Permission issue when running pickle install

[DominikTo]

When running e.g. pickle install gearman, the installation fails with a permission issue.

  - Installing gearman (latest-stable)
    Downloading: 100%

  [RuntimeException]
  /vendor/composer/1dbbafcf does not exist and could not be created.

Manually creating /vendor/ (and setting chown -R myuser:staff /vendor/) gets rid of that issue, but then pickle fails with:

  - Installing gearman (latest-stable)

  [RuntimeException]
  Could not delete /var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/gearman/1e33f496e9fab74ff13e4c2bdb1a4480.tar: unlink(/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/gearman/1e33f496e9fab74ff13e4c2bdb1a4480.tar): Permission denied

Notes

• pickle is installed via composer global require friendsofphp/pickle.
• This problem might be caused by the "rootless" security feature of OS X 10.11.

[pierrejoye]

I sadly do not have OSX to reproduce it. But how does it work? One can create tmp dir or files but cannot remove it? Sounds weird if that's the case

[Swader]

This happens to me as well when running Pickle inside a Linux VM hosted on OS X.
File and folder creation is not a problem with other libs and packages.

[Swader]

Admittedly, none of those try to create a vendor folder in the root of the machine - could this be solved by making Pickle try its own vendor folder? So rather than have it try to create:

/vendor/composer/1dbbafcf

it would try with:

vendor/composer/1dbbafcf

?

Or at least in ~/.pickle or something.

[Swader]

Ok, so this is the problem:

• Pecl::fetch passes a blank instance of Config to Composer's downloader when downloading an archive.
• When the Config class is used like this, Composer reads the vendor dir from either the environment variable COMPOSER_VENDOR_DIR or uses the default option hardcoded in the Config class
• The problem with the above is that the config's get method has a $flags option which defaults to 0 and tells Config to use relative paths if set to 1. However, since the get method is called from the downloader and always in its default form, this flag is never set to 1, ergo, we cannot set the vendor dir to a relative path.

Example:

bin/pickle install inotify

Will try to create a folder like this one: /vendor/composer/b54283d9 and will, of course, fail, because it's trying to create something in the machine's root folder.

Optimistically, I thought this:

export COMPOSER_VENDOR_DIR=./vendor; bin/pickle install inotify

would then use the current folder's vendor folder but then I discovered the above listed points, when I got the error /./vendor/composer/1a0ab912 does not exist and could not be created..

To sum up: Composer will turn any path "absolute" by simply slapping a forward slash onto it, unless the get method on the Config class is called with the second param set to 1, which makes it use relative paths. The problem is that the ArchiveDownloader, which is used in its default form, never does use relative paths.

Proposed solution:

When passing a new Config instance to the downloader, set a base dir. The base dir could be getcwd() or an option provided via Pickle's command line - as long as it's not in the root of the drive. I have tried this locally, and it works:

---

Running a Homestead Improved instance on OS X

Sidenote: @DominikTo suggested this might have something to do with the rootless security on OS X. This does not seem possible, because I originally tried Pickle in a folder inside the VM which is not shared - so in a location only accessible to the OS of the VM, not the host. It produced the same error.

Edit: found out on Twitter that I need to be superuser when running Pickle. Maybe put that in the readme? I still don't think using the root folder of a machine as a tmp dir is a good idea, even if it does get deleted immediately afterwards, but running as root does indeed help avoid all of the above.

[jubianchi]

Agree with @Swader. I'll try to run a debug session during the Forum ;)

[Hywan]

@DominikTo Hi :-), nice to see you here by the way. Could you try the patch pushed by @jubianchi please? It should fix your issue.

[DominikTo]

Hi @Hywan! :)

I checked out the master branch of pickle, but I am still running in a (slightly different) permission issue on OS X 10.11.

