[tahoe-dev] Warning or error when running Tahoe as root

[David-Sarah Hopwood]

On 31/07/12 07:59, Two Spirit wrote:
> And people do what they are expected to do? I can't speak for the rest of the world, but
> yea, I guess there are a lot of  "users" like myself who run as root and have no clue what
> we are doing.  My experience with file systems is that you have to run as root for any
> file system stuff. I'm sure there are a lot of people who share my background.
> 
> My idea was a one sentance, standard WARNING disclaimer indicating 
> 1) this should be done as a non-root user or 
> 2) this doesn't need to be done as root 
> somewhere in the running.rst maybe before the first command 'To construct a client node,
> run "tahoe create-client"....'

"We should whine if we're running as root."
https://tahoe-lafs.org/trac/tahoe-lafs/ticket/725

There's a patch, and I see the ticket is assigned to me; it just needs tests.
I'll put it in the 1.10 milestone.

>     What would your idea of said short warning look like?

The one in the current patch says:

###############################################################
WARNING: You should not be running Tahoe-LAFS as root!
This poses an unnecessary security risk and is NOT recommended.
###############################################################

There's an argument for saying that this shouldn't just be a warning; it should
be an error, because running as root once may already do things that need to be
undone (e.g. creating files owned by root, as in the case that motivated the ticket).
If we made it an error then we could add an --allow-root option to suppress it;
is that necessary, or overcomplicated?

-- 
David-Sarah Hopwood ⚥

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20120731/dab36a4e/attachment.pgp>