Global module installation on Ubuntu and home dir permissions

[abjrcode]

I ran into the behavior I am about to describe when trying to install AWSPowerShell.NetCore module on an Ubuntu AMI in AWS. I am not sure if this is a bug or expected behavior but here are the details.

I am using the following Ubuntu image, basically Ubuntu Bionic:

AMI NAME	AMI ID
ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20190814	ami-01cca82393e531118

When I start the EC2 instance, this is the output of ls -al ~:

ubuntu@ip-10-2-15-239:~$ ls -al ~
total 32
drwxr-xr-x 5 ubuntu ubuntu 4096 Aug 28 09:00 .
drwxr-xr-x 3 root   root   4096 Aug 28 08:54 ..
-rw-r--r-- 1 ubuntu ubuntu  220 Apr  4  2018 .bash_logout
-rw-r--r-- 1 ubuntu ubuntu 3771 Apr  4  2018 .bashrc
drwx------ 2 ubuntu ubuntu 4096 Aug 28 09:00 .cache
drwx------ 3 ubuntu ubuntu 4096 Aug 28 09:00 .gnupg
-rw-r--r-- 1 ubuntu ubuntu  807 Apr  4  2018 .profile
drwx------ 2 ubuntu ubuntu 4096 Aug 28 08:54 .ssh

As noted everything is owned by ubuntu user which is correct.

Now running the following command in sequence to install AWSPowerShell.NetCore for all users of the system:

wget -q https://packages.microsoft.com/config/ubuntu/18.04/packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb
sudo apt-get update
sudo apt-get install -y powershell
sudo pwsh -Command Install-Module -Name AWSPowerShell.NetCore -Scope AllUsers -Force

This all goes well except that when running ls -al ~ again we get:

ubuntu@ip-10-2-15-239:~$ ls -al ~
total 48
drwxr-xr-x 7 ubuntu ubuntu 4096 Aug 28 09:04 .
drwxr-xr-x 3 root   root   4096 Aug 28 08:54 ..
-rw-r--r-- 1 ubuntu ubuntu  220 Apr  4  2018 .bash_logout
-rw-r--r-- 1 ubuntu ubuntu 3771 Apr  4  2018 .bashrc
drwx------ 3 ubuntu ubuntu 4096 Aug 28 09:04 .cache
drwxr-xr-x 3 root   root   4096 Aug 28 09:04 .config
drwx------ 3 ubuntu ubuntu 4096 Aug 28 09:00 .gnupg
drwxr-xr-x 3 root   root   4096 Aug 28 09:04 .local
-rw-r--r-- 1 ubuntu ubuntu  807 Apr  4  2018 .profile
drwx------ 2 ubuntu ubuntu 4096 Aug 28 08:54 .ssh
-rw-r--r-- 1 ubuntu ubuntu    0 Aug 28 09:04 .sudo_as_admin_successful
-rw-rw-r-- 1 ubuntu ubuntu  177 Aug 28 09:03 .wget-hsts
-rw-rw-r-- 1 ubuntu ubuntu 3132 Jan  2  2019 packages-microsoft-prod.deb

Notice that the last command created two directories ~/.local and ~/.config in the user's home directory but the ownership is root. This is problematic as other commands from apt and similar package managers also try to write to these two locations or at least ~/.local which causes permission denied issues.

Environment data

> $PSVersionTable
Name                           Value
----                           -----
PSVersion                      6.2.2
PSEdition                      Core
GitCommitId                    6.2.2
OS                             Linux 4.15.0-1045-aws #47-Ubuntu SMP Fri Aug 2 13:50:30 UTC 2019
Platform                       Unix
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1
WSManStackVersion              3.0

> Get-Module -ListAvailable PowerShellGet,PackageManagement
Directory: /opt/microsoft/powershell/6/Modules

ModuleType Version    Name                                PSEdition ExportedCommands
---------- -------    ----                                --------- ----------------
Script     1.3.2      PackageManagement                   Desk      {Find-Package, Get-Package, Get-PackageProvider, Get-PackageSource…}
Script     2.1.3      PowerShellGet                       Desk      {Find-Command, Find-DSCResource, Find-Module, Find-RoleCapability…}

> Get-PackageProvider -ListAvailable
Name                     Version          DynamicOptions
----                     -------          --------------
NuGet                    3.0.0.1          Destination, ExcludeVersion, Scope, SkipDependencies, Headers, FilterOnTag, Contains, AllowPrereleaseVersions, Confi…
PowerShellGet            2.1.3.0          PackageManagementProvider, Type, Scope, AllowClobber, SkipPublisherCheck, InstallUpdate, NoPathUpdate, AllowPrerelea…

[SydneyhSmith]

@abjrcode thanks for opening this issue and providing detailed information! One question to make sure I fully understand the issue that you are hitting....when the directories are created it sounds like the scoping is not behaving as you expect Notice that the last command created two directories ~/.local and ~/.config in the user's home directory but the ownership is root. Is your expected behavior that the directories would be created at just the root level i.e. honoring the -AllUsers scope you have specified in the command?

[abjrcode]

Is your expected behavior that the directories would be created at just the root level i.e. honoring the -AllUsers scope you have specified in the command?

I don't know why the command really creates those two directories, but even when it does I don't expect it to do it as root as it causes the problem I referred to.
To be more clear, if you try for example after running the above commands to run pip3 install awscli --user you will start getting errors because the command also tries to utilize the ~/.local directory.

[SydneyhSmith]

@abjrcode thanks for the information, sorry for the delay in response, we are looking into this more--could you please also provide the errors you are getting when you run pip3 install awscli --user it would also be helpful to know if you have had any success with other packages and if you have tried other scope configurations--specifically it would be nice to see the output when you run sudo pwsh -Command Install-Module -Name AWSPowerShell.NetCore -Scope CurrentUser -Force if you have a chance...thanks!

[abjrcode]

The error I get with pip3 install is permission denied on ~/.local/bin I have indeed tried other scopes and they all end up creating ~.local as root (unless it already exists)