Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
running emerge as a normal user
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Portage & Programming
View previous topic :: View next topic  
Author Message
Slippery Jim
Apprentice
Apprentice


Joined: 08 Jan 2005
Posts: 264

PostPosted: Mon Dec 17, 2012 3:51 am    Post subject: running emerge as a normal user Reply with quote

I'm emerging a bunch of stuff into a $ROOT for another system, and I'd like to be able to do it without being root myself, but emerge won't let me do it.

Code:


james@Rainsong ~ $ emerge --config-root=software/config --root=$HOME/tmp -v system
emerge: superuser access is required



I have a target specific /etc/portage directory in software/config, and I own the $ROOT path.

How do I tell emerge to do it anyway?
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 21431

PostPosted: Mon Dec 17, 2012 4:35 am    Post subject: Reply with quote

Even though you own that directory, running emerge as a regular user will cause problems. Files installed into that hierarchy will all be owned by you, rather than having the normal mix of root and non-root ownership.
Back to top
View user's profile Send private message
Slippery Jim
Apprentice
Apprentice


Joined: 08 Jan 2005
Posts: 264

PostPosted: Mon Dec 17, 2012 5:17 am    Post subject: Reply with quote

I wonder if I can use -B to build binary packages, and then su to root to install them?

Just out of curiosity, are there many ebuilds that have files with varied ownership?
Back to top
View user's profile Send private message
DaggyStyle
Watchman
Watchman


Joined: 22 Mar 2006
Posts: 5909

PostPosted: Mon Dec 17, 2012 6:13 am    Post subject: Reply with quote

whats wrong with using sodu?
_________________
Only two things are infinite, the universe and human stupidity and I'm not sure about the former - Albert Einstein
Back to top
View user's profile Send private message
Slippery Jim
Apprentice
Apprentice


Joined: 08 Jan 2005
Posts: 264

PostPosted: Mon Dec 17, 2012 6:36 am    Post subject: Reply with quote

I don't have root on the build system that I ultimately will have to do this on.

Incidentally, I tried building packages only, but I ran into a problem; I ran the following command, as a normal user and also as root on my home system:

Code:

PKGDIR=/home/james/software/gentoo-subdir/pkg emerge -vB gawk


It failed as a normal user and succeeded as root. The failure message was:

Code:

./usr/share/man/
./usr/share/man/man1/
./usr/share/man/man1/gawk.1.bz2
./usr/share/man/man1/awk.1.bz2
tar: ./usr/share/man/man1/pgawk.1.bz2: Cannot open: Too many levels of symbolic links
./usr/share/man/man1/igawk.1.bz2
tar: Exiting with failure status due to previous errors
 * ERROR: sys-apps/gawk-4.0.1 failed (package phase):


I find this strange because the file
Code:
./usr/share/man/man1/awk.1.bz2
is also a symlink, but it got tarred up just fine.

I have no idea what's going on here.
Back to top
View user's profile Send private message
DaggyStyle
Watchman
Watchman


Joined: 22 Mar 2006
Posts: 5909

PostPosted: Mon Dec 17, 2012 6:50 am    Post subject: Reply with quote

you don't need root, just ask the admin to update /etc/sudoers do you can run emerge.
_________________
Only two things are infinite, the universe and human stupidity and I'm not sure about the former - Albert Einstein
Back to top
View user's profile Send private message
Slippery Jim
Apprentice
Apprentice


Joined: 08 Jan 2005
Posts: 264

PostPosted: Mon Dec 17, 2012 6:54 am    Post subject: Reply with quote

Wouldn't I be running emerge as root then?
Back to top
View user's profile Send private message
DaggyStyle
Watchman
Watchman


Joined: 22 Mar 2006
Posts: 5909

PostPosted: Mon Dec 17, 2012 7:28 am    Post subject: Reply with quote

Slippery Jim wrote:
Wouldn't I be running emerge as root then?

