Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

"Don't run bundler as root" - what is the exact difference made by using root?

Tags:

ruby

bundler

gem

If you run ruby bundler from the command line while logged in as root, you get the following warning:

Don't run Bundler as root. Bundler can ask for sudo if it is needed, and installing your bundle as root will break this application for all non-root users on this machine.

What is this exact difference that running bundler as root makes to the gems it installs?

Is it to do with the permissions of the actual files that it installs for each gem? Will Ruby try to access the gem files as a non-root user (and if so, what user / group would Ruby use and how would I find out)?

What would be the symptoms of an application that is broken due to bundler being used as root?


My specific reason for asking is because I'm trying to use bundler on a very basic Centos VPS where I have no need to set up any non-root users. I'm having other problems with gems installed via bundler (Error: file to import not found or unreadable: gemname despite the gem in question being present in gem list), and I'm wondering if installing the gems via bundler as root might have made the files unreadable to Ruby.

I want to work out if I do need to set up a non-root user account purely for running bundler, and if I do, what groups and privileges this user will need to allow Ruby to run the gems bundler installs.

Or can I just chown or chgrp the gem folders? If so, does it depend on anything to do with how Ruby is installed? (I used RVM and my gems end up in /usr/local/rvm/gems/ which is owned by root in group rvm) This loosely related question's answer implies that unspecified aspects of how Ruby is installed influence bundler's permissions requirements.

Researching the "Don't run bundler as root" message only comes up with an unanswered question and complaints that this warning is apparently "like it saying to go to sleep at 8PM" (link contains NSFW language).

like image 229
user56reinstatemonica8 Avatar asked Aug 22 '14 00:08

user56reinstatemonica8


People also ask

What is the difference between bundle and bundler?

The executables bundle & bundler have the same functionality and therefore can be used interchangeably. You can see in the bundler/exe directory that the bundler executable just loads the bundle executable. It seems to me that the bundle command is more commonly used than the bundler command.

What is the use of bundler?

Bundler provides a consistent environment for Ruby projects by tracking and installing the exact gems and versions that you need. Bundler prevents dependencies and ensures that the gems you need are present in development, staging, and production.

What is the use of bundler in Rails?

In Rails, bundler provides a constant environment for Ruby projects by tracking and installing suitable gems that are needed. It manages an application's dependencies through its entire life, across many machines, systematically and repeatably. To use bundler, you need to install it.


1 Answers

So I had to dig into the git log history of bundler's repo, because GitHub doesn't allow search in git commits messages anymore.

The commit c1b3fd165b2ec97fb254a76eaa3900bc4857a357 says :

Print warning when bundler is run by root. When a user runs bundle install with sudo bundler will print a warning, letting them know of potential consequences.

closes #2936

Reading this issue, you understand the real reason you should not use the root user:

Running sudo bundle install can cause huge and cascading problems for users trying to install gems on OS X into the system gems. We should print a warning and explain that Bundler will prompt for sudo if it's needed. We should also warn people that sudo bundle will break git gems, because they have to be writable by the user that Bundler runs as.

like image 57
Pak Avatar answered Oct 30 '22 21:10

Pak