From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1OuQN5-0003Sc-5v for garchives@archives.gentoo.org; Sat, 11 Sep 2010 13:43:59 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id E00F3E08FE; Sat, 11 Sep 2010 13:43:11 +0000 (UTC) Received: from mail-fx0-f53.google.com (mail-fx0-f53.google.com [209.85.161.53]) by pigeon.gentoo.org (Postfix) with ESMTP id A60A3E08FE for ; Sat, 11 Sep 2010 13:43:11 +0000 (UTC) Received: by fxm15 with SMTP id 15so2874025fxm.40 for ; Sat, 11 Sep 2010 06:43:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:from:to:subject:date :user-agent:references:in-reply-to:mime-version:content-type :content-transfer-encoding:message-id; bh=ulYf2pYTbBPJELw2HotLUzGdSwhATE/R6U/yT4wB5fw=; b=E/ItNhw5p1CtGafryVvKAiLDwj3EMvIlibmUGX5Z5iKb+YMOUsEbP053koXroVxtEb QQnUSd95Wz+Dzs1YcfBF4onrUwN5nfrVuJGIsXYKUKhp5yyhJ73IbGAcb8ODUyNGvUNd rBvSPPS4jqW1z3lPikayUpuqadJA1Lze+d7FE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=from:to:subject:date:user-agent:references:in-reply-to:mime-version :content-type:content-transfer-encoding:message-id; b=sknIt4cFXgYThrY6CWxaniNNv/7UszsAIZZ9QDauQOhjCYtt6dbHcnLLYxrPj0B02H pXLtyJiMH6VR5uhw+aKXuopM0q19orO6b8OK2yRb05Mx8QCqz14wxvfAcmJQsXMKw2C2 Qp+wW7fSg2eyyZRbrX0qP6f0ltDtvD+0KvS88= Received: by 10.223.108.81 with SMTP id e17mr1545647fap.28.1284212591013; Sat, 11 Sep 2010 06:43:11 -0700 (PDT) Received: from energy.localnet (p5DCC082C.dip0.t-ipconnect.de [93.204.8.44]) by mx.google.com with ESMTPS id e17sm1881237faa.39.2010.09.11.06.43.08 (version=TLSv1/SSLv3 cipher=RC4-MD5); Sat, 11 Sep 2010 06:43:10 -0700 (PDT) From: Volker Armin Hemmann To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] sudo in kernel config ? Date: Sat, 11 Sep 2010 15:43:05 +0200 User-Agent: KMail/1.13.5 (Linux/2.6.34.6r4; KDE/4.5.1; x86_64; ; ) References: <201009111024.31634.stephane@22decembre.eu> <1284198419.2992.20.camel@paska> <201009111241.58151.stephane@22decembre.eu> In-Reply-To: <201009111241.58151.stephane@22decembre.eu> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-15" Content-Transfer-Encoding: quoted-printable Message-Id: <201009111543.05674.volkerarmin@googlemail.com> X-Archives-Salt: 5e585cf2-e8ab-415e-8890-6cff3eb8cd56 X-Archives-Hash: 738ec735935e1c78f136fab762f0cb16 On Saturday 11 September 2010, St=E9phane Guedon wrote: > Le Saturday 11 September 2010 11:46:59, Albert Hopkins a =E9crit : > > On Sat, 2010-09-11 at 10:24 +0200, St=E9phane Guedon wrote: > > > few months ago, I read linux kernel in a nutschell(sic), and the auth= or > > > wrote we shouldn't do kernel operations (config and build) as root. > >=20 > > I call bullsh*t. I've been compiling kernels for 17 years and for the > > most part have done it as root without any problems. > >=20 > > What the author is saying is that, to an extent, in theory no one should > > compile anything as root, or really do anything non-system-adminly as > > root. You should only do as root what is critically necessary (e.g. > > make install) as root. > >=20 > > In a perfect, tidy world we'd all do that. This world, however does not > > exist. Even portage, by default does configure and make as root (albeit > > in a sandbox so it is safe(r). > >=20 > > What the author means is theoretically the config/compile phase could > > unintentionally cause some kind of harm to your system. In practice I > > have never seen this or heard of it. The kernel devs are bright enough > > to ensure that the compilation does nothing outside the source tree > > itself. > >=20 > > It's a good guideline but, like the government's dietary guidelines, not > > ones I intend to follow religiously. > >=20 > > > Is sudo (or kdesudo ?) a good replacement to that ? > >=20 > > sudo runs things as root, so effectively you've done nothing but add a > > password prompt to the mix. > >=20 > > Gentoo actually makes this a bit more difficult, because usually one > > uses portage to install the kernel sources, and they get installed as > > root-owned, and only root has write access to the kernel tree. > >=20 > > Some people, such as myself, use kernel sources outside of portage (I > > follow a git repo) and do so as a non-root user. In this case the > > kernel tree is not owned by root and the config/compile is easily done > > as a non-root user. > >=20 > > If you are super-paranoid. You can make a non-root copy > > of /usr/src/linux and compile it as a non-root user. > >=20 > > But there really isn't any point in using sudo. It's effectively doing > > the same thing that you are trying to avoid. >=20 > I am not paranoid anymore, just asking to knowing persons... > Ok ! thanks for your answer ! well, some years ago someone made a mistake causing some people doing make = as=20 root loosing /dev/null or something like that. But not even everybody was h= it. /me prefers loosing /dev/null over having /home/$USER overwritten.