-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NotDashEscaped: You need GnuPG to verify this message

On 24 Jan 2005 23:34:17 GMT, Joost Kremers <joostkremers@yahoo.com> wrote:
> no, it doesn't, because you really *do* need to be root in order to make a
> package that has to be installed system-wide. why? because tar retains
> ownership and permissions of files. if you were to create a package as user
> and then install it as root system-wide, the files *and* the directories in
> the package would obtain ownership and permissions of the user that created
> the package.

With existing tools, this is indeed correct.

However, a tarball is just a file. It's created by the GNU tar program.
Inside the file, it contains the contents of other files and extra
information such as the file locations and permissions. It's just a
file, it's entirely possible to create an application that would create
a tarball containing files owned by somebody else - except storing them
as being owned by root.

You can't do this on the filesystem without being root because the
kernel won't let you. The kernel has no such control over tarballs.

IMHO, it's just easier to be root than to write a utility to create
slackware packages from scratch like this... but it *is* at least
theoretically possible to make 'em without being root.

--
Rob | If not safe,
http://rob.axpr.net | one can never be free.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFB+Tvphm6KEoOOAe0RAn2YAJwM8c7tkSnRHjK+VCO64F QKATdxFgCgpbTV
81V6Lcc8NAxV6u4EfmNQyfQ=
=pp6X
-----END PGP SIGNATURE-----