From owner-freebsd-questions@freebsd.org Sun Jun 11 06:10:07 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C1E55BFF333 for ; Sun, 11 Jun 2017 06:10:07 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mailrelay14.qsc.de (mailrelay14.qsc.de [212.99.163.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.antispameurope.com", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4639B7525A for ; Sun, 11 Jun 2017 06:10:06 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx01.qsc.de ([213.148.129.14]) by mailrelay14.qsc.de; Sun, 11 Jun 2017 08:10:02 +0200 Received: from r56.edvax.de (port-92-195-58-9.dynamic.qsc.de [92.195.58.9]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx01.qsc.de (Postfix) with ESMTPS id E21553CBF9; Sun, 11 Jun 2017 08:10:01 +0200 (CEST) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id v5B6A0Sj002011; Sun, 11 Jun 2017 08:10:00 +0200 (CEST) (envelope-from freebsd@edvax.de) Date: Sun, 11 Jun 2017 08:10:00 +0200 From: Polytropon To: Baho Utot Cc: FreeBSD Questions Subject: Re: Building base source Message-Id: <20170611081000.0916e602.freebsd@edvax.de> In-Reply-To: <9c41c5df-9874-3e37-8f8c-f58c63419887@columbus.rr.com> References: <44y3t19e5i.fsf@lowell-desk.lan> <872fe20f-fece-9980-2c8f-10e9492ab786@columbus.rr.com> <20170610052351.000ca108.freebsd@edvax.de> <20170611001151.d3d76bf8.freebsd@edvax.de> <9c41c5df-9874-3e37-8f8c-f58c63419887@columbus.rr.com> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-cloud-security-sender: freebsd@edvax.de X-cloud-security-recipient: freebsd-questions@freebsd.org X-cloud-security-Virusscan: CLEAN X-cloud-security-disclaimer: This E-Mail was scanned by E-Mailservice on mailrelay14.qsc.de with 63B73683E8A X-cloud-security-connect: mx01.qsc.de[213.148.129.14], TLS=1, IP=213.148.129.14 X-cloud-security: scantime:.1293 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 11 Jun 2017 06:10:07 -0000 On Sat, 10 Jun 2017 21:30:11 -0400, Baho Utot wrote: > > > On 06/10/17 18:11, Polytropon wrote: > > On Sat, 10 Jun 2017 09:40:37 -0400, Baho Utot wrote: > >> > >> > >> On 06/09/17 23:23, Polytropon wrote: > >>> On Fri, 9 Jun 2017 16:01:25 -0400, Baho Utot wrote: > >>>> > >>>> > >>>> On 06/09/17 15:03, Lowell Gilbert wrote: > >>>>> Baho Utot writes: > >>>>> > >>>>>> I am experimenting with building the base source. > >>>>>> > >>>>>> What do I need to set (which knobs) to be able to build the base > >>>>>> source and have the binaries built into a home directory. > >>>>>> > >>>>>> The source will be in /usr/src but I want all the binaries and all > >>>>>> other files produced by the build to goto in > >>>>>> /usr/home/FreeBSD/base/target. > >>>>>> > >>>>>> Will it be a copy of want is installed in the / (root) filesystem? > >>>>> > >>>>> https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html > >>>>> > >>>> > >>>> I have already looked at that. That is why I have the questions. I > >>>> want to build the base as a user and have it install its stuff into a > >>>> subdirectory. > >>> > >>> There are two variables that you will need to set: the directory > >>> where the build happens, and the one where the result from that > >>> build will be written to. The solution is quite simple, and of > >>> course already present in the build infrastructure: > >>> > >>> Set MAKEOBJDIRPREFIX and DESTDIR to locations where your $USER > >>> has write access. > >>> > >>> > >>> > >> > >> I want to build with a user so if I make a mistake ( very likely ) it > >> will not damage the running system. I have found that make > >> installkernel and installworld requires root user because it sets the > >> user as root perms regardless of where the install is going. > > > > I think the main problem here is things like setuid; those > > tasks cannot be performed by a non-root user. Maybe you can > > check if a memebership in the groups wheel or operator is > > sufficient? In worst case, use su, sudo, or super (while > > having MAKEOBJDIRPREFIX and DESTDIR set to non-system > > locations). > > > > > > The problem is that make installworld wants to chown to root:wheel which > will not fly if you are not root. > > The setuid may be an additional issue. In linux one could still setuid > will still not being root. That is a precise answer, thank you. It illustrates very well the difference between the security concepts implemented in FreeBSD vs. in Linux. The install* targets require root access (because that's what they do: they install stuff to the location given in DESTDIR, and doing "root only stuff" belongs to that task). It seems to be impossible to run the install* targets as a non-root user (except you modify the parts that require root permissions manually). -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...