Re: Crazy APT/dpkg suggestion (user-installable packages)

To: debian-devel@lists.debian.org
Subject: Re: Crazy APT/dpkg suggestion (user-installable packages)
From: "John H. Robinson, IV" <jhriv@ucsd.edu>
Date: Wed, 6 Feb 2002 10:40:26 -0800
Message-id: <[🔎] 20020206184026.GF20591@ucsd.edu>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] Pine.LNX.4.44.0202060817230.12538-100000@boater.Princeton.EDU>
References: <[🔎] Pine.LNX.4.44.0202060817230.12538-100000@boater.Princeton.EDU>

On Wed, Feb 06, 2002 at 08:39:54AM -0500, Kevin B. McCarty wrote:
> 
> * Any user can install a package, except when:
> 	1) it would Conflict: with a package already installed by root
> 	   or by a different user

and what prevents the user from getting the upstream tarball,
compiling, and installing to their $HOME? this is a needless
restriction.

> 	2) it would make the amount of free space available on any 
> 	   partition less than some absolute size and/or percentage,
> 	   specifiable by root in a conf-file

that is what quota's are for.

> 	3) it appears in a list of packages that root specifies may NOT
> 	   be user-installed (/etc/packages.deny)

same wget;tar;./configure;make;make install problem as above

> 	4) it does NOT appear in a list of packages that root specifies
> 	   may be installed (/etc/packages.allow)

same problem as above

> * A user can remove or upgrade a package s/he has installed, except when:
> 	1) this would cause a root-installed package or a package 
> 	   installed by another user to be removed or upgraded

and _why_ wuld a root installed pacakge be dependent upon ANYTHING in
anyone's $HOME? that is a _very_ poor design.

if the admin says it is to go, it is to go. period. and if dpkg
complains, we have --force-* options to convince dpkg that we really are
smarter.

> * Root may easily do one of the following by setting a conf-file variable:
> 	a) upgrade _all_ packages via apt-get upgrade
> 	b) upgrade only packages previously installed by root

or are you thinking that user-installed packages would go into / instead
of $HOME? if the former, you are asking for major problems. if the
latter, then no worries. the admin should only affect the system
(root-installed) packages, and never touch anything installed by a user
into their $HOME

> * Obviously dpkg needs to know who installed which package: keep a list in
> /var/lib/dpkg/packages.user or something like that.

bah! that is what $HOME/var/lib/dpkg/packages is for! the main system
need not be concerned _at all_ with what is in anyone's $HOME. not even
root's. (so, say root wanted to install something to ~root instead of /,
for testing purposes . . . )

> * I see the behavior described above being most desired on a single-user 
> system, or on a multi-user system where the sysadmin is too busy to 
> install packages specifically at the request of the users.

if i want something bad enough (vim), and the local admins do not
provide it, i will compile it myself. i will keep it in $HOME, and if
the admins actually _do_ install it, but not compiled the way i like it,
then i will continue to use the version in my $HOME.

i don't think this is a bad idea, per se, as dpkg is not S[UG]ID, the only
thing a user could overwrite is files that they have write access to
(their own) anyway. untarring of a SUID root program would lose its SUID
and rootness, so no worries about a mailicous user gaining instant
UID=0.

i think this would be dificult to manage, as .deb's are not ``relocate-
able'' (ie: vim will look for /etc/vimrc, unless comiled otherwise)

-john

Reply to:

References:
- Crazy APT/dpkg suggestion (user-installable packages)
  - From: "Kevin B. McCarty" <kmccarty@Princeton.EDU>

Prev by Date: Re: It's Huntin' Season
Next by Date: Re: kernel-* package names
Previous by thread: Re: Crazy APT/dpkg suggestion (user-installable packages)
Next by thread: Re: Crazy APT/dpkg suggestion (user-installable packages)
Index(es):
- Date
- Thread