Do not require root

[frafra]

This is the suggested way to install sshx: curl -sSf https://sshx.io/get | sh. It tries to use sudo, but on some systems, users have no rights to become administrators. What about using $HOME/.local/bin instead of /usr/local/bin for non-root users on Linux systems (I have no Idea what MacOS uses as path for local binaries)?

sshx/static/get

Lines 42 to 47 in 91c82d4

	printf "\n${ansi_reset}${ansi_info}↯ Adding sshx binary to ${ansi_underline}%s${ansi_reset}\n" "/usr/local/bin"
	if [ "$(id -u)" -ne 0 ]; then
	sudo tar xf "$temp" -C /usr/local/bin
	else
	tar xf "$temp" -C /usr/local/bin
	fi

[ekzhang]

That's fine! Unfortunately ~/.local/bin isn't on $PATH on most systems. I'm not really sure what to do about this. Any suggestions?

[YouJiacheng]

add an alias?

[hellt]

This is a never-ending battle between better installation UX and security practices.

I think for people who don't have sudo rights it is fair to assume that they can run smth like

echo 'export PATH=$PATH:~/.local/bin' >> ~/.bashrc
source ~/.bashrc

[hexbinoct]

maybe a few questions to be asked as part of installation and in the end make up the appropriate script based on those answers and execute.

[ekzhang]

Thanks. I'm not super happy with modifying the user's shell profile either, since that changes their system in ways that they need to understand. It also makes the installation script significantly more complex because it needs to detect the difference between different shells.

The same can be said about interactive prompts -- nice in theory, but they add a lot of complexity to the installation script. I care about the script being short and simple so that users can actually audit it.

Moving to /usr/local/bin is likely the best approach for now, unfortunately. I would be open to adding a simple flag that downloads to the local directory instead though, so it doesn't require root.

[mriemensberger]

Ugly but does the job:

curl -sSf https://sshx.io/get | sed -e 's:\bsudo\b ::g' -e 's:/usr/local/bin\b:$HOME/.local/bin:g' | sh

[pomdtr]

What about just adding an optional arg (env var would also work) ?

curl -sSf https://sshx.io/get | sh -- ~/.local/bin

Btw, did you consider using cargo-dist for distributing your binary ?

[ekzhang]

Yeah, optional arg would be great, though probably would want to make it an actual argument like --path ~/.local/bin. I'll try to implement it in the future.

I don't want to have people use cargo dist because cargo dist itself requires a curl | sh script, and that adds a lot of complexity! I think the main options are system package managers or simple binary downloads with checksum.

[pomdtr]

I don't want to have people use cargo dist because cargo dist itself requires a curl | sh script, and that adds a lot of complexity! I think the main options are system package managers or simple binary downloads with checksum.

How is it different from the current install method ?

Cargo-dist is only a solution for the maintainer, users don't have to use it (they install the package using a shell scripts, their package manager, or even just download an archive from github). See https://github.com/axodotdev/oranda/releases/tag/v0.5.0

[ekzhang]

This is too complicated! I'm not interested in it unfortunately. I've used a lot of developer automation in the past and this is really too much to set up right now

I'm going to close this issue because it's getting off-topic, please open a different issue if needed.

The install script will be changed at some point, right now is a stopgap.