[Ironruby-core] "igem install rake" raise an System.UnauthorizedAccessException (Windows 7)

Shri Borde Shri.Borde at microsoft.com
Tue Jan 26 15:18:09 EST 2010


So how does RubyGems know that the target location is restricted? I can’t just call File.open and catch the exception. Perhaps it eagerly checks for permissions.

So where does this leave us? Sounds like we can keep installing to ProgramFiles by default. Users can then run “gem install” from an elevated Command Prompt if they want to share gems with other users, or they can use –user-install if they prefer not to elevate. Sounds like we are good as is if Thibaut (or someone else) can confirm that –user-install does work as expected.

From: ironruby-core-bounces at rubyforge.org [mailto:ironruby-core-bounces at rubyforge.org] On Behalf Of Jim Deville
Sent: Tuesday, January 26, 2010 12:10 PM
To: ironruby-core at rubyforge.org
Subject: Re: [Ironruby-core] "igem install rake" raise an System.UnauthorizedAccessException (Windows 7)

Technically, the virtual store is an OS level feature, however, not using --user-install could imply to people that we are installing in a shared location when we aren’t.

JD

From: ironruby-core-bounces at rubyforge.org [mailto:ironruby-core-bounces at rubyforge.org] On Behalf Of Shri Borde
Sent: Tuesday, January 26, 2010 12:06 PM
To: ironruby-core at rubyforge.org
Subject: Re: [Ironruby-core] "igem install rake" raise an System.UnauthorizedAccessException (Windows 7)

Might be a .NET issue, but we should work around it in that case.

What I am curious about though is if MRI is installed to Program Files, will “gem install” also silently install to the virtual store if it is run without elevation. If the redirecting is done at the Ruby/OS level, then RubyGems does not need to do anything, and so –user-install should not be needed at all.

From: ironruby-core-bounces at rubyforge.org [mailto:ironruby-core-bounces at rubyforge.org] On Behalf Of Jim Deville
Sent: Tuesday, January 26, 2010 11:54 AM
To: ironruby-core at rubyforge.org
Subject: Re: [Ironruby-core] "igem install rake" raise an System.UnauthorizedAccessException (Windows 7)

Hm, that’s interesting… MRI gets redirected to the virtual store but IronRuby does not, I wonder if that is more of a .NET issue than a IronRuby problem…

JD

From: ironruby-core-bounces at rubyforge.org [mailto:ironruby-core-bounces at rubyforge.org] On Behalf Of Shri Borde
Sent: Tuesday, January 26, 2010 11:44 AM
To: ironruby-core at rubyforge.org
Subject: Re: [Ironruby-core] "igem install rake" raise an System.UnauthorizedAccessException (Windows 7)

There indeed is a difference in behavior between IronRuby and MRI when creating a file in %ProgramFiles% from a non-elevated process. MRI silently writes to USERPROFILE. IronRuby raises Errno::EACCES. I have opened http://ironruby.codeplex.com/WorkItem/View.aspx?WorkItemId=3685 to track this. I don’t see the System.UnauthorizedAccessException though.

D:\>ruby -e "File.open('c:/Program Files/foo.txt', 'w+') {}"

D:\>dir "c:\Program Files\foo.txt"
File Not Found

D:\>dir "%USERPROFILE%\AppData\Local\VirtualStore\Program Files\foo.txt"
01/26/2010  11:39 AM                 0 foo.txt
               1 File(s)              0 bytes
               0 Dir(s)  122,124,869,632 bytes free

D:\>rbx -e "File.open('c:/Program Files/foo.txt', 'w+') {}"
mscorlib:0:in `WinIOError': Access to the path 'c:\\Program Files\\foo.txt' is denied. (Errno::EACCES)

From: ironruby-core-bounces at rubyforge.org [mailto:ironruby-core-bounces at rubyforge.org] On Behalf Of Shri Borde
Sent: Tuesday, January 26, 2010 11:09 AM
To: ironruby-core at rubyforge.org
Subject: Re: [Ironruby-core] "igem install rake" raise an System.UnauthorizedAccessException (Windows 7)

Another way to simulate “sudo” is to use an elevated Command Prompt. http://www.sevenforums.com/tutorials/11841-run-administrator.html tells you how. If you are using the command prompt a lot, you only need to deal with the UAC dialog box once when you open the elevated Command Prompt. After that, all commands executed from the Command Prompt run elevated.

