From owner-freebsd-questions@freebsd.org Mon Jan 25 22:43:38 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D97C94F456D for ; Mon, 25 Jan 2021 22:43:38 +0000 (UTC) (envelope-from tomek@cedro.info) Received: from mail-lj1-x236.google.com (mail-lj1-x236.google.com [IPv6:2a00:1450:4864:20::236]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DPlJk3FrJz3l5y for ; Mon, 25 Jan 2021 22:43:33 +0000 (UTC) (envelope-from tomek@cedro.info) Received: by mail-lj1-x236.google.com with SMTP id u11so17306773ljo.13 for ; Mon, 25 Jan 2021 14:43:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cedro.info; s=google; h=subject:to:references:from:organization:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=muyffZwynTsA/vzQNyh91/Xyt304afC6s5SrwXRIZ4k=; b=FGVT7GZRb8w3bvHf2rhMo3ZVG5PMh/XHrVhdjp5igQuwfVCj6DFCHmTm0z+jI8PDQb bmNme2pqj6Zsx7eT/It9Umxi0huFDbCSxhpkp9ioYkN1GPlGBEC97/1HZ21rgf/nnqJN lb1IUdBpg7mQc4DsmIIOcvFKyiwnZdffyYdDQV/owZZyy0V27X1UTt36cvDnvdYYQipj B4KrXGAhBBd+AqNmrSHUFOvCJZL5bB7ffYj1fv0WameOG82qX4Uh9HJHWESoeK4xZGjI gufIx4HO6SgU+qPJjhgdX6ioFyd6imou56RzwP5PcHH7sew7nCkSMCQIpag7IiQsVVeS RzbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:organization :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=muyffZwynTsA/vzQNyh91/Xyt304afC6s5SrwXRIZ4k=; b=sPOCC3rmB9Lce/bozA5ILgbfOu//IBS2XUZ8qT4NVR+IFUrBPDnprJzSIgkITGGyaD l8tikKWFGoRYIRg6iCC/9jUmvwNlQVv5Y5CvPC44g97kSrvDtFN9oC+mxPvrXPODmIwY mvBMtsl5jZp/Sqxkql129pkW1yqSOYrIY77NjwKeBMWbWeIpnugUeWIx7qveGVd4vdoN JXpe+tlQqFTrs0/2BOGzd5kJk8MM7+ncNvwOo0GyxBKaB0Tj0lGPKCsKzaBQjG97DPvm BWW7PC3tS8UgbamlF397oBFrFH9wKtOfVTtOtEMbbBxqadIrMWiLsvbAVo9Vvx77scoF b20w== X-Gm-Message-State: AOAM532Vd4N2uH19ahhJZrfigfxTqfP5BobwO156th5ttHtURAE9oj3H wk129AveeUPJLiwOHAEzE+WmgrQgPj1C5mx4 X-Google-Smtp-Source: ABdhPJzO6d4y88j6rw+rEYa0N7BRgyK+sQf5DvvteT3QTrCRbt7Lb+mrLWKUbrugP2aoBU7H38BoPw== X-Received: by 2002:a2e:88c9:: with SMTP id a9mr1360084ljk.29.1611614609051; Mon, 25 Jan 2021 14:43:29 -0800 (PST) Received: from [192.168.0.101] ([31.179.178.250]) by smtp.gmail.com with ESMTPSA id u2sm2148495lfl.273.2021.01.25.14.43.28 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 25 Jan 2021 14:43:28 -0800 (PST) Subject: Re: ruby pkg and user gem/bundle privilege mismatch To: freebsd@dreamchaser.org, FreeBSD Mailing List References: <9c121e6b-f6d3-0734-22e3-16a7ad6dda72@dreamchaser.org> <3b533461-c2bf-2068-d965-6ca6ed2c70e5@dreamchaser.org> From: Tomasz CEDRO Organization: CeDeROM Message-ID: Date: Mon, 25 Jan 2021 23:43:29 +0100 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1 MIME-Version: 1.0 In-Reply-To: <3b533461-c2bf-2068-d965-6ca6ed2c70e5@dreamchaser.org> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4DPlJk3FrJz3l5y X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=cedro.info header.s=google header.b=FGVT7GZR; dmarc=none; spf=none (mx1.freebsd.org: domain of tomek@cedro.info has no SPF policy when checking 2a00:1450:4864:20::236) smtp.mailfrom=tomek@cedro.info X-Spamd-Result: default: False [-1.36 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_SOME(0.00)[]; HAS_ORG_HEADER(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[cedro.info:+]; RCPT_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2a00:1450:4864:20::236:from]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[cedro.info:s=google]; FROM_HAS_DN(0.00)[]; NEURAL_SPAM_SHORT(0.94)[0.939]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; DMARC_NA(0.00)[cedro.info]; SPAMHAUS_ZRD(0.00)[2a00:1450:4864:20::236:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::236:from]; R_SPF_NA(0.00)[no SPF record]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-questions] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Jan 2021 22:43:39 -0000 On 25.01.2021 20:02, Gary Aitken wrote: >> Summing up you should never install local packages as root to use >> them as standard user. You should rather create your own small >> virtual environment that you can fully control as standard user with >> no impact to the system (or when you cannot modify system for >> instance on the shared hosting environment). > > I have lang/ruby26 installed system-wide so it is available to everyone. There are two cases: 1. You are using system wide packages and these are used by other packages and programs. But you cannot modify them as standard user. 2. You are creating your own local dedicated virtual environment that you can control as standard user, including installing additional packages that are not system wide. The later is better because you control what you have and what version with no impact on system wide configuration and system configuration does not impact you either. This is especially important when you host your solution on a server where you have no administrative access. This is very common nowadays for web application hosting that use JavaScript, Ruby, Python, etc. You assume some system wide starting point like basic interpreter and web server, then you bootstrap your own local virtual environment to make bigger things work on your local account. Another good example here is the Automated Testing and CI (Continuous Integration) where build/testing scripts can bootstrap several local dedicated environments with a bit of different setup to test different components version impact, test regressions, etc :-) Best regards :-) Tomek -- CeDeROM, SQ7MHZ, https://www.tomek.cedro.info