On 18 March 2014 18:16, Michael Homer <mich...@gobolinux.org> wrote: > On Wed, Mar 19, 2014 at 5:41 AM, Hisham Muhammad <his...@gobolinux.org> wrote: >> Hi, >> >> I'm going through some annoyances in my brand new Gobo 015 >> installation that are related to the handling of sudo in our Scripts. >> >> The symptom is that some Gobo scripts fail halfway through with >> permission errors when run with `sudo`, but they work if I use `su` >> and run them as root proper. >> >> I haven't diagnosed the whole thing in full yet, but it's not the >> first time I have this kind of problem. This got me thinking... >> >> ...is the whole dance with Verify_Superuser and Release_Superuser >> worth the effort, just to save us from typing `sudo` in things that >> are really administrative tasks? > The big problem as I remember was that the tools wrote files in ~, > which ended up owned #0 if you ran them under sudo. They'd then break > if you ran them again without sudo. It was a common problem reported > in the channel. There were previous changes making the tools elevate > permissions when they actually needed them so that people wouldn't > have to run them under sudo.
Do they still write things in ~? I have a fuzzy memory of these things but I can't find any dotfiles here. AFAIK the only thing in ~ now that's used by the scripts is GPG signatures for signed packages, but that's an, err, optional feature... > People were quite resistant to not running them under sudo regardless, > so Jonas's original changes just errored out when [ "$SUDO_USER" ], I > think, but you didn't like that (again, I think), so they were > modified to drop privileges back to the original user until the > installation step required them. The privilege-dropping is a bit of a > hack but at least at the time it worked with every combination of > viable invocations. Yeah, I remember it did work... Not sure what's going on now, but it's certainly not the first time it behaved strange. I think it's just fragile and fails in weird ways when any little thing is misconfigured. > I'm not sure at this point that these were the right choices to work > around that issue. Certainly, a lot of people used `sudo > {Compile,InstallPackage,Freshen}` and subsequently turned up in the > channel with problems from it, so we should stop that somehow. I > suspect some of the causes were subsequently resolved by later changes > anyway. > > I notice that `sudo env` on the machine I'm on at the moment gives > HOME=/root, so that probably points at a better resolution. It's a bit > odd if the per-user cache and the root cache are out of sync and you > get different results between checking something as yourself and > installing as root immediately after though. >> I was thinking of just stripping this whole thing away. The scripts >> are basically already designed to run without it (because of rootless >> mode) so I think it would just make things simpler and more reliable. >> >> As for concerns that were raised in the past tha Compile should not >> build things running as root, then maybe what we need is a `builder` >> user and use that instead when building (like we use `fibo` to >> install). Also, it's probably wiser not to let the build run with our >> own regular user anyway! > > This seems sensible on both accounts. Cool, I'll probably try my hand at this in the weekend. -- Hisham _______________________________________________ gobolinux-devel mailing list gobolinux-devel@lists.gobolinux.org http://lists.gobolinux.org/mailman/listinfo/gobolinux-devel