Can't install firewalls without sudo on OS X

Question

Can't install firewalls without sudo on OS X

I installed plugins earlier in vagrant. Now on another MacBook I am trying to install some of the same plugins that I used on my older MacBook.

For example, when I try to install vagrant-hostmanager, I get a ruby permissions error:

$ vagrant plugin install vagrant-hostmanager
Installing the 'vagrant-hostmanager' plugin. This can take a few minutes...
Bundler, the underlying system Vagrant uses to install plugins,
reported an error. The error is shown below. These errors are usually
caused by misconfigured plugin installations or transient network
issues. The error from Bundler is:

An error occurred while installing ffi (1.9.8), and Bundler cannot continue.
Make sure that `gem install ffi -v '1.9.8'` succeeds before bundling.

Gem::Installer::ExtensionBuildError: ERROR: Failed to build gem native extension.

    /opt/vagrant/embedded/bin/ruby extconf.rb
checking for ffi.h... *** extconf.rb failed ***
Could not create Makefile due to some reason, probably lack of necessary
libraries and/or headers.  Check the mkmf.log file for more details.  You may
need configuration options.

Provided configuration options:
    --with-opt-dir
    --with-opt-include
    --without-opt-include=${opt-dir}/include
    --with-opt-lib
    --without-opt-lib=${opt-dir}/lib
    --with-make-prog
    --without-make-prog
    --srcdir=.
    --curdir
    --ruby=/opt/vagrant/embedded/bin/ruby
    --with-ffi_c-dir
    --without-ffi_c-dir
    --with-ffi_c-include
    --without-ffi_c-include=${ffi_c-dir}/include
    --with-ffi_c-lib
    --without-ffi_c-lib=${ffi_c-dir}/
    --with-libffi-config
    --without-libffi-config
    --with-pkg-config
    --without-pkg-config
/opt/vagrant/embedded/lib/ruby/2.0.0/tmpdir.rb:92:in `mktmpdir': parent directory is world writable but not sticky (ArgumentError)
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:510:in `try_link0'
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:534:in `try_link'
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:427:in `have_devel?'
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:433:in `try_do'
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:549:in `block in try_compile'
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:502:in `with_werror'
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:549:in `try_compile'
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:1044:in `block in have_header'
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:895:in `block in checking_for'
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:340:in `block (2 levels) in postpone'
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:310:in `open'
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:340:in `block in postpone'
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:310:in `open'
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:336:in `postpone'
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:894:in `checking_for'
    from /opt/vagrant/embedded/lib/ruby/2.0.0/mkmf.rb:1043:in `have_header'
    from extconf.rb:16:in `<main>'


Gem files will remain installed in /Volumes/Passport/vagrant.d/gems/gems/ffi-1.9.8 for inspection.
Results logged to /Volumes/Passport/vagrant.d/gems/gems/ffi-1.9.8/ext/ffi_c/gem_make.out

One thing that is different is that since I am in space on my local SSD I have defined the following in my .bashrc:

export VAGRANT_HOME=/Volumes/Passport/vagrant.d

So, my files in the drawer are stored on a USB3 point-to-point drive instead of chewing on valuable SSD space.

Now I can install the plugin using sudo, but it becomes a cascading problem as vagrant up

now I cannot see the plugin in the Vagrantfile without executing sudo vagrant up

. And then the virtual machine is owned by root ... you can see this cascade spiral out of control.

Does anyone know what is wrong? How can I decide?

edit: I found that if I change my value VAGRANT_HOME

back to the default ~/.vagrant.d

, I can install the plugin, however my boxes are now on a volume not accessible by default. Apparently this is a limitation of Ruby.

TIA!

+3

ruby vagrant macos yosemite vagrant-plugin

Jim May 14 '15 @ 6:27 am

source to share

2 answers

I suspect the permissions on / Volumes / Passport might be strange. You may try:

> sudo chown -R `whoami` /Volumes/Passport
> sudo chmod 755 /Volumes/Passport

And then try installing again.

0

chad_ May 14 '15 at 14:42

source to share

Jim · Accepted Answer · 2015-05-15T21:43:22+0000

Ok, I found the problem, but it's not clear where the responsibility for fixing it is - I think this is a Ruby bug on OS X (at least for the Vagrant embedded version).

Turns off Dir.mktmpdir

expects $ TMPDIR to have the sticky bit set. On OS X, the $ TMPDIR variable points to a unique directory for each user, for example:

/var/folders/yl/y9zbwwm951v3x6p62yn24ckw0000gn/T

Changing the sticky bit with

chmod +t $TMPDIR

or really more suitable

chmod 700 $TMPDIR

Fixes this problem.

Note. I'm not sure why or how my $ TMPDIR got 777 permissions, I checked other OS X 10.10 installations and found that $ TMPDIR correctly has 700 permissions.

Can't install firewalls without sudo on OS X

More articles: