On Sat, Jan 11, 2020 at 9:37 AM Dale <rdalek1...@gmail.com> wrote: > > I run emerge as root but the proper permissions, or at least was several > years ago, is portage:portage and rwx access for both. This is my settings.
By default portage drops permissions to portage:portage during most phases, including reading the repository (which requires executing ebuilds and eclasses even for what are intended to be read-only functions). If every file in the repository isn't readable by portage, then you will have problems. Portage also drops permissions during syncing, so if you have files that aren't modifiable by portage then that can also cause issues if you sync. In general it is best if everything is 664/775 portage:portage in the repo. It is pretty easy to mess this up if you try to update the repo manually, such as by running git pull as root in a git repo. If you use emerge --sync to update then you won't have this problem. If you've messed up permissions you can go fixing them with chown/chmod, or you can just delete the whole repository directory tree and do an emerge --sync to re-create it. > If I recall correctly, if you > add your user to the portage group, you can run a lot of commands as > user. Unless you have needed files set to be non-readable by everyone you should be able to run read-only portage commands under any user, like emerge --pretend. If you've locked anything down then being in the portage group would obviously help with that, assuming you've done the locking-down correctly. > I think you have to be root to actually install something tho. Obviously. Nothing in portage is suid so unless you've modified your system to have a very non-conventional security model you can't go installing almost anything as non-root. Portage drops permissions by default during most operations, but not during install or running install-related scripts. -- Rich
