From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 6F6E21393F1 for ; Wed, 16 Sep 2015 02:20:36 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id E3E6BE086A; Wed, 16 Sep 2015 02:20:15 +0000 (UTC) Received: from plane.gmane.org (plane.gmane.org [80.91.229.3]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id C6C29E085A for ; Wed, 16 Sep 2015 02:20:14 +0000 (UTC) Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1Zc2KR-0002W1-Dg for gentoo-user@lists.gentoo.org; Wed, 16 Sep 2015 04:20:11 +0200 Received: from rrcs-71-40-157-251.se.biz.rr.com ([71.40.157.251]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 16 Sep 2015 04:20:11 +0200 Received: from wireless by rrcs-71-40-157-251.se.biz.rr.com with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 16 Sep 2015 04:20:11 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-user@lists.gentoo.org From: james Subject: [gentoo-user] Re: portage directory ownerships? Date: Wed, 16 Sep 2015 02:19:59 +0000 (UTC) Message-ID: References: <55F87EAB.20101@gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: sea.gmane.org User-Agent: Loom/3.14 (http://gmane.org/) X-Loom-IP: 71.40.157.251 (Mozilla/5.0 (X11; Linux x86_64; rv:36.0) Gecko/20100101 Firefox/36.0 SeaMonkey/2.33.1) X-Archives-Salt: 0e1b9c08-9593-49e4-af83-f548f59db85e X-Archives-Hash: e0e5620da12fe99a2a723a861ecaeb14 Fernando Rodriguez outlook.com> writes: > > Here, all of /etc/portage is root:root This is what I have except for distfiles:: drwxrwxr-x 5 root portage 232K Sep 14 23:00 distfiles root.portage ??? I guess portage does that. Fernando's explaination seem plausible, I guess I'd have to look at the code (not today) but this just seems strange to me that sys-apps/portage would do this... > > The tree and all overlays are portage:portage Mine are root.root but no harm, right? I guess I could change them recursively to portage:portage but why, if portage is just going to do what it wants anyway. > > You can make a local overlay owned by user you want, stuff you hack away > > at yourself should probably be james:james or james:users Yea, I gonna think about /usr/local/portage. I see the convenience of your suggestion, but I have always had most everthing portage:portage. I cannot remember why though..... > > > > Typically, permissions in /etc/portage are the usual 755 for dirs and > > 644 for files > > > > I set overlays and the tree to be 2775 for dirs and 664 for files Yea, I have just let portage do what it wants and never really thought about it before. This seem reasonable. > > Permissions should be what YOU need them to be on your computer. There's > > a default, it's what portage makes them when you install stuff yep, it makes sense that sys-apps/portage is the master of these files, I just never thought about it much before. > > Only root should change the master config files in /etc, just like in > > all other apps IIRC emerge can drop privs to a user account, if that > > user is portage then portage must own the files Ah. makes sense. > > It is true that portage drops privileges to the portage account (unless the > ebuild has RESTRICT="userpriv" or I think FEATURES="-userpriv" on make.conf) Nope these are not set on my make.conf (600) on permissions). > but it doesn't need to write to the portage tree except to the distfiles > directory so I don't know of any reason to have everything owned by > portage:portage if the perms are 755/644. Ah, this is whay my distfiles is root:portage.....? > > Mine is owned by root:root because it got borked one time after a sync so I > deleted it and copied from another box manually. The only problem I ever had > is that a fetch failed, and I just chowned the distfiles dir to portage:portage > to fix it. Only recently it was pointed to me on this list that it was supposed > to be portage:portage. I never changed it back to portage:portage but I made a > mental note not to forget about it in case of trouble, that way I'll learn why > that's the default if/when something breaks :) Besides it offers some (limited) > protection against an ebuild accidentally writing to your portage tree. Interesting. I guess I could look at the code but everything is working fine. > > > In my /usr/local/portage and it's subdirs where I hack on many > > > ebuild, portage.portage owns everything.....? > > > > Make your life easy, chaown that stuff to james > > I personally prefer root:root because I think it is more secure. If you let > somebody use your account even for a minute s/he could modify an ebuild > without a password to install whatever s/he wants next time you run an update. I like Alan's simplicity. I also like root:root, like my /usr/portage, but most of it is portage:portage, and that I did do. I just cant remember why. usr/local/portage/ is the one I need to think about. Thanks for the feedback guys, James