Pacman

Historical bug tracker for the Pacman package manager.

The pacman bug tracker has moved to gitlab:
https://gitlab.archlinux.org/pacman/pacman/-/issues

This tracker remains open for interaction with historical bugs during the transition period. Any new bugs reports will be closed without further action.
Tasklist

FS#68506 - Allow -Fy to run without root when --dbpath points to a user-owned directory

Attached to Project: Pacman
Opened by Link Mauve (linkmauve) - Monday, 02 November 2020, 17:30 GMT
Task Type Feature Request
Category General
Status Unconfirmed
Assigned To No-one
Architecture All
Severity Low
Priority Normal
Reported Version 5.2.1
Due in Version Undecided
Due Date Undecided
Percent Complete 0%
Votes 3
Private No

Details

Summary and Info:
A regular user could want to look up package names from a filename, in which case they need an up to date files database (-Fy).

This operation aborts if pacman isn’t running as root, despite no special permissions being needed if the database path is user-writable.

A workaround when pacman is built with glibc is to use fakeroot, but this isn’t available everywhere, for instance when using pacman-static: https://aur.archlinux.org/packages/pacman-static/

Steps to Reproduce:
% mkdir ~/db
% pacman -Fy --dbpath ~/db
This task depends upon

Comment by Antoine Le Gonidec (vv221) - Monday, 02 November 2020, 17:52 GMT
To give a use case, ./play.it [1] development involves tracking dependencies of binaries (without access to the sources), and translating that to package names for multiple distributions. Being able to rely on pacman-static would allow some of our developers with no access to an Arch Linux system to no longer rely on the availability of some other contributors running Arch during this dependencies tracking process.

[1]: https://www.dotslashplay.it/
Comment by Eli Schwartz (eschwartz) - Monday, 02 November 2020, 17:58 GMT
You could say the same thing about -Sy when used for a non-root dbpath. It's likewise useful, for precisely the use case employed by checkupdates. Still, we don't support this.

The thing is that dbpath will never be user writable except in edge cases where you have a custom script to rig this up. Just like checkupdates. In such cases, fakeroot is practical.

For the -Fy case I recommend invoking it with sudo, and adding a sudoers rule permitting anyone to use it without a password, given only the exact arguments "-Fy".

Perfectly secure, no prompt for passwords, even unprivileged users can update the files database.
Comment by morganamilo (morganamilo) - Wednesday, 30 December 2020, 18:29 GMT
> The thing is that dbpath will never be user writable except in edge cases where you have a custom script to rig this up

I don't think I agree with that. Pacman is a package manager, however it does not necessarily have to manage at the system level.
For example npm and pip can work per user.

I believe the Nintendo hacking group does this. They use pacman to manage and distribute all of their hacking tools using a windows
build of pacman. Where pacman and the packages arre installed just for the user instead of system wide.

Loading...