setup-python icon indicating copy to clipboard operation
setup-python copied to clipboard
verified publisher icon actions

macOS package installation fails for non-privileged user

Open AttilaT opened this issue 1 year ago • 1 comments

Description: Can not install python with a non-privileged user, even if the user is part of admin group and has sudo permission to use /usr/sbin/installer

The error is:

Installed versions
  Version 3.11 was not found in the local cache
  Version 3.11 is available for downloading
  Download from "https://github.com/actions/python-versions/releases/download/3.11.9-9947079978/python-3.11.9-darwin-arm64.tar.gz"
  Extract downloaded archive
  /usr/bin/tar xz -v -C /Users/runner/action-runner-MZNpiIYqzp/actions-runner/_work/_temp/85d1ca15-2e48-4d05-a16e-22d4e9f241dc -f /Users/runner/action-runner-MZNpiIYqzp/actions-runner/_work/_temp/02f8[39](https://private-github.com/test-repo/actions/runs/35567/job/3456709#step:3:40)a4-27b4-4adc-8b70-ba50514egba9
  x ./
  x ./setup.sh
  x ./python-3.11.9-macos11.pkg
  x ./build_output.txt
  Execute installation script
  Check if Python hostedtoolcache folder exist...
  Creating Python hostedtoolcache folder...
  Install Python binaries from prebuilt package
  installer: Package name is Python
  installer: Installing at base path /
  installer: The install was successful.
  Create hostedtoolcach symlinks (Required for the backward compatibility)
  Create Python 3.11.9 folder
  Create additional symlinks (Required for the UsePythonVersion Azure Pipelines task and the setup-python GitHub Action)
  Error: ln: python311: Permission denied
  Error: The process '/bin/bash' failed with exit code 1

The error occurs due to the fact that /Library/Frameworks/Python.framework/ is owned by root:admin and the setup.sh is creating simbolic links to bin folder in /Library/Frameworks/Python.framework/<versions>/bin which it doesn't have permissions.

Action version: Same error on v5, v4, v3

Platform:

  • [ ] Ubuntu
  • [x] macOS
  • [ ] Windows

Runner type:

  • [ ] Hosted
  • [x] Self-hosted on EC2 metal

Tools version: Tested on python v3.11

Repro steps:
Simply run the installation as a non-privileged user

Expected behavior: Ideally, the installation is performed directly into the cash folder instead of system wide.

Actual behavior: Installation fails

AttilaT avatar Aug 16 '24 08:08 AttilaT

Hi @AttilaT 👋, Thank you for your report. We'll investigate the issue and get back to you.

priyagupta108 avatar Aug 16 '24 14:08 priyagupta108

Hello @AttilaT we tried to replicate the issue but couldn't do with given inputs. Could you please attach link to the build or public repository to reproduce the issue ?

mahalakshmi-rekadi avatar Oct 24 '24 04:10 mahalakshmi-rekadi

Me neither, it must have been fixed upstream.

They only issue I see currently is this:

Run actions/setup-python@v4
Installed versions
  Version 3.11 was not found in the local cache
  Version 3.11 is available for downloading
  Download from "https://github.com/actions/python-versions/releases/download/3.11.9-9947079978/python-3.11.9-darwin-arm64.tar.gz"
  Extract downloaded archive
  /usr/bin/tar xz -C /Users/runner/action-runner-SWFqZtGKOq/actions-runner/_work/_temp/ba40ce33-ca[21](https://......../actions/runs/405707/job/1152809#step:3:22)-4ffd-9ba3-55685329b839 -f /Users/runner/action-runner-SWFqZtGKOq/actions-runner/_work/_temp/df05e121-b43f-42c3-a7[22](https://......../actions/runs/405707/job/1152809#step:3:23)-b5ccac0d6862
  Execute installation script
  Check if Python hostedtoolcache folder exist...
  Install Python binaries from prebuilt package
  Error: sudo: installer: command not found
  Error: The process '/bin/bash' failed with exit code 1

And that's because PATH is set like this by the runner: PATH=/bin:/usr/bin

Once I've set the path to it's current shell default of echo "/usr/sbin/" >> $GITHUB_PATH everything else worked as expected!

AttilaT avatar Oct 24 '24 15:10 AttilaT

I've opened this fix for that https://github.com/actions/python-versions/pull/318

AttilaT avatar Oct 24 '24 15:10 AttilaT

Hello @AttilaT GitHub-Hosted Runners: GitHub-hosted runners come with multiple pre-installed versions of Python that are regularly maintained and updated by GitHub. You can view the specific versions available in the GitHub Actions runner images documentation.

By using these pre-installed versions, you avoid the need to manually download and install Python. This eliminates the dependency on the installer command, which is often the source of the "sudo: installer: command not found" error.

Using the pre-installed Python versions ensures a more consistent and reliable setup environment for your workflows. This reduces setup time and potential errors, leading to smoother CI/CD processes.

The setup-python action directly uses the pre-installed Python interpreters on the GitHub-hosted runners. This bypasses the need for the installer command entirely, thus avoiding the error "sudo: installer: command not found".

For more details, refer to the GitHub-hosted runners documentation.

Self-Hosted Runners: When using self-hosted runners, ensure all necessary dependencies, including Python, are properly installed and configured. To avoid the "sudo: installer: command not found" error. 1.Make sure the installer command is available and in the PATH. 2.Verify that the workflow user has all required permissions. 3.Pre-install required Python versions to avoid runtime issues

Self-hosted runners can be customized to fit your specific environment. For more details, refer to the links Using self-hosted runners documentation. Using setup-python with a self hosted runne

Please let us know if you have any further questions or support needed.

mahalakshmi-rekadi avatar Nov 22 '24 03:11 mahalakshmi-rekadi

@mahalakshmi-rekadi you might have missed the previous comment but the issue has been fixed somewhere else.

The only thing not working now is this fix https://github.com/actions/python-versions/pull/318 but I don't seem to have a way to add reviewers.

AttilaT avatar Nov 22 '24 09:11 AttilaT

Hello @AttilaT,

Thank you for the update. It appears the main issue has been resolved upstream. We will review the PR and share the feedback. Please feel free to reach out if there's anything else we can assist you with!

mahalakshmi-rekadi avatar Nov 26 '24 04:11 mahalakshmi-rekadi

Hi @AttilaT,

Thank you for your contribution. After reviewing the changes in the installers/macos-pkg-setup-template.sh file, we found that the hardcoded path assumes a fixed installation path that may not be suitable for GitHub Actions macOS runners, specifically for x64 and arm64 architectures. These runners have different configurations and paths, so using a hardcoded path can lead to errors during the setup process.

Issues with Hardcoded Paths: Path Dependency: Hardcoding the path can lead to issues since the location of installer can vary across different macOS versions or custom setups.

Portability: Using installer without the full path makes the script more portable across different environments.

System Integrity: Hardcoding system paths can lead to maintenance challenges and potential conflicts during system updates or administration changes.

For more information specific to macOS runners - x64 and arm64 in GitHub Actions, you can refer to the following documentation: https://docs.github.com/en/actions/using-github-hosted-runners/using-github-hosted-runners

We appreciate your input and hope this clarifies the issue.

We are proceeding to close this issue. If you have any other questions or need further assistance, please feel free to contact us.

mahalakshmi-rekadi avatar Dec 23 '24 03:12 mahalakshmi-rekadi