Dumb Ports Questions

[freezr]

Hi guys,

these are really a couple of dumb questions...

Can you compile a port in your home without root rights?

If you can't, would you consider it a potential feature to implement?

Thanks ?

 

[Alexander88207]

Can you compile a port in your home without root rights?

Yes but you need to have the dependencies installed before.

 

[astyle]

I think that's not impossible - you can compile stuff in your own $HOME directory, and even link it against system libs - but then you'll be stuck with running the resulting binary out of your $HOME directory, and storing all .conf files in your $HOME directory, as well.

I have done that kind of thing in Linux (installed stuff on my account at school, back in the day), so I know it works. Never tried that on a BSD, but I'd expect similar results.

And I wouldn't consider it a 'potential feature to implement' - that is kind of a security hole. It is possible to lock down the $HOME directory, and button down the rules for binaries that get compiled/run from the $HOME... Most projects don't do that, and leave it to the customer to do site-specific chores.

 

[zirias@]

Recent versions of poudriere run all building as nobody, so sure this is possible (including make stage, make package etc). The only thing that needs root privileges (for obvious reasons) is make install.

And yes indeed, dependencies must be installed as Alexander88207 said ... which is also pretty obvious considering installing anything in your live system means writing to "protected" locations ?

 

[SirDice]

Yes but you need to have the dependencies installed before.

Yes, this is the crux because installing those requires root privileges.

Another thing is fetching the distfiles, they get written to /usr/ports/distfiles by default and a regular user doesn't have write permissions there. You could run make fetch as root in advance. Or you could 'circumvent' it by setting DISTDIR to a directory you can write to. You can even build as a user in the regular ports tree, you just have to set WRKDIRPREFIX (this is where the port's work directory is created) to a directory you can write to.

     WRKDIRPREFIX      Where to create any temporary files.  Useful if
                       PORTSDIR is read-only (perhaps mounted from a CD-ROM).
     DISTDIR           Where to find/put distfiles, normally distfiles/ in
                       PORTSDIR.

See ports(7)

 

[mer]

Could one not make a dataset covering the ports structure and give permissions to a user? That would be a cleaner solution to me.

 

[zirias@]

mer, if you really want to build a port manually on your live system, I think just overriding WRKDIRPREFIX and DISTDIR as suggested by SirDice certainly is the easiest solution. I mean, these variables are supported for a reason ?

Whether it's "clean" probably depends on your use case and workflow. poudriere overrides both these variables ?

 

[SirDice]

All roads lead to Rome. There are many different solutions but the answer is the same, yes, you can build a port as a non-root user.

 

[mer]

zirias@ SirDice thanks. I'm beyond building my own ports, default options in binary pkgs work fine for me, so "building ports" is now theoretical for me.

 

[SirDice]

Oh, another issue that might be problematic, make config (and related friends) write their options to /var/db/ports/, which is also only writable by root. And of course there's a variable for that too.

     PORT_DBDIR        Directory where the results of configuring OPTIONS are
                       stored.  Defaults to /var/db/ports.  Each port where
                       OPTIONS have been configured will have a uniquely named
                       sub-directory, containing a single file options.

 

[cracauer@]

It would be possible to enhance non-root ports management if you want. Brew (the main package manage on macOS, also available for other OSes) keeps the install directory owned by the current user. Only for setuid-root programs and for root-running demons does it switch to root at install time.

There are some disadvantages that make me prefer FreeBSD's way.

 

[kpedersen]

Brew (the main package manage on macOS, also available for other OSes) keeps the install directory owned by the current user.

I do like this idea. I think the ability to have private $PREFIX directories is really useful. I am surprised the FreeBSD ports doesn't leverage this more.

A few years ago I butchered an old ports collection (pre pkg-ng because it was a bit easier) to build and install to i.e /home/<user>/2009 in an attempt to keep old versions of Gimp, openoffice, blender maintained.

Ultimately it was too much work for one guy to maintain the software itself but the user $PREFIX part worked quite well for ~90% of ports. Some still naively didn't look for dependencies in the correct location.

 

[freezr]

Thanks to all!