Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

opam lint should print a warning if "setenv:" is used #3374

Closed
mato opened this issue May 24, 2018 · 1 comment
Closed

opam lint should print a warning if "setenv:" is used #3374

mato opened this issue May 24, 2018 · 1 comment
Assignees
@AltGr

Comments

@mato
Copy link
Contributor

mato commented May 24, 2018
edited
Loading

From today's discussion in #opam regarding the behaviour of the newly-introduced setenv: directive in OPAM 2:

This directive was introduced in order to support compiler packages (to set CAML_LD_LIBRARY_PATH, OCAML_TOPLEVEL_PATH and similar). The behaviour of setenv in its current form is to export all setenv directives for all installed packages into the user's environment (via opam env).

This behaviour can have unintended consequences where any installed package's setenv can subtly break or alter the build for any subsequently installed package, or any commands the user runs from the shell with the OPAM environment.

Therefore, we agreed that the use of setenv, while necessary for compiler packages, should be discouraged, and opam lint should print a warning to alert maintainers if they use this directive. (Ideally also once OPAM 2.0 packages can be submitted directly then the equivalent of Camelus should pick this up).

Once opam gains support for running package builds from a clean environment (and thus separating the "user environment" from the "build environment" entirely) this warning can be removed.
@mato
Copy link
Contributor Author

mato commented May 24, 2018

Adding some of the discussion verbatim so I don't forget the other points I made. Also /cc #3181

16:53 mato Well, there are two problems I see. 1) is malicious abuse, which I'm kind of glossing over since that would a) hopefully be caught in a review process b) isn't "new" in the sense that you can do anything like that today just by doing something malicious during package build. 
16:54 mato 2) is the subtle case of a package "accidentally" breaking some other package through a `setenv`, which in combination with the feature of exporting everything into the user's shell becomes even more of an issue. 
16:54 mato plus adds a lot of complexity as you see yourself (reading #3181) 
16:56 avsm @altgr we could offer an option for `opam exec` to execute a binary with sandboxing enabled 
16:58 mato For me `setenv` would make sense if opam always started with a "clean" environment, and no exporting of `setenv` into the user's environment was done. 
16:59 mato And yes, in that case `opam exec` could indeed be a gateway to "run this with the opam environment" (sandboxed or not) 
16:59 altgr allowing to start from a clean env (and later on, making that the default) is planned

@AltGr AltGr self-assigned this Jun 4, 2018
AltGr added a commit to OCamlPro/opam that referenced this issue Jun 5, 2018
@AltGr
Add a lint check for non-compiler packages using 'setenv:'
5436742 
Closes ocaml#3374
@AltGr AltGr closed this as completed in 5659f93 Jun 13, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AltGr AltGr

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mato @AltGr