On Thu, Aug 13, 2015 at 10:56:42PM +0200, seblu@archlinux.org wrote:
From: Sébastien Luttringer <seblu@seblu.net>
This add sudo config to allow member of devtools group to run build commands as root without password --- Makefile | 3 +++ sudoers | 12 ++++++++++++ 2 files changed, 15 insertions(+) create mode 100644 sudoers
diff --git a/Makefile b/Makefile index dcdb522..d071602 100644 --- a/Makefile +++ b/Makefile @@ -95,6 +95,8 @@ install: for l in ${BASHCOMPLETION_LINKS}; do ln -sf devtools $(DESTDIR)/usr/share/bash-completion/completions/$$l; done install -Dm0644 zsh_completion $(DESTDIR)$(PREFIX)/share/zsh/site-functions/_devtools ln -sf archco $(DESTDIR)$(PREFIX)/bin/communityco + install -dm750 $(DESTDIR)/etc/sudoers.d
This is redundant with the line below...
+ install -Dm0644 sudoers $(DESTDIR)/etc/sudoers.d/50-devtools
uninstall: for f in ${BINPROGS}; do rm -f $(DESTDIR)$(PREFIX)/bin/$$f; done @@ -106,6 +108,7 @@ uninstall: rm $(DESTDIR)$(PREFIX)/share/zsh/site-functions/_devtools rm -f $(DESTDIR)$(PREFIX)/bin/communityco rm -f $(DESTDIR)$(PREFIX)/bin/find-libprovides + rm -f $(DESTDIR)$/etc/sudoers.d/50-devtools
dist: git archive --format=tar --prefix=devtools-$(V)/ $(V) | gzip -9 > devtools-$(V).tar.gz diff --git a/sudoers b/sudoers new file mode 100644 index 0000000..42508e4 --- /dev/null +++ b/sudoers @@ -0,0 +1,12 @@ +Cmnd_Alias DEVTOOLS = \ + /usr/bin/makechrootpkg, \ + /usr/bin/extra-i686-build, /usr/bin/extra-x86_64-build, /usr/bin/extra-build, \ + /usr/bin/testing-i686-build, /usr/bin/testing-x86_64-build, /usr/bin/testing-build, \ + /usr/bin/staging-i686-build, /usr/bin/staging-x86_64-build, /usr/bin/staging-build, \ + /usr/bin/multilib-build, /usr/bin/multilib-testing-build, /usr/bin/multilib-staging-build, \ + /usr/bin/kde-unstable-i686-build, /usr/bin/kde-unstable-x86_64-build, \ + /usr/bin/gnome-unstable-i686-build, /usr/bin/gnome-unstable-x86_64-build
Where do binary names like 'extra-build' and 'testing-build' come from? These aren't provided by devtools... We probably want this list generated from the Makefile to keep it in sync with reality.
+ +Defaults!DEVTOOLS umask_override + +%devtools ALL=(root) NOPASSWD: DEVTOOLS -- Sébastien "Seblu" Luttringer