Jim, from an elevated Command prompt, I was able to create a new file in %ProgramFiles% using notepad, and did not get any UAC dialog box. This would mean that “gem install” should also be able to install gems to %ProgramFiles%. Not sure how this reconciles with your comment about TrustedInstaller.

Thibaut, could you try using “igem install –user-install”? (I wonder if IronRuby needs to catch the System.UnauthorizedAccessException exception and raise a Ruby exception for RubyGems to do the right thing.)

Could you also separately try running from an elevated Command Prompt?

From: ironruby-core-bounces at rubyforge.org [mailto:ironruby-core-bounces at rubyforge.org] On Behalf Of Jim Deville
Sent: Tuesday, January 26, 2010 9:18 AM
To: ironruby-core at rubyforge.org
Subject: Re: [Ironruby-core] "igem install rake" raise an System.UnauthorizedAccessException (Windows 7)

There are a couple of differences that would be apparent for this proposed solution:

1)      Runas /user…. Is much longer than sudo ;)

2)      The normal installation directory is owned by TrustedInstaller and Admins have no rights by default. We wouldn’t have a supported way to share gems at this time, since that does have security risks. Each user would have to install their own gems, but (unsupported) you should be able to move GEM_PATH (assuming we can figure out how to share between IronRuby and Ruby) to a shared location and change permissions on it.

JD

From: ironruby-core-bounces at rubyforge.org [mailto:ironruby-core-bounces at rubyforge.org] On Behalf Of Will Green
Sent: Tuesday, January 26, 2010 9:03 AM
To: ironruby-core at rubyforge.org
Subject: Re: [Ironruby-core] "igem install rake" raise an System.UnauthorizedAccessException (Windows 7)

Yes, that occurred to me this morning. ;-)

So, runas /user:mymachine\administrator igem install foo for globals gems, right?

--
Will Green
http://hotgazpacho.org/
On Tue, Jan 26, 2010 at 4:16 AM, Thibaut Barrère <thibaut.barrere at gmail.com<mailto:thibaut.barrere at gmail.com>> wrote:
> Per-user gems should not be the default. In RubyInstaller (mingw MRI), as well as MRI on Linux, and I believe OS X, system-wide gems are
> the default. This, of course, would require elevation (sudo gem install xxx).
I believe per-user gems is now the default (it wasn't in the past, but
if I'm right a rubygems update changed that behaviour. Maybe 1.3.0 -
http://rubyforge.org/forum/forum.php?forum_id=27728 => 'RubyGems now
installs gems into ~/.gem if GEM_HOME is not writable. Use
--no-user-install command-line switch to disable this behavior.').

Here's what happens on my machine (OS X):

~$ gem list | grep less
~$ sudo gem list | grep less
~$ gem install less
(...)
~$ gem list | grep less
less (1.2.21)
~$ sudo gem list | grep less
(empty)

~$ gem -v
1.3.5
~$ ruby -v
ruby 1.8.7 (2009-06-12 patchlevel 174) [i686-darwin10.0.0]

-- Thibaut
_______________________________________________
Ironruby-core mailing list
Ironruby-core at rubyforge.org<mailto:Ironruby-core at rubyforge.org>
http://rubyforge.org/mailman/listinfo/ironruby-core

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://rubyforge.org/pipermail/ironruby-core/attachments/20100126/76bc9436/attachment-0001.html>


More information about the Ironruby-core mailing list