[Chicago-talk] "I don't have permission to installamoduleonthesystem!"

Steven Lembark lembark at wrkhors.com
Fri Jan 2 12:34:12 CST 2004



-- petemar1 <petemar1 at perlmonk.org>

> Argh.
>
> ...
>
> Files=34, Tests=381, 43 wallclock secs (31.23 cusr +  2.94 csys = 34.17
> CPU)   /usr/bin/make test -- OK
> Running make install
> Manifying blib/man3/WWW::Mechanize::Examples.3
> Manifying blib/man3/WWW::Mechanize::Link.3
> Manifying blib/man1/mech-dump.1
> Manifying blib/man3/WWW::Mechanize::FAQ.3
> Manifying blib/man3/WWW::Mechanize.3
> Warning: You do not have permissions to install into
> /opt/perl/perl-5.8.0/lib/site_perl/5.8.0/i586-linux at
> /opt/perl/perl-5.8.0/lib/5.8.0/ExtUtils/Install.pm line 84.
> mkdir /opt/perl/perl-5.8.0/lib/site_perl/5.8.0/WWW: Permission denied at
> /opt/perl/perl-5.8.0/lib/5.8.0/ExtUtils/Install.pm line 137
> make: *** [pure_site_install] Error 255
>   /usr/bin/make install /home/petemar1/sandbox/lib -- NOT OK
>     You may have to su to root to install the package
>
> cpan>

If you installed perl then you may have screwed up and done
it SU with a umask of 022. Simplest fix:

	$ cd /opt/perl-blah;
	$ su -p;
	<password>
	# find . -type f | xargs chmod g+w;
	# find . -type d | xargs chmod 02775;
	# find . | xargs chgrp bin;
	# vi /etc/group
	<add your userid to "bin">
	# exit;
	$ exit;

Setting the GID bit on dir's does two things: propagates
the sgid bid to subdirs and sets the GID of all files in
the directory to match the dir's. In this case it'll mean
that any new dir's have the SGID bit set and anything in
placed there will have "bin" as the GID. Adding yourself
to the bin group and making sure that the system's umask
is 002 (normally true for non-SU logins) will leave anyone
in the bin group able to install into the perl directory.

This is a safe-and-sane alternative to most peoples idiocy
of installing everything as SU to avoid protection issues.
One of the older CPAN modules used to have a line like:

	...
	rm -rf /* .... OK

with a 5 second sleep follwed by a message asking why anyone
would be dumb enough to run anything they simply grabbed off
the net as SU :-)

I'd actually suggest running the xargs tricks above on /opt
and never again installing anything into it SU. If anyone
has a package that requires SU they can explain why before
you switch over -- and you can complete 90% of all install
steps without running obscene risks.


Of course, if you didn't install perl and don't have write
access to /opt/perl-blah via SU then none of the above will
work. At that point do your development in a sandbox with
~/sandbox/lib in it and just use FindBin::libs.

enjoi

--
Steven Lembark                               2930 W. Palmer
Workhorse Computing                       Chicago, IL 60647
                                            +1 888 359 3508



More information about the Chicago-talk mailing list