wp-cli icon indicating copy to clipboard operation
wp-cli copied to clipboard
verified publisher icon wp-cli

Check for root earlier

Open schlessera opened this issue 1 year ago • 2 comments

The check for running WP-CLI as a root user inadvertently is running pretty late and allows for mechanisms like the --exec flag to be executed already before the root user is being checked for.

This PR moves the logic for this check around so that it is included as its own step in the bootstrapping steps and happens at the earliest occasion, before other flags are being processed.

schlessera avatar Sep 19 '24 01:09 schlessera

/cc @johnbillion

schlessera avatar Sep 19 '24 01:09 schlessera

Is there a way to add tests for this that mock the return value of posix_geteuid()?

johnbillion avatar Sep 20 '24 19:09 johnbillion

We could add a helper that wraps the posix_geteuid() function (and does the compatibility check, returning something like -1 if not available).

Then the tests could check the order/timing of the root block.

schlessera avatar Nov 01 '24 08:11 schlessera

Does no one have a solution to this problem?

phanduynam avatar Apr 03 '25 06:04 phanduynam

@swissspidy I see this issue has been resolved but no one has closed it yet

phanduynam avatar Apr 03 '25 13:04 phanduynam

@phanduynam I don't know what you mean 🤔 This is a pull request, not an issue. And it's still open, and not merged. So it's not "resolved".

swissspidy avatar Apr 03 '25 13:04 swissspidy

@swissspidy I don't quite understand, all the tests are passed, why not close?

phanduynam avatar Apr 07 '25 13:04 phanduynam

Codecov Report

Attention: Patch coverage is 0% with 35 lines in your changes missing coverage. Please review.

Files with missing lines Patch % Lines
php/WP_CLI/Bootstrap/CheckRoot.php 0.00% 30 Missing :warning:
php/WP_CLI/Bootstrap/ConfigureRunner.php 0.00% 3 Missing :warning:
php/bootstrap.php 0.00% 2 Missing :warning:

:loudspeaker: Thoughts on this report? Let us know!

codecov[bot] avatar Apr 07 '25 13:04 codecov[bot]

If the only thing this is waiting on is a test, I believe this would cover everything mentioned above:

  Feature: Bootstrap WP-CLI

  Scenario: Test early root detection

    Given an empty directory
    And a include.php file:
    """
    <?php
      namespace WP_CLI\Bootstrap;

      // To override posix_geteuid in our namespace
      function posix_geteuid() {
        return 0;
      }
    ?>
    """

    And I try `WP_CLI_EARLY_REQUIRE=include.php wp cli version --debug`

    Then STDERR should contain:
    """
    WP_CLI\Bootstrap\CheckRoot
    """

    And STDERR should not contain:
    """
    WP_CLI\Bootstrap\IncludeRequestsAutoloader
    """

    And STDERR should contain:
    """
    YIKES!
    """

Happy to add to the PR if that seems OK

mrsdizzie avatar Apr 30 '25 16:04 mrsdizzie

@mrsdizzie Yes, that looks like what we need. If you add it here, I'll merge.

schlessera avatar May 06 '25 06:05 schlessera

I'll put this test in to move forward with the release. Thanks for the prep work on this, @mrsdizzie !

schlessera avatar May 06 '25 12:05 schlessera

Confirmed that the test fails without and succeeds with the fix.

schlessera avatar May 06 '25 12:05 schlessera

Ignoring code coverage here to get it merged.

schlessera avatar May 06 '25 14:05 schlessera

This seems to break passing --allow-root=1. Previously, it was a simple truthy check, now it's a strict true check.

TimothyBJacobs avatar Jun 17 '25 16:06 TimothyBJacobs