keepenv
On 2025/11/10 13:57, Walter Alejandro Iglesias wrote:
> On Mon, Nov 10, 2025 at 12:43:55PM +0000, Stuart Henderson wrote:
> > On 2025/11/10 13:29, Walter Alejandro Iglesias wrote:
> > > On Mon, Nov 10, 2025 at 11:56:25AM +0000, Stuart Henderson wrote:
> > > > doas doesn't work very well with this, and "persist" intentionally does
> > > > not
> > > > pass 'upwards'.
> > > >
> > > > on systems which are mainly setup for ports development I'll use
> > > > "SUDO=sudo
> > > > -E".
> > > >
> > > > on those where I might just build something once in a while I'll allow
> > > > my
> > > > own user to run things as _pbuild/_pfetch without adding, and just deal
> > > > with routing in the password a few times for installs.
> > >
> > > In my case, for example, when compiling mplayer just now, I had to enter
> > > the password about two hundred times. :-)
> > >
> > > >
> > > > permit nopass keepenv sthen as _pfetch
> > > > permit nopass keepenv sthen as _pbuild
> > >
> > > I've already tried this. I'll try once more time using "sudo" as you
> > > recommend me.
>
> With sudo I get this:
>
> sudo: sorry, you are not allowed to preserve the environment
>
> I don't expect you to tell me what to do, I'll figure it out on my own
> someday.
>
> > >
> > > >
> > > > "leave the permissions as they are and work as root" even if you choose
> > > > to
> > > > ignore how dangerous this is (you should regard the system as
> > > > potentially
> > > > compromised if you do this, and I wouldn't like to assume that building
> > > > in
> > > > a guest VM would protect the hypervisor OS either),
> > >
> > > Could you give me an example of what you mean by "dangerous", please?
> >
> > You are running at least hundreds of thousands of lines of code, which
> > nobody is looking at all that carefully, as root.
> >
> > Even just the average autoconf script is 20k lines.
> >
> > > > some ports will not
> > > > build (or not build correctly) if done as root.
> > >
> > > I would also appreciate an example of this, if it's not too much
> > > trouble.
> >
> > I don't remember.
> >
>
> --
> Walter
>
