On 10/02/2014 21:03, Walter Dnes wrote: > On Mon, Feb 10, 2014 at 05:09:55PM +0000, Stroller wrote >> >> On Mon, 10 February 2014, at 4:55 pm, Gleb Klochkov <glebiu...@gmail.com> >> wrote: >> >>> Hi. Try to use sudo with no password for eix-sync. >> >> I'd really rather not. Thanks, though. > > Being in group "portage" is not enough. That merely lets you do > emerges with "--pretend". "emerge --sync" modifies files in > /usr/portage. Files and directories in /usr/portage/ are user:group > root:root. Therefore you *NEED* root-level permission to modify them.
Not quite, it's not a cut and dried as that. If root chowns the files to a regular user, and that user then syncs, ownership remains with the user (as a regular user can't chown stuff and the owner must remain the user regardless of what the master tree reckons the owning uid is). If the tree is then synced by root, well then all the problems come back :-) > No ifs/ands/ors/buts. The overall easiest method is to (as root)... > * "emerge sudoers" if it's not installed > * "visudo -f /etc/sudoers.d/001" (or whatever you want to call the file) > * set up the file. Here's a fragment from my system, with user > "waltdnes" and machine name "i660" > waltdnes i660 = (root) NOPASSWD: /usr/sbin/hibernate > waltdnes i660 = (root) NOPASSWD: /sbin/fdisk -l > > I could manually type the command with sudo, but I'm lazy. In my > /home/waltdnes/bin directory, I have a file "hb" > > #!/bin/bash > sync > sleep 15 > sudo /usr/sbin/hibernate > > and file "fdl" > > #!/bin/bash > sudo /sbin/fdisk -l > > To sync the machine, I could add to /etc/sudoers.d/001 > > waltdnes i660 = (root) NOPASSWD: /usr/bin/emerge --sync > > and create (as waltdnes) /home/waltdnes/emsy > > #!/bin/bash > /usr/bin/emerge --sync > > For security, I strongly recommend that the full path of the > executable be specified, as well as any options. Do not use the $* > commandline parameter in the sudoers file. It probably works, but is > too wide open. > -- Alan McKinnon alan.mckin...@gmail.com