⌘ ~/temp/pickle (master) bin/pickle install gearman
  - Installing gearman (latest-stable)
    Downloading: 100%

+-----------------------------------+---------+
| Package name                      | gearman |
| Package version (current release) | 1.1.2   |
| Package status                    | stable  |
+-----------------------------------+---------+
The following error(s) happened: make install failed
Would you like to read the log?y
1: phpize
2: Configuring for:
2: PHP Api Version:         20121113
2: Zend Module Api No:      20121212
2: Zend Extension Api No:   220121212
1: /var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/gearman/gearman-1.1.2/configure --with-gearman=shared  --with-gearman
2: checking for grep that handles long lines and -e... /usr/bin/grep
2: checking for egrep... /usr/bin/grep -E
2: checking for a sed that does not truncate output... /usr/bin/sed
2: checking for cc... cc
2: checking whether the C compiler works... yes
2: checking for C compiler default output file name... a.out
2: checking for suffix of executables...
2: checking whether we are cross compiling... no
2: checking for suffix of object files... o
2: checking whether we are using the GNU C compiler... yes
2: checking whether cc accepts -g... yes
2: checking for cc option to accept ISO C89... none needed
2: checking how to run the C preprocessor... cc -E
2: checking for icc... no
2: checking for suncc... no
2: checking whether cc understands -c and -o together... yes
2: checking for system library directory... lib
2: checking if compiler supports -R... no
2: checking if compiler supports -Wl,-rpath,... yes
2: checking build system type... x86_64-apple-darwin15.0.0
2: checking host system type... x86_64-apple-darwin15.0.0
2: checking target system type... x86_64-apple-darwin15.0.0
2: checking for PHP prefix... /usr
2: checking for PHP includes... -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/TSRM -I/usr/include/php/Zend -I/usr/include/php/ext -I/usr/include/php/ext/date/lib
2: checking for PHP extension directory... /usr/lib/php/extensions/no-debug-non-zts-20121212
2: checking for PHP installed headers prefix... /usr/include/php
2: checking if debug is enabled... no
2: checking if zts is enabled... no
2: checking for re2c... re2c
2: checking for re2c version... 0.14.3 (ok)
2: checking for gawk... no
2: checking for nawk... no
2: checking for awk... awk
2: checking if awk is broken... no
2: checking whether to enable gearman support... yes, shared
2: found in /usr/local
2: checking for gearman_client_set_context in -lgearman... yes
2: checking for gearman_worker_set_server_option in -lgearman... yes
2: checking for gearman_job_error in -lgearman... yes
2: checking for gearman_client_unique_status in -lgearman... yes
2: checking for ld used by cc... /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld
2: checking if the linker (/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld) is GNU ld... no
2: checking for /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld option to reload object files... -r
2: checking for BSD-compatible nm... /usr/bin/nm
2: checking whether ln -s works... yes
2: checking how to recognize dependent libraries... pass_all
2: checking for ANSI C header files... yes
2: checking for sys/types.h... yes
2: checking for sys/stat.h... yes
2: checking for stdlib.h... yes
2: checking for string.h... yes
2: checking for memory.h... yes
2: checking for strings.h... yes
2: checking for inttypes.h... yes
2: checking for stdint.h... yes
2: checking for unistd.h... yes
2: checking dlfcn.h usability... yes
2: checking dlfcn.h presence... yes
2: checking for dlfcn.h... yes
2: checking the maximum length of command line arguments... 196608
2: checking command to parse /usr/bin/nm output from cc object... ok
2: checking for objdir... .libs
2: checking for ar... ar
2: checking for ranlib... ranlib
2: checking for strip... strip
2: checking for dsymutil... dsymutil
2: checking for nmedit... nmedit
2: checking for -single_module linker flag... yes
2: checking for -exported_symbols_list linker flag... yes
2: checking if cc supports -fno-rtti -fno-exceptions... yes
2: checking for cc option to produce PIC... -fno-common
2: checking if cc PIC flag -fno-common works... yes
2: checking if cc static flag -static works... no
2: checking if cc supports -c -o file.o... yes
2: checking whether the cc linker (/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld) supports shared libraries... yes
2: checking dynamic linker characteristics... darwin15.0.0 dyld
2: checking how to hardcode library paths into programs... immediate
2: checking whether stripping libraries is possible... yes
2: checking if libtool supports shared libraries... yes
2: checking whether to build shared libraries... yes
2: checking whether to build static libraries... no
2:
2: creating libtool
2: appending configuration tag "CXX" to libtool
2: configure: creating ./config.status
2: config.status: creating config.h
1: make
