From owner-freebsd-current@FreeBSD.ORG Thu Oct 18 12:44:22 2007 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A307B16A41B for ; Thu, 18 Oct 2007 12:44:22 +0000 (UTC) (envelope-from skip@menantico.com) Received: from vms040pub.verizon.net (vms040pub.verizon.net [206.46.252.40]) by mx1.freebsd.org (Postfix) with ESMTP id 88C8C13C46E for ; Thu, 18 Oct 2007 12:44:22 +0000 (UTC) (envelope-from skip@menantico.com) Received: from mx.menantico.com ([71.188.11.206]) by vms040.mailsrvcs.net (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) with ESMTPA id <0JQ300GROY1KZHU8@vms040.mailsrvcs.net> for freebsd-current@freebsd.org; Thu, 18 Oct 2007 07:44:08 -0500 (CDT) Date: Thu, 18 Oct 2007 08:45:44 -0400 From: Skip Ford In-reply-to: <471746C7.20306@conducive.net> To: Bill Hacker Mail-followup-to: Bill Hacker , freebsd-current@freebsd.org Message-id: <20071018124544.GI51310@menantico.com> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-disposition: inline References: <00bd01c810ec$10371230$0c00a8c0@Artem> <8cb6106e0710171143m3dff7546o457192ede76e6598@mail.gmail.com> <012c01c810f3$aafeecf0$0c00a8c0@Artem> <20071017193615.GO9006@server.vk2pj.dyndns.org> <471667DB.1010601@conducive.net> <47170FF1.3050602@moneybookers.com> <471746C7.20306@conducive.net> User-Agent: Mutt/1.4.2.3i Cc: freebsd-current@freebsd.org Subject: Re: Broken su in current - trying to fix myself, help needed! X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Oct 2007 12:44:22 -0000 ??? Bill Hacker wrote: > Stefan Lambrev wrote: > >I see something similar on all ports that have OPTIONS (make config). > >Here is example (do this as user member of wheel, but not root): > > Stop right there. '..NOT root'?? > > Why would I DO that? There are lots of reasons one might build a port as someone other than root. > I'd *expect* a port to have problems if not invoked as EUID 'root' You shouldn't. It's supported. > ls -lF /usr/ports// > > Owner of the entire tree is 'root' with rwx and rw-. > > Group and 'others' do not have 'w' privs, only 'r--'. > > Note a 'make' cycle creates a ~/work/ within that tree. > When invoked as root. Cannot do so otherwise. It creates ${WRKDIR}, which happens to default to ${.CURDIR}/work. But you can build to any directory to which you can write. > HTH do you expect to write the results output by ./configure to a dirtree > you do not have the privilege to write to *at all*? > > pkg_add and pkgsrc work a bit diferently w/r their workspace, but these, > too can be expected to encounter problems if invoked by other than 'root'. > > If nothing else breaks first, they can neither install to the various > ~/lib, ~/libexec, ~/bin, ~/sbin or even ~/etc dirtrees, nor update > /var/db/pkg. Assuming that's where you want to install what you've built, you'd need root for that. But again, you can install to another directory just like you can build in another directory. And you can maintain your own database of installed ports in whatevery directory you want as well. > Read ls -lF on those critters, and you'll see why. > > IF/AS/WHEN you want to take an advance look at what *would* transpire in a > build w/o doing it as 'root', you need to open the tarball(s) elsewhere, > where your current EUID *does* have rwx privs. This was all solved a long time ago. If the ports system didn't support all of this, there would be no need for it to ever invoke su(1) as has been referenced within this thread to begin with. You might want to read /usr/ports/Mk/bsd.port.mk -- Skip