| 1 |
On 10/02/2014 21:03, Walter Dnes wrote: |
| 2 |
> On Mon, Feb 10, 2014 at 05:09:55PM +0000, Stroller wrote |
| 3 |
>> |
| 4 |
>> On Mon, 10 February 2014, at 4:55 pm, Gleb Klochkov <glebiuskv@×××××.com> wrote: |
| 5 |
>> |
| 6 |
>>> Hi. Try to use sudo with no password for eix-sync. |
| 7 |
>> |
| 8 |
>> I'd really rather not. Thanks, though. |
| 9 |
> |
| 10 |
> Being in group "portage" is not enough. That merely lets you do |
| 11 |
> emerges with "--pretend". "emerge --sync" modifies files in |
| 12 |
> /usr/portage. Files and directories in /usr/portage/ are user:group |
| 13 |
> root:root. Therefore you *NEED* root-level permission to modify them. |
| 14 |
|
| 15 |
Not quite, it's not a cut and dried as that. If root chowns the files to |
| 16 |
a regular user, and that user then syncs, ownership remains with the |
| 17 |
user (as a regular user can't chown stuff and the owner must remain the |
| 18 |
user regardless of what the master tree reckons the owning uid is). |
| 19 |
|
| 20 |
If the tree is then synced by root, well then all the problems come back :-) |
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
> No ifs/ands/ors/buts. The overall easiest method is to (as root)... |
| 26 |
> * "emerge sudoers" if it's not installed |
| 27 |
> * "visudo -f /etc/sudoers.d/001" (or whatever you want to call the file) |
| 28 |
> * set up the file. Here's a fragment from my system, with user |
| 29 |
> "waltdnes" and machine name "i660" |
| 30 |
> waltdnes i660 = (root) NOPASSWD: /usr/sbin/hibernate |
| 31 |
> waltdnes i660 = (root) NOPASSWD: /sbin/fdisk -l |
| 32 |
> |
| 33 |
> I could manually type the command with sudo, but I'm lazy. In my |
| 34 |
> /home/waltdnes/bin directory, I have a file "hb" |
| 35 |
> |
| 36 |
> #!/bin/bash |
| 37 |
> sync |
| 38 |
> sleep 15 |
| 39 |
> sudo /usr/sbin/hibernate |
| 40 |
> |
| 41 |
> and file "fdl" |
| 42 |
> |
| 43 |
> #!/bin/bash |
| 44 |
> sudo /sbin/fdisk -l |
| 45 |
> |
| 46 |
> To sync the machine, I could add to /etc/sudoers.d/001 |
| 47 |
> |
| 48 |
> waltdnes i660 = (root) NOPASSWD: /usr/bin/emerge --sync |
| 49 |
> |
| 50 |
> and create (as waltdnes) /home/waltdnes/emsy |
| 51 |
> |
| 52 |
> #!/bin/bash |
| 53 |
> /usr/bin/emerge --sync |
| 54 |
> |
| 55 |
> For security, I strongly recommend that the full path of the |
| 56 |
> executable be specified, as well as any options. Do not use the $* |
| 57 |
> commandline parameter in the sudoers file. It probably works, but is |
| 58 |
> too wide open. |
| 59 |
> |
| 60 |
|
| 61 |
|
| 62 |
-- |
| 63 |
Alan McKinnon |
| 64 |
alan.mckinnon@×××××.com |
Archives