[pacman-dev] [PATCH] Only try to create keyring directory when root
Dan McGee
dpmcgee at gmail.com
Tue Mar 29 19:16:52 EDT 2011
On Tue, Mar 29, 2011 at 6:07 PM, Rémy Oudompheng
<remyoudompheng at gmail.com> wrote:
> On 2011/3/30 Dan McGee <dpmcgee at gmail.com> wrote:
>> Sorry- I forgot to get back to you, but I thought you would pick up on
>> it from the other conversation. This patch makes --help not break, but
>> doesn't do it in a way I like. I have a bad taste in my mouth for all
>> UID-specific workarounds in most pacman code due to this monstrosity:
>> http://projects.archlinux.org/pacman.git/tree/src/pacman/util.c#n89
>
> That's makes me remember a day when I wanted to use pacman to maintain
> packages in my HOME on a foreign system. Is it desirable to get rid of
> that? That's actually very strange that pacman wants to check such a
> thing whereas libalpm doesn't.
You haven't been here long, have you? :) pacman and libalpm have a lot
of gotchas like this, as the frontend/backend split was done a tad
oddly way back when. libalpm would eat s**t pretty fast without this
safeguard though, as far as I know.
> Proper write permission checking in libalpm seems to be sufficient
> (with good error catching in pacman).
That's the quick assumption, then you start to peel the layers from
the onion like we've all tried in the past because this problem seems
simple. You forgot:
* ldconfig invocation
* scriptlets and chrooting, even if root is "/" (see commit 5d30c5c0b76e)
* extraction permissions- chown. chmod, etc.
* database locking (commit f4ecc908eccc3a for example)
-Dan
More information about the pacman-dev
mailing list