SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Reading around, it seems it's inadvisable to compile packages as root. However, this is something I've always done since I thought one needed to be root for the .txz to be dropped into /tmp. All my packages were therefore compiled as root.
Is this an issue? All my computers are single-user systems and I never have to make changes to any of the packages.
EDIT: I should clarify, when I say 'compiling packages', I mean Slackbuilds.
Last edited by Lysander666; 01-06-2019 at 07:17 AM.
it is dangerous. You download something and run something as root and you will never recognize if your system was damaged. Additionally some tools may not work properly if started by root.
it is dangerous. You download something and run something as root and you will never recognize if your system was damaged. Additionally some tools may not work properly if started by root.
So if something is compiled as root it automatically runs as root?
It's more that the makefile/build is run as root, so any commands in the makefile, or the ./configure script etc. will be run as root and have no restrictions on what they can do. There's plenty of scope for either damage due to error (more likely) or maliciousness (less likely).
I build a lot of my own slackbuilds as non-root. I use a wrapper script around makepkg that does all the stuff that requires superuser, everything else is run by a non-privileged user. Some makefiles may need further modification to support this though, so it's not always straight forward.
Other approaches include using 'fakeroot' (which uses some LD_PRELOAD shenanigans that I'm not personally a fan of).
The common approach in slackware circles is to just run builds as 'root'. I guess the rationale is that the SBo guys have already determined that there will be no harm from running their slackbuilds.
You can build all slackbuilds packages as non-root - but then it requires little more job to create package - due to files permission. Also people here build with fake-root. The only point one requires root privileges is to build Slackware package. But subject was discussed many times. With the same conclusion: it does not matter.
It all depends if you trust the people who wrote and checked the build script. I don't trust myself, so I run the ones I have written or edited as didier using fakeroot. There are a very few cases where it's not technically possible or easy, then I try to be more careful and run them as root.
You can also consider using git://urchlay.naptime.net/sbostuff.git. This repository contains several helper scripts for working with slacbkuilds. For example, the following command will download source tarball as specified in .info file, validate its md5sum and run slackbuild script:
Code:
sbodl && sbrun
If slackbuilds script performs some fishy activities you receive the warning. Say I add this line to slackbuild script:
Code:
touch ~/PIRATE-FILE
I get this warning from sbrun:
Code:
sbrun: WARNING: files altered outside the sandbox:
c /root/PIRATE-FILE
It also blocks access to the network, for example 'wget linuxquestions.org' results in:
Code:
--2019-01-06 16:13:00-- http://linuxquestions.org/
Resolving linuxquestions.org... failed: Temporary failure in name resolution.
wget: unable to resolve host address ‘linuxquestions.org’
./global.SlackBuild exit status: 4
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.