Go HomeDir reads /etc/passwd, not $HOME

elopio · November 7, 2017, 5:05am

Hello!

snapd sets the environment variable $HOME to $SNAP_USER_DATA when a command is executed. $SNAP_USER_DATA is something like /home/<user>/snap/<snap-name>/<snap-revision>, a path that’s writable by the snap. This works in most of the cases, except in go.

The recommended way to get the user home in go is something like:

usr, _ := user.Current()
fmt.Fprintf(usr.HomeDir)

The implementation of the Current method sets HomeDir by reading and parsing /etc/passwd, which will point to /home/<user>, totally ignoring our patched $HOME.

Should we also present the snap with a patched version of /etc/passwd? or is there a better solution for go snaps accessing the home dir?

pura vida

jdstrand · November 14, 2017, 9:17pm

Side-stepping the discussion on the issues of maintaining /etc/passwd for new users across all the snaps, this change would make it difficult for snaps to find the real home, which a lot of snaps for classic distro using the home interface are interested in. Today, HOME is set to SNAP_USER_DATA (like you said) but snaps can and do use getent, getpwent(), getpwnam(), getpwuid(), etc to find the real home. Updating /etc/passwd would make all of those snaps break.

If this were going to be addressed, I think we’d want it opt-in so that existing snaps didn’t break. We’d probably also want to use a custom nss module instead of modifying /etc/passwd (since /etc/passwd may not even have the user in it).

elopio · November 15, 2017, 2:54pm

For the record, upstream was very nice here and he patched the source code to first search for $HOME:

github.com

ipfs/ipfs-cluster/blob/a1f1ef15d87886e0e6d92e9e81530802f4de9b45/ipfs-cluster-service/main.go#L123


)
func init() {
	// Set the right commit. The only way I could make this work
	ipfscluster.Commit = commit
	// We try guessing user's home from the HOME variable. This
	// allows HOME hacks for things like Snapcraft builds. HOME
	// should be set in all UNIX by the OS. Alternatively, we fall back to
	// usr.HomeDir (which should work on Windows etc.).
	home := os.Getenv("HOME")
	if home == "" {
		usr, err := user.Current()
		if err != nil {
			panic(fmt.Sprintf("cannot get current user: %s", err))
		}
		home = usr.HomeDir
	}
	DefaultPath = filepath.Join(home, ".ipfs-cluster")
}

So, I guess that an option would be to accept that snaps are not fully transparent, for cases like this, and document best practices for upstreams to adjust their code to work with snaps.

Another such case that comes to mind is bitcoin, that requires a patch to save the blockchain to $SNAP_USER_COMMON instead of $SNAP_USER_DATA. This is not transparent because upstreams that want to save data will just do throw everything in $HOME; but we are introducing the concept of versioned and unversioned home, and they would have to adjust their source code to use it correctly.

predr · January 22, 2020, 7:58am

Run into this issue and found a different solution for go1.12+.

home, _ := os.UserHomeDir()
fmt.Println(home)

On Unix, including macOS, it returns the $HOME environment variable. On Windows, it returns %USERPROFILE%. On Plan 9, it returns the $home environment variable.

Lin-Buo-Ren · September 2, 2020, 6:10pm

Refer The homeishome launcher: Fix snapped apps that (wrongly) referring to the user's real home directory instead of $HOME for a possible workaround.