I'm using Homebrew to manage package installs on Lion (Lion Server actually but this shouldn't matter).
Homebrew was installed under one user. Now a different user would like to add a package and Homebrew isn't happy:
$ brew update
fatal: Unable to create '/usr/local/.git/index.lock': Permission denied
Error: Failure while executing: git checkout -q master
Is this considered bad? I thought one of the advantages of using /usr/local/
for your installs was that you don't need sudo
. But clearly we do.
All users who would need to modify Homebrew are members of admin group. So, I could chmod -R g+w /usr/local/
but afraid this will bork something or create security issues?!?
Advice?
$ ls -al /usr/local/.git/
total 432
drwxr-xr-x 14 ladmin admin 476 Feb 24 11:48 .
drwxrwxr-x 14 root admin 476 Feb 9 15:27 ..
-rw-r--r-- 1 ladmin admin 94 Feb 24 11:48 FETCH_HEAD
-rw-r--r-- 1 ladmin admin 23 Feb 24 11:48 HEAD
-rw-r--r-- 1 ladmin admin 41 Feb 9 15:28 ORIG_HEAD
drwxr-xr-x 2 ladmin admin 68 Feb 9 15:27 branches
-rw-r--r-- 1 ladmin admin 218 Feb 9 15:27 config
-rw-r--r-- 1 ladmin admin 73 Feb 9 15:27 description
drwxr-xr-x 12 ladmin admin 408 Feb 9 15:27 hooks
-rw-r--r-- 1 ladmin admin 200272 Feb 24 11:48 index
drwxr-xr-x 3 ladmin admin 102 Feb 9 15:27 info
drwxr-xr-x 4 ladmin admin 136 Feb 9 15:27 logs
drwxr-xr-x 4 ladmin admin 136 Feb 9 15:27 objects
drwxr-xr-x 5 ladmin admin 170 Feb 9 15:27 refs
Best Answer
Homebrew, by default, sets itself up for single-user access to
/usr/local
. So you need to open up the permissions on the directory tree for it to be administered by more than one person.People don't need to run sudo here to administer homebrew. You just need to change some permissions. Since you already have:
You need to do two more things:
/usr/local
belongs to the groupadmin
; andadmin
can write to anything under/usr/local
.In this case the changes to make are:
And any user from the
admin
group should be able to manage the homebrew installation on the machine. If you need to add a user to the admin group this can be accomplished like this:(that user will need to login again to have the privileges granted).
For sanity on the machine, you may want to consider creating your own fork of Homebrew and have your local homebrew git repository point to the local fork. That lets you customize Homebrew for your environment and control the versions of packages that people are able to install with the
brew
command. With multiple people doing installs you could run in to version issues or dependency issues.