On 1/16/20 7:55 AM, Saul Tigh wrote: > Dear Pacman devs, > > Although running makepkg in root is frowned upon and considered dangerous, > there are circumstances that one might need to do so. For example, during > the bootstrap process of building my own toy gnu/linux distro (which uses > pacman/makepkg), I have to run makepkg in root.
Hmm, why is this though? Shouldn't the system which you are bootstrapping from be just as capable of using a delegated build user? > I have added an option > called "ALLOWROOT" to makepkg which when is set to 1 enables running > makepkg in root. This option is disable by default and wouldn't cause any > issue for the average user of pacman and makepkg. This is my first patch > for pacman so criticism is welcome and please let me know how to improve it. If using this requires patching makepkg anyway, what's the advantage over just using a custom patch for the whole thing? > From def5a1cae3513e75aa6447a27f3f22a207ffdc61 Mon Sep 17 00:00:00 2001 > From: Saul Tigh <jemz...@gmail.com> > Date: Thu, 16 Jan 2020 18:58:27 +0700 > Subject: Signed-off-by: Saul Tigh <jemz...@gmail.com> Patches should be sent via git-send-email, BTW. > Although running makepkg in root is frowned upon, there are > circumstances that one might need to do so. For example, during the > bootstrap process of building his toy gnu/linux distro, the author of > this patch needs to run makepkg in root. This option is disable by > default. It can be enable by setting 'ALLOWROOT' in makepkg to 1. > --- > scripts/makepkg.sh.in | 15 ++++++++++++--- > 1 file changed, 12 insertions(+), 3 deletions(-) > > diff --git a/scripts/makepkg.sh.in b/scripts/makepkg.sh.in > index ca3e7459..b2cd8ee4 100644 > --- a/scripts/makepkg.sh.in > +++ b/scripts/makepkg.sh.in > @@ -79,6 +79,7 @@ SIGNPKG='' > SPLITPKG=0 > SOURCEONLY=0 > VERIFYSOURCE=0 > +ALLOWROOT=0 > > if [[ -n $SOURCE_DATE_EPOCH ]]; then > REPRODUCIBLE=1 > @@ -1175,9 +1176,13 @@ fi > > if (( ! INFAKEROOT )); then > if (( EUID == 0 )); then > - error "$(gettext "Running %s as root is not allowed as it can cause > permanent,\n\ > -catastrophic damage to your system.")" "makepkg" > - exit $E_ROOT > + if (( ALLOWROOT )); then > + plain "Running as root is not recommended. Proceed with caution." > + else > + error "$(gettext "Running %s as root is not allowed as it can cause > permanent,\n\ > + catastrophic damage to your system.")" "makepkg" > + exit $E_ROOT > + fi > fi > else > if [[ -z $FAKEROOTKEY ]]; then > @@ -1352,6 +1357,10 @@ if (( SOURCEONLY )); then > check_source_integrity all > cd_safe "$startdir" > > + # allow makepkg to run in root > + if (( ALLOWROOT )); then > + unset FAKEROOTKEY > + fi > enter_fakeroot > > if [[ $SIGNPKG = 'y' ]]; then > -- Eli Schwartz Bug Wrangler and Trusted User
signature.asc
Description: OpenPGP digital signature
