On Wed, 2008-06-04 at 20:38 -0700, Jason Chu wrote: > On Sun, Jun 1, 2008 at 1:31 PM, Michael Klier <chi@xxxxxxxxxxx> wrote: > > Jason Chu wrote: > >> On Sun, Jun 1, 2008 at 10:14 AM, Michael Klier <chi@xxxxxxxxxxx> wrote: > >> > Jason Chu wrote: > >> >> Yeah, put those in your public repo too and then I'll release a new > >> >> version of srcpac. > >> > > >> > Ok, almost finished, though one problem remains. Using nobody actually doesn't > >> > work because when you su nobody -c <command> the system will enforce a > >> > password change. > >> > > >> > That leaves 3 options: a) we use a dedicated srcpac user in case srcpac was > >> > invoked by root or b) make the user configurable in /etc/srcpac.conf or c) > >> > invoke makepkg using sudo -u nobody, that however will add sudo as dependency > >> > to srcpac. Personally I think c) is the best of them. > >> > > >> > Other than that I've added the changes, but because of that missing bit the > >> > version in my repo is not 100% functional at the moment. > >> > > >> > What do you think? > >> > > >> > Michael > >> > >> I don't mind sudo as a dependency: c) is fine. > > > > OK then, I've applied that as well and updated the man page too. Now sudo is > > used when invoked by root to drop privileges to nobody and su is used to drop > > privilegs to the user who called srcpac via sudo (using su here to get the > > environment right). From the tests I've done so far everything seems to work > > well (though again, it wouldn't harm if someone maybe checked it too). I also > > haven't touched the version number ;). > > > > Regards > > Michael > > > > -- > > Michael Klier > > I'm happy with these changes. Now the only real question that needs > to be answered should this be srcpac 0.6 or srcpac 1.0? > > Jason > Can you have it run su -c '/path/to/command something' instead of sudo? Not all of us are willing to have to use sudo. If sudo is that necessary, then it is still fine. This is just a small opinion. Thanks.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
