Содержание
- Запуск pacman без рута
- Как дать пользователю права root?
- Arch Linux
- #1 2013-02-10 21:26:19
- Pacman refuses to run as non-root user, I don’t agree 🙂
- #2 2013-02-10 21:30:39
- Re: Pacman refuses to run as non-root user, I don’t agree 🙂
- #3 2013-02-10 21:33:07
- Re: Pacman refuses to run as non-root user, I don’t agree 🙂
- #4 2013-02-10 21:50:02
- Re: Pacman refuses to run as non-root user, I don’t agree 🙂
- #5 2013-02-10 21:50:51
- Re: Pacman refuses to run as non-root user, I don’t agree 🙂
- #6 2013-02-10 21:54:04
- Re: Pacman refuses to run as non-root user, I don’t agree 🙂
- #7 2013-02-10 21:55:42
- Re: Pacman refuses to run as non-root user, I don’t agree 🙂
- #8 2013-02-10 21:57:04
- Re: Pacman refuses to run as non-root user, I don’t agree 🙂
- #9 2013-02-11 00:03:48
- Re: Pacman refuses to run as non-root user, I don’t agree 🙂
- #10 2013-02-11 00:53:11
- Re: Pacman refuses to run as non-root user, I don’t agree 🙂
- #11 2013-02-11 01:19:36
- Re: Pacman refuses to run as non-root user, I don’t agree 🙂
- Arch Linux
- #1 2022-07-05 15:58:08
- [SOLVED] Pacman giving me warnings
- #2 2022-07-05 16:05:01
- Re: [SOLVED] Pacman giving me warnings
- #3 2022-07-05 16:12:25
- Re: [SOLVED] Pacman giving me warnings
- #4 2022-07-05 16:46:59
- Re: [SOLVED] Pacman giving me warnings
- #5 2022-07-05 16:53:35
- Re: [SOLVED] Pacman giving me warnings
- #6 2022-07-05 17:00:59
- Re: [SOLVED] Pacman giving me warnings
Запуск pacman без рута
vadik
imam, тогда и pacman.conf показывайте.
arcanis так тот пакет в основную систему установился? Или так и лежит в /tmp?
Пакет лежит где и лежал
а на попытку установить говорит
error: you cannot perform this operation unless you are root.
тоесть я в отдельном каталоге из под простого юзера собираю макет дерева каталогов и файлов для образа.
imam, про расположение пакета я спрашивал у arcanis-а. А вас просил показать тот pacman.conf, на который ссылаетесь в своей команде установки (есть мысль, но надо проверить).
П.с. только уже все это завтра, пора спать.
vadik
imam, про расположение пакета я спрашивал у arcanis-а. А вас просил показать тот pacman.conf, на который ссылаетесь в своей команде установки (есть мысль, но надо проверить).
комент выше правил ))))
pacman.conf:
[options]
RootDir = /mnt/
DBPath = /mnt/var/lib/pacman/
CacheDir = /mnt/var/cache/pacman/pkg/
LogFile = /mnt/var/log/pacman.log
HoldPkg = pacman glibc
Architecture = auto
CheckSpace
SigLevel = Required DatabaseOptional
LocalFileSigLevel = Optional
vadik
arcanis так тот пакет в основную систему установился? Или так и лежит в /tmp?
Отучить pacman проверять, для некоторых операций, запущен ли он от рута нельзя — это часть его логики работы определенная в исходниках. Хотя некоторые считают что так делать моветон. А вот почему suid бит на него не действует — интересный вопрос.
Наверное поэтому:
naszar
Отучить pacman проверять, для некоторых операций, запущен ли он от рута нельзя — это часть его логики работы определенная в исходниках.
Значит мне придется править исходник
Источник
Как дать пользователю права root?
Я только что установил Arch. Работает отлично. Я создал нового пользователя, вошел в систему с ним, и теперь я пытаюсь установить несколько вещей с pacman . Но я продолжаю получать сообщение об ошибке: error: you cannot perform this operation unless you are root. я могу pacman нормально работать с root, но есть ли способ разрешить моему новому пользователю выполнять эти действия?
Я попытался войти в root и использовать gpasswd:
gpasswd -a jack root
но это ничего не сделало.
Вы должны прочитать страницу Arch Wiki на sudo .
sudo («Заместитель пользователя делает») позволяет системному администратору делегировать полномочия, чтобы дать определенным пользователям (или группам пользователей) возможность выполнять некоторые (или все) команды от имени пользователя root или другого пользователя, обеспечивая при этом контрольный журнал команд и их аргументы.
Вы можете установить sudo из репозиториев, а затем настроить его, чтобы предоставить вашему пользователю jack доступ к привилегированным командам путем редактирования /etc/sudoers . Убедитесь, что вы делаете это с помощью visudo команды.
Чтобы предоставить пользователю jack полные права суперпользователя, вы должны добавить эту строку:
Обычно я включаю привилегии root для определенной группы. Таким образом, вы можете просто добавить пользователей, которым вы хотите привилегии root, в эту группу.
Редактировать /etc/sudoers с помощью visudo и добавить (или закомментировать):
Затем добавьте своего пользователя в эту группу:
Я могу использовать pacman с root’ом, но есть ли способ разрешить моему новому пользователю выполнять эти действия?
Вы можете создать свой $USER , добавив их в wheel группу в одиночку:
Затем обновите, /etc/sudoers как предложено Эриком Леннартссоном. Но если вы ищете программный подход, вы можете вместо этого создать файл в /etc/sudoers.d виде:
Описанный выше метод был предложен Борисом в Ask Ubuntu, и он вообще не требует использования visudo . При использовании с префиксом pacman команды с sudo выглядят так:
Источник
Arch Linux
You are not logged in.
#1 2013-02-10 21:26:19
Pacman refuses to run as non-root user, I don’t agree 🙂
I would like to run pacman as a user with limited rights, so it can not overwrite my personal files. In order for this to work, I would like to change the ownership of all the needed directories for pacman to a new user, and then run pacman as this new user.
Pacman however refuses to run as the root user:
$ pacman -Suy
error: you cannot perform this operation unless you are root.
Is it a good idea to change pacman so it does work as a non-root user? Please also tell me if this is a terrible idea 🙂
#2 2013-02-10 21:30:39
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
How do you intend to update your system, which is almost entirely root-owned? And no, it doesn’t overwrite your personal files unless they somehow belong to an installed package, which they shouldn’t. In case of configs in /etc, pacman just creates new config as .pacnew files to be reviewed by user.
Last edited by kaszak696 (2013-02-10 21:32:31)
‘What can be asserted without evidence can also be dismissed without evidence.’ — Christopher Hitchens
‘There’s no such thing as addiction, there’s only things that you enjoy doing more than life.’ — Doug Stanhope
GitHub Junkyard
#3 2013-02-10 21:33:07
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
What «personal» files do you think pacman is overwriting?
Sakura:-
Mobo: MSI MAG X570S TORPEDO MAX // Processor: AMD Ryzen 9 5950X @4.9GHz // GFX: AMD Radeon RX 5700 XT // RAM: 32GB (4x 8GB) Corsair DDR4 (@ 3000MHz) // Storage: 1x 3TB HDD, 6x 1TB SSD, 2x 120GB SSD, 1x 275GB M2 SSD
Making lemonade from lemons since 2015.
#4 2013-02-10 21:50:02
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
This is a terrible idea. Use «pacman -Qii » and look at the bottom of the output. It is smart enough to be told to treat config files differently. Ergo, if they are changed and an update occurs, you will end up with a *.pacnew file. If you remove the package, these files stay unless specifically told to remove them.
#5 2013-02-10 21:50:51
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
How do you intend to update your system, which is almost entirely root-owned?
I would first change the ownership of the files pacman needs access to, then run pacman as that user. I don’t know exactly yet what files they are, but I guess it’s everything below /usr, and the /var/cache/pacman, and probably some other places.
And no, it doesn’t overwrite your personal files unless they somehow belong to an installed package, which they shouldn’t. In case of configs in /etc, pacman just creates new config as .pacnew files to be reviewed by user.
You are absolutely right. This should not happen. But why not make it impossible to happen? Adding the new user, and chowning the needed files/directories only has to be done once, after that the system is more secure.
#6 2013-02-10 21:54:04
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
Chowning everything in /usr is a giant gaping security hole, you are just asking for trouble. Even if not, files in packages are owned by root by default, so i don’t thing chowning would be permament.
Last edited by kaszak696 (2013-02-10 21:58:29)
‘What can be asserted without evidence can also be dismissed without evidence.’ — Christopher Hitchens
‘There’s no such thing as addiction, there’s only things that you enjoy doing more than life.’ — Doug Stanhope
GitHub Junkyard
#7 2013-02-10 21:55:42
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
I don’t know exactly yet what files they are, but I guess it’s everything below /usr, and the /var/cache/pacman, and probably some other places.
This is what is commonly refrerred to in the literature as the «fatal flaw».
Registered Linux User #482438
#8 2013-02-10 21:57:04
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
This is a terrible idea. Use «pacman -Qii » and look at the bottom of the output. It is smart enough to be told to treat config files differently. Ergo, if they are changed and an update occurs, you will end up with a *.pacnew file. If you remove the package, these files stay unless specifically told to remove them.
In order for this to work, pacman still does not need to be run as root, it only needs write access to some files under /etc.
#9 2013-02-11 00:03:48
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
You asked «is this a terrible idea?» and several people have told you, yes, this is a terrible idea, and have even told you why. Yet you persist. Why did you ask for opinions in the first place if you already knew what you were going to do? This begins to look like trolling. Go ahead, do whatever you want. It’s your system.
Last edited by 2ManyDogs (2013-02-11 00:40:36)
How to post. A sincere effort to use modest and proper language and grammar is a sign of respect toward the community.
#10 2013-02-11 00:53:11
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
chown all the files pacman needs access to? OK, pacman is the package manager. It manages all packages. All files installed in a fresh install are owned by packages. Pacman needs access to all of them; ALL of them. The only files pacman should not need access to are your personal files which are stored under /home/, and perhaps any files you have independently placed under /opt/.
Pacman needs access to /usr and /var as already noted, but also to /boot . you do get kernel upgrades, right? It also needs access to /bin /sbin and /etc. That only really leaves /opt, /root and /home as real (i.e., on disk) directories. The first of those could well be empty (mine is) and the second can be pretty darn close to empty. The third contains those personal files you don’t want pacman to touch . which it doesn’t anyways.
So you would want to chown your entire root and boot partitions to some user so pacman could have access to everything that it currently has access to but does not have access to what it wouldn’t touch anyways?
EDIT: if my sarcasm burried the point, the point is this new user that you’d create would effectively be a root account. The only differences is that the new user could access your home directory(ies) — that’s it. If this is your end goal, to protect your home partition from pacman (which as an aside has no code that would have it touch your home directory), then you could just unmount your home partition every time you run pacman. This would be far easier . though no less pointless.
Last edited by Trilby (2013-02-11 00:56:31)
«UNIX is simple and coherent. » — Dennis Ritchie, «GNU’s Not UNIX» — Richard Stallman
Online
#11 2013-02-11 01:19:36
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
I’ve heard a lot of crazy things about package management in my time, but nothing could top the damage done by doing what you are proposing. On my system with
600 packages, pacman is right now managing 131840 files. That’s a lot of things that chowning can break. If you want to keep personal configs, then keep them in your $HOME directory. If they’re system configuration files, pacman will not overwrite them anyway becuase it’s not dumb. If the file has been modified, it will install a `file.pacnew` file next to `file`. Unless you somehow manage to trick pacman into thinking you didn’t modify the file, then you have nothing to worry about. If there is a package that is having configs overwritten, then contact the maintainer, because there’s something missing in their PKGBUILD. (Hell, systemd has a whole infrastructure for user and system configs, with three different places for them so that even dumb package managers con’t break things.)
I thought that the reason for not wanting to run pacman as root was for a good reason, like you want to just download files to a user owned directory, but no. Not even a valid reason.
As other people have said, try running `pacman -Qii
` and looking at the output on the bottom. It will tell you which config files pacman is tracking and which ones have been modified since the package was installed.
Thinkpad T420 | Intel 3000 | systemd
PKGBUILDs I use | pywer AUR helper
Источник
Arch Linux
You are not logged in.
#1 2022-07-05 15:58:08
[SOLVED] Pacman giving me warnings
I am using the kde plasma desktop environment. Today I tried to update by pc with the «sudo pacman -Syu» command and I got these warnings.
I also tried to refresh the package database and update it wil «sudo pacman -Syy» and «sudo pacman -Syyu» respectively.
It is giving me a warning that something is not wright because earlier when I updated my pc I didn’t use to get this type of messages. Any clue ?
Any help would be appreciated.
Last edited by RounakDutta (2022-07-11 08:59:26)
I am a baller shot caller
I am a arch linux installer
Your proprietary operating system
I wouldn’t buy for a dollar
#2 2022-07-05 16:05:01
Re: [SOLVED] Pacman giving me warnings
Your first/top mirror in the mirror list is outdated. https://wiki.archlinux.org/title/Mirror … ng_mirrors
Online
#3 2022-07-05 16:12:25
Re: [SOLVED] Pacman giving me warnings
Your first/top mirror in the mirror list is outdated. https://wiki.archlinux.org/title/Mirror … ng_mirrors
I am still getting the same warning
I also edited my pacman mirrorlist with new updated mirrorlist — https://archlinux.org/mirrorlist/?count … _status=on
https://i.imgur.com/wgYG5rn.png
But the problem persists. 
Last edited by RounakDutta (2022-07-05 16:23:22)
I am a baller shot caller
I am a arch linux installer
Your proprietary operating system
I wouldn’t buy for a dollar
#4 2022-07-05 16:46:59
Re: [SOLVED] Pacman giving me warnings
Your link is going to change constantly, what does your *actual* mirrorlist say now?
Edit: Wait, the second paste, which is from reflector, not the mirror list generator, is what you’re using now? Did your read it? Notice that you’re using the same mirror as before.
Last edited by Scimmia (2022-07-05 16:49:13)
Online
#5 2022-07-05 16:53:35
Re: [SOLVED] Pacman giving me warnings
Yes the top mirror here is outdated. As stated in the link, just going by speed can sometimes pick fast mirrors but the mirror is currently and in this case not up to date with the actual updated states from the repo/your system. This might be temporary and fix itself eventually. Comment/move the top two out of the way and switch to the nxtgen mirror, that one is actually up to date and only half an hour behind on syncing from tier one instead of 27 hours.
Last edited by V1del (2022-07-05 16:54:19)
Online
#6 2022-07-05 17:00:59
Re: [SOLVED] Pacman giving me warnings
Your link is going to change constantly, what does your *actual* mirrorlist say now?
Edit: Wait, the second paste, which is from reflector, not the mirror list generator, is what you’re using now? Did your read it? Notice that you’re using the same mirror as before.
Yes I know I used the reflector. Actually I use reflector.service which resets my pacman mirrorlist everytime I reboot my pc. I still got errors after updating my mirrorlist. So I ran the following commands
Then I updated my pc
and now I am facing a new problem when I do
It says kmod 29-3 but look at the package in archlinux.org it says «kmod 30-1». Same goes for flameshot(a ss program).
but in archlinux.org it says flameshot 12.1.0-1
Last edited by RounakDutta (2022-07-05 17:11:58)
I am a baller shot caller
I am a arch linux installer
Your proprietary operating system
I wouldn’t buy for a dollar
Источник
|
# |
|
|
Темы: 5 Сообщения: 29 Участник с: 28 апреля 2009 |
Пакет лежит где и лежал а на попытку установить говорит тоесть я в отдельном каталоге из под простого юзера собираю макет дерева каталогов и файлов для образа. |
|
vadik |
# |
|
Темы: 55 Сообщения: 5410 Участник с: 17 августа 2009 |
imam, про расположение пакета я спрашивал у arcanis-а. А вас просил показать тот pacman.conf, на который ссылаетесь в своей команде установки (есть мысль, но надо проверить).
П.с. только уже все это завтра, пора спать. |
|
imam |
# |
|
Темы: 5 Сообщения: 29 Участник с: 28 апреля 2009 |
комент выше правил )))) pacman.conf: |
|
arcanis |
# |
|
Темы: 31 Сообщения: 1496 Участник с: 09 сентября 2012 |
в tmp кэш только. Пакет в основной системе лежит, вывод ls (с перенаправлением stdout, только stderr) это подтверждает
PGP 0x31361F01 |
|
naszar |
# |
|
Темы: 21 Сообщения: 507 Участник с: 24 сентября 2012 |
Отучить pacman проверять, для некоторых операций, запущен ли он от рута нельзя — это часть его логики работы определенная в исходниках. Хотя некоторые считают что так делать моветон. А вот почему suid бит на него не действует — интересный вопрос. Наверное поэтому: $ps -eo euser,ruser,pid,command|grep pacman root bigboss 6651 pacman -S guake Интересно, зачем pacman для детишек использует ruser, а не euser? |
|
imam |
# |
|
Темы: 5 Сообщения: 29 Участник с: 28 апреля 2009 |
Значит мне придется править исходник для отключения проверки на рута и собирать временную тулзу pacman`а для установки своих пакетов, ну а потом уже переключаться обратно на родную когда уже буду работать под рутом ))). |
|
naszar |
# |
|
Темы: 21 Сообщения: 507 Участник с: 24 сентября 2012 |
Собственно скорее всего хватит заменить в src/pacman/pacman.c:778: uid_t myuid = geteuid(); на uid_t myuid = 0; и пересобрать пакет через makepkg, а дальше только следить чтобы у пользователя, запускающего был доступ к нужным файлам и папкам.. обратите внимание, что у пакмана еще есть своя кухня в /var. tar -xJf <packege>.pkg.tar.xz -C <your_dir> ?????????? |
|
arcanis |
# |
|
Темы: 31 Сообщения: 1496 Участник с: 09 сентября 2012 |
вспоминая про кухню, нужно сказать, что еще надо бы по хорошему отметки делать об установке того или иного пакета (/var/lib/pacman/local). Так что просто так не разрешит распаковать для большинства задач
PGP 0x31361F01 |
|
vadik |
# |
|
Темы: 55 Сообщения: 5410 Участник с: 17 августа 2009 |
Если пакет у вас лежит в основной системе, то покажите пожалуйста выхлоп: ls -la /usr/bin/guake спасибо. |
|
imam |
# |
|
Темы: 5 Сообщения: 29 Участник с: 28 апреля 2009 |
Большое спасибо целый день мучаюсь с этим )))) Мне вполне достаточно остановиться на make и запускать pacman из самой папки с исходниками, свои логи он согласно конфиг файлу итак выведит в нужные мне каталоги а прова на них я точно назначаю. |
Запуск pacman без рута
vadik
imam, тогда и pacman.conf показывайте.
arcanis так тот пакет в основную систему установился? Или так и лежит в /tmp?
Пакет лежит где и лежал
а на попытку установить говорит
error: you cannot perform this operation unless you are root.
тоесть я в отдельном каталоге из под простого юзера собираю макет дерева каталогов и файлов для образа.
imam, про расположение пакета я спрашивал у arcanis-а. А вас просил показать тот pacman.conf, на который ссылаетесь в своей команде установки (есть мысль, но надо проверить).
П.с. только уже все это завтра, пора спать.
vadik
imam, про расположение пакета я спрашивал у arcanis-а. А вас просил показать тот pacman.conf, на который ссылаетесь в своей команде установки (есть мысль, но надо проверить).
комент выше правил ))))
pacman.conf:
[options]
RootDir = /mnt/
DBPath = /mnt/var/lib/pacman/
CacheDir = /mnt/var/cache/pacman/pkg/
LogFile = /mnt/var/log/pacman.log
HoldPkg = pacman glibc
Architecture = auto
CheckSpace
SigLevel = Required DatabaseOptional
LocalFileSigLevel = Optional
vadik
arcanis так тот пакет в основную систему установился? Или так и лежит в /tmp?
Отучить pacman проверять, для некоторых операций, запущен ли он от рута нельзя — это часть его логики работы определенная в исходниках. Хотя некоторые считают что так делать моветон. А вот почему suid бит на него не действует — интересный вопрос.
Наверное поэтому:
naszar
Отучить pacman проверять, для некоторых операций, запущен ли он от рута нельзя — это часть его логики работы определенная в исходниках.
Значит мне придется править исходник
Источник
Как дать пользователю права root?
Я только что установил Arch. Работает отлично. Я создал нового пользователя, вошел в систему с ним, и теперь я пытаюсь установить несколько вещей с pacman . Но я продолжаю получать сообщение об ошибке: error: you cannot perform this operation unless you are root. я могу pacman нормально работать с root, но есть ли способ разрешить моему новому пользователю выполнять эти действия?
Я попытался войти в root и использовать gpasswd:
gpasswd -a jack root
но это ничего не сделало.
Вы должны прочитать страницу Arch Wiki на sudo .
sudo («Заместитель