260027 – Support for privileged install, re: portage user and group [NEW EBUILD INCLUDED]

Bug 260027 - Support for privileged install, re: portage user and group [NEW EBUILD INCLUDED]

Summary: Support for privileged install, re: portage user and group [NEW EBUILD INCLUDED]

Status:	CONFIRMED

Alias:	None

Product:	Gentoo/Alt
Classification:	Unclassified
Component:	Prefix Support (show other bugs)
Hardware:	x86 OS X

Importance:	High normal (vote)
Assignee:	Gentoo Prefix

URL:
Whiteboard:
Keywords:

Depends on:	259912
Blocks:
	Show dependency tree

Reported:	2009-02-23 17:05 UTC by Armando Di Cianno
Modified:	2009-12-20 14:58 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
the main ebuild (macosx-privileged-support-1.ebuild,2.35 KB, text/plain) 2009-02-23 17:06 UTC, Armando Di Cianno	Details
the main support file (fix-perms,622 bytes, text/plain) 2009-02-23 17:06 UTC, Armando Di Cianno	Details
a tar that contains the ebuild and support file in place (overlay.tar.bz2,1.84 KB, application/octet-stream) 2009-02-23 17:07 UTC, Armando Di Cianno	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Armando Di Cianno 2009-02-23 17:05:35 UTC

I've written a simple ebuild and a supporting file that:
* Creates portage user and group
* Normalizes permissions and ownership of the eprefix, for a privileged install (to what extent I could test)

The ebuild creates directories (which probably already exist, anyway) and sets permissions (which won't get overrided).  The support shell script will, mostly non-recursively, fix up permissions for an existing install.

Notes are given to the user about how to run the script, as well as suggestions for adding their main user to the portage group.

Because of this, one can do things like "ebuild foo-1.ebuild digest" without the use of sudo.



Reproducible: Always

Steps to Reproduce:

Comment 1 Armando Di Cianno 2009-02-23 17:06:25 UTC

Created attachment 182913 [details]
the main ebuild

Comment 2 Armando Di Cianno 2009-02-23 17:06:51 UTC

Created attachment 182914 [details]
the main support file

Comment 3 Armando Di Cianno 2009-02-23 17:07:30 UTC

Created attachment 182915 [details]
a tar that contains the ebuild and support file in place

Comment 4 Armando Di Cianno 2009-02-23 17:12:45 UTC

This bug depends on bug #259912, so I marked it as such.

Comment 5 Fabian Groffen gentoo-dev

2009-02-23 20:00:30 UTC

hmmm, an ebuild to convert a prefix into a privileged one... doesn't it make more sense to just bootstrap a privileged one and fix up the baselayout-prefix ebuild where necessary?

Comment 6 Armando Di Cianno 2009-02-23 20:08:15 UTC

Of course it does. :-)

I did boot-strap a privileged tree, and my permissions where a mess, however.  At least the fix-perms script might help.

Comment 7 Fabian Groffen gentoo-dev

2009-02-23 20:09:34 UTC

hmmm, what kind of mess?  Perhaps portage needs some tuning, and ebuilds need fixin'

Comment 8 Armando Di Cianno 2009-02-23 20:30:58 UTC

* Files owned by root where owned as "root:admin", which on my system is 0:80, instead of 0:0, which is root:wheel.
* EPREFIX/tmp and EPREFIX/var/tmp are chmod 1777 now
* EPREFIX/usr/portage and EPREFIX/var/tmp/portage should be owned as portage:portage

* I just realized that it should fix PORTDIR and not /usr/portage explicitly

I think you're right though -- now that enewuser and enewgroup can work well, it'd be nice to create the portage user and group in baselayout (or where ever else appropriate), and make sure the permissions are set correctly.

I would also like to create both /Applications and /Users (on OS X), and create as many of the default directories that make sense.  In this regard, it might be useful to bind mount (not sure if OS X has this atm) /dev to EPREFIX/dev, as well, for e.g.