Configuring as user and as group

alpha_lt · 11-03-2009, 09:37 AM

Hello,

I've mentioned in some howto's that they use such syntax for configuring software sources:

install_user:nobody install_group=nogroup ./configure

What's the point of using these directives ? Is it about security ? And what really does these directives ? Sets chown on installation files or what ?
Thanks in advance.

Regards,
alpha

chiragrk · 11-03-2009, 10:36 PM

Some configure script needs parameters install_user and install_group - these are getting set in the line you pasted above, before ./configure is executed.
nobody and nogroup are user and group in some linux distros like debian. These are used to run processes with minimum privileges - so I guess its got something to do with security.
If you need to find out what exactly nobody user is doing you will have to analyse the configure script.

alpha_lt · 11-04-2009, 06:28 AM

Thank you for answer.
Can you tell me in general if I do not use any install_user and install_group scripts what owner of configured package will be ? User which was loggen in when made configure ? Ok will it be security risk if I configure as root ?

Regards,
alpha

chiragrk · 11-05-2009, 04:51 AM

It all depends on whats inside the configure file. Good configure scripts would error out if a *needed* variable isn't set, some would default those variables to some value. The bad ones will just error out in between .

Whether or not using root for install will pose a security risk totally depends on what kind of resources the process/script will access/create. Just as an example, if there's a vulnerability in the process and its been running as root, you could compromise/de-stabilize the system.

alpha_lt · 11-05-2009, 05:05 AM

Thank you. Now I understand whole thing. Thank you !