being a normal user to build package
This is a discussion on being a normal user to build package within the Slackware Linux Support forums, part of the Unix Operating Systems category; --> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In alt.os.linux.slackware, Pawel Kot dared to utter, >> In order to know exactly ...
| |||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-19-2008, 09:21 PM
| ||||
| ||||
 Re: being a normal user to build package -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In alt.os.linux.slackware, Pawel Kot dared to utter, >> In order to know exactly what you >> need to set your permissions to, you really need to run "make install" >> to be sure you got things correct > > Preparing > packages as root may be dangerous (when eg. accidently overwrite some > files). Why do something as root what you don't need to? What did you not understand in "you really need to run 'make install' to be sure you got things corrent"? I've said this enough already, I won't be repeating myself further in this thread. Humans are unreliable at getting certain things (like permissions on special files in a package) correct. There's just too many little gotchas and getting any one of them wrong can 'cause you a headache, either immediately, or even worse, down the road when you've forgotten how you did someting and/or lost your documentation on how you did it. - -- It is better to hear the rebuke of the wise, Than for a man to hear the song of fools. Ecclesiastes 7:5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFB9s/rlKR45I6cfKARAiNkAJ9daahtp0J8g3ddcPTDn8nqChC19ACfa +5y ZfdK8PEPhgLuwJq9MVbOdKY= =5IHu -----END PGP SIGNATURE-----      |
|
02-19-2008, 09:21 PM
| |||
| |||
| Re: being a normal user to build package +Alan Hicks+ wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > In alt.os.linux.slackware, Pawel Kot dared to utter, >>> In order to know exactly what you >>> need to set your permissions to, you really need to run "make install" >>> to be sure you got things correct >> >> Preparing >> packages as root may be dangerous (when eg. accidently overwrite some >> files). Why do something as root what you don't need to? > > What did you not understand in "you really need to run 'make install' > to be sure you got things corrent"? That's not what I did not understood. That's what I disagree with. pkot -- p k o t a t b e z s e n s u d o t p l http://www.gnokii.org/ |
|
02-19-2008, 09:22 PM
| |||
| |||
| Re: being a normal user to build package On 2005-01-25, Pawel Kot <pkot@bez.sensu.pl> wrote: > +Alan Hicks+ wrote: >> >> What did you not understand in "you really need to run 'make install' >> to be sure you got things corrent"? > > That's not what I did not understood. That's what I disagree with. Your previous post did not explain how you disagree with the above. How can you know you're getting the permissions correct if you do not run make install? --keith -- kkeller-usenet@wombat.san-francisco.ca.us (try just my userid to email me) AOLSFAQ=http://wombat.san-francisco.ca.us/cgi-bin/fom |
|
02-19-2008, 09:22 PM
| |||
| |||
| Re: being a normal user to build package Keith Keller wrote: > Your previous post did not explain how you disagree with the above. How > can you know you're getting the permissions correct if you do not run > make install? well, obviously, by hand-checking every file... IMHO if you are creating packages meant for use beyond your own computer, you shouldn't even do it on your own working install, but on another clean install that is only used for the purpose. that way, you run the least risk that some of your own customisations on your system cause the package to not work properly on someone else's system. and if you have such a clean system, the risk of being root while creating a package are quite minimal. at worst you hose a virgin system. and if you create packages just for your own system, well, you're gonna be installing them as root anyway, so what's the extra risk of running 'make install DESTDIR=/tmp/package ; cd /tmp/package ; makepkg blah.tgz' as root? -- Joost Kremers joostkremers@yahoo.com Selbst in die Unterwelt dringt durch Spalten Licht EN:SiS(9) |
|
02-19-2008, 09:24 PM
| |||
| |||
| Re: being a normal user to build package Keith Keller wrote: > On 2005-01-25, Pawel Kot <pkot@bez.sensu.pl> wrote: >> +Alan Hicks+ wrote: >>> >>> What did you not understand in "you really need to run 'make install' >>> to be sure you got things corrent"? >> >> That's not what I did not understood. That's what I disagree with. > > Your previous post did not explain how you disagree with the above. How > can you know you're getting the permissions correct if you do not run > make install? By looking into the Makefile. pkot -- p k o t a t b e z s e n s u d o t p l http://www.gnokii.org/ |
|
02-19-2008, 09:25 PM
| |||
| |||
| Re: being a normal user to build package On 2005-01-27, Pawel Kot <pkot@bez.sensu.pl> wrote: > Keith Keller wrote: >> >> Your previous post did not explain how you disagree with the above. How >> can you know you're getting the permissions correct if you do not run >> make install? > > By looking into the Makefile. Manually, or by parsing it? I think the former would be quite error-prone, and I've not seen a tool that does the latter (well, I guess make -n install would work, but then you have to parse that output). So, I'm skeptical that your method is any better than running make install to determine ownership and permissions. --keith -- kkeller-usenet@wombat.san-francisco.ca.us (try just my userid to email me) AOLSFAQ=http://wombat.san-francisco.ca.us/cgi-bin/fom |
|
02-19-2008, 09:25 PM
| |||
| |||
