I've been having issues with Rootless lately that I've never had
before. This, I've determined, is because I haven't used Rootless
since the advent of package signing code in the Scripts.
A lot of the functions in Scripts/Functions/File that have to do with
file hash checking make extensive use of $sudo_exec, which is bad,
because I'm not a sudoer on my rootless install.
Can anyone think of a reason I shouldn't make the GoboLinux functions
script check for rootless and change sudo_exec to something that
doesn't call sudo?
That would work.
Committed (but there's no commit message because my $CVSEDITOR
variable was set wrong). Rootless users now see a Log_Normal every
time a sudo is bypassed.
Actually, after making my change, my Rootless environment only gave
me my new 'bypassing sudo' message from within SignProgram. Signing-
related functions within Functions/File seem to have quite a few
sudo_exec calls. Maybe those should be taken out and SignProgram
should check its permissions and call Verify_Superuser at the
beginning, like SymlinkProgram does?
Another 3/4-baked idea:
To have the scripts playing nicely with different/hostile
environments, I came up with a centralized configuration scheme in
Directories.conf, so that the scripts can use "ifdefs" with "if
Dir_Set Feature". One thing we could do is remove all those "if [
$ROOTLESS_GOBOLINUX ]" and replace them with proper Dir_Set's, adding
a single "if rootless" block directly in Directories.conf (or have the
CreateRootless script perform the needed changes to the
Directories.conf defaults, don't know what's cleaner).
-- Hisham
CreateRootless generating its own Directories.conf makes more sense
to me, and it reduces the amount of sh code in Directories.conf. On
the other hand, it'd mean Rootless people would be regularly prompted
to replace Directories.conf with one that'll break their entire
system every time UpdateSettings was run.
Maybe UpdateSettings should be aware of a Resources/Rootless/Defaults
directory?
_______________________________________________
gobolinux-devel mailing list
gobolinux-devel@lists.gobolinux.org
http://lists.gobolinux.org/mailman/listinfo/gobolinux-devel
