Idea so macOS installer does not need sudo

[altaic]

Problem

Many users of the homebrew package manager set the permissions of /usr/local and such so sudo is not required. However, the Elm-Platform installer, e.g. Elm-Platform-0.17.1.pkg, requires the user to type in their password for administrative access regardless if it already has permission or not. I don't think this is a good security policy.

Solution

The installer checks if it has permission to the necessary subdirectories of /usr/local. If it does, install without elevating privileges. If it doesn't, prompt user for administrative access, elevate privileges, and install as root.

[evancz]

Sounds like a great "solution" but how do you do that? The .pkg files are just generated based on the Apple command line tools. Do you have any information on how to achieve this?

[altaic]

I believe one just has to be judicious about the use of sudo in the install scripts; before executing sudo, always check that it's necessary. If you'd like, I can try it out and make a PR if it works.

[evancz]

Please do! Would love for it to not need a password! :D

[altaic]

I placed the proper checks in the scripts and the popup remained. Then I did a little investigation into the Distribution.xml file (see here for the reference doc). Initially, I thought that this line was the source of the popup:

<pkg-ref id="org.elm-lang.binaries.pkg" installKBytes="19444" version="1" auth="Root">binaries.pkg</pkg-ref>

But after changing changing auth="Root" to auth="none" or otherwise removing the auth field, the popup persisted (as an aside, that auth field is deprecated). It turns out that the issue lies in this line:

<domains enable_localSystem="true"/>

This is what configures the installer to present the option "Install for all users of this computer." It appears that selecting that necessitates administrative authentication. I'll ask Apple developer support for assistance.

In the meantime, I've come up with a few options:

(Option 1) I suspect that there may be a workaround by installing to a temporary directory, then use the post install script to move the files to /usr/local/bin, but I'm not sure since I'd think the installer scripts would be sandboxed.

(Option 2) Actually, there is also the possibility of setting <domains enable_localSystem="true" enable_currentUserHome="true"/> giving the user the option to install to his home directory. As I understand it, the ~/.local/bin directory is a unix standard, and, among other utils, it's what GHC's stack uses. The pkg installer could install there, and prompt the user to make sure their .bash_profile has the line export PATH="${PATH}:${HOME}/.local/bin".

(Option 3) All else failing, many developers use homebrew for OSS stuff, and especially for CLI. I understand the it's pretty easy to publish a homebrew "bottle" (binary installation package). Not ideal, but given that homebrew is pretty lightweight, IMHO not a bad option. In any event, I'll let you know what I hear about the pkg authentication.

It's unfortunate that it currently appears that a perfect and easy option doesn't exist. That said, if there isn't a reasonable workaround, I think option 2 is rather nice, since it gives the user the choice to install system-wide (and thus provide admin auth), or install to the home dir (not require any auth, and largely much safer). Option 3 could also be done in conjunction with any of the other options.

[evancz]

I know a lot of people install through npm with this, but I think it needs to run as root as well.

What about removing <domains enable_localSystem="true"/> entirely? Is that nice?

[AndrewRayCode]

Please don't install Elm with root privs :) It's not 1992 anymore...