[Slackbuilds-users] a general question about the SlackBuilds
Deak, Ferenc
ferenc.deak at gmail.com
Sun May 6 16:53:10 UTC 2007
On 5/6/07, Iskar Enev <iskar.enev at gmail.com> wrote:
>
> Hello,
>
> I friend of mine has brought up a question about the SlackBuilds and i
> think he may be right.
>
> The scripts, the way they are made by Patrick and by slackbuilds.org,
> are supposed to be run as root. Running 'make install' as root could
> pose security issues, at least - some sources with bad Makefiles could
> place files outside $DESTDIR without the package builder be aware of it.
>
> As user this problem can be avoided, but the script has to be "split" in
> two parts - first, run as user, before the 'makepkg' command and second
> one, run as root, where one changes the ownership and permissions of
> files and directories and runs 'makepkg.'
>
> Of course there would be some problems - such script will require su or
> sudo, and if the 'make install' command creates some special ownership
> the package builder has to fix it manually. Example for the latter -
> mysql and the ownership of /var/lib/mysql.
>
> I'm not aware if that has been discussed previously, or is considered as
> a minor problem, but let me know of your opinion anyway.
By using fakeroot (available from slacbuilds - contributed by me :-), you
can avoid these problems.
If you don't heard about fakeroot before, shortly it gives you a fake root
environment, where everything
works as you were root, but you can't write the places where you - as a user
- has no rights.
So simply build with the command:
prompt> fakeroot ./package.SlackBuild
and you are safe.
To tell the truth there are a very few exceptions which can't be built with
fakeroot, but at least 95% is good.
Ferenc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.slackbuilds.org/pipermail/slackbuilds-users/attachments/20070506/eb167abe/attachment-0002.html
More information about the Slackbuilds-users
mailing list