zsh compinit: insecure directories

前端 未结 23 2179
攒了一身酷
攒了一身酷 2021-01-29 17:22

What does it mean and how can I fix it?

zsh compinit: insecure directories, run compaudit for list.
Ignore insecure directories and continue [y] or abort compini         


        
相关标签:
23条回答
  • 2021-01-29 17:45

    I got this issue after running the google-cloud-sdk install script, which adds command-completion to the shell via an entry in .zshrc.

    Following Homebrew's instructions for configuring completions in zsh was helpful.

    Additionally, if you receive “zsh compinit: insecure directories” warnings when attempting to load these completions, you may need to run this: chmod -R go-w "$(brew --prefix)/share"

    0 讨论(0)
  • 2021-01-29 17:46

    My machine:

    System Version: macOS 10.15.4 (19E287)
    Kernel Version: Darwin 19.4.0
    

    So here is what I did,

    1. run compaudit and it will give you a list of directories it thinks are unsecure.

    2. run sudo chmod -R 755 target_directory (example: sudo chmod -R 755 /usr/local/share/zsh)

    Exmaple:

    compaudit
    

    returns:

    /usr/local/share/zsh

    so I run

    sudo chmod -R 755 /usr/local/share/zsh
    

    read more here link

    0 讨论(0)
  • 2021-01-29 17:49

    The accepted answer did not work for me on macOs Sierra (10.12.1). Had to do it recursive from /usr/local

    cd /usr/local
    sudo chown -R <your-username>:<your-group-name> *
    

    Note: You can get your username with whoami and your group with id -g

    0 讨论(0)
  • 2021-01-29 17:50

    This works for my Mac since High Sierra update.

    Remove the group write access:

    sudo chmod g-w /usr/local/share/zsh/site-functions
    sudo chmod g-w /usr/local/share/zsh
    

    It’s best to keep the change limited to zsh directories.

    0 讨论(0)
  • 2021-01-29 17:52

    I fixed it by doing

    sudo chown root:staff -R /usr/local/share/zsh
    

    in my case other directories inside share/ also have "staff" group assigned

    0 讨论(0)
  • 2021-01-29 17:57

    Once you understand the cause, solution is trivial and unequivocal.

    • Cause: the directories output by compaudit have write permission by either group or others (world-writable); or those files are owned by somebody else other than root or yourself.

    • Example: In my case, compaudit gave me that:

    % compaudit 
    There are insecure directories:
    /usr/local/share/zsh/site-functions
    /usr/local/share/zsh
    

    And if we list the permission of those files/directories we have (in this case)

    % ls -lh /usr/local/share 
    total 0
    drwxr-xr-x  12 chbrandt  admin   384B Aug 14 10:45 aclocal
    drwxr-xr-x   8 chbrandt  admin   256B Aug 14 10:45 doc
    drwxr-xr-x   3 chbrandt  admin    96B Jul 24 21:00 fish
    lrwxr-xr-x   1 chbrandt  admin    36B Aug 14 10:45 gettext -> ../Cellar/gettext/0.21/share/gettext
    lrwxr-xr-x   1 chbrandt  admin    41B Aug 14 10:45 gettext-0.21 -> ../Cellar/gettext/0.21/share/gettext-0.21
    lrwxr-xr-x   1 chbrandt  admin    37B Aug 14 10:45 gtk-doc -> ../Cellar/libidn2/2.3.0/share/gtk-doc
    drwxr-xr-x   9 chbrandt  admin   288B Aug 14 10:45 info
    drwxr-xr-x  58 chbrandt  admin   1.8K Aug 14 10:45 locale
    lrwxr-xr-x   1 chbrandt  admin    41B Jul 27 17:12 luajit-2.0.5 -> ../Cellar/luajit/2.0.5/share/luajit-2.0.5
    drwxr-xr-x   5 chbrandt  admin   160B Jul 27 17:12 man
    lrwxr-xr-x   1 chbrandt  admin    33B Aug 14 10:45 nvim -> ../Cellar/neovim/0.4.4/share/nvim
    drwxrwxr-x   3 chbrandt  admin    96B Jul 24 20:57 zsh
    %
    % ls -lh /usr/local/share/zsh 
    total 0
    drwxrwxr-x  4 chbrandt  admin   128B Jul 24 21:00 site-functions
    %
    % ls -lh /usr/local/share/zsh/site-functions 
    total 0
    lrwxr-xr-x  1 chbrandt  admin    39B Jul 24 21:00 _brew -> ../../../Homebrew/completions/zsh/_brew
    lrwxr-xr-x  1 chbrandt  admin    44B Jul 24 21:00 _brew_cask -> ../../../Homebrew/completions/zsh/_brew_cask
    

    Now we easily spot the issue, don't we? Notice how zsh/ and zsh/site-functions directories differ from the others... That 'w' allowing the admin group to modify them is not appreciated by zsh.

    • Solution: Turn off that group-writable permission!
    % chmod g-w /usr/local/share/zsh 
    % chmod g-w /usr/local/share/zsh/site-functions 
    

    That's it! You're good to go. Open a new terminal and you should not see the "zsh compinit: insecure directories" message anymore ;)

    0 讨论(0)
提交回复
热议问题