Actually, after making my change, my Rootless environment only gave
me my new 'bypassing sudo' message from within SignProgram. Signing-
related functions within Functions/File seem to have quite a few
sudo_exec calls. Maybe those should be taken out and SignProgram
should check its permissions and call Verify_Superuser at the
beginning, like SymlinkProgram does?
Don't think so. IIRC, Carlo implemented it this way because, while
many things in the script have to run as root, gpg itself has to run
as the regular user, so that it uses their private key. Maybe we could
flip things around and run gpg with "sudo -u $regular_user" instead?
Ok. This makes more sense to me now. Really, it's probably fine the
way it is. My sudo_exec bypassing code just feels hacky to me for
some reason.
> Another 3/4-baked idea:
> To have the scripts playing nicely with different/hostile
> environments, I came up with a centralized configuration scheme in
> Directories.conf, so that the scripts can use "ifdefs" with "if
> Dir_Set Feature". One thing we could do is remove all those "if [
> $ROOTLESS_GOBOLINUX ]" and replace them with proper Dir_Set's,
adding
> a single "if rootless" block directly in Directories.conf (or
have the
> CreateRootless script perform the needed changes to the
> Directories.conf defaults, don't know what's cleaner).
CreateRootless generating its own Directories.conf makes more sense
to me, and it reduces the amount of sh code in Directories.conf. On
the other hand, it'd mean Rootless people would be regularly prompted
to replace Directories.conf with one that'll break their entire
system every time UpdateSettings was run.
Good point. I just had a crazy idea of a 'hints file' with suggested
default answers for UpdateSettings. It could be added to packages on
demand, as delicate situations such as this arise. Could become a pain
to maintain, though.
I like this idea. (I've got a couple of UpdateSettings ideas of my
own that I plan to request permission to implement in another
thread.) At the moment, though, my point earlier about
Directories.conf is kinda moot. Directories.conf on my desktop and
Directories.conf on my rootless install are identical, yet both work
fine. Probably because Directories.conf makes nearly everyting depend
on $goboInstall.
Maybe UpdateSettings should be aware of a Resources/Rootless/Defaults
directory?
I'm not keen on special-casing stuff for Rootless in the scripts.
Excellent point.
_______________________________________________
gobolinux-devel mailing list
gobolinux-devel@lists.gobolinux.org
http://lists.gobolinux.org/mailman/listinfo/gobolinux-devel
