[pacman-dev] [PATCH] doas makepkg support

Erich Ericson fakefakefans at gmail.com
Mon Feb 22 15:07:37 UTC 2021 

The following patches should enable doas support for privilege
escalation in makepkg as well as document the absence thereof in
binary verification. As doas gained a little traction over the last
weeks and with its presence in the official repos it seems like a
cheap, yet beneficial patch to the featureset of makepkg. It might not
be an exhaustive patchset as I don't know all of makepkg's and
libmakepkg's intricacies, but it has been tested by me and seems to
work as expected. Nonetheless those patches should "point in the right
direction".

>From 10ffa30e21e94801c444704362342610e49034ab Mon Sep 17 00:00:00 2001
From: Erich Ericson <fakefakefans at gmail.com>
Date: Sun, 21 Feb 2021 01:12:04 +0100
Subject: [PATCH] doas privilege escalation in makepkg

Signed-off-by: Erich Ericson <fakefakefans at gmail.com>
---
 scripts/makepkg.sh.in | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in
index b39433f3..47b3001d 100644
--- a/scripts/makepkg.sh.in
+++ b/scripts/makepkg.sh.in
@@ -232,6 +232,8 @@ run_pacman() {
         cmd=("$PACMAN_PATH" "${PACMAN_OPTS[@]}" "$@")
         if type -p sudo >/dev/null; then
             cmd=(sudo "${cmd[@]}")
+       elif type -p doas >/dev/null; then
+           cmd=(doas "${cmd[@]}")
         else
             cmd=(su root -c "$(printf '%q ' "${cmd[@]}")")
         fi
-- 
2.30.1

>From 2a455f2adc1bc87ed6b1d23261c8f911a7cc066b Mon Sep 17 00:00:00 2001
From: Erich Ericson <fakefakefans at gmail.com>
Date: Sun, 21 Feb 2021 17:35:26 +0100
Subject: [PATCH] add prompting support for doas binary

Signed-off-by: Erich Ericson <fakefakefans at gmail.com>
---
 scripts/libmakepkg/executable/sudo.sh.in | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/libmakepkg/executable/sudo.sh.in
b/scripts/libmakepkg/executable/sudo.sh.in
index 9e50a76b..4d701946 100644
--- a/scripts/libmakepkg/executable/sudo.sh.in
+++ b/scripts/libmakepkg/executable/sudo.sh.in
@@ -29,8 +29,8 @@ executable_functions+=('executable_sudo')

 executable_sudo() {
     if (( DEP_BIN || RMDEPS || INSTALL )); then
-        if ! type -p sudo >/dev/null; then
-            warning "$(gettext "Cannot find the %s binary. Will use
%s to acquire root privileges.")" "sudo" "su"
+        if ! type -p sudo >/dev/null || ! type -p doas >/dev/null; then
+            warning "$(gettext "Cannot find neither the %s nor %s
binary. Will use %s to acquire root privileges.")" "sudo" "doas" "su"
         fi
     fi
 }
-- 
2.30.1

Erich "DaErich" Ericson

More information about the pacman-dev mailing list