yes, think of this like that, in order to run emerge you need to have write access to important sections of the os, the linux design is that only root will be able to write to there.
this begs the question, why do you want to be able to install programs a normal user?
_________________
Only two things are infinite, the universe and human stupidity and I'm not sure about the former - Albert Einstein
Back to top
View user's profile Send private message
eccerr0r
Watchman
Watchman


Joined: 01 Jul 2004
Posts: 9601
Location: almost Mile High in the USA

PostPosted: Mon Dec 17, 2012 7:41 am    Post subject: Reply with quote

Unfortunately some packages do chmod some stuff to root before it saves it all into the archive, also some packages have special users and need special owners for certain directories...
Think the only thing that's sure fire is to get a VM for your account, maybe even something like User Mode Linux and do your emerges inside there.
_________________
Intel Core i7 2700K/Radeon R7 250/24GB DDR3/256GB SSD
What am I supposed watching?
Back to top
View user's profile Send private message
Slippery Jim
Apprentice
Apprentice


Joined: 08 Jan 2005
Posts: 264

PostPosted: Mon Dec 17, 2012 7:48 am    Post subject: Reply with quote

DaggyStyle wrote:

why do you want to be able to install programs a normal user?

I want to build an image for a different system than the machine I'll be building it on.

I can do anything I want in my own home directory, but the rest of the build system is hands-off.

So getting sudo access to emerge is probably unacceptable because I could do something like:

Code:
sudo emerge -C glibc


and that would be problematic.

What Hu said above about owner permissions being wrong is probably something I could deal with, since I only see it being a problem for suid programs anyway.

EDIT: Cancel last: I can see other problems with wrong owners.

However, shouldn't it be fine when building a binpkg, since the correct owners and permissions can be set when it gets tarred up?
Back to top
View user's profile Send private message
DaggyStyle
Watchman
Watchman


Joined: 22 Mar 2006
Posts: 5909

PostPosted: Mon Dec 17, 2012 8:01 am    Post subject: Reply with quote

Slippery Jim wrote:
DaggyStyle wrote:

why do you want to be able to install programs a normal user?

I want to build an image for a different system than the machine I'll be building it on.

I can do anything I want in my own home directory, but the rest of the build system is hands-off.

So getting sudo access to emerge is probably unacceptable because I could do something like:

Code:
sudo emerge -C glibc


and that would be problematic.

What Hu said above about owner permissions being wrong is probably something I could deal with, since I only see it being a problem for suid programs anyway.

EDIT: Cancel last: I can see other problems with wrong owners.

However, shouldn't it be fine when building a binpkg, since the correct owners and permissions can be set when it gets tarred up?


why not use a cross compiler? see crossdev, http://dev.gentoo.org/~vapier/CROSS-COMPILE-HOWTO
_________________
Only two things are infinite, the universe and human stupidity and I'm not sure about the former - Albert Einstein


Last edited by DaggyStyle on Mon Dec 17, 2012 8:03 am; edited 1 time in total
Back to top
View user's profile Send private message
Slippery Jim
Apprentice
Apprentice


Joined: 08 Jan 2005
Posts: 264

PostPosted: Mon Dec 17, 2012 8:02 am    Post subject: Reply with quote

Anybody know what's going on with that tar error mentioned above?
Back to top
View user's profile Send private message
Slippery Jim
Apprentice
Apprentice


Joined: 08 Jan 2005
Posts: 264

PostPosted: Mon Dec 17, 2012 8:09 am    Post subject: Reply with quote

DaggyStyle wrote:

why not use cross compiler?


How would that help?
Back to top
View user's profile Send private message
The Doctor
Moderator
Moderator


Joined: 27 Jul 2010
Posts: 2678

PostPosted: Mon Dec 17, 2012 8:10 am    Post subject: Reply with quote

That begs the question why are you trying to administer a system without administrative privileges? If this is just a temporary arrangement, sudo access could be removed once your complete your work. If no one trusts you, then you may as well send the admin a list of packages to install.

