[pacman-dev] [PATCH 10/11] makepkg: do not ask sudo password twice
Dan McGee
dpmcgee at gmail.com
Thu Jun 17 20:09:07 EDT 2010
On Thu, Jun 17, 2010 at 6:37 PM, Allan McRae <allan at archlinux.org> wrote:
> On 18/06/10 09:12, Loui Chang wrote:
>>
>> On Fri 18 Jun 2010 08:19 +1000, Allan McRae wrote:
>>>
>>> On 18/06/10 01:09, Loui Chang wrote:
>>>>
>>>> On Fri 18 Jun 2010 00:30 +1000, Allan McRae wrote:
>>>>>
>>>>> I think I have found the issue here. We obviously have a NOPASSWD
>>>>> entry in our sudoers file so "sudo -l" does not require a password.
>>>>>
>>>>> So the bug is confirmed. However the fix is not fully functional as
>>>>> if I have sudo installed but can not use it for pacman, then I can
>>>>> no longer fall back to using "su -c". I'd choose excess password
>>>>> typing over functionality loss.
>>>>
>>>> Why not just take sudo and asroot out of the equation and treat makepkg
>>>> as a real non-handholding executable?
>>>
>>> What do you mean? Remove automatic dependency installation or
>>> require the entire thin to be run as root?
>>
>> Enable the entire thing to be run as any user.
>>
>> A user does not necessarily need to be called 'root' to have package
>> manager privileges, nor do they need to be 'root' to have superuser
>> privileges, so why do we need a special flag for when the user does
>> happen to be 'root'?
>>
>> I think a user should arrange those himself, rather than having makepkg
>> assume that he wants to become root via sudo. If the user hasn't
>> previously arranged the privs, then makepkg dependency installation
>> should fail.
>>
>> In my opinion any use of sudo, and any restrictions on root in makepkg
>> should be removed. If you're keen to this idea I could provide some
>> patches.
>
> I still am not sure where you are going with this...
>
> 1) pacman requires you to be root to install packages (or at least UID=0 I
> think)
>> pacman -S pacman
> error: you cannot perform this operation unless you are root.
Correct. There is really no way to avoid being root here; you are
going to touch everything on the system *and* you need arbitrary
command execution.
/* geteuid undefined in CYGWIN */
uid_t myuid = geteuid();
......
/* check if we have sufficient permission for the requested operation */
if(myuid > 0 && needs_root()) {
pm_printf(PM_LOG_ERROR, _("you cannot perform this operation
unless you are root.\n"));
cleanup(EXIT_FAILURE);
}
> 2) Doing the actual packaging as root is dangerous, especially if you have
> "make install" by accident in your PKGBUILD. Or, as does happen, the
> software has a shitty Makefile and ignores DESTDIR for part of the
> installation (for this reason --asroot is not being removed).
+1000, Try packaging munin sometime from a blank slate as root and let
me know when you un-screw your system. I have spent a long time
haggling with packages like that to make sure they are actually doing
their work in $pkgdest rather than my live system.
> So we have conflicting needs within makepkg. root to install, non-root to
> build. When makepkg needs to install dependency packages, it checks if sudo
> is an option and if not falls back to using "su -c", and if that fails it
> gives up. Are you proposing that it just gives up straight away and not
> attempt privilege escalation?
Couldn't have said it better myself, thank you Allan.
-Dan
More information about the pacman-dev
mailing list