From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!not-for-mail From: Bob Proulx Newsgroups: gmane.emacs.help Subject: Re: sudo make install Date: Wed, 15 Apr 2015 15:26:40 -0600 Message-ID: <20150415151457700363175@bob.proulx.com> References: <87pp76wl1e.fsf@web.de> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Trace: ger.gmane.org 1429133407 3329 80.91.229.3 (15 Apr 2015 21:30:07 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Wed, 15 Apr 2015 21:30:07 +0000 (UTC) Cc: Emacs mailing list To: Michael Heerdegen Original-X-From: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Wed Apr 15 23:30:01 2015 Return-path: Envelope-to: geh-help-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1YiUsj-0003lS-5Y for geh-help-gnu-emacs@m.gmane.org; Wed, 15 Apr 2015 23:30:01 +0200 Original-Received: from localhost ([::1]:34196 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YiUsi-0004vm-K6 for geh-help-gnu-emacs@m.gmane.org; Wed, 15 Apr 2015 17:30:00 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:38128) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YiUpa-0003zp-Lz for help-gnu-emacs@gnu.org; Wed, 15 Apr 2015 17:26:48 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1YiUpV-0006tL-IS for help-gnu-emacs@gnu.org; Wed, 15 Apr 2015 17:26:46 -0400 Original-Received: from joseki.proulx.com ([216.17.153.58]:33401) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1YiUpV-0006sn-5M for help-gnu-emacs@gnu.org; Wed, 15 Apr 2015 17:26:41 -0400 Original-Received: from hysteria.proulx.com (hysteria.proulx.com [192.168.230.119]) by joseki.proulx.com (Postfix) with ESMTP id 379A321838; Wed, 15 Apr 2015 15:26:40 -0600 (MDT) Original-Received: by hysteria.proulx.com (Postfix, from userid 1000) id 2D0C12DC42; Wed, 15 Apr 2015 15:26:40 -0600 (MDT) Mail-Followup-To: Michael Heerdegen , Emacs mailing list Content-Disposition: inline In-Reply-To: <87pp76wl1e.fsf@web.de> User-Agent: Mutt/1.5.23 (2014-03-12) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 216.17.153.58 X-BeenThere: help-gnu-emacs@gnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Users list for the GNU Emacs text editor List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Original-Sender: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Xref: news.gmane.org gmane.emacs.help:103752 Archived-At: Michael Heerdegen wrote: > I noticed that since some time, "make install" does compile stuff in the > emacs/ source dir , just like "make". I remember that it only used to > copy files into the installation target dirs. The 'make install' depends upon the 'make all' target. Everything must be up to date before installation. If everything is up to date then 'make install' only installs. If things are out of date then 'make install' first updates everything and then installs. > My question: when I want to "make install", I need to use "sudo". But > after that operation, the emacs/ source dir now contains files owned by > root. After that, I always need to be root to "make" Emacs. I don't > want that, I still want to be able to "make" as a normal user. Run 'make' and 'make check' first. Then run 'make install' only after the first is clean. > How do others handle this? I do try to keep the distribution specific advocacy to a minimum. But this was a specific question. :-) I use Debian. In Debian the /usr/local tree is group-owned by the "staff" group. I place myself in the staff group. (I also put myself in the "adm" group too. So that I can read /var/log/* files.) adduser rwp staff adduser rwp adm Then log out and log back in again so that the group assignment is made. Group assignments are only done at login time. You must log out and then log back in again to have this take effect. At that point I can write to the /usr/local tree as myself. Never use sudo there again. This *improves* security. I say again, this improves security. Since there isn't any root involved in accessing that tree it means that a buggy Makefile or malicious project no longer has one attack vector against the system. A 'make install' can't modify something in /etc for example. make make check make install No use of su or sudo in the above. Compilation is only as a non-priviledged user. Installation is only as a non-priviledged user. Installation can only modify files in /usr/local. The installation cannot modify /etc, /bin, /usr/bin, /lib, /usr/lib, or any other system location. It is trapped into the /usr/local tree exactly where it should be restricted. This will catch any project that is doing bad things in their installation process. If doing this you get a permission denied while it is trying to write files in to the main host system then you know you have found a bug. Potentially a very bad bug. Using 'sudo make install' feels very wrong to me. Download some random project from the net and give it root access to your system? That feels very wrong. In a perfect world I would container everything. The above strategy can be used on any operating system. Simply change the group ownership of the /usr/local tree. Off the top of my head: find /usr/local -exec chgrp staff {} + find /usr/local -type d -exec chmod g+ws {} + Remember that no operating system files will be packaged for the /usr/local tree (other than setting up infrastructure such as /usr/local/bin itself and other related directories there. The /usr/local tree is for the local admin to maintain and control. Bob