2: /bin/sh /private/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/pickle-ca7c3734d6cbc803f8e8646eebb2a703e47cb9b5/libtool --mode=compile cc  -I. -I/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/gearman/gearman-1.1.2 -DPHP_ATOM_INC -I/private/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/pickle-ca7c3734d6cbc803f8e8646eebb2a703e47cb9b5/include -I/private/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/pickle-ca7c3734d6cbc803f8e8646eebb2a703e47cb9b5/main -I/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/gearman/gearman-1.1.2 -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/TSRM -I/usr/include/php/Zend -I/usr/include/php/ext -I/usr/include/php/ext/date/lib -I/usr/local/include  -DHAVE_CONFIG_H  -g -O2 -Wall   -c /var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/gearman/gearman-1.1.2/php_gearman.c -o php_gearman.lo
2: mkdir .libs
2:  cc -I. -I/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/gearman/gearman-1.1.2 -DPHP_ATOM_INC -I/private/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/pickle-ca7c3734d6cbc803f8e8646eebb2a703e47cb9b5/include -I/private/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/pickle-ca7c3734d6cbc803f8e8646eebb2a703e47cb9b5/main -I/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/gearman/gearman-1.1.2 -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/TSRM -I/usr/include/php/Zend -I/usr/include/php/ext -I/usr/include/php/ext/date/lib -I/usr/local/include -DHAVE_CONFIG_H -g -O2 -Wall -c /var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/gearman/gearman-1.1.2/php_gearman.c  -fno-common -DPIC -o .libs/php_gearman.o
2: /var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/gearman/gearman-1.1.2/php_gearman.c:286:24: warning: unused variable 'arginfo_gearman_job_set_return' [-Wunused-const-variable]
2: ZEND_BEGIN_ARG_INFO_EX(arginfo_gearman_job_set_return, 0, 0, 2)
2:                        ^
2: /usr/include/php/Zend/zend_API.h:107:29: note: expanded from macro 'ZEND_BEGIN_ARG_INFO_EX'
2:         static const zend_arg_info name[] = {                                                                                                                                           \
2:                                    ^
2: 1 warning generated.
2: /bin/sh /private/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/pickle-ca7c3734d6cbc803f8e8646eebb2a703e47cb9b5/libtool --mode=link cc -DPHP_ATOM_INC -I/private/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/pickle-ca7c3734d6cbc803f8e8646eebb2a703e47cb9b5/include -I/private/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/pickle-ca7c3734d6cbc803f8e8646eebb2a703e47cb9b5/main -I/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/gearman/gearman-1.1.2 -I/usr/include/php -I/usr/include/php/main -I/usr/include/php/TSRM -I/usr/include/php/Zend -I/usr/include/php/ext -I/usr/include/php/ext/date/lib -I/usr/local/include  -DHAVE_CONFIG_H  -g -O2 -Wall   -o gearman.la -export-dynamic -avoid-version -prefer-pic -module -rpath /private/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/pickle-ca7c3734d6cbc803f8e8646eebb2a703e47cb9b5/modules  php_gearman.lo -Wl,-rpath,/usr/local/lib -L/usr/local/lib -lgearman -Wl,-rpath,/usr/local/lib -L/usr/local/lib -lgearman -Wl,-rpath,/usr/local/lib -L/usr/local/lib -lgearman -Wl,-rpath,/
2: usr/local/lib -L/usr/local/lib -lgearman
2: cc ${wl}-flat_namespace ${wl}-undefined ${wl}suppress -o .libs/gearman.so -bundle  .libs/php_gearman.o  -L/usr/local/lib -lgearman  -Wl,-rpath -Wl,/usr/local/lib -Wl,-rpath -Wl,/usr/local/lib -Wl,-rpath -Wl,/usr/local/lib -Wl,-rpath -Wl,/usr/local/lib
2: dsymutil .libs/gearman.so || :
2: creating gearman.la
2: (cd .libs && rm -f gearman.la && ln -s ../gearman.la gearman.la)
2: /bin/sh /private/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/pickle-ca7c3734d6cbc803f8e8646eebb2a703e47cb9b5/libtool --mode=install cp ./gearman.la /private/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/pickle-ca7c3734d6cbc803f8e8646eebb2a703e47cb9b5/modules
2: cp ./.libs/gearman.so /private/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/pickle-ca7c3734d6cbc803f8e8646eebb2a703e47cb9b5/modules/gearman.so
2: cp ./.libs/gearman.lai /private/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/pickle-ca7c3734d6cbc803f8e8646eebb2a703e47cb9b5/modules/gearman.la
2: ----------------------------------------------------------------------
2: Libraries have been installed in:
2:    /private/var/folders/t6/vq8bw2kj3ys2lzzx54_jgy_00000gn/T/pickle-ca7c3734d6cbc803f8e8646eebb2a703e47cb9b5/modules
2:
2: If you ever happen to want to link against installed libraries
2: in a given directory, LIBDIR, you must either use libtool, and
2: specify the full pathname of the library, or use the `-LLIBDIR'
2: flag during linking and do at least one of the following:
2:    - add LIBDIR to the `DYLD_LIBRARY_PATH' environment variable
2:      during execution
2:
2: See any operating system documentation about shared libraries for
2: more information, such as the ld(1) and ld.so(8) manual pages.
2: ----------------------------------------------------------------------
2:
2: Build complete.
2: Don't forget to run 'make test'.
2:
1: make install
2: Installing shared extensions:     /usr/lib/php/extensions/no-debug-non-zts-20121212/
2: cp: /usr/lib/php/extensions/no-debug-non-zts-20121212/#INST@15324#: Operation not permitted
2: make: *** [install-modules] Error 1

