[pacman-dev] Patch-proposal for makepkg: be able to use su for installations even if sudo is installed
Hi, at the moment makepkg will use sudo to obtain root privileges if it is installed, otherwise it will use su. This means that if sudo is configured to only allow special commands (and none of those is "pacman"), "makepkg -i" will fail to install the built package. Same goes for installing dependencies with "makepkg -s". The patch appended introduces a new variable into makepkg.conf named SUPER_USER_BINARY, which is set to "sudo" by default. With it being "sudo" makepkg will behave as it does currently, so there should be no breakages with updates. If not set to sudo, makepkg will ignore an installed sudo and use su right away. Comments on this? ~ Jonas
From d4d0e6914ce669123e77f6f470fdbe56e40b449a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonas=20Gro=C3=9Fe=20Sundrup?= <cherti@letopolis.de> Date: Sat, 25 Jul 2015 00:45:18 +0200 Subject: [PATCH] implemented option to use su even if sudo is installed
--- etc/makepkg.conf.in | 9 +++++++++ scripts/makepkg.sh.in | 10 ++++++---- 2 files changed, 15 insertions(+), 4 deletions(-) diff --git a/etc/makepkg.conf.in b/etc/makepkg.conf.in index 71ec624..e466edc 100644 --- a/etc/makepkg.conf.in +++ b/etc/makepkg.conf.in @@ -142,4 +142,13 @@ COMPRESSZ=(compress -c -f) PKGEXT='@PKGEXT@' SRCEXT='@SRCEXT@' +######################################################################### +# SUPER USER BINARY +######################################################################### +# +# how to obtain root-privileges for installing packages +# can be either sudo or su +# +SUPER_USER_BINARY='sudo' + # vim: set ft=sh ts=2 sw=2 et: diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 8b6557e..68edee5 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -229,7 +229,7 @@ run_pacman() { cmd=("$PACMAN_PATH" "$@") fi if [[ $1 != -@(T|Qq) ]]; then - if type -p sudo >/dev/null; then + if type -p sudo >/dev/null && [[ $SUPER_USER_BINARY == "sudo" ]]; then cmd=(sudo "${cmd[@]}") else cmd=(su root -c "$(printf '%q ' "${cmd[@]}")") @@ -1507,9 +1507,11 @@ check_software() { fi # check for sudo if we will need it during makepkg execution - if (( DEP_BIN || RMDEPS || INSTALL )); then - if ! type -p sudo >/dev/null; then - warning "$(gettext "Cannot find the %s binary. Will use %s to acquire root privileges.")" "sudo" "su" + if [[ $SUPER_USER_BINARY == "sudo" ]]; then + if (( DEP_BIN || RMDEPS || INSTALL )); then + if ! type -p sudo >/dev/null; then + warning "$(gettext "Cannot find the %s binary. Will use %s to acquire root privileges.")" "sudo" "su" + fi fi fi -- 2.4.6
On 26/07, Jonas Große Sundrup wrote:
Hi,
at the moment makepkg will use sudo to obtain root privileges if it is installed, otherwise it will use su. This means that if sudo is configured to only allow special commands (and none of those is "pacman"), "makepkg -i" will fail to install the built package. Same goes for installing dependencies with "makepkg -s".
The patch appended introduces a new variable into makepkg.conf named SUPER_USER_BINARY, which is set to "sudo" by default. With it being "sudo" makepkg will behave as it does currently, so there should be no breakages with updates. If not set to sudo, makepkg will ignore an installed sudo and use su right away.
If the user has access to the root password, why is their sudo commands so limited in the first place? -- Sincerely, Johannes Löthberg PGP Key ID: 0x50FB9B273A9D0BB5 https://theos.kyriasis.com/~kyrias/
Johannes Löthberg wrote:
If the user has access to the root password, why is their sudo commands so limited in the first place?
For example one could use sudo to whitelist certain commands for certain users, whereas the administrator still uses su for general system maintenance (especially if the administrator is not really using that system and basically just uses the root-account for system maintenance; for building packages you could easily do "su pkguser" as root without needing a password and build packages that way). An other option is using sudo to whitelist network-related stuff to be able to switch networks or run "netctl-auto list" without entering a password etc. and use su for password-protected root-operations. If you combine that with an autologin for the user, the user doesn't even have to remember the userpassword. In both scenarios one would need su for packet installations while sudo is still installed. ~ Jonas
On Jul 27, 2015 02:48, "Jonas Große Sundrup" <jonas-aml@letopolis.de> wrote:
Johannes Löthberg wrote:
If the user has access to the root password, why is their sudo commands so limited in the first place?
For example one could use sudo to whitelist certain commands for certain users, whereas the administrator still uses su for general system maintenance (especially if the administrator is not really using that system and basically just uses the root-account for system maintenance; for building packages you could easily do "su pkguser" as root without needing a password and build packages that way).
If 'pkguser' is a dedicated user for building packages, why wouldn't it have sudo configured for properly building packages? If it's a shared user, make a dedicated user?
An other option is using sudo to whitelist network-related stuff to be able to switch networks or run "netctl-auto list" without entering a password etc. and use su for password-protected root-operations. If you combine that with an autologin for the user, the user doesn't even have to remember the userpassword.
This is irrelevant to makepkg configuration.
In both scenarios one would need su for packet installations while sudo is still installed.
Sorry, I'm still not understanding your use case and why this shouldn't be solved by properly configuring sudo.
You could solve it by configuring sudo to use the user's password for maintenance, but I simply prefer using the root-password for system related stuff and using sudo soley to whitelist certain commands that I'd like to run without entering a password, to have a consistent separation of maintenance-related tasks like package management and day-to-day-tasks like connecting to a network. Therefore the idea of giving the user the option to choose the super user binary to allow flexibility in that regard. ~ Jonas
On Mon, 27 Jul 2015 10:53:59 +0200 Jonas Große Sundrup <jonas-aml@letopolis.de> wrote:
You could solve it by configuring sudo to use the user's password for maintenance, but I simply prefer using the root-password for system related stuff
sudo can be configured to ask for the target's password rather than your own. man sudoers look for "targetpw". I've only ever used it for a whole user, but according to documentation it's even possible to set it on a command by command basis. I don't know the syntax for that though.
Therefore the idea of giving the user the option to choose the super user binary to allow flexibility in that regard.
If you want to give flexibility you should rather use the value of the variable as the executable to call, not use it in a comparison that falls back to su if the value isn't sudo. That said I don't see the value in adding more complexity to makepkg when sudo can already do everything and more.
On 27/07/15 20:41, Florian Pritz wrote:
On Mon, 27 Jul 2015 10:53:59 +0200 Jonas Große Sundrup <jonas-aml@letopolis.de> wrote:
You could solve it by configuring sudo to use the user's password for maintenance, but I simply prefer using the root-password for system related stuff
sudo can be configured to ask for the target's password rather than your own. man sudoers look for "targetpw". I've only ever used it for a whole user, but according to documentation it's even possible to set it on a command by command basis. I don't know the syntax for that though.
Therefore the idea of giving the user the option to choose the super user binary to allow flexibility in that regard.
If you want to give flexibility you should rather use the value of the variable as the executable to call, not use it in a comparison that falls back to su if the value isn't sudo.
That said I don't see the value in adding more complexity to makepkg when sudo can already do everything and more.
I agree that if sudo can be set-up with the restricted permissions in the still proposed, then we should not be adding this to makepkg. A
Convinced, consider the proposal withdrawn. ~ Jonas
participants (5)
-
Allan McRae
-
Dave Reisner
-
Florian Pritz
-
Johannes Löthberg
-
Jonas Große Sundrup