On 2020-07-14 22:05, Kevin Buckley via lfs-dev wrote:
On Tue, 14 Jul 2020 at 00:57, Daniel Schepler via lfs-dev
<lfs-dev@lists.linuxfromscratch.org> wrote:
On Mon, Jul 13, 2020 at 7:56 AM Bruce Dubbs via lfs-dev
> Sure, that could be done, but why? There are a lot of ways to
> accomplish the same task, but I don't see the advantage of one way over
> the other.
Well, it does demonstrate the principle of minimal privilege. (Though
to be fair, it is perhaps questionable whether creating the base
hierarchy and then doing a chown as root is a good use of this
principle.)
That, doing less as root on the host, was kind of where I had
been going.
Implant, in the mind of the new user, just how little actually needs
to be done as root on a GNU/Linux system.
Incidentally, along similar lines - the last time I did an LFS build,
I experimented with creating minimal sulfs and sudolfs utilities as
either the last step before entering the chroot or the first step
after entering the chroot (forgot which). These were minimal
hard-coded programs compiled from about 20 to 30 lines of C code,
where sulfs simulated the effects of "su - lfs" and sudolfs simulated
the effects of sudo configured to only allow user lfs to sudo.
Hmm, that might be an interesting approach to take for a "PkgUser"
build, now that some packages deployed within the early chapters
are installed into their final locations, as oppsoed to /tools, and so
would be owned by the lfs user.
Greetings,
It’s always been known that not using sudo or being as root to perform
specific jobs is preferred. It’s been up to the sysadmin who has that
power. The ore we remove the need for root from an LFS build, the
better. With the next LFS release and the restructure of the book, it
may. Eco e a reality. LFS 6 was the breakthrough for our current way of
building. The next breakthrough is using a normal user and sysroot. We
had one knowledgeable person working on this years ago, ChrisS67. We
didn’t have the time or people to get there for CLFS, but looks like LFS
is going the right step there. He had a branch was working on. But the
whole point was build tools with a normal user. We got hung up on
ncurses.
Sincerely,
William Harrington
--
You feel a whole lot more like you do now than you did when you used
to.
--
http://lists.linuxfromscratch.org/listinfo/lfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
