[pacman-dev] [PATCH 10/11] makepkg: do not ask sudo password twice

[Andres P]

On Thu, Jun 17, 2010 at 7:07 PM, Allan McRae <allan at archlinux.org> wrote:
> 2) Doing the actual packaging as root is dangerous, especially if you have
> "make install" by accident in your PKGBUILD.  Or, as does happen, the
> software has a shitty Makefile and ignores DESTDIR for part of the
> installation (for this reason --asroot is not being removed).
>

If at any point you encounter a "shitty" makefile, then you submit a patch
upstream like anybody else. The last thing you do is put a "shitty" workaround
in a bash script.

> So we have conflicting needs within makepkg.  root to install, non-root to
> build.  When makepkg needs to install dependency packages, it checks if sudo
> is an option and if not falls back to using "su -c", and if that fails it
> gives up.  Are you proposing that it just gives up straight away and not
> attempt privilege escalation?
>

All of this insight going nowhere, and the fact still stands that this
behaviour is *new*.

If sudo -l && sudo means 2 password prompts, then the logical route that
makepkg can take is either assume that if sudo is in PATH (type -p sudo), then
that means it's configured to run makepkg. If it's not in PATH, then su it is.

The other route would be to revert to what you had in the repo before the
commit that's been refered to took place, but that would make too much sense.

Andres P