Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#6721 - [RFC] Separate system management from homes

Attached to Project: Arch Linux
Opened by Leslie Polzer (skypher) - Tuesday, 27 March 2007, 10:37 GMT
Task Type Feature Request
Category System
Status Closed
Assigned To No-one
Architecture All
Severity Very Low
Priority Normal
Reported Version 0.7.2 Gimmick
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

It is a custom in GNU/Linux distributions (and probably most UNIX distributions)
to do package management as superuser.

It should be easy to assign ownership to all system directories to a normal user
(or group, for that matter, which has the advantage the SUID binaries will
continue to work as expected), eg. 'pacman', and run the package manager under
this account.

This would be beneficial insofar as a bug in the package manager would not affect
the other parts of the system, i.e. users' home directories.

Any thoughts?
This task depends upon

Closed by  Roman Kyrylych (Romashka)
Thursday, 29 March 2007, 08:01 GMT
Reason for closing:  Won't implement
Comment by Jan de Groot (JGC) - Tuesday, 27 March 2007, 23:21 GMT
It's impossible to unpack files owned by some other user when you're not root. This breaks many packages, and in case of setuid things: the only possibility in setuid assignments is assinging setuid pacman to binaries, as you don't have rights to chmod +s files not owned by you.
Comment by Leslie Polzer (skypher) - Wednesday, 28 March 2007, 18:31 GMT
I see. Probably SELinux and grsecurity are the only way to go.

Let's close this one. Thanks!

Loading...