Re: Apt-get for users

To: Chad Walstrom <chewie@skuld.wookimus.net>
Cc: debian-devel@lists.debian.org
Subject: Re: Apt-get for users
From: Emile van Bergen <emile-deb@evbergen.xs4all.nl>
Date: Sat, 5 Apr 2003 22:00:23 +0200
Message-id: <[🔎] 20030405200023.GA18079@evbergen.xs4all.nl>
Mail-followup-to: Chad Walstrom <chewie@skuld.wookimus.net>, debian-devel@lists.debian.org
In-reply-to: <[🔎] 20030405183608.5BDE060C8E@wookimus.net>
References: <[🔎] 877ka9nu8j.fsf@crazy.kos.nx> <[🔎] 20030405183608.5BDE060C8E@wookimus.net>

Hi,

On Sat, Apr 05, 2003 at 12:36:08PM -0600, Chad Walstrom wrote:

> Before you begin the trek to customize dpkg, ask yourself the importance
> for such a feature and address the difficulties.
> 
>   * Some binaries are compiled with hard-coded paths for
>     configuration files.
>     - You would need to patch these applications to accept a
>       commandline option to specify where to find the config file
>       or override this.

Not necessary - you don't need the path to be run-time configurable;
compile-time configurable is enough. Most applications already allow
that using configure --prefix, --sysconfdir, etc.

>     - You could come up with an install-time configuration for
>       interpreted language-based programs.
> 
>   * Some applications require /proc or /dev access.  Are these
>     appropriate for a user to install?  How do you automate these type
>     of system policies.

/Very/ simple. Based on Unix permissions. It's hard and almost always
unnecessary to forbid anything that's allowed by Unix permissions;
conversely, I think anything that's not forbidden by Unix file
permissions should not be made unnecessarily hard.

>   * Some software installs with setuid/setgid permissions.  How do you
>     override these?

If you install as $USER, the files won't be setuid/setgid. The
consequence is that the user can only run things as himself. This is bad
why?

Remember, we're not talking about users running their own mailspools or
printqueues. In most cases it'll be desktop apps that don't need
access to anything but /tmp/.X11-Unix and $HOME.

>   * Debian packages use a very simple process to set the ownership to
>     files at build-time.  How do you override these permissions at
>     install-time?

There's a difference beteen ownership and permissions. Ownership is
simple; if a random user installs files in some place he can write to,
he'll be the owner and stay the owner. Permissions can be anything.

> There are a lot of issues to deal with.  The flexibility you propose is
> an interesting concept.  Perhaps you could subscribe to the dpkg
> developers' list and discuss this topic with them.

I think the flexibility is relatively easy to achieve in a user friendly
way if we stick to source packages. A nice side effect of making source
package management more user friendly is that it will silence the people
whining about Gentoo's CPU optimizations a bit.

Cheers,

Emile.

-- 
E-Advies - Emile van Bergen           emile@e-advies.nl      
tel. +31 (0)70 3906153           http://www.e-advies.nl

Attachment: pgpSC_iyjMpY0.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Apt-get for users
  - From: Keegan Quinn <kquinn@respond2.com>

References:
- Apt-get for users
  - From: Thomas Petazzoni <thomas.petazzoni@enix.org>
- Re: Apt-get for users
  - From: Chad Walstrom <chewie@skuld.wookimus.net>

Prev by Date: Re: May I temporarily move away a conffile of a conflicting package? [Repost]
Next by Date: Re: master.debian.org randomly deferring mail
Previous by thread: Re: Apt-get for users
Next by thread: Re: Apt-get for users
Index(es):
- Date
- Thread