From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 122511382C5 for ; Sat, 31 Mar 2018 10:06:51 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 7FF24E09C6; Sat, 31 Mar 2018 10:06:45 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 2D171E0837 for ; Sat, 31 Mar 2018 10:06:45 +0000 (UTC) Received: from symphony.aura-online.co.uk (154.189.187.81.in-addr.arpa [81.187.189.154]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: chewi) by smtp.gentoo.org (Postfix) with ESMTPSA id D7166335D26 for ; Sat, 31 Mar 2018 10:06:43 +0000 (UTC) Date: Sat, 31 Mar 2018 11:06:32 +0100 From: James Le Cuirot To: gentoo-dev@lists.gentoo.org Subject: Re: [gentoo-dev] Re : Modification proposal for user/group creation when ROOT!="/" Message-ID: <20180331110632.66da870b@symphony.aura-online.co.uk> In-Reply-To: <211710464.79357.1522489187353@mail.yahoo.com> References: <211710464.79357.1522489187353.ref@mail.yahoo.com> <211710464.79357.1522489187353@mail.yahoo.com> X-Mailer: Claws Mail 3.16.0 (GTK+ 2.24.31; x86_64-pc-linux-gnu) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; boundary="Sig_/D/zMYEia8XbmJjCR.Y/4WRr"; protocol="application/pgp-signature" X-Archives-Salt: 92c28608-ea82-4f71-ad18-cc9f7f0cbc3e X-Archives-Hash: 8d8b617e2287363e0ba61b0c07ed0981 --Sig_/D/zMYEia8XbmJjCR.Y/4WRr Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Sat, 31 Mar 2018 09:39:47 +0000 (UTC) Farid BENAMROUCHE wrote: > interresting aproach. > this could work. however, i can see a few limitations: > - you must be root. Actually you don't if you add -r to unshare, which gives you what is sometimes called fakeroot. Obviously you still can't modify the files if they are really owned by root but that's true of any solution. > - this is specific to linux as of today. True and I am only interested in Linux but I like to play nice. Other platforms could potentially still briefly bind mount but it wouldn't be isolated from the other processes so it wouldn't be entirely safe. Safe enough though? You'd need to weigh this up against how many people use ROOT!=3D/ on other platforms. Not many at all, I imagine. > - if you want to hide the mechanism, i don't see how without doing > the same portage modifications as in my solution. You could handle this in the eclass functions but as you pointed out, many things call chown/chgrp directly. Usage by ebuilds themselves can be addressed but if a build system calls these then eclass functions will not help. What would work is adding some identically-named wrappers to the PATH. --=20 James Le Cuirot (chewi) Gentoo Linux Developer --Sig_/D/zMYEia8XbmJjCR.Y/4WRr Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQKTBAEBCgB9FiEEUo3mvYaRpDkf2i7UIcYyEpxtfeQFAlq/XahfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDUy OERFNkJEODY5MUE0MzkxRkRBMkVENDIxQzYzMjEyOUM2RDdERTQACgkQIcYyEpxt feQgyw/8D/GtlHAnOsnxMTuEgKhfhUrXfEg+8E8m8YVkv9E8Zl4gARMdKB/9wydw guXjbbBgfuPlfVkvZqdt+T8HXGJR+u3RKUfI5rQLBsQGGABJ87AS9kHsDZATPqLZ 9a81nCbtT6hkDAcJ6bUWweXlLX+WrBTT6UVnawGHV2ZfAMhBfz7UcwURDtskBaGo CKB5bxxtfQlFvk1cf7+CwXCh0PheDPdZHBK890mSGCKHGKC/tIbATETj4IjTtmta DhzzY0iX4gNGf9TUb5YA3gQFSg7uRHkj+zZ2L8hSKw/iV1JMtPpsZUmXkG+nrWXE 6Sq020KXm2Chaj7QMCZGHsrrzJAwc3dzuu9UdIe9C5birQDMC09YV/bst4IiaCRL OQuxPltVY7z9T5btErPgCDgUE3dbsmpnn5Ba1P8MXb1RLbZVMMbiPW4I1JXD7mxi r+bOcToL5k6WHYxf64tLzaTmtMeqf2ri2P0Xft3P2OqF3KgVZc15JWpBjfvUb52t L5KrIjam6Ut8DigTIEnaJ8ClzQ8wbydZ/uWyLmSOwHCa/OgavCpMOiEx0RPc7fmG 96L90H/ezZfDnkH8EwzB6fSX9chSR8IvAU7/xhixOU2/D944zVn1q3uD2I/ZPS4P ddgXWTrFKtYMKPfW3leaSSYT9pXuUaJa7+N1e8RZV8luyCifGQc= =M1fQ -----END PGP SIGNATURE----- --Sig_/D/zMYEia8XbmJjCR.Y/4WRr--