1 |
On Thu, 30 Sep 2004 14:28:12 +0100, Ciaran McCreesh <ciaranm@g.o> wrote: |
2 |
> On Thu, 30 Sep 2004 10:24:46 -0300 "Chris L. Mason" <clmason@×××××.com> |
3 |
> wrote: |
4 |
> | I've been trying to figure out if it is possible to have all emerges |
5 |
> | (especially the builds) to be done as a non-root user, and have the |
6 |
> | process call sudo (or similar) only for the final merge. All |
7 |
> | downloading, unpacking, compiling and installing to the fake target |
8 |
> | should be doable without root permissions. So, you'd just need to be |
9 |
> | in the portage group, and be configured in sudo. |
10 |
> |
11 |
> Well, there's FEATURES="userpriv"... |
12 |
|
13 |
Okay, just checked the man page for make.conf: |
14 |
|
15 |
userpriv |
16 |
Allow portage to drop root privledges and compile pack- |
17 |
ages as portage:portage without a sandbox (unless user- |
18 |
sandbox is also used). |
19 |
|
20 |
That looks useful, however, I think it would be more secure to always |
21 |
run *without* root permissions, then acquire them when needed (i.e. |
22 |
*just* for the merge to root.) Also, that allows people to call |
23 |
emerge as a regular user, without having to su to root. |
24 |
|
25 |
|
26 |
Chris |
27 |
(reposting to list, I need to get used to responding to mailing lists in gmail) |
28 |
|
29 |
-- |
30 |
gentoo-dev@g.o mailing list |