[pacman-dev] Patch-proposal for makepkg: be able to use su for installations even if sudo is installed

Dave Reisner d at falconindy.com
Mon Jul 27 06:44:17 UTC 2015


On Jul 27, 2015 02:48, "Jonas Große Sundrup" <jonas-aml at letopolis.de> wrote:
>
> Johannes Löthberg wrote:
> > If the user has access to the root password, why is their sudo commands
> > so limited in the first place?
>
> For example one could use sudo to whitelist certain commands for certain
> users, whereas the administrator still uses su for general system
> maintenance (especially if the administrator is not really using that
> system and basically just uses the root-account for system maintenance;
> for building packages you could easily do "su pkguser" as root without
> needing a password and build packages that way).

If 'pkguser' is a dedicated user for building packages, why wouldn't it
have sudo configured for properly building packages? If it's a shared user,
make a dedicated user?

> An other option is using sudo to whitelist network-related stuff to be
> able to switch networks or run "netctl-auto list" without entering a
> password etc. and use su for password-protected root-operations.
> If you combine that with an autologin for the user, the user doesn't
> even have to remember the userpassword.

This is irrelevant to makepkg configuration.

> In both scenarios one would need su for packet installations while sudo
> is still installed.

Sorry, I'm still not understanding your use case and why this shouldn't be
solved by properly configuring sudo.


More information about the pacman-dev mailing list