One tricky thing when using local::lib - RESOLVED! :)

By Sawyer X on under ,

I love local::lib. You should be using local::lib.

The only thing that bugs me is when I want to run something that has to be under a privileged user (for example listening on ports under 1024), the privileged user is unaware of whatever was installed under local::lib. This includes both modules and scripts it installs. The "scripts" are usually actual applications that are installed via CPAN.

So I have to either reinstall these under the privileged user (which creates a problem because now I have two copies of the same thing) or run it under the privileged user while including the libraries of my private user.

Tricky, annoying.

I'm open to any and all advices...

UPDATE: within 30 seconds daxim has already provided with a solution: sudo -E. Thank you! :)

5 Comments

Author Profile Page Joel Berger | July 17, 2012 3:22 PM | Reply

Saywer, thanks for asking that question out loud, its always bugged me! Daxim, thanks for answering it!

Author Profile Page Mark Lawrence | July 18, 2012 4:01 AM | Reply

Thanks for asking from me too - I've been trying to solve something related to this as well.

However sudo -E only gets halfway there (on Debian at least): it seems that PATH is reset even with the -E due to being compiled with the SECURE_PATH option. So if I want to run a script that was installed with local::lib I think it is still required to reset the environment values after a "sudo -i" or similar. Am I missing something here?

Author Profile Page Steven Haryanto | July 18, 2012 8:21 AM | Reply

I have another annoyance: local::lib on my PC/laptop doesn't work when testing script (either using perl t/test.t or prove) which has #!perl -T (taint). Any solution?

Author Profile Page Joel Berger | July 18, 2012 4:08 PM | Reply

Steven, have you tried using `#!/usr/bin/env perl -T`? This is the usual incantation (without the -T) for making sure you the perl interpreter specified by your environment.

Author Profile Page Steven Haryanto replied to comment from Joel Berger | July 20, 2012 3:15 AM | Reply

Joel, here's what I meant. PERL5LIB is ignored when running under taint mode:


$ set | grep PERL5
PERL5LIB=/home/s1/perl5/lib/perl5/x86_64-linux-Tthread-multi:/home/s1/perl5/lib/perl5


$ cat t/taint.t 

#!perl -T

use Test::More;

diag explain \@INC;



$ cat t/notaint.t 

#!perl

use Test::More;

diag explain \@INC;



$ prove

t/notaint.t .. # [

#   '/home/s1/perl5/lib/perl5/x86_64-linux-Tthread-multi',

#   '/home/s1/perl5/lib/perl5/x86_64-linux-gnu-thread-multi',

#   '/home/s1/perl5/lib/perl5',

#   '/etc/perl',

#   '/usr/local/lib/perl/5.14.2',

#   '/usr/local/share/perl/5.14.2',

#   '/usr/lib/perl5',

#   '/usr/share/perl5',

#   '/usr/lib/perl/5.14',

#   '/usr/share/perl/5.14',

#   '/usr/local/lib/site_perl',

#   '.'

# ]

t/notaint.t .. No subtests run 

t/taint.t .... # [

#   '/etc/perl',

#   '/usr/local/lib/perl/5.14.2',

#   '/usr/local/share/perl/5.14.2',

#   '/usr/lib/perl5',

#   '/usr/share/perl5',

#   '/usr/lib/perl/5.14',

#   '/usr/share/perl/5.14',

#   '/usr/local/lib/site_perl'

# ]

t/taint.t .... No subtests run 

...



$ perl t/notaint.t

# [

#   '/home/s1/perl5/lib/perl5/x86_64-linux-Tthread-multi',

#   '/home/s1/perl5/lib/perl5/x86_64-linux-gnu-thread-multi',

#   '/home/s1/perl5/lib/perl5',

#   '/etc/perl',

#   '/usr/local/lib/perl/5.14.2',

#   '/usr/local/share/perl/5.14.2',

#   '/usr/lib/perl5',

#   '/usr/share/perl5',

#   '/usr/lib/perl/5.14',

#   '/usr/share/perl/5.14',

#   '/usr/local/lib/site_perl',

#   '.'

# ]



$ perl -T t/taint.t 

# [

#   '/etc/perl',

#   '/usr/local/lib/perl/5.14.2',

#   '/usr/local/share/perl/5.14.2',

#   '/usr/lib/perl5',

#   '/usr/share/perl5',

#   '/usr/lib/perl/5.14',

#   '/usr/share/perl/5.14',

#   '/usr/local/lib/site_perl'

# ]

Actually the prove manpage explains this issue: '... The net effect of this is that "PERL5LIB" is honoured even when prove is run in taint mode.' But somehow I don't get what exactly I must do to achieve that :-)

I could do something like:

$ prove -T $(echo $PERL5LIB | tr ":" "\n" | sed 's/^/-I/')

but that leaves a bad taste in my mouth :-)

Leave a comment

About Sawyer X

user-pic Gots to do the bloggingz

More info »