Or you could be given access to a script via sudo that runs emerge, but only for instillations. Maybe something like this
Code:
#!/bin/bash
echo "I am watching you!"
echo "user is emerging " + $1 >> logfile.txt
emerge -av $1

Where you do not own logfile.txt or the script.
_________________
First things first, but not necessarily in that order.

Apologies if I take a while to respond. I'm currently working on the dematerialization circuit for my blue box.
Back to top
View user's profile Send private message
DaggyStyle
Watchman
Watchman


Joined: 22 Mar 2006
Posts: 5909

PostPosted: Mon Dec 17, 2012 8:23 am    Post subject: Reply with quote

Slippery Jim wrote:
DaggyStyle wrote:

why not use cross compiler?


How would that help?

ok, I see what can be the misunderstanding here, please define "different system".

is the system is same arch, use chroot to build an entire system, if the system is different arch, you'll need a crosscompiler + chroot.
_________________
Only two things are infinite, the universe and human stupidity and I'm not sure about the former - Albert Einstein
Back to top
View user's profile Send private message
Slippery Jim
Apprentice
Apprentice


Joined: 08 Jan 2005
Posts: 264

PostPosted: Mon Dec 17, 2012 9:14 am    Post subject: Reply with quote

The Doctor wrote:
That begs the question why are you trying to administer a system without administrative privileges? If this is just a temporary arrangement, sudo access could be removed once your complete your work. If no one trusts you, then you may as well send the admin a list of packages to install.

Or you could be given access to a script via sudo that runs emerge, but only for instillations. Maybe something like this
Code:
#!/bin/bash
echo "I am watching you!"
echo "user is emerging " + $1 >> logfile.txt
emerge -av $1

Where you do not own logfile.txt or the script.


It's possible I could fat-finger a command and mess something up, but I was thinking more along the lines of a buggy ebuild breaking out of the sandbox and touching the live system. Don't know if that can still happen, but it's less likely if it's running without privileges.

The script idea is interesting. I hadn't thought of that. Thanks for the new idea! :D

I guess I'm not really administering a system so much as I'm imaging a system. I'm using the gentoo based build machine as a meta-dist, to put together something else, that is not necessarily a full-on gentoo system.

I was originally thinking I could mount the target's root partition over the network, and just emerge into it, but I see now, how the problem with setting file ownership is a showstopper. I think building binary packages is the way to go, since it takes care of the file ownership problem, and I can build them as a normal user. I can even do all this locally, without network mounts. Then, I can set up a standalone install node on the network, or even a USB install stick or something, to separate the installation process from the development machines. That way, the dev nodes are always protected.

Yeah, this might actually work, if we can figure out what's wrong with emerge and tar, as related to that symlink error cited above. Anyone have an idea?
Back to top
View user's profile Send private message
Genone
Retired Dev
Retired Dev


Joined: 14 Mar 2003
Posts: 9501
Location: beyond the rim

PostPosted: Mon Dec 17, 2012 10:41 am    Post subject: Reply with quote

Note that using $ROOT can still modify the live system, as build dependencies will go to /. So if you don't want to touch the live system do a real chroot install (still requires root permissions though).
Back to top
View user's profile Send private message
Slippery Jim
Apprentice
Apprentice


Joined: 08 Jan 2005
Posts: 264

PostPosted: Mon Dec 17, 2012 5:25 pm    Post subject: Reply with quote

Genone wrote:
Note that using $ROOT can still modify the live system, as build dependencies will go to /. So if you don't want to touch the live system do a real chroot install (still requires root permissions though).


Good point. I suppose, if I need a build dep that isn't already on the main system, the solution would be to install it in into a prefix in my home directory.

This brings back the issue of file ownership again...

Also, The tar symlink error seems to be related to one of the emerge FEATURES flags:

Code:

FEATURES="fakeroot userpriv usersandbox usersync"


I'll update when I know more...



EDIT: seems to be a problem with the fakeroot utility.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Portage & Programming All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum