Elevated access for dotnet commands

Image by Arek Socha from Pixabay


For best practices, software should have the least amount of privileges. However, some tools like performance monitoring require elevated admin permissions.

The article describes the scenario for programming such software or applications in .Net Core.

Install tool Globally

The following instructions guide the way to run, install, or uninstall .Net Core tools that need to be executed with elevated permissions.

Windows Installation

If a folder already exists in %ProgramFiles%\dotnet-tools the path, then checks whether the user group has the permission to write or modify the directory.

To install, run the below command in a command prompt session with Administration mode. It will generate the Dotnet-tools folder during the installation.

dotnet tool install PACKAGEID --tool-path "%ProgramFiles%\dotnet-tools".

Linux or macOS Installation

The global tool package should be installed in a protected location using --tool-path flag

sudo dotnet tool install PACKAGEID --tool-path /usr/local/share/dotnet-tools

By default, the tools have drwxr-xr-x permission. If the folder directory exists already, then use the ls -l command to check the assigned user doesn’t have permission to edit. If so, practice the sudo chmod o-w -R /usr/share/dotnet-tools command to remove the access.

Run Global tool

There are two ways to run a global tool, as follows:

Windows

  1. Use full path in the command prompt in Administration mode.

  2. Do the environment variable setting once using setx Path "%Path%;%ProgramFiles%\dotnet-tools\" then use TOOLCOMMAND directly.

Linux or macOS

  1. Use full path with Sudo. sudo /usr/local/share/dotnet-tools/TOOLCOMMAND

  2. Do the environment variable setting once using sudo ln -s /usr/local/share/dotnet-tools/TOOLCOMMAND /usr/local/bin/TOOLCOMMANDthen use sudo TOOLCOMMAND directly.

Uninstall the Global tool

Windows

Run the following command to uninstall the global tool using command prompt in Administrator mode.

dotnet tool uninstall PACKAGEID --tool-path "%ProgramFiles%\dotnet-tools"

Linux or macOS

Run the following sudo command to uninstall packages.

sudo dotnet tool uninstall PACKAGEID --tool-path /usr/local/share/dotnet-tools

Elevation during development

During development also there are scenarios in which you may need elevated access to test the application.

RECOMMENDATION: Build the application without elevated permission and run applications with elevated permissions.

For best startup performance, use generated executable

dotnet build 
sudo ./bin/Debug/netcoreapp3.0/APPLICATIONNAME

Run the .Net application with no build flag to avoid generating new binaries each time

dotnet build 
dotnet run --no-build

Thank you for reading. I hope you like the article.

#Aspnetcore #CSharpProgramming #Csharp #DotnetCore #Dotnet

Recent Posts

See All

Design Pattern – Adapter

#Aspnetcore #AdapterDesignPattern #Csharp #DesignPatterns #Dotnet According to Gang of Four, the Adapter Pattern converts the interfaces of a class into interfaces that the client requires. In other w