Re: Broken su in current - trying to fix myself, help needed!

From: Skip Ford <skip_at_menantico.com>
Date: Thu, 18 Oct 2007 08:45:44 -0400
??? Bill Hacker wrote:
> Stefan Lambrev wrote:
> >I see something similar on all ports that have OPTIONS (make config).
> >Here is example (do this as user member of wheel, but not root):
> 
> Stop right there. '..NOT root'??
> 
> Why would I DO that?

There are lots of reasons one might build a port as someone
other than root.

> I'd *expect* a port to have problems if not invoked as EUID 'root'

You shouldn't.  It's supported.

> ls -lF /usr/ports/<category>/<specific port>
> 
> Owner of the entire tree is 'root' with rwx and rw-.
> 
> Group and 'others' do not have 'w' privs, only 'r--'.
> 
> Note a 'make' cycle creates a ~/work/<portname> within that tree.
> When invoked as root. Cannot do so otherwise.

It creates ${WRKDIR}, which happens to default to ${.CURDIR}/work.
But you can build to any directory to which you can write.

> HTH do you expect to write the results output by ./configure to a dirtree 
> you do not have the privilege to write to *at all*?
> 
> pkg_add and pkgsrc work a bit diferently w/r their workspace, but these, 
> too can be expected to encounter problems if invoked by other than 'root'.
> 
> If nothing else breaks first, they can neither install to the various 
> ~/lib, ~/libexec, ~/bin, ~/sbin or even ~/etc dirtrees, nor update 
> /var/db/pkg.

Assuming that's where you want to install what you've built,
you'd need root for that.  But again, you can install to another
directory just like you can build in another directory.  And you
can maintain your own database of installed ports in whatevery
directory you want as well.

> Read ls -lF on those critters, and you'll see why.
> 
> IF/AS/WHEN you want to take an advance look at what *would* transpire in a 
> build w/o doing it as 'root', you need to open the tarball(s) elsewhere, 
>  where your current EUID *does* have rwx privs.

This was all solved a long time ago.

If the ports system didn't support all of this, there would be no
need for it to ever invoke su(1) as has been referenced within
this thread to begin with.

You might want to read /usr/ports/Mk/bsd.port.mk

-- 
Skip
Received on Thu Oct 18 2007 - 10:44:22 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:19 UTC