build ports from not a root user?

Polytropon freebsd at edvax.de
Fri Jul 22 09:41:38 UTC 2011 

On Fri, 22 Jul 2011 09:59:29 +0100, Mike Clarke wrote:
> On Thursday 21 July 2011, Peter Vereshagin wrote:
> 
> > As long as I saw the instructions on building from source they wre
> > generally all like this:
> >
> >     $ cd /tarball-expanded-0.x.y
> >     $ ./configure
> >     $ make
> >     $ su -
> >     # cd /tarball-expanded-0.x.y
> >     # make install
> >
> > That important 'su -' is omitted from the ports. And it is about the
> > security.
> 
> But this requires /usr/ports to be writable by the non-root user and 
> creates a security risk. This cannot be overcome by limiting the 
> installation to root only because you can no longer be sure that the 
> source or installation scripts have not been tampered with by a 
> non-privileged user.

You could define specific port BUILDING directories
outside /usr/ports, e. g. on a sufficiently sized and
permitted /build partition that the non-root user can
write to.

However, this does _not_ solve the "problem" that root
privileges are required to access INSTALL directories
for the dependencies as well as for the final port you
want to install. A "temporary pre-installation" doesn't
sound possible, even if you define a different $PREFIX
to make a per-one-user-localized installation. This
seems to be obvious in regards of binaries that are
required in further steps of building and installation,
but even _more_ obvious in regards of libraries that
the system linker has to be "notified" of.

Giving /usr/ports _to_ the user (chown) or making a
local copy of it (and adjusting the environmental
variables for port infrastructure accordingly) does
solve the first problem, but definitely not the second.

(As it has been mentioned, doing this with /usr/src
is a bit easier, where write access is especially
needed for the /usr/obj "result" subtree. Only the
installation of kernel and world need root access.)

In the examples discussed regarding su, I often see:

	# cd /some/di/rec/to/ry
	# make something
	# su -
	# cd /some/di/rec/to/ry   <=== Again!
	# make something else
	# exit

The key is that "su -" may change the current directory
as it does a full login. See "man su", especially the -m
option which will leave the environment intact. Also see
what su without parameters (or "su root") will do in
comparison.




-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...

More information about the freebsd-questions mailing list