feat(upgrade): check if user has write access to deno exe (#16378)

author: sigmaSd <bedisnbiba@gmail.com> 2022-10-21 20:50:03 +0100
committer: GitHub <noreply@github.com> 2022-10-21 15:50:03 -0400
commit: 8c9e6c5565c1c00437d083de76cdd944e44b1d99 (patch)
tree: a6630fa3c29651e280f38d18825400dd8a299ec0 /cli/tools/upgrade.rs
parent: b3ddd0cea268414e1a00951f24d4767ed6eafd75 (diff)
1 files changed, 16 insertions, 2 deletions
diff --git a/cli/tools/upgrade.rs b/cli/tools/upgrade.rs
index 8adb102aa..b80b8091c 100644
--- a/cli/tools/upgrade.rs
+++ b/cli/tools/upgrade.rs
@@ -128,10 +128,24 @@ pub fn check_for_upgrades(cache_dir: PathBuf) {
 
 pub async fn upgrade(upgrade_flags: UpgradeFlags) -> Result<(), AnyError> {
   let old_exe_path = std::env::current_exe()?;
-  let permissions = fs::metadata(&old_exe_path)?.permissions();
+  let metadata = fs::metadata(&old_exe_path)?;
+  let permissions = metadata.permissions();
 
   if permissions.readonly() {
-    bail!("You do not have write permission to {:?}", old_exe_path);
+    bail!(
+      "You do not have write permission to {}",
+      old_exe_path.display()
+    );
+  }
+  #[cfg(unix)]
+  if std::os::unix::fs::MetadataExt::uid(&metadata) == 0
+    && !nix::unistd::Uid::effective().is_root()
+  {
+    bail!(concat!(
+      "You don't have write permission to {} because it's owned by root.\n",
+      "Consider updating deno through your package manager if its installed from it.\n",
+      "Otherwise run `deno upgrade` as root.",
+    ), old_exe_path.display());
   }
 
   let client = build_http_client(upgrade_flags.ca_file)?;
author	sigmaSd <bedisnbiba@gmail.com>	2022-10-21 20:50:03 +0100
committer	GitHub <noreply@github.com>	2022-10-21 15:50:03 -0400
commit	8c9e6c5565c1c00437d083de76cdd944e44b1d99 (patch)
tree	a6630fa3c29651e280f38d18825400dd8a299ec0 /cli/tools/upgrade.rs
parent	b3ddd0cea268414e1a00951f24d4767ed6eafd75 (diff)