1 |
On Wed, Feb 27, 2008 at 06:19:39PM -0600, Jeremy wrote: |
2 |
|
3 |
>> I'm afraid not, because when installing as user michael dosbin can't |
4 |
>> chown a file to root:amanda and chmod it 1750. I'd have to fix |
5 |
>> permissions manually all the time. |
6 |
|
7 |
> Support for serveice scripts or daemons that run as root are not currently |
8 |
> supported. See bug #196294 if you would like to contribute. the baselayout |
9 |
> version in prefix is really old and needs alot of work. |
10 |
|
11 |
Since Mac OS X now consistently uses launchd, which is hugely different |
12 |
from sysvinit/inetd, I expected and accepted that. I'm looking for |
13 |
root-safeness. |
14 |
|
15 |
I'll have a go this evening at: |
16 |
|
17 |
- compiling as root and seeing if the resulting permissions are sensible |
18 |
- compiling as root and looking into preventing files outside of |
19 |
$EPREFIX being overwritten |
20 |
|
21 |
I realised that fink doesn't do the second part either, so it's not that |
22 |
much of a showstopper if prefix-portage doesn't do it. But it'd sure be |
23 |
nice to have. |
24 |
|
25 |
I also realised that sandbox might be Linux-specific and therefore take |
26 |
a lot of effort to port to Mac OS X. A first step might be for emerge to |
27 |
refuse placing files outside of $EPREFIX. This wouldn't catch broken |
28 |
make install scripts overwriting /bin/bash but would catch broken |
29 |
ebuilds compiling for /bin/bash instead of $EPREFIX/bin/bash. |
30 |
|
31 |
How might FEATURES="userpriv" help here, d'you think? |
32 |
-- |
33 |
Micha |
34 |
-- |
35 |
gentoo-alt@l.g.o mailing list |