Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-dev
Navigation:
Lists: gentoo-dev: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-dev@g.o
From: Michał Górny <mgorny@g.o>
Subject: Re: RFC: Enable FEATURES="userpriv usersandbox" by default?
Date: Tue, 29 May 2012 16:11:23 +0200
On Tue, 29 May 2012 02:05:08 -0700
Zac Medico <zmedico@g.o> wrote:

> On 05/29/2012 01:43 AM, Agostino Sarubbo wrote:
> > On Monday 28 May 2012 14:34:22 Zac Medico wrote:
> >> Hi,
> >>
> >> In case you aren't familiar with FEATURES=userpriv, here's the
> >> description from the make.conf(5) man page:
> >>
> >>   Allow portage to drop root privileges and compile packages as
> >>   portage:portage without a sandbox (unless usersandbox is also
> >> used).
> >>
> >> The rationale for having the separate "usersandbox" setting, to
> >> enable use of sys-apps/sandbox, is that people who enable userpriv
> >> sometimes prefer to have sandbox disabled in order to slightly
> >> improve performance. However, I would recommend to enable
> >> usersandbox by default, for the purpose of logging sandbox
> >> violations.
> >>
> >> Note that ebuilds can set RESTRICT="userpriv" if they require
> >> superuser privileges during any of the src_* phases that userpriv
> >> affects.
> >>
> >> I've been using FEATURES="userpriv usersandbox" for years, and I
> >> don't remember experiencing any problems because of it, so I think
> >> that it would be reasonable to have it enabled by default.
> >> Objections?
> > 
> > I'm using usersync since a long time, how about add it too?
> 
> Yeah, I think that would be a good default too. I guess the portage
> ebuild can do a recursive adjustment of $PORTDIR permissions in
> pkg_postinst, in order to solve bug #277970 [1].

Wouldn't that break users who sync using a regular user? And then break
again, and again every time portage is merged?


-- 
Best regards,
Michał Górny
Attachment:
signature.asc (PGP signature)
Replies:
Re: RFC: Enable FEATURES="userpriv usersandbox" by default?
-- Zac Medico
Re: RFC: Enable FEATURES="userpriv usersandbox" by default?
-- Rich Freeman
References:
RFC: Enable FEATURES="userpriv usersandbox" by default?
-- Zac Medico
Re: RFC: Enable FEATURES="userpriv usersandbox" by default?
-- Agostino Sarubbo
Navigation:
Lists: gentoo-dev: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: RFC: Enable FEATURES="userpriv usersandbox" by default?
Next by thread:
Re: RFC: Enable FEATURES="userpriv usersandbox" by default?
Previous by date:
Re: [PATCH eutils] Move remove_libtool_files() from autotools-utils for wider use.
Next by date:
Re: [PATCH eutils] Move remove_libtool_files() from autotools-utils for wider use.


Updated Jun 29, 2012

Summary: Archive of the gentoo-dev mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.