* David-Sarah Hopwood <david-sa...@jacaranda.org> wrote: > There's an argument for saying that this shouldn't just be a > warning; it should be an error, because running as root once may > already do things that need to be undone (e.g. creating files > owned by root, as in the case that motivated the ticket).
Maybe I missed it but which install type was it all about? A system-wide install or a mere user-install? I feel like I'm pondering about something very obvious regarding the OP's problems when it comes to things going not as planned because of wrong permissions (even if you create a filesystem as root, you still have to tune permissions in order for lesser beings to access it). A line like this, placed somewhere strategically in the quickstart document, would have some merit for the folks testing Tahoe (on a glacier but somehow misplaced their winter walking boots): All Things Tahoe Are Best Served From A Single User. (or somesuch wording that reflects its meaning) If I decide to run Tahoe in a VM as a user with high access privileges, that's completely my responsibility. (In my understanding, root is among such users, obviously). However, printing a warning about running a network service as root is a good idea anyway (Tor's arm does it) and last I checked there wasn't a single network service out there recommending being run as root. Surely this is documented somewhere, sysadmin best practices, whatever :) > If we made it an error then we could add an --allow-root option to > suppress it; is that necessary, or overcomplicated? If you make it an error, please add the Han Solo switch ("I know."), and include it in the error message. (I happen to maintain a mere SQRT(universe) environment.) Oh and how do you plan on checking wether Tahoe is actually running as root? I wouldn't just parse for root but actually check group id/groups as well. PS: Yes, I have to admit I tried to avoid touching the topic of Tahoe-LAFS being a filesystem. " Scotty, now would be a good fsck-time.... " -- left blank, right bald
pgpHNPxFnCbAk.pgp
Description: PGP signature
_______________________________________________ tahoe-dev mailing list tahoe-dev@tahoe-lafs.org https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev