makepkg as nobody

kay94 · 2018-10-16 12:05:15

Hi,

I'm trying to build a package from AUR as nobody from within a script. The script is run with sudo/as root and is intended to work on any Arch Linux installation with sudo, makepkg and base-devel installed. I then planned to follow the instructions from http://allanmcrae.com/2015/01/replacing-makepkg-asroot/, but it didn't fully work. This is what I did:

# mkdir /home/build
# chgrp nobody /home/build
# chmod g+ws /home/build
# setfacl -m u::rwx,g::rwx /home/build/
# setfacl -d --set u::rwx,g::rwx,o::- /home/build
# cd /home/build/
# git clone https://aur.archlinux.org/rdma-core.git
# cd rdma-core/
# sudo -u nobody makepkg -i

It now fails because of missing build dependcies. On the other, I obviously can't run '# makepkg -s' to install them.
I looked whether makepkg has an option for printing the necessary depencies for building so I could run pacman before relaunching makepkg. But 1) such an option doesn't exist 2) that would not work with build depencies from AUR, AFAIK. I could 'grep' for those, but then 2) still applies, right?

Thanks in advance for any help
Regards

Slithery · 2018-10-16 12:36:30

You can use aurchain from the aurutils package to do this...

slithery@red:~$ aurchain -a rdma-core
libnl
git
cmake
gcc
libsystemd
systemd
pkg-config
ninja
bash
pandoc
python
rdma-core

Unfortunately this doesn't meet your base-devel/pacman/makepkg only requirement, but as aurutils has no AUR dependencies you could build and install it first.

Is the method you are considering really the best way to do this? Could you instead provide a custom repo, or only run parts or your script via sudo, or build in a clean-chroot, or temporarily add custom sudoers drop-ins? These are just a few solutions that may work off the top of my head.

Arch Linux

#1 2018-10-16 12:05:15

makepkg as nobody

#2 2018-10-16 12:36:30

Re: makepkg as nobody

Board footer