On Thu, 2007-05-10 at 09:25 +0100, Simon Marlow wrote:
We certainly shouldn't advocate running cabal-install as root (or should we? isn't emerge typically run as root in Gentoo?).
Yes, gentoo's emerge and all other system packager tools I know of run as root (apt, yum etc).
I'm concerned that the unsuspecting user might end up with a mixture of globally-installed and locally-installed packages, leading to confusion later on. (See [1] for example)
That one looks like it could be explained with nicer diagnostics from ghc. Eg it could say which package version it was using (and perhaps which package db it was from), like it currently has a nice diagnostic if you try and use a module that is hidden. Especially if the package db is inconsistent (eg files or deps missing) the user could be told about that. There are quite a number of ways of corrupting the package db and getting confusing errors as a result.
I think this can be solved with decent diagnostics. e.g.:
$ cabal-install foo You don't have permission to install packages globally (for all users). Either: run cabal-install as root, or add the --user flag to install packages for the current user only.
This is nice, though actually doing these checks is not completely trivial. To be accurate we would want to check if the directory(s) we would install into are writable and if the global package.conf file is writable. Checking the latter is a bit dodgy since cabal isn't supposed to know about the existence of that file.
cabal-install could drop its permissions for the non-install steps, perhaps. Replace "as root" with "as administrator" for Windows.
Sounds like scary posix stuff :-) Do we have functions for changing user / dropping privileges ? I think we should check what the equivalent perl, ruby, python, erlang package distribution systems do. Duncan