[Spomky]

Works better with export COMPOSER_VENDOR_DIR=$(pwd)/vendor; vendor/bin/pickle install crypto-0.2.2;
But I have another error:

[RuntimeException]
[stability] Does not match the regex pattern ^alpha|beta|stable$

[pierrejoye]

@DominikTo this is a different issue and cannot be solved as it is not a bug per se.

PHP has an extension directory, defined by extension_dir setting. Unless you define another one, for example your vendor directory and gives it the right permissions, pickle (or phpize, make, make install) will use it.

@Swader @Spomky good catch. Makes totally sense now. I think we should use a temp directory for all the things when not used with a standard composer projects. The extension will still be installed in the php extension_dir but all the download/builds should definitively not be done in /vendor.

About the regex pattern, this is also another issue. Some extensions do not follow semver. It looks like we will not support them and requests extensions developers to follow semver for the next version. If we do accept bad versions, then it will mean to duplicate all the versions management withing pickle instead of fully relying on composer, which will create a lot of confusions for everyone adding deps in composer.json for their projects. Suggestions welcome if you have thought about it :)

[pierrejoye]

@Spomky for the version pattern, see #134 with the related discussions, composer devs involved too.

[Gamesh]

I also have the same issue with installation to /usr/lib/php/extensions/no-debug-non-zts-20121212/
the thing is that that folder is protected by mac security and nothing can modify it even root so even sudo chmod or sudo cp does not work.
by default extension_dir is resolved from /usr/bin/php-config

php-config --extension-dir
/usr/lib/php/extensions/no-debug-non-zts-20160303

and you can't change that because php-config is also write protected

[pierrejoye]

If anyone can figure out how to work around these permissions, let me know.

Given that brew and co do install them, there must be a way :)