On Tue, 29 Aug 2000, Stephen C. Biggs wrote:
>> Because I have done so for several years with no problems until
>> last week when I had a "rpm --rebuild" delete several
>> subdirectories on my filesystem during "%clean" stage. RPM
>> should IMHO do anything it does in a chroot()'d jail. Making a
>> user called "rpm" and setting up rpm to build packages as that
>> user, is much safer, ESPECIALLY when constructing and debugging
>> your own packages.
>
>If this is a repeat question, I apologize...I just joined the list.
Yes, it was just discussed. Just read the list archives to get
the details..
>How do you setup rpm to do this (build packages as a non-root
>user)? Is this documented anywhere? What directory structure do
>you use? What permissions and groups should user "rpm" have
>and belong to?
Just create a copy of the dir structure under /usr/src/redhat/*
in /home/rpm/ after creating the RPM user. I made an rpm user
with group rpm and duplicated the /usr/src/redhat/* dir structure
under /home/rpm/rpmroot, then made a .rpmrc and .rpmmacros files
to point all variables to the new dirs as described in the
previous threads.
>Assuming that I log in as "rpm" (can I do this in an X terminal
>window? how? login rpm?), then I just cd to the build directory
>structure and run rpm on the rpm file wherever it is?
You log in as rpm, and type "rpm --rebuild package.src.rpm" or
whatever you'd normally do.
>Would this also allow me to build a kernel or other system
>executables?
If the src.rpm packages are created cleanly enough yes. Think
about it... What magical special root-only capability is
required to compile software and package it? None. The only
possible problem is if a make target uses chown/chgrp or other
root-only commands, etc.. In this case, the package is poorly
designed IMHO. Any perm/ownership changing should be set in
the .spec file using %defattr, and friends.
TTYL
--
Mike A. Harris Linux advocate
Computer Consultant GNU advocate
Capslock Consulting Open Source advocate
Be up to date on nerd news and stuff that matters: http://slashdot.org
_______________________________________________
Redhat-devel-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-devel-list
