From owner-freebsd-stable Mon Dec 9 7:45:43 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2DF8137B404 for ; Mon, 9 Dec 2002 07:45:41 -0800 (PST) Received: from anger.verticalscope.com (anger.verticalscope.com [205.150.136.28]) by mx1.FreeBSD.org (Postfix) with ESMTP id A1CC743E4A for ; Mon, 9 Dec 2002 07:45:40 -0800 (PST) (envelope-from jdunn@verticalscope.com) Received: from localhost (localhost [127.0.0.1]) by anger.verticalscope.com (Postfix) with ESMTP id B534D8017; Mon, 9 Dec 2002 10:45:29 -0500 (EST) Received: from [10.10.10.7] (unknown [209.82.14.131]) by anger.verticalscope.com (Postfix) with ESMTP id A16D97E46; Mon, 9 Dec 2002 10:45:28 -0500 (EST) Subject: Re: Non-root updating & building From: "Julian C. Dunn" To: Tod McQuillin Cc: Kenneth W Cochran , freebsd-stable@freebsd.org In-Reply-To: <20021210003716.V42280-100000@glass.pun-pun.prv> References: <200212091509.KAA56021362@shell.TheWorld.com> <20021210003716.V42280-100000@glass.pun-pun.prv> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-ALBOT53PKZPOuYtxVIIy" Organization: VerticalScope Inc. Message-Id: <1039448727.25104.74.camel@jedi.office.verticalscope.com> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.0 Date: 09 Dec 2002 10:45:28 -0500 X-Virus-Scanned: by AMaViS perl-11 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --=-ALBOT53PKZPOuYtxVIIy Content-Type: text/plain Content-Transfer-Encoding: quoted-printable On Mon, 2002-12-09 at 10:41, Tod McQuillin wrote: > On Mon, 9 Dec 2002, Kenneth W Cochran wrote: >=20 > > What would be a/the Right Way(tm:) to separate the privelege > > of updating/building vs installing world and/or ports? > For ports, >=20 > I have never tried it, but if you use the portupgrade utilities, there is > a --sudo command option which seems to imply that it runs as non-root > where it can and uses sudo where it needs privileges. >=20 > I would be interested to know if this actually works. For the most part it (-s/--sudo) actually works. Older versions of portupgrade didn't, mostly due to a lack of knowledge about what commands require sudo and which don't. Now when I say "for the most part" sometimes portupgrade has trouble creating directories (e.g. work directories) if your ports tree isn't owned by your build user, or at least writable by it.=20 > For build/install world, it should work to make sure your /usr/src is > readable and your /usr/obj writable by a non-root user. Of course you > will need to be root to install to system directories. Yep, that's the case too. - Julian --=20 -- Julian C. Dunn, B.A.Sc. -- Senior Software Developer / UNIX Systems Administrator -- VerticalScope Inc. -- 111 Peter St., Suite 700, Toronto, ON -- Tel: (416) 341-8950 x236 Fax: (416) 341-8959 -- PGP Key: 0x4EE2041F=20 --=-ALBOT53PKZPOuYtxVIIy Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQA99LqX8oRxw07iBB8RAviWAJwIetYhYHkaOfnm6NwPrS0J4qS82wCggoFD Vtj5zqdav//VCoH/AIr98mQ= =wTlb -----END PGP SIGNATURE----- --=-ALBOT53PKZPOuYtxVIIy-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message