Skip to content

RSDK-13159 Switch users if viam-server is run as root on macOS#26

Merged
oliviamiller merged 5 commits intoviam-modules:mainfrom
oliviamiller:sudo-mac
Feb 11, 2026
Merged

RSDK-13159 Switch users if viam-server is run as root on macOS#26
oliviamiller merged 5 commits intoviam-modules:mainfrom
oliviamiller:sudo-mac

Conversation

@oliviamiller
Copy link
Collaborator

@oliviamiller oliviamiller commented Feb 6, 2026
edited
Loading

Microphone access does not work when the module is running as root on macOS due to TCC security restrictions. The run.sh ensures the module runs as the console user (logged in user), allowing access to the microphone.

Tested:

  • MacOS running as root and non root
  • Linux amd64

@hexbabe
Copy link

hexbabe commented Feb 6, 2026
edited
Loading

I don't have the full context so I'm not sure if my worry is valid, but this seems a bit invasive and full of side effects to me. We're mutating the ownership of the entire module directory tree, recursively, and running the binary as user silently to ensure success.

Wouldn't it be better to just fail-fast and clearly? And tell the user to run as a normal user instead?

@oliviamiller
Copy link
Collaborator Author

oliviamiller commented Feb 6, 2026
edited
Loading

I don't have the full context so I'm not sure if my worry is valid, but this seems a bit invasive and full of side effects to me. We're mutating the ownership of the entire module directory tree, recursively, and running the binary as user silently to ensure success.

Wouldn't it be better to just fail-fast and clearly? And tell the user to run as a normal user instead?

For more context this is being added due to the current netcode project to add viam-agent support for mac, which will run viam-server as root. This was suggested by netcode as a work around to allow this module to work while running viam-agent.

benjirewis
benjirewis reviewed Feb 6, 2026
View reviewed changes
Copy link

@benjirewis benjirewis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@hexbabe like @oliviamiller mentioned, viam-agent is soon coming to MacOS and it runs non-configurably as root. Sounds like this module needs to run as anyone but root, so this was the type of solution we came up with. Failing immediately here likely isn't an option, because we do want to be able to run this module with viam-agent on MacOS.

@hexbabe
Copy link

hexbabe commented Feb 6, 2026

@hexbabe like @oliviamiller mentioned, viam-agent is soon coming to MacOS and it runs non-configurably as root. Sounds like this module needs to run as anyone but root, so this was the type of solution we came up with. Failing immediately here likely isn't an option, because we do want to be able to run this module with viam-agent on MacOS.

Right this is the context I had a feeling I was missing. Thanks

SebastianMunozP
SebastianMunozP reviewed Feb 9, 2026
View reviewed changes
run.sh
# Transfer ownership to console user so they can access files
chown -R "$CONSOLE_USER" "$SCRIPT_DIR"
chown "$CONSOLE_USER" "$SCRIPT_DIR/.."

Copy link

@SebastianMunozP SebastianMunozP Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

[nit] Perhaps add a log here stating that this is being run as $CONSOLE_USER

benjirewis
benjirewis reviewed Feb 9, 2026
View reviewed changes
run.sh
@@ -0,0 +1,26 @@
#!/bin/bash
# macOS: root can't access microphone due to TCC restrictions
# Switch to the console user (whoever is logged in)
Copy link

@benjirewis benjirewis Feb 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

cc @aldenh-viam this is what the sensing team is doing for switching off of the root user on MacOS in case you were curious.

benjirewis
benjirewis approved these changes Feb 9, 2026
View reviewed changes
Copy link

@benjirewis benjirewis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks reasonable to me as long as you tested by running viam-server as root. Thanks!

hexbabe
hexbabe approved these changes Feb 9, 2026
View reviewed changes
Copy link

@hexbabe hexbabe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

@oliviamiller oliviamiller merged commit b38d473 into viam-modules:main Feb 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@seanavery seanavery seanavery approved these changes

@benjirewis benjirewis benjirewis approved these changes

@hexbabe hexbabe hexbabe approved these changes

@SebastianMunozP SebastianMunozP SebastianMunozP approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@oliviamiller @hexbabe @seanavery @benjirewis @SebastianMunozP