Skip to content

allow other users to write to mix_pubsub and mix_lock folders #14171

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Jan 10, 2025
Merged

allow other users to write to mix_pubsub and mix_lock folders #14171

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
695acad
allow other users to write to mix_pubsub
SteffenDE Jan 10, 2025
1e80d57
add user as suffix to mix_pubsub and mix_lock paths
SteffenDE Jan 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 9 additions & 1 deletion lib/mix/lib/mix/sync/lock.ex
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,9 @@ defmodule Mix.Sync.Lock do
opts = Keyword.validate!(opts, [:on_taken])

hash = key |> :erlang.md5() |> Base.url_encode64(padding: false)
path = Path.join([System.tmp_dir!(), "mix_lock", hash])
base_path = Path.join([System.tmp_dir!(), "mix_lock"])
init_base_path(base_path)
path = Path.join([base_path, hash])

pdict_key = {__MODULE__, path}
has_lock? = Process.get(pdict_key, false)
Expand All @@ -119,6 +121,12 @@ defmodule Mix.Sync.Lock do
end
end

defp init_base_path(path) do
File.mkdir_p!(path)
# ensure other users can write to the directory
_ = File.chmod(path, 0o777)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What if this fails? Because another user has created this directory?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

that's why I ignore the return value. I assume that the user that initially creates the folder has the necessary permissions.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right, but the reason we have a report is exactly because the permissions are confusing. What if we generate a single directory like this: "mix-lock-#{user}-#{hash}". If we don't want to want to have the user there, we could urlbase64 it? Thoughts @jonatanklosko?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

perhaps we should change the dir name in both cases to _2 suffix to not conflict with previous dirs created by Elixir? And if the dir is created by someone else then raising probably makes sense.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the reason we have a report is exactly because the permissions are confusing

I reproduced the problem in docker to make sure these changes work, but I don't have any objections to use multiple directories instead.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@jonatanklosko I think the safest would be to have one directory per user, then we don't have to worry about anything else. It is unlikely different users are sharing the same compilation, right?

end

defp lock_disabled?(), do: System.get_env("MIX_OS_CONCURRENCY_LOCK") in ~w(0 false)

defp lock(path, on_taken) do
Expand Down
14 changes: 13 additions & 1 deletion lib/mix/lib/mix/sync/pubsub.ex
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -127,6 +127,7 @@ defmodule Mix.Sync.PubSub do
@impl true
def init({}) do
state = %{port: nil, hash_to_pids: %{}}
init_base_path()
{:ok, state}
end

Expand Down Expand Up @@ -272,9 +273,20 @@ defmodule Mix.Sync.PubSub do

defp hash(key), do: :erlang.md5(key)

defp base_path do
Path.join(System.tmp_dir!(), "mix_pubsub")
end

defp path(hash) do
hash = Base.url_encode64(hash, padding: false)
Path.join([System.tmp_dir!(), "mix_pubsub", hash])
Path.join([base_path(), hash])
end

defp init_base_path do
path = base_path()
File.mkdir_p!(path)
# ensure other users can write to the directory
_ = File.chmod(path, 0o777)
end

defp recv(socket, size, timeout \\ :infinity) do
Expand Down