" =3D> "--install-dir /home/.../.gem/ruby/3.1.0 --bindir /= home/...bin" - "update" =3D> "--install-dir /home/.../.gem/ruby/3.1.0 --bindir /hom= e/.../bin" - REMOTE SOURCES: - https://rubygems.org/ - SHELL PATH: - /usr/local/sbin - /usr/local/bin - /usr/sbin - /usr/bin - /sbin - /bin - /opt/bin