fix(osx): use console owner instead of $USER in postinstall script#2279
fix(osx): use console owner instead of $USER in postinstall script#2279
Conversation
…nstall script Co-authored-by: marekzmyslowski <1062877+marekzmyslowski@users.noreply.github.com>
| # from taking ownership of ~/.gitconfig). | ||
| # Use stat to determine the console user since the installer may be invoked with | ||
| # USER unset (e.g. when run via Homebrew which explicitly clears USER). | ||
| REAL_USER=$(stat -f%Su /dev/console) |
There was a problem hiding this comment.
What happens if someone is installing GCM (either via Homebrew or the installer command line) from an SSH session where there is no console user? We need to make sure this works for remote/multi-user scenarios.
…fallback Co-authored-by: marekzmyslowski <1062877+marekzmyslowski@users.noreply.github.com>
| # from taking ownership of ~/.gitconfig) | ||
| sudo -u ${USER} "$INSTALL_DESTINATION/git-credential-manager" configure | ||
| # from taking ownership of ~/.gitconfig). | ||
| # Determine the real (non-root) user via multiple methods since the installer |
There was a problem hiding this comment.
USER/LOGNAME [..] when run via Homebrew which explicitly clears those environment variables
So in my testing I do NOT find this to be the case. If I modify the GCM Cask with a locally built pkg file that has env > /tmp/pkgenv.log in the postinstall script I see the following variables set (amongst others):
USER=mattche
HOME=/Users/mattche
LOGNAME=root
COMMAND_LINE_INSTALL=1
Specifically I see USER is set to the correct local username (mattche in my case). It is also not possible to run brew as sudo, at least with the latest version (I'm on 5.1.0).
I also tested the output of env from postinstall when installing the pkg file directly using
- Finder
USER=mattche
HOME=/Users/mattche
LOGNAME=root
- Terminal with
sudo installer -target / -pkg gcm.pkg
USER=root
HOME=/Users/mattche
LOGNAME=root
COMMAND_LINE_INSTALL=1
Note that I do not see SUDO_USER set in any of these instances.
postinstallscript: replace${USER}withstat -f%Su /dev/consoleSUDO_USERfirst (set by sudo, reliable in both GUI/Homebrew and SSH contexts)stat -f%Su /dev/consolefor GUI sessions without sudorootor empty), skip configure and print a warning with manual instructions💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.