Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: improve README.md manual installation technique, fixes #296 #299

Merged
merged 1 commit into from
Sep 5, 2023
Merged

docs: improve README.md manual installation technique, fixes #296 #299

merged 1 commit into from
Sep 5, 2023

Conversation

rfay
Copy link
Contributor

@rfay rfay commented Sep 4, 2023

Just adds some more detail to the manual install technique.

@gerardog gerardog merged commit 6cab37e into gerardog:master Sep 5, 2023
1 of 2 checks passed
@gerardog
Copy link
Owner

gerardog commented Sep 5, 2023

Thank you rfay!

@rfay rfay deleted the 20230904_readme_manual_inst branch September 5, 2023 23:59
@rfay
Copy link
Contributor Author

rfay commented Sep 5, 2023

Thanks for this great tool.

@rfay
Copy link
Contributor Author

rfay commented Sep 6, 2023

BTW, I think we'll end up doing two installers, one aimed at choco, which does not include gsudo; the other will include gsudo bundled and will be the one we offer for "normal" download. Then there won't be a download at install time.

@gerardog
Copy link
Owner

gerardog commented Sep 6, 2023

Are you sure you want to go thru so much trouble?

  • Arguments for embedding it:
    • It is unlikely that gsudo will be flagged as a virus in the future if you follow these rules. There is a 30-day window since a new gsudo build is uploaded until it gets popular enough (gaining reputation on AV scanners). The first day generally gets a score of 1/60 or 2/60... which drops to 0/60 after a few weeks. The mistake made by chocolatey by considering 1/60 low score as dangerous was already fixed and should not affect your software packaging, in my opinion.
    • You may include a well-known gsudo.exe in your distribution, and if you update it, you can always pick one that is already has a low score.
  • Arguments against embedding it:
    • gsudo does not handles gracefully having more than one binary in use, as the credentials cache rejects connections from another .EXE files.
    • gsudo experience is not the same on WSL/bash without the wrappers... (I would install not just gsudo.EXE)

But putting myself in your situation... I would:

  • Trigger the independent installation of gsudo, a) as a post install task or b) during DDev first run
  • In DDev: before invoking gsudo, handling what happens if gsudo is not installed:
    • a) just trigger the installer. Your app just need to call this line PowerShell -Command "Set-ExecutionPolicy RemoteSigned -scope Process; [Net.ServicePointManager]::SecurityProtocol = 'Tls12'; iwr -useb https://raw.githubusercontent.com/gerardog/gsudo/master/installgsudo.ps1 | iex"
    • b) you can always just start an elevated process with 'verb=runas' as a fallback for those outliers rejecting to install gsudo...

@rfay
Copy link
Contributor Author

rfay commented Sep 6, 2023

Thanks for the good thinking, I sure appreciate it.

You may include a well-known gsudo.exe in your distribution, and if you update it, you can always pick one that is already has a low score.

So just explicitly use an old one with a good virustotal score? How would I figure that out?

@rfay rfay mentioned this pull request Sep 6, 2023
Merged
@rfay
Copy link
Contributor Author

rfay commented Sep 6, 2023

Linking to the DDEV PR to show what actually ended up happening and so we can find these various (great) discussions:

@gerardog gerardog mentioned this pull request Sep 6, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rfay @gerardog