For best practices, software should have the least amount of privileges. However, some tools like performance monitoring require elevated admin permissions.
The article describes the scenario for programming such software or applications in .Net Core.
Install tool Globally
The following instructions guide the way to run, install, or uninstall .Net Core tools that need to be executed with elevated permissions.
Windows Installation
If a folder already exists in %ProgramFiles%\dotnet-tools the path, then checks whether the user group has the permission to write or modify the directory.
To install, run the below command in a command prompt session with Administration mode. It will generate the Dotnet-tools folder during the installation.
dotnet tool install PACKAGEID --tool-path "%ProgramFiles%\dotnet-tools".Linux or macOS Installation
The global tool package should be installed in a protected location using --tool-path flag
sudo dotnet tool install PACKAGEID --tool-path /usr/local/share/dotnet-toolsBy default, the tools have drwxr-xr-x permission. If the folder directory exists already, then use the ls -l command to check the assigned user doesn’t have permission to edit. If so, practice the sudo chmod o-w -R /usr/share/dotnet-tools command to remove the access.
Run Global tool
There are two ways to run a global tool, as follows:
Windows
- Use full path in the command prompt in Administration mode.
- Do the environment variable setting once using
setx Path "%Path%;%ProgramFiles%\dotnet-tools\"then useTOOLCOMMANDdirectly.
Linux or macOS
- Use full path with Sudo.
sudo /usr/local/share/dotnet-tools/TOOLCOMMAND - Do the environment variable setting once using
sudo ln -s /usr/local/share/dotnet-tools/TOOLCOMMAND /usr/local/bin/TOOLCOMMANDthen usesudo TOOLCOMMANDdirectly.
Uninstall the Global tool
Windows
Run the following command to uninstall the global tool using command prompt in Administrator mode.
dotnet tool uninstall PACKAGEID --tool-path "%ProgramFiles%\dotnet-tools"Linux or macOS
Run the following sudo command to uninstall packages.
sudo dotnet tool uninstall PACKAGEID --tool-path /usr/local/share/dotnet-toolsElevation during development
During development also there are scenarios in which you may need elevated access to test the application.
RECOMMENDATION: Build the application without elevated permission and run applications with elevated permissions.
For best startup performance, use generated executable
dotnet build
sudo ./bin/Debug/netcoreapp3.0/APPLICATIONNAME
Run the .Net application with no build flag to avoid generating new binaries each time
dotnet build
dotnet run --no-build
C# 