Skip to content

Comments

Clarify the INSTALL instructions#9268

Closed
mattcaswell wants to merge 2 commits intoopenssl:masterfrom
mattcaswell:clarify-install-v2
Closed

Clarify the INSTALL instructions#9268
mattcaswell wants to merge 2 commits intoopenssl:masterfrom
mattcaswell:clarify-install-v2

Conversation

@mattcaswell
Copy link
Member

@mattcaswell mattcaswell commented Jun 28, 2019

Ensure users understand that they need to have appropriate permissions
to write to the install location.

The following Stack Overflow post was pointed out to me which motivated this change:

https://stackoverflow.com/questions/41938564/problems-during-last-step-of-installing-openssl-on-mac-os-sierra

@mattcaswell
Clarify the INSTALL instructions
042ebba 
Ensure users understand that they need to have appropriate permissions
to write to the install location.
@mattcaswell mattcaswell added branch: master Applies to master branch branch: 1.1.1 Applies to OpenSSL_1_1_1-stable branch (EOL) labels Jun 28, 2019
mspncp
mspncp reviewed Jun 28, 2019
View reviewed changes
INSTALL Outdated
appropriate permissions to write to the installation directory. For example,
in many cases on Unix, you may need to instead run the command like this:

$ sudo make install
Copy link
Contributor

@mspncp mspncp Jun 28, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It might sensible be to add a warning here that it is not recommended to install to the default location on a linux/unix system, overwriting the preinstalled openssl version from the distributor. (You made such a recommendation just recently on a GitHub issue, but I don't recall where it was)

Also, you could add the recommendation to install to a writable location without sudo (e.g. below the home directory) using the --prefix configure option, if it's for testing purposes only.

@romen
Copy link
Member

romen commented Jun 28, 2019
edited
Loading

On the other hand, suggesting sudo make install to the users that are not able to figure permission problems on their own would probably rise a few more serious problems that can have serious repercussions on the perception of the project.

I have assisted many users that don't have a lot of familiarity with UNIX/Linux and followed the instructions to compile openssl from source, somehow reach the sudo make install and end up with a custom compiled OpenSSL in /usr/local. Thus messing many many distribution provided applications that had problems linking at run time with a different version of OpenSSL than the one they were compiled against!
Not knowing any better they all blamed OpenSSL for messing up their system (that they generally solved by formatting and reinstalling)!

Edit: @mspncp beat me to it, his comment gives suggestions rather than just raising an issue!

@mspncp
Copy link
Contributor

mspncp commented Jun 28, 2019
edited
Loading

Edit: @mspncp beat me to it

Yeah, by less than a minute ;-)

@mattcaswell
Copy link
Member Author

mattcaswell commented Jun 28, 2019

On the other hand, suggesting sudo make install to the users that are not able to figure permission problems on their own would probably rise a few more serious problems that can have serious repercussions on the perception of the project.

So would you suggest to drop the "sudo make install" bit and just leave it as saying that you should have the right permissions. Or drop this PR altogether?

@mspncp
Copy link
Contributor

mspncp commented Jun 28, 2019

I think your clarification is useful, if you also mention the caveats and alternatives, like suggested in #9268 (comment).

@mspncp
Copy link
Contributor

mspncp commented Jun 28, 2019

(Note that Nicola edited his comment)

@paulidale
Copy link
Contributor

paulidale commented Jun 28, 2019

I'd drop the sudo make install lest somebody blame the project for destroying their system.

I do wonder if this PR is mollycoddling, I don't remember seeing any source distributions noting that permissions are required to install (I'm sure I have, I just don't remember any).

@romen
Copy link
Member

romen commented Jun 28, 2019

On the other hand, suggesting sudo make install to the users that are not able to figure permission problems on their own would probably rise a few more serious problems that can have serious repercussions on the perception of the project.

So would you suggest to drop the "sudo make install" bit and just leave it as saying that you should have the right permissions. Or drop this PR altogether?

As my use case illustrated, inexperienced users will hit stack overflow and discover that sudo make install is the solution, and won't have any caveat whatsoever about the risk of installing in the system default location.

