Opened 12 years ago
Closed 10 years ago
#9740 closed enhancement (fixed)
Need to use sudo when building an image to a partition on Linux et al
Reported by: | jessicah | Owned by: | bonefish |
---|---|---|---|
Priority: | normal | Milestone: | R1 |
Component: | Documentation | Version: | R1/Development |
Keywords: | Cc: | ||
Blocked By: | Blocking: | ||
Platform: | All |
Description
When defining a user build profile that writes the image to a local partition, e.g. /dev/sda57, on Linux one needs to run sudo to do so.
However, running the entire build under sudo is inadvisable. I've created a patch that would allow a user build profile to specify HAIKU_REQUIRES_SUDO = 1 such that at the image writing stage, it will invoke the build_haiku_image script using sudo.
Attachments (1)
Change History (10)
by , 12 years ago
Attachment: | 0001-Build-Add-option-to-use-sudo-when-creating-a-disk-im.patch added |
---|
comment:1 by , 12 years ago
patch: | 0 → 1 |
---|
comment:2 by , 12 years ago
comment:3 by , 12 years ago
Oooh, I see. This should be added to the UserBuildConfig.README then. I'll write a patch to update that documentation instead :) Thanks!
comment:4 by , 12 years ago
patch: | 1 → 0 |
---|
comment:5 by , 12 years ago
In newer (well, not old) openSUSE versions the disk device nodes are owned by root.disk. So adding your user to group disk works like a charm. I don't know, if that holds for other distributions as well.
follow-up: 7 comment:6 by , 12 years ago
While this works, it still suffers from the oops-wrong-partition-problem.
I believe it's much safer to set the permissions precisely as you need them. The note in the sudo jam section mentioned above probably refers to the fact that newer distributions make use of udev to manage /dev, so any changes to the permissions are lost upon reboot. I have updated that section with a hint how to tell udev to setup the required permissions after every boot automatically.
follow-up: 8 comment:7 by , 12 years ago
Replying to zooey:
While this works, it still suffers from the oops-wrong-partition-problem.
Yeah, it does. OTOH making the devices world readable/writable is a security nightmare. Maybe there's an ACL based solution.
follow-up: 9 comment:8 by , 12 years ago
Replying to bonefish:
Yeah, it does. OTOH making the devices world readable/writable is a security nightmare. Maybe there's an ACL based solution.
If you're worried about other users on your machine, you can tell udev to change the owner of the device to your user. In that case, no mode change is required.
comment:9 by , 10 years ago
Component: | Build System → Documentation |
---|---|
Resolution: | → fixed |
Status: | new → closed |
Replying to zooey:
If you're worried about other users on your machine, you can tell udev to change the owner of the device to your user. In that case, no mode change is required.
Thanks, sounds like the ultimate solution. I have updated the sudo jam section.
Having to use sudo is still not really advisable. The proper way is to make the partition writable to the user you are building with, either by changing ownership or access rights. This is described in the sudo jam section of Using Jam. If that doesn't work anymore (as the note seems to claim) then it should be updated there of course.