Re: [go-nuts] Permissions in ~/go/pkg
On Fri, May 10, 2024 at 2:11 PM Tobias Klausmann wrote: > > On Fri, 10 May 2024, Ian Lance Taylor wrote: > > This is a choice made by Go. You can override with the -modcacherw > > option to "go build", "go test", "go install", and similar code. You > > can make that option the default by setting GOFLAGS in the environment > > or via "go env GOFLAGS=...". > > > > You can also remove the module cache using "go clean -modcache". > > Thanks for the explanation! What is the rationale for the read-only > perms, though? It's essential for supply chain security that builds with a specific version of a package always use the same code. It's natural for debugging for people to look at the source code in the module cache. Making that source code read-only removes a class of accidents in which somebody looking at the code in the module cache modifies it, without necessarily realizing that that will affect all builds on that machine that use that package. Ian -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/CAOyqgcX7x39RKShv%2ByJBt%3DztoQWs1MO%3DcZqiseDtXrsvjBNV3g%40mail.gmail.com.
Re: [go-nuts] Permissions in ~/go/pkg
Hi! On Fri, 10 May 2024, Ian Lance Taylor wrote: > This is a choice made by Go. You can override with the -modcacherw > option to "go build", "go test", "go install", and similar code. You > can make that option the default by setting GOFLAGS in the environment > or via "go env GOFLAGS=...". > > You can also remove the module cache using "go clean -modcache". Thanks for the explanation! What is the rationale for the read-only perms, though? Best, Tobias -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/d127858e-a161-4f71-8fc8-4df4c602bf92%40skade.local.
Re: [go-nuts] Permissions in ~/go/pkg
On Fri, May 10, 2024 at 10:43 AM Tobias Klausmann wrote: > > I test and try a whole load of Go tools and libraries, and as a result, > my ~go/pkg dir quickly grows. While I'd love some kind of automatic > expiry for that cache, I am fine with just occasionally running rm-rf on > that dir myself. > > ... except it doesn't work. For some unclear reason, some of those > directories and files are created with readonly permissions: > > ``` > $ rm -rf go/pkg > rm: cannot remove > 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/.gitattributes': > Permission denied > rm: cannot remove > 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/.gitignore': Permission > denied > rm: cannot remove > 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/LICENSE': Permission > denied > rm: cannot remove > 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/README.md': Permission > denied > rm: cannot remove > 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/bmp-string.go': > Permission denied > rm: cannot remove > 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/bmp-string_test.go': > Permission denied > rm: cannot remove > 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/crypto.go': Permission > denied > rm: cannot remove > 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/crypto_test.go': > Permission denied > rm: cannot remove > 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/errors.go': Permission > denied > [... lots more elided ...] > $ stat go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/errors.go > File: go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/errors.go > Size: 751 Blocks: 8 IO Block: 4096 regular file > Device: 0,36Inode: 7317588 Links: 1 > Access: (0444/-r--r--r--) Uid: ( 1000/klausman) Gid: ( 1000/klausman) > Access: 2024-04-04 11:04:37.367542592 +0200 > Modify: 2024-04-04 11:04:37.367542592 +0200 > Change: 2024-04-04 11:04:37.367542592 +0200 > Birth: 2024-04-04 11:04:37.367542592 +0200 > $ > ``` > > Needless to say, this is annoying, and while I can 'fix' it by doing a > find|xargs chmod, I'd rather the permissions weren't this restrictive in > the first place. > > So I wonder why they look like that. Is it a umask issue? Or something > in git's config? Or is Go at fault here? This is a choice made by Go. You can override with the -modcacherw option to "go build", "go test", "go install", and similar code. You can make that option the default by setting GOFLAGS in the environment or via "go env GOFLAGS=...". You can also remove the module cache using "go clean -modcache". Ian -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/CAOyqgcVAikLCXX0UAqhtK%3D5%3D2hqwkEQ%2BZSJhkhHg6EOTZ3a%2BXQ%40mail.gmail.com.
[go-nuts] Permissions in ~/go/pkg
Hi! I test and try a whole load of Go tools and libraries, and as a result, my ~go/pkg dir quickly grows. While I'd love some kind of automatic expiry for that cache, I am fine with just occasionally running rm-rf on that dir myself. ... except it doesn't work. For some unclear reason, some of those directories and files are created with readonly permissions: ``` $ rm -rf go/pkg rm: cannot remove 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/.gitattributes': Permission denied rm: cannot remove 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/.gitignore': Permission denied rm: cannot remove 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/LICENSE': Permission denied rm: cannot remove 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/README.md': Permission denied rm: cannot remove 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/bmp-string.go': Permission denied rm: cannot remove 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/bmp-string_test.go': Permission denied rm: cannot remove 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/crypto.go': Permission denied rm: cannot remove 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/crypto_test.go': Permission denied rm: cannot remove 'go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/errors.go': Permission denied [... lots more elided ...] $ stat go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/errors.go File: go/pkg/mod/software.sslmate.com/src/go-pkcs12@v0.2.0/errors.go Size: 751 Blocks: 8 IO Block: 4096 regular file Device: 0,36Inode: 7317588 Links: 1 Access: (0444/-r--r--r--) Uid: ( 1000/klausman) Gid: ( 1000/klausman) Access: 2024-04-04 11:04:37.367542592 +0200 Modify: 2024-04-04 11:04:37.367542592 +0200 Change: 2024-04-04 11:04:37.367542592 +0200 Birth: 2024-04-04 11:04:37.367542592 +0200 $ ``` Needless to say, this is annoying, and while I can 'fix' it by doing a find|xargs chmod, I'd rather the permissions weren't this restrictive in the first place. So I wonder why they look like that. Is it a umask issue? Or something in git's config? Or is Go at fault here? Best, Tobias -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/Zj5chzqyVg_h87jw%40skade.schwarzvogel.de.