| Re: being a normal user to build package -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NotDashEscaped: You need GnuPG to verify this message On 24 Jan 2005 23:34:17 GMT, Joost Kremers <joostkremers@yahoo.com> wrote: > no, it doesn't, because you really *do* need to be root in order to make a > package that has to be installed system-wide. why? because tar retains > ownership and permissions of files. if you were to create a package as user > and then install it as root system-wide, the files *and* the directories in > the package would obtain ownership and permissions of the user that created > the package. With existing tools, this is indeed correct. However, a tarball is just a file. It's created by the GNU tar program. Inside the file, it contains the contents of other files and extra information such as the file locations and permissions. It's just a file, it's entirely possible to create an application that would create a tarball containing files owned by somebody else - except storing them as being owned by root. You can't do this on the filesystem without being root because the kernel won't let you. The kernel has no such control over tarballs. IMHO, it's just easier to be root than to write a utility to create slackware packages from scratch like this... but it *is* at least theoretically possible to make 'em without being root. -- Rob | If not safe, http://rob.axpr.net | one can never be free. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFB+Tvphm6KEoOOAe0RAn2YAJwM8c7tkSnRHjK+VCO64F QKATdxFgCgpbTV 81V6Lcc8NAxV6u4EfmNQyfQ= =pp6X -----END PGP SIGNATURE----- |
|
02-19-2008, 09:25 PM
| |||
| |||
| Re: being a normal user to build package Keith Keller wrote: > On 2005-01-27, Pawel Kot <pkot@bez.sensu.pl> wrote: >> Keith Keller wrote: >>> >>> Your previous post did not explain how you disagree with the above. How >>> can you know you're getting the permissions correct if you do not run >>> make install? >> >> By looking into the Makefile. > > Manually, or by parsing it? Manually. > I think the former would be quite > error-prone, and I've not seen a tool that does the latter (well, I > guess make -n install would work, but then you have to parse that > output). So, I'm skeptical that your method is any better than running > make install to determine ownership and permissions. It's not better. It doesn't require root permissions. pkot -- p k o t a t b e z s e n s u d o t p l http://www.gnokii.org/ |
|
02-19-2008, 09:25 PM
| |||
| |||
| Re: being a normal user to build package AthlonRob wrote: > However, a tarball is just a file. It's created by the GNU tar program. > Inside the file, it contains the contents of other files and extra > information such as the file locations and permissions. It's just a > file, it's entirely possible to create an application that would create > a tarball containing files owned by somebody else - except storing them > as being owned by root. well, i've learned from this thread that gnu tar has that ability built in: you can set ownership and permissions for the files in the tar ball to anything you like. you can even set ownership to root.root if you're logged in as user. it's just that you cannot untar such tar balls without being root. if you do, the files will be unpacked, but they won't be owned by root. > IMHO, it's just easier to be root than to write a utility to create > slackware packages from scratch like this... but it *is* at least > theoretically possible to make 'em without being root. in fact, with tar's --owner, --group and --mode options, it would be painfully easy to write makepkg that way, at least for packages that do not require special ownership or permissions for certain files. and if you do need them, you could use fakeroot, also mentioned in this thread. so the tools *are* there. -- Joost Kremers joostkremers@yahoo.com Selbst in die Unterwelt dringt durch Spalten Licht EN:SiS(9) |
|
02-19-2008, 09:25 PM
| ||||
| ||||
| Re: being a normal user to build package -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In alt.os.linux.slackware, Joost Kremers dared to utter, > in fact, with tar's --owner, --group and --mode options, it would be > painfully easy to write makepkg that way, at least for packages that do not > require special ownership or permissions for certain files. and if you do > need them, you could use fakeroot, also mentioned in this thread. Well, makepkg already has something similar to this for directories, and speaks on why it's not such a great idea. If y, makepkg will reset all directory permissions to 755 and ownership to root:root. In general, you should have the permissions and ownerships worked out yourself, so relying on setting this option to y is somewhat sloppy. It is not the default. If an option is not provided, makepkg will prompt. Looking on directory ownership as being even less complex than file ownersip, I think that's a good enough reason _not_ to do it the cumbersome suggested way. Of the top of my head, I can only think of a handful of directories with permissions varyied from 755 root:root (/tmp and /var/tmp immediately spring to mind) not counting user created directories such as home directories. On the other hand, I can think of a slew of files that should have permissions not necessarily obvious. passwd comes to mind, being 4511. Then there's things like cdrecord and gpg (which Slackware does not setuid, though it's very common for this to be done later). I just don't see a compelling argument to modify makepkg to reset permissions on files, even if this could be magically done quick and easy by a Makefile parser. - -- It is better to hear the rebuke of the wise, Than for a man to hear the song of fools. Ecclesiastes 7:5 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFB+XaHlKR45I6cfKARApWRAJsGHyOk5YyWkmIHdMn/cyxW+HK0QQCbByEn F47ZAP6pdxbpXlQM1UYsJdM= =c6b7 -----END PGP SIGNATURE----- |
Linear Mode
