Comments (12)
I can see it is using require 'tmpdir', but not sure why is is failing. Here user is a system user, but should be able to use a tmpdir.
from uuid.
okay, it is failing because another user has already created /tmp/ruby-uuid and this user cannot use it.
Pathname.new(Dir.tmpdir).join(SecureRandom.hex, 'you_filename.txt')
from uuid.
or at least prefix username before the temp dir
from uuid.
The state file is used to ensure that UUIDs generated by multiple users are not identical. You should coordinate access to the state file per the README.
from uuid.
Would this change be okay? Is there any other place I need to make this change?
Index: ruby-uuid/lib/uuid.rb
===================================================================
--- ruby-uuid.orig/lib/uuid.rb
+++ ruby-uuid/lib/uuid.rb
@@ -173,7 +173,7 @@ class UUID
state_dir = Dir.tmpdir
end
- @state_file = File.join(state_dir, 'ruby-uuid')
+ @state_file = File.join(state_dir, 'ruby-uuid-'+Process.uid.to_s)
if !File.writable?(state_dir) || (File.exists?(@state_file) && !File.writable?(@state_file)) then
@state_file = File.expand_path('.ruby-uuid', '~')
from uuid.
You can set the default state file by using UUID::state_file= as described in the README.
There is no need for this type of change. It is the same as setting the state_file to false.
The state file exists to prevent multiple processes from generating the same UUID. If you don't want this protection you can turn it off by setting it to false as described in the README. You should leave this protection on and set up the state file with appropriate permissions so that all processes can write to it. This is described in the documentation for UUID::state_file and UUID::state_file=.
Having separate state files while multiple processes are running allows for generation of identical UUIDs. You do not want this. You want to share the state file. Please configure your processes to create the state file with the appropriate permissions (perhaps 0664).
from uuid.
But why is it falling back to ~/.ruby-uuid then? That is same as state file per user. My patch is only an improvement to the fallback where the process can't find the home directory in cases like using sudo -u user. Can this be tried as an additional fallback if ~/.ruby-uuid is not writable? I will try to make it writable. Thanks for the reply.
from uuid.
If you cannot write to the temporary file directory at all presumably no other process can either because your operating system is misconfigured. This allows multiple processes under the same user to have guaranteed unique UUIDs. Per-process state files do not have this guarantee.
from uuid.
I can write to /tmp, and /tmp/ruby-uuid gets created. But when a second user tries to write to the same file, it fails. So if we try writing to /tmp/ruby-uuid-uid, it will succeed. I just want this as an additional fallback in cases where ~/.ruby-uuid is also not writable like in my case of using sudo -u user. And it would be better to disable state file with a warning when state file can't be written, instead of failing completely.
from uuid.
and Process.uid is unique per user.
from uuid.
Would this be okay? It only gets triggered if ~/.ruby-uuid is not writable and it sets state_file to false if none of the options are writable.
Index: ruby-uuid/lib/uuid.rb
===================================================================
--- ruby-uuid.orig/lib/uuid.rb
+++ ruby-uuid/lib/uuid.rb
@@ -177,6 +177,12 @@ class UUID
if !File.writable?(state_dir) || (File.exists?(@state_file) && !File.writable?(@state_file)) then
@state_file = File.expand_path('.ruby-uuid', '~')
+ if !File.writable?(@state_file)) then
+ @state_file = File.join(state_dir, 'ruby-uuid-'+Process.uid.to_s)
+ if !File.writable?(@state_file)) then
+ @state_file = false
+ end
+ end
end
@state_file
from uuid.
A warning will never be noticed in production. This means you lose the guarantee the state file provides without knowing. Defaulting to this fail-open scenario is not appropriate in my opinion when adequate API and documentation exist to fail-open by user choice.
Instead the all users should be creating the state file with a reasonable file mode (0664 or maybe 0666 on a trusted host) or you should manually disable the state file. Per-process state files are pointless as the state only needs to be tracked in-memory. They will litter the disk and never be deleted.
The change that you should make is to your use of the library, not to the library itself:
require 'uuid'
UUID.state_file 0664 # or 0666 if you trust all users
uuid = UUID.new
uuuid.generate
Is preferred.
If you are on a shared host where you cannot trust all users:
require 'uuid'
UUID.state_file = File.expand_path '~/.ruby-uuid'
uuid = UUID.new
uuuid.genaerate
from uuid.
Related Issues (20)
- UUID.generate collisions when called too often HOT 5
- Cant Convert Class to String - Jruby Rake HOT 2
- Executable name conflict
- nil.unpack issue HOT 17
- How random / predictable are the results? HOT 3
- uuid should not make hardcoded assumptions about temporary directories HOT 1
- Version of UUID generated HOT 3
- FakeFS interference
- You checked in the bundler binstub of bin/uuid HOT 1
- Errno::EACCES: Permission denied - /root/.ruby-uuid HOT 3
- Add License information to Gemspec HOT 2
- Sort method (or cmp) should be implemented for time based UUID's
- "Gemfile not found" when using rbenv HOT 4
- add development dependency on mocha
- clarify license statement HOT 1
- Unique and random uuid HOT 5
- Version 2.3.7 or 2.3.8 HOT 5
- How does this compare to SecureRandom.uuid? HOT 2
- Add generate method usage to readme
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from uuid.