I believe we should provide the useful part of the answer, highlighting the permission problem as you did, and in the same place a note about the risks of installing in a system-wide location, recommending using --prefix to install it somewhere else for testing (where probably make install is sufficient).

@mspncp
Copy link
Contributor

mspncp commented Jun 28, 2019

I do wonder if this PR is mollycoddling

@paulidale @richsalz please don't forget that times have changed since the good ol' days when only the tough UNIX guys on their mainframes would compile software from scratch. ;-) The StackOverflow question shows IMHO that things which used to be obvious to people aren't so obvious anymore.

@richsalz
Copy link
Contributor

richsalz commented Jun 28, 2019

https://www.urbandictionary.com/define.php?term=get%20off%20my%20lawn

levitte
levitte reviewed Jun 28, 2019
View reviewed changes
Copy link
Member

@levitte levitte left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would only say that they normally need admin rights to install, and that how to get admin rights is system dependent. No mention of sudo...

@mattcaswell
Copy link
Member Author

mattcaswell commented Jul 26, 2019

I dropped the "sudo" suggestion from this PR. I also added a warning about ensuring you install to a suitably protected location (see #9460). I also added a warning about not overwriting a system installed version of OpenSSL.

Ping @mspncp.

@mattcaswell
Copy link
Member Author

mattcaswell commented Aug 7, 2019

Ping?

@mspncp
Copy link
Contributor

mspncp commented Aug 7, 2019

Sorry, I forgot about this one. I'll take a look this evening.

mspncp
mspncp approved these changes Aug 7, 2019
View reviewed changes
Copy link
Contributor

@mspncp mspncp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me now. Approved with or without my suggested change.

INSTALL

The installation directory should be appropriately protected to ensure
untrusted users cannot make changes to OpenSSL binaries or files, or install
engines. If you already have a pre-installed version of OpenSSL as part of
Copy link
Contributor

@mspncp mspncp Aug 7, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a cosmetical change. Feel free to adopt my suggestion or leave everything as it is.

 The installation directory should be write protected to ensure that
 unprivileged users cannot make changes to OpenSSL binaries or files, or install

(Personally, I find the term untrusted too negative. Also, I replaced "appropriately protected" by "write protected`.)

@mspncp mspncp added the approval: done This pull request has the required number of approvals label Aug 7, 2019
@mspncp
Copy link
Contributor

mspncp commented Aug 8, 2019

@mattcaswell I posted a short note on the original Stack Overflow thread about this pull request.

paulidale
paulidale approved these changes Aug 8, 2019
View reviewed changes
Copy link
Contributor

@paulidale paulidale left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM too.

levitte pushed a commit that referenced this pull request Aug 8, 2019
@mattcaswell
Clarify the INSTALL instructions
d00209a 
Ensure users understand that they need to have appropriate permissions
to write to the install location.

Reviewed-by: Matthias St. Pierre <[email protected]>
Reviewed-by: Paul Dale <[email protected]>
(Merged from #9268)

(cherry picked from commit 7c03bb9)
@mattcaswell
Copy link
Member Author

mattcaswell commented Aug 8, 2019

Pushed to master and 1.1.1 - thanks. I took one half of @mspncp's suggestion and changed "untrusted" to "unprivileged".

@mattcaswell mattcaswell closed this Aug 8, 2019
levitte pushed a commit that referenced this pull request Aug 8, 2019
@mattcaswell
Clarify the INSTALL instructions
7c03bb9 
Ensure users understand that they need to have appropriate permissions
to write to the install location.

Reviewed-by: Matthias St. Pierre <[email protected]>
Reviewed-by: Paul Dale <[email protected]>
(Merged from #9268)
@claucece claucece mentioned this pull request Dec 21, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@levitte levitte levitte left review comments

@paulidale paulidale paulidale approved these changes

+1 more reviewer

@mspncp mspncp mspncp approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

approval: done This pull request has the required number of approvals branch: master Applies to master branch branch: 1.1.1 Applies to OpenSSL_1_1_1-stable branch (EOL)

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@mattcaswell @romen @mspncp @paulidale @richsalz @levitte