On 04/03/14 10:19, William Giokas wrote:
In order to run pacman as a non-root user to install packages to non-system (somewhere in $HOME or something) it was required to fake your root status using fakeroot. This allows users to specify a config directive, `NoRoot` to tell pacman that it should not check for root privileges.
There is also an option in makepkg to allow it to not use root, as otherwise it will call 'sudo' or 'su' when using pacman to install or remove installed packages. ---
WIP. I'm intending to use pacman and makepkg as a manager for some game mods, and this was the only thing really holding it back. I had done some tests using fakeroot and other ways of getting around these checks, but this is something that I thought should really go into pacman. Will allow even more people to use things like pacman and PKGBUILDs for other things, like games and user packages. Might also let us do some testing without having to fake root.
Because WIP I haven't added docs yet. Just thought I'd get someone to look this over because I generally don't code in C, and it probably is disgusting. It's really just a carbon copy of the checkspace stuff, except in util.c.
Thanks for looking it over, and sorry in advance for it being horrible.
Bill Giokas (kaictl)
<snip>
diff --git a/src/pacman/util.c b/src/pacman/util.c index d42e27b..d10bc7d 100644 --- a/src/pacman/util.c +++ b/src/pacman/util.c @@ -102,6 +102,9 @@ int trans_release(void)
int needs_root(void) { + if(config->noroot == 1) { + return 0; + } switch(config->op) { case PM_OP_DATABASE: return 1;
pacman -S --noroot glibc -> BOOM! Well, boom being pacman errors out during package extraction. At a minimum, I would expect pacman to check whether I can write to all the directories in the package file. The database directory should only ever be writeable by root. It would be a major security issue otherwise (particularly as one promenant distribution can still not sign databases...). So how would a user of "--noroot" add a database? If we are restricting them to -U, there is no need for makepkg support. In conclusion, I'd like to see a very well thought out plan discussed before I look at code for this. Allan