On 2013-10-18 03:53, Ryan Schmidt wrote: > > On Oct 17, 2013, at 07:34, Clemens Lang <c...@macports.org> wrote: > >> On Wed, Oct 16, 2013 at 08:18:51PM -0500, Ryan Schmidt wrote: >>> If my main dports tree is a Subversion working copy, what are >>> the recommended permissions and user and group ownership so that >>> "sudo port sync" and "svn update" and "svn commit" all work? It >>> seems like I should understand this by now but I'm not getting >>> it; what I'm getting are permission errors. >> >> I use drwxrwx--- 54 clemens macports. The write permission for the >> MacPorts user might not be necessary, though. > > Surely the macports user needs write permission to change things when > running "sudo port sync"?
No, the update is run as the user owning the directory. See the seteuid/setegid calls here using the owner/group attributes of the port directory: https://trac.macports.org/browser/trunk/base/src/macports1.0/macports.tcl?rev=112317#L2268 > [...] > I tried your suggestion. "sudo chown -R rschmidt:macports . && sudo > chmod -R 770 ." in my dports directory. Then I ran "sudo port sync" > which succeeded and pulled in a few updates. Then I checked > permissions in the directory. Files updated by the sync do not have > these permissions. For example, the gegl and glfw Portfiles have 644 > permissions instead of 770, so only the macports user can write to > them, so trying to edit them in my editor results in the > administrator password prompt that I'm trying to avoid. >From the code linked above, we are dropping to the user owning the ports tree, so all new created files on your system should be owned by rschmidt. As a side note, permissions of new files created during sync have the umask value 0022 applied, which is set in port(1) to avoid other problems with inheriting the umask of the user running the port command. This is way the new files get these permissions (the bit fiddling in octal is 0666 & ~0022 == 0644). To ensure the macports user always has read permissions, I am using ACL entries on my ports tree checkout. These are applied to new files automatically. chmod -R +a "group:everyone allow read,execute,list,search,file_inherit,directory_inherit" macports/trunk/dports Unfortunately, the ACLs are not always preserved by some tools such as GNU patch(1). In this cases I manually need to apply them again. Other standard BSD tools such as cp(1), mv(1), mkdir(1), etc. are of course capable of applying them correctly. Rainer _______________________________________________ macports-dev mailing list macports-dev@lists.macosforge.org https://lists.macosforge.org/mailman/listinfo/macports-dev
