From owner-freebsd-current@FreeBSD.ORG Sun Aug 17 15:10:47 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 41CEB37B401 for ; Sun, 17 Aug 2003 15:10:47 -0700 (PDT) Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1F44343F3F for ; Sun, 17 Aug 2003 15:10:46 -0700 (PDT) (envelope-from bde@zeta.org.au) Received: from gamplex.bde.org (katana.zip.com.au [61.8.7.246]) by mailman.zeta.org.au (8.9.3p2/8.8.7) with ESMTP id IAA32133; Mon, 18 Aug 2003 08:10:38 +1000 Date: Mon, 18 Aug 2003 08:10:37 +1000 (EST) From: Bruce Evans X-X-Sender: bde@gamplex.bde.org To: Ulrich Spoerlein In-Reply-To: <20030817205851.GB718@galgenberg.net> Message-ID: <20030818075232.T3542@gamplex.bde.org> References: <20030817205851.GB718@galgenberg.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: current@freebsd.org Subject: Re: RFC: Allow non-root users to use make distribution and make installworld? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Aug 2003 22:10:47 -0000 On Sun, 17 Aug 2003, Ulrich Spoerlein wrote: > I'm trying to build a new LiveCD based upon the Freesbie scripts, and > well, I don't want to require superuser privileges to build the LiveCD > image. While this is not a problem with 'make buildworld' 'make > distribution' in /usr/src/etc is "broken" for the non-root case. > > Attached are some patches to make this work by make the user/group > info passed to install overrideable. > > The problem now lies with 'make installworld' which currently dies here: > ===> lib/libcom_err/doc > install-info --quiet --defsection="Programming & development tools." --defentry="* libcom_err: (com_err). A Common Error Description Library for UNIX." com_err.info /usr/test/root/usr/share/info/dir > /usr/test/root/usr/share/info/dir: Permission denied > *** Error code 1 > > because /usr/share/info/dir has permissions 444 and therefore the 'user' > can't write to that file (whereas mode 444 wouldn't stop the superuser) > > The question now is, should I provide patches to make this work. Do "we" > actually want this to work? Or is anybody trying to run installworld as > non-user doing something completely stupid? I tried this the other day but gave up on the info dir. I was doing something stupid -- I knew that installworld wouldn't work and only wanted to test buildworld, but forgot to change the test script :-). Setting INFOMODE to 644 should work after you fix all the hard-coded ownerships and modes. Other defaults for the mode may need to be changed similarly. The default read-only modes are bogus for root anyway. BINMODE=555 only made sense when BINOWN was bin. But read-only modes are a safe default. > --- etc/isdn/Makefile.orig Sun Aug 17 20:14:23 2003 > +++ etc/isdn/Makefile Sun Aug 17 20:14:48 2003 > @@ -18,8 +18,8 @@ > > install: > for i in ${I4BETCPROG} ; do \ > - ${INSTALL} -o root -g wheel -m 700 $$i ${DESTDIR}/etc/isdn ; \ > + ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 700 $$i ${DESTDIR}/etc/isdn ; \ > done ; \ > for i in ${I4BETCFILE} ; do \ > - ${INSTALL} -o root -g wheel -m 600 $$i ${DESTDIR}/etc/isdn ; \ > + ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 600 $$i ${DESTDIR}/etc/isdn ; \ > done The patches make some lines too long. > --- etc/rc.d/motd.orig Sun Aug 17 20:24:01 2003 > +++ etc/rc.d/motd Sun Jun 15 18:55:59 2003 > @@ -33,7 +33,7 @@ > # > echo "Updating motd." > if [ ! -f /etc/motd ]; then > - install -c -o ${BINOWN} -g ${BINGRP} -m ${PERMS} /dev/null /etc/motd > + install -c -o root -g wheel -m ${PERMS} /dev/null /etc/motd > fi > > case ${OSTYPE} in This partcular patch seems to be reversed. I don't see how rc.d can know the build defaults. Perhaps it shouldn't. It could adjust ownerships and modes to runtime defaults if the build ones are insecure. Bruce