[sbopkg-discuss] Re: Package ownership
Chess Griffin
chess at chessgriffin.com
Wed Feb 11 00:45:20 UTC 2009
* T2F <bkirkp at gmail.com> [2009-02-10 15:39:47]:
>
> Can someone explain to me why sbopkg insists that the package belong
> to root:root? I keep my sandbox with the rest of my data on a server
> partition where the files are owned by bill:data & permissioned 664. I
> have an hourly cron job that sees to the proper permissions. If I
> build a package & install it immediately, I have no problems, but if I
> go back later, for example to install it on my laptop, I have to
> install from the command line. installpkg has no problems with
> ownership, why should sbopkg?
> Regards,
> Bill
Well, this was added to prevent a potential security risk since sbopkg
had the capability of being run as a root or non-root user. Howevever,
this restriction may be eliminated as we are currently discussing
removing the ability to run sbopkg as a non-root user and require it to
be run as root only, just like pkgtool, slackpkg, etc. In fact, I was
going to post something here to the ML asking whether anyone really
needed the ability to use sbopkg as a non-root user. The current
'user-mode' in sbopkg is deficient in many ways, and causes problems
such as this one you raise.
In my opinion, I think sbopkg should be just like those other tools and
require root permissions to run. If that was the case, then I do not
believe it would need to check for ownership or permissions of packages.
In the meantime, if you want to comment out lines 1572-1576 in
/usr/bin/sbopkg that will skip this check.
--
Chess Griffin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://sbopkg.org/pipermail/sbopkg-users/attachments/20090210/44161a76/attachment.sig>
More information about the sbopkg-users
mailing list