1 |
On Mon, Feb 10, 2014 at 05:09:55PM +0000, Stroller wrote |
2 |
> |
3 |
> On Mon, 10 February 2014, at 4:55 pm, Gleb Klochkov <glebiuskv@×××××.com> wrote: |
4 |
> |
5 |
> > Hi. Try to use sudo with no password for eix-sync. |
6 |
> |
7 |
> I'd really rather not. Thanks, though. |
8 |
|
9 |
Being in group "portage" is not enough. That merely lets you do |
10 |
emerges with "--pretend". "emerge --sync" modifies files in |
11 |
/usr/portage. Files and directories in /usr/portage/ are user:group |
12 |
root:root. Therefore you *NEED* root-level permission to modify them. |
13 |
No ifs/ands/ors/buts. The overall easiest method is to (as root)... |
14 |
* "emerge sudoers" if it's not installed |
15 |
* "visudo -f /etc/sudoers.d/001" (or whatever you want to call the file) |
16 |
* set up the file. Here's a fragment from my system, with user |
17 |
"waltdnes" and machine name "i660" |
18 |
waltdnes i660 = (root) NOPASSWD: /usr/sbin/hibernate |
19 |
waltdnes i660 = (root) NOPASSWD: /sbin/fdisk -l |
20 |
|
21 |
I could manually type the command with sudo, but I'm lazy. In my |
22 |
/home/waltdnes/bin directory, I have a file "hb" |
23 |
|
24 |
#!/bin/bash |
25 |
sync |
26 |
sleep 15 |
27 |
sudo /usr/sbin/hibernate |
28 |
|
29 |
and file "fdl" |
30 |
|
31 |
#!/bin/bash |
32 |
sudo /sbin/fdisk -l |
33 |
|
34 |
To sync the machine, I could add to /etc/sudoers.d/001 |
35 |
|
36 |
waltdnes i660 = (root) NOPASSWD: /usr/bin/emerge --sync |
37 |
|
38 |
and create (as waltdnes) /home/waltdnes/emsy |
39 |
|
40 |
#!/bin/bash |
41 |
/usr/bin/emerge --sync |
42 |
|
43 |
For security, I strongly recommend that the full path of the |
44 |
executable be specified, as well as any options. Do not use the $* |
45 |
commandline parameter in the sudoers file. It probably works, but is |
46 |
too wide open. |
47 |
|
48 |
-- |
49 |
Walter Dnes <waltdnes@××××××××.org> |
50 |
I don't run "desktop environments"; I run useful applications |