From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1OuMgR-0003Dd-EX for garchives@archives.gentoo.org; Sat, 11 Sep 2010 09:47:43 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id C7FECE07DB; Sat, 11 Sep 2010 09:47:00 +0000 (UTC) Received: from out2.smtp.messagingengine.com (out2.smtp.messagingengine.com [66.111.4.26]) by pigeon.gentoo.org (Postfix) with ESMTP id B617AE07DB for ; Sat, 11 Sep 2010 09:47:00 +0000 (UTC) Received: from compute3.internal (compute3.nyi.mail.srv.osa [10.202.2.43]) by gateway1.messagingengine.com (Postfix) with ESMTP id 6BB5C3BA for ; Sat, 11 Sep 2010 05:47:00 -0400 (EDT) Received: from frontend1.messagingengine.com ([10.202.2.160]) by compute3.internal (MEProxy); Sat, 11 Sep 2010 05:47:00 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=messagingengine.com; h=subject:from:to:in-reply-to:references:content-type:date:message-id:mime-version:content-transfer-encoding; s=smtpout; bh=83+9LfMpGDasArT57p1Mzz5lhoY=; b=IWeV5EHouls0gww56Vn4tCkSBlkzK3lqcL+boft70QOMZ9UjJLsUoCBBRw1dg0TRDD4cX+JxnTbRE3cskUK4cmbtVoLtX8YC7mv5YGE5X9wdjr7EEE5SHyCDXl0brwWaXlCzgG+PJHNod56R3RdusA0W9RqPlXyMV38LYn1ZaiE= X-Sasl-enc: 9/RGPBTOCG742Fjg1hOvKdKYpnFEugHvYIBuKZN+ODS4 1284198420 Received: from [192.168.31.28] (cpe-069-134-182-167.nc.res.rr.com [69.134.182.167]) by www.fastmail.fm (Postfix) with ESMTPSA id 2816A4005EF for ; Sat, 11 Sep 2010 05:47:00 -0400 (EDT) Subject: Re: [gentoo-user] sudo in kernel config ? From: Albert Hopkins To: gentoo-user@lists.gentoo.org In-Reply-To: <201009111024.31634.stephane@22decembre.eu> References: <201009111024.31634.stephane@22decembre.eu> Content-Type: text/plain; charset="UTF-8" Date: Sat, 11 Sep 2010 05:46:59 -0400 Message-ID: <1284198419.2992.20.camel@paska> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 X-Mailer: Evolution 2.30.3 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: 9eb5a6d7-cb33-4d54-9d20-ddbdafa6a3e2 X-Archives-Hash: 2a781279a4ec83faa46fd7c12dad7a47 On Sat, 2010-09-11 at 10:24 +0200, St=C3=A9phane Guedon wrote: > few months ago, I read linux kernel in a nutschell(sic), and the author= wrote we=20 > shouldn't do kernel operations (config and build) as root. I call bullsh*t. I've been compiling kernels for 17 years and for the most part have done it as root without any problems. What the author is saying is that, to an extent, in theory no one should compile anything as root, or really do anything non-system-adminly as root. You should only do as root what is critically necessary (e.g. make install) as root. In a perfect, tidy world we'd all do that. This world, however does not exist. Even portage, by default does configure and make as root (albeit in a sandbox so it is safe(r).=20 What the author means is theoretically the config/compile phase could unintentionally cause some kind of harm to your system. In practice I have never seen this or heard of it. The kernel devs are bright enough to ensure that the compilation does nothing outside the source tree itself. It's a good guideline but, like the government's dietary guidelines, not ones I intend to follow religiously. > Is sudo (or kdesudo ?) a good replacement to that ? sudo runs things as root, so effectively you've done nothing but add a password prompt to the mix. Gentoo actually makes this a bit more difficult, because usually one uses portage to install the kernel sources, and they get installed as root-owned, and only root has write access to the kernel tree. Some people, such as myself, use kernel sources outside of portage (I follow a git repo) and do so as a non-root user. In this case the kernel tree is not owned by root and the config/compile is easily done as a non-root user. If you are super-paranoid. You can make a non-root copy of /usr/src/linux and compile it as a non-root user. But there really isn't any point in using sudo. It's effectively doing the same thing that you are trying to avoid.