[PATCH] portmaster with SU_CMD

Doug Barton dougb at FreeBSD.org
Fri Jan 4 10:04:42 PST 2008

Jo Rhett wrote:
> On Nov 11, 2007, at 2:59 PM, Doug Barton wrote:
>> This is very interesting stuff, but I don't see how it would be useful
>> to a very wide audience. My feeling is that the vast majority of our
>> users build and/or install ports as root, and I don't see any good
>> reason for that not to be the default practice.
> Heh.  If you weren't Doug Barton, I'd wonder just how often you build
> random ports.  Lots of them have very broken install scripts.  I *never*
> build or install ports as root unless the package's install is too
> broken to escalate properly and then I assume that everything else is
> broken too and read it carefully by hand.


I've been using FreeBSD for almost 13 years now, the whole time I've
built and installed ports as root (rarely ever use packages) and I
have never had any problems like the ones you are describing. Maybe
I'm just lucky. :) I also think that if this issue were actually a
huge problem, the -ports list would be filled with user complaints
about it.

HOWEVER, there is obviously desire for this feature, and as a general
principle I support the idea of doing things with "least privilege,"
so I will be adding support for this. It's probably worth noting that
I have for over a decade chmod'ed the distfiles directory to 775 so
that I can download distfiles as a user in the wheel group, so it's
not like I don't have sympathy for this concept.

At this point I'm thinking that the best way to implement this is
going to be adding a "PM_SU_CMD" to your portmaster rc file (either in
/etc or $HOME). There are too many command line options already, and
as I said I don't think this is something that enough users will use
to warrant another one.

I'm currently working on a major update to portmaster (which will be
adding three more command line options), and I'm almost done
regression testing it. I will be posting here (hopefully soon) that
the beta is available. Once that is done I will add the SU_CMD stuff,
test it, and post beta 2. (Doing the change now would cause too much
churn for me locally, and doing it after I reorganize the code will be
a lot easier for other reasons.)

I'd also like to request that people stop with the "my ports setup is
better than your ports setup" type mails. The great thing about
FreeBSD is that you can do it however you want to do it, so just enjoy



    This .signature sanitized for your protection

More information about the freebsd-ports mailing list