[pacman-dev] Adding privilege levitation to pacman
Maarten de Vries
maarten at de-vri.es
Mon Jan 4 16:11:43 UTC 2021
On 04-01-2021 14:47, Emil Velikov via pacman-dev wrote:
> Hello everyone,
Hey :)
> For a while now I've been wondering about adding privilege elevation
> to pacman, or if you prefer to libalpm.
> In particular, one that uses polkit akin to systemd and various other tools.
Privilege separation could be a nice feature for pacman, like Levente
said. However, if you want pacman to be run as non-root and then
automagically gain required privileges to overwrite system files through
polkit, I don't think that is something I would want.
For starters, `pacman -U` with a custom package would allow you to
overwrite anything with anything. In general, requiring root to use
pacman is a good thing.
If you were to add restrictions on the allowed commands or require group
membership, why not simply use custom sudo rules? You can configure sudo
to allow certain commands without asking for a password if you really
want to (but I wouldn't recommend that for pacman).
The opposite does sound nice: have pacman start as root and then drop
privileges for parts of the code where it is not required.
> The reason behind this is a multiple fold, but my main selfish wish is
> to get rid of yaourt. As you know, it is an "unsafe pacman wrapper"
> which is capable of a very basic elevation via sudo.
> Once that is complete, I have been itching to try and minimise the
> use/requirement of root, or as it's better known - apply the principle
> of least privilege.
If you just want `pacman` to automatically be `sudo pacman`, you can
just add a shell alias or wrapper script in your $PATH :)
> Would either of the above be suitable for inclusion in pacman/libalpm?
> Having the thumbs-up, before writing and testing the code, would be
> appreciated.
>
> Thanks
> Emil
Regards,
Maarten
More information about the pacman-dev
mailing list