Packaging outside of fakeroot can result in incorrect permissions for package files. It has been years since fakeroot issues during packaging were common, so it is safe to enforce fakeroot usage. If using fakeroot is impossible for some reason, a two line wrapper script will suffice to fool makepkg.
Signed-off-by: Allan McRae <[email protected]> --- doc/makepkg.conf.5.txt | 5 +---- etc/makepkg.conf.in | 5 ++--- scripts/makepkg.sh.in | 59 ++++++++++---------------------------------------- 3 files changed, 15 insertions(+), 54 deletions(-) diff --git a/doc/makepkg.conf.5.txt b/doc/makepkg.conf.5.txt index 9bb384e..b15f026 100644 --- a/doc/makepkg.conf.5.txt +++ b/doc/makepkg.conf.5.txt @@ -85,16 +85,13 @@ Options **DEBUG_CXXFLAGS=**"debug_cxxflags":: Debug flags used for the C++ compiler; see DEBUG_CFLAGS for more info. -**BUILDENV=(**fakeroot !distcc color !ccache check !sign**)**:: +**BUILDENV=(**!distcc color !ccache check !sign**)**:: This array contains options that affect the build environment; the defaults are shown here. All options should always be left in the array; to enable or disable an option, simply remove or add an ``!'' at the front of the option. If an option is specified multiple times, the final value takes precedence. Each option works as follows: - *fakeroot*;; - Allow building packages as a non-root user. This is highly recommended. - *distcc*;; Use the distributed C/C++/ObjC compiler to spread compilation among multiple machines. If this is enabled, `DISTCC_HOSTS` must be specified diff --git a/etc/makepkg.conf.in b/etc/makepkg.conf.in index 43a6cf2..712ca60 100644 --- a/etc/makepkg.conf.in +++ b/etc/makepkg.conf.in @@ -41,17 +41,16 @@ CHOST="@CHOST@" # BUILD ENVIRONMENT ######################################################################### # -# Defaults: BUILDENV=(fakeroot !distcc color !ccache check !sign) +# Defaults: BUILDENV=(!distcc color !ccache check !sign) # A negated environment option will do the opposite of the comments below. # -#-- fakeroot: Allow building packages as a non-root user #-- distcc: Use the Distributed C/C++/ObjC compiler #-- color: Colorize output messages #-- ccache: Use ccache to cache compilation #-- check: Run the check() function if present in the PKGBUILD #-- sign: Generate PGP signature file # -BUILDENV=(fakeroot !distcc color !ccache check !sign) +BUILDENV=(!distcc color !ccache check !sign) # #-- If using DistCC, your MAKEFLAGS will also need modification. In addition, #-- specify a space-delimited list of hosts running in the DistCC cluster. diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in index 3107943..905fe0d 100644 --- a/scripts/makepkg.sh.in +++ b/scripts/makepkg.sh.in @@ -1827,7 +1827,7 @@ write_pkginfo() { msg2 "$(gettext "Generating %s file...")" ".PKGINFO" printf "# Generated by makepkg %s\n" "$makepkg_version" - (( INFAKEROOT )) && printf "# using %s\n" "$(fakeroot -v)" + printf "# using %s\n" "$(fakeroot -v)" printf "# %s\n" "$(LC_ALL=C date -u)" printf "pkgname = %s\n" "$pkgname" (( SPLITPKG )) && printf "pkgbase = %s\n" "$pkgbase" @@ -2312,7 +2312,7 @@ check_software() { local ret=0 # check for PACMAN if we need it - if (( ! INFAKEROOT && ( ! NODEPS || DEP_BIN || RMDEPS || INSTALL ) )); then + if (( ! NODEPS || DEP_BIN || RMDEPS || INSTALL )); then if [[ -z $PACMAN_PATH ]]; then error "$(gettext "Cannot find the %s binary required for dependency operations.")" "$PACMAN" ret=1 @@ -2320,16 +2320,16 @@ check_software() { fi # check for sudo if we will need it during makepkg execution - if (( ! INFAKEROOT && ( DEP_BIN || RMDEPS || INSTALL ) )); then + if (( DEP_BIN || RMDEPS || INSTALL )); then if ! type -p sudo >/dev/null; then warning "$(gettext "Cannot find the %s binary. Will use %s to acquire root privileges.")" "sudo" "su" fi fi - # fakeroot - building as non-root user + # fakeroot - correct package file permissions if check_buildenv "fakeroot" "y" && (( EUID > 0 )); then if ! type -p fakeroot >/dev/null; then - error "$(gettext "Cannot find the %s binary required for building as non-root user.")" "fakeroot" + error "$(gettext "Cannot find the %s binary.")" "fakeroot" ret=1 fi fi @@ -2790,11 +2790,6 @@ if (( ! INFAKEROOT )); then error "$(gettext "Running %s as root is not allowed as it can cause permanent,\n\ catastrophic damage to your system.")" exit 1 # $E_USER_ABORT - elif (( EUID > 0 )) && ! check_buildenv "fakeroot" "y"; then - warning "$(gettext "Running %s as an unprivileged user will result in non-root\n\ -ownership of the packaged files. Try using the %s environment by\n\ -placing %s in the %s array in %s.")" "makepkg" "fakeroot" "'fakeroot'" "BUILDENV" "$MAKEPKG_CONF" - sleep 1 fi else if [[ -z $FAKEROOTKEY ]]; then @@ -2956,12 +2951,7 @@ if (( SOURCEONLY )); then check_source_integrity cd_safe "$startdir" - # if we are root or if fakeroot is not enabled, then we don't use it - if ! check_buildenv "fakeroot" "y" || (( EUID == 0 )); then - create_srcpackage - else - enter_fakeroot - fi + enter_fakeroot msg "$(gettext "Source package created: %s")" "$pkgbase ($(date))" exit 0 @@ -3042,38 +3032,13 @@ else chmod a-srwx "$pkgdirbase" cd_safe "$startdir" - # if we are root or if fakeroot is not enabled, then we don't use it - if ! check_buildenv "fakeroot" "y" || (( EUID == 0 )); then - if (( ! REPKG )); then - if (( ! ( SPLITPKG || PKGFUNC ) )); then - chmod 755 "$pkgdirbase" - mkdir -p "$pkgdir" - fi - (( BUILDFUNC )) && run_build - (( CHECKFUNC )) && run_check - fi - chmod 755 "$pkgdirbase" - if (( ! SPLITPKG )); then - pkgdir="$pkgdirbase/$pkgname" - mkdir -p "$pkgdir" - if (( PKGFUNC )); then - run_package - fi - tidy_install - create_package - create_debug_package - else - run_split_packaging - fi - else - if (( ! REPKG )); then - (( BUILDFUNC )) && run_build - (( CHECKFUNC )) && run_check - cd_safe "$startdir" - fi - - enter_fakeroot + if (( ! REPKG )); then + (( BUILDFUNC )) && run_build + (( CHECKFUNC )) && run_check + cd_safe "$startdir" fi + + enter_fakeroot fi # if inhibiting archive creation, go no further -- 1.9.0
