Date: Tue, 10 Dec 2002 00:41:16 +0900 (JST) From: Tod McQuillin <devin@spamcop.net> To: Kenneth W Cochran <kwc@TheWorld.com> Cc: freebsd-stable@freebsd.org Subject: Re: Non-root updating & building Message-ID: <20021210003716.V42280-100000@glass.pun-pun.prv> In-Reply-To: <200212091509.KAA56021362@shell.TheWorld.com> References: <200212091509.KAA56021362@shell.TheWorld.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 9 Dec 2002, Kenneth W Cochran wrote: > What would be a/the Right Way(tm:) to separate the privelege > of updating/building vs installing world and/or ports? > > I've tracked -stable and -ports for a coupla-few years > now and have long noticed that updating (cvsup/cvs), > building (make) and installing (make install) require > being superuser to run (same with ports). > > So far, the "method" I can think of for this would be to > change either the owner or the filemode for /usr/src/* > and/or /usr/ports/*, update/build as non-root & install as > root. (Owner would be simpler I think, but I'm wondering > about things like being at odds with the likes of mtree > and friends.) Am I on the right track? > > Is there any OS support for this, for example, any knobs > in, say, make.conf to enable/configure/control this? For ports, I have never tried it, but if you use the portupgrade utilities, there is a --sudo command option which seems to imply that it runs as non-root where it can and uses sudo where it needs privileges. I would be interested to know if this actually works. For build/install world, it should work to make sure your /usr/src is readable and your /usr/obj writable by a non-root user. Of course you will need to be root to install to system directories. Disclaimer: I have not tried either of these ideas. Give it a try and see what happens. -- Tod McQuillin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021210003716.V42280-100000>