-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/04/2012 01:58 PM, Michał Górny wrote: > On Wed, 4 Jul 2012 19:46:47 +0200 > Tobias Klausmann <klaus...@gentoo.org> wrote: > >> Recently, I have again bumped into the question whether one >> should compile the kernel as root. One of the things that puzzles >> me is why almost every HowTo, blog post and book recommends >> building as non-root -- yet basically no distribution /helps/ the >> user with doing that. >> >> I've discussed this with a few people on #gentoo-dev and they've >> provided valuable insight (thanks AxS, Chainsaw and WilliamH), so >> I have gathered the results so far here: >> >> http://blog.i-no.de/archives/2012/07/index.html#e2012-07-04T19_28_32.txt >> >> Feel free to comment (ideally here). Note that I'm aiming for a >> solution that is not (overly) Gentoo-specific. > > There's a very simple yet custom solution I'm using. Shortly saying: > checkout the kernel git to /usr/src/linux and chown to your user. As > far as it goes, it's superior to having kernel sources installed by > ebuilds. > > I just have to remember to do 'git fetch' from time to time and 'git > merge' whenever a new version is tagged. >
Honestly I'm not certain if there is an easy way to do this.... Obvious easy way, make the ebuilds install the kernel sources and chown root.users then chmod g+w. Of course, after this any user could trojan the kernel... We could allow writes in the directories but not to the kernel source files themselves... that seems moderately sane even as the source files don't need to be written to be compiled, only the dir's need write permissions... Thoughts? - -Zero -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJP9IlzAAoJEKXdFCfdEflK2r0P/1vM8la8nR6ZmZ4jkvMwSTnL pEdbHKtYB3BbwBySpGPDWslxZ+CGAAlpsTTXDKhSnIB73IKZL1zzWylD7VVrIt/s ezpB2LDnZx2uae46CBMYh7fIzt3d4/so4Yprfpx45H89lcoTkfKai3xVkb2T/cQC uP8XmeM0CO5wcwOEJD1FADmkThkOa1tunphr+jWZ3S09hJ9UZ/Zbk+zZr7+XTHG8 xJui8G6cdOsLOXdcQALIJzGDvUID++hJ4LVMr+JIGwfvrjQkwrGikB8WMH61Ftcs Qvc1cidsTQEw4UZeGtYBy8BELpJaH00PTtoupCcOxq7luIz6F4QYQm8X2nIBliHX rpnwll08tbAZl5Dt1XsndHWiEevn8VWUIQrJSeeV/McayCjTUJAV9gcbksKASS6V XXaJfUpeinUbOzjTIXscBOyd5HM60lU0IdprvczXop/q8nOUovQt04u69J3v6Fkc W9Z8mugrRLTGr5XP6pMpfeLGzrmMYNRzPVx6eZb3a2+b/vi1gS0KlDeMbaed7CPI BIBZbrn7rUWjnOv8bifcJZ6FIRhTpqG4azcLrb9RXyR7OxO+1rA82uc1+GLMhBHI YYFVWUijIIE8lgcremmEYSqHpyGUWUNYBz7M+7MHA9I1hG7VMvbuPpnlXPZxuvqI 5nyGGNnZtPtf1Pc+csKC =8V1a -----END PGP SIGNATURE-----