Changes between Version 1 and Version 2 of gsoc08-privileges
- Timestamp:
- Aug 16, 2008, 1:59:46 PM (16 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
gsoc08-privileges
v1 v2 3 3 gsoc08-privileges is [wiki:pmagrath]'s development branch for Google Summer of Code 2008. 4 4 5 5 6 == Summary == 6 7 To implement facility to reduce need to execute MacPorts as root. 7 8 9 8 10 == Current Status == 9 11 A Beta Release was announced on the macports-dev mailing list on the 11th August 2008. 12 13 14 == Use Cases == 15 Use Case 1: 16 Current Situation with privilege descalation. Prefix is /opt/local. Root owns prefix. Fetch, build, extract, etc are done in per-user location (~/.macports) and do not require root privileges. Root privileges needed to install. Drop privileges when not needed if started with sudo. 17 18 Use Case 2: 19 --with-no-root-privileges. Prefix is usually ~/.macports/opt/local (must be specified with --prefix). User owns prefix. No root privileges needed. Ports requiring root privileges (new user accounts, daemons etc.) cannot be installed without a sudo. It is necessary to use a --prefix with --with-no-root-privileges as the default --prefix isn't modified from /opt/local when --with-no-root-privileges is specified. 20 21 Use Case 3: 22 --with-shared-directory. Prefix is /opt/local. Root owns prefix but shares full read write with a macports group. All members of macports group can install all packages that only effect the /opt/local hierarchy. Root privileges only needed for installs that effect directories outside the prefix. Port maintainers are responsible for designating this with the "install.asroot" option. Drop privileges when not needed. 23 10 24 11 25 == The Plan == … … 21 35 The portfile format shall be extended with an additional attribute to mark those ports that can not be installed without root privileges, such as those requiring StartupItems. 22 36 23 ''I've added the following new options to the Portfile format: patch.asroot, build.asroot, configure.asroot, destroot.asroot, and install.asroot. These take a boolean (yes/no) value. The default for all but install.asroot is no. install.asroot's default value is yes.''37 ''I've added the following new options to the Portfile format: patch.asroot, build.asroot, configure.asroot, destroot.asroot, and install.asroot. These take a boolean (yes/no) value. The default for all is no.'' 24 38 25 39 === Privilege Escaltion === … … 66 80 67 81 68 == Use Cases ==69 Use Case 1:70 Current Situation with privilege descalation. Prefix is /opt/local. Root owns prefix. Fetch, build, extract, etc are done in per-user location (~/.macports) and do not require root privileges. Root privileges needed to install. Drop privileges when not needed if started with sudo.71 72 Use Case 2:73 --with-no-root-privileges. Prefix is usually ~/.macports/opt/local (must be specified with --prefix). User owns prefix. No root privileges needed. Ports requiring root privileges (new user accounts, daemons etc.) cannot be installed without a sudo. It is necessary to use a --prefix with --with-no-root-privileges as the default --prefix isn't modified from /opt/local when --with-no-root-privileges is specified.74 75 Use Case 3:76 --with-shared-directory. Prefix is /opt/local. Root owns prefix but shares full read write with a macports group. All members of macports group can install all packages that only effect the /opt/local hierarchy. Root privileges only needed for installs that effect directories outside the prefix. Drop privileges when not needed.77 78 82 == Related Resources == 79 83 [http://thread.gmane.org/gmane.os.opendarwin.darwinports/16973/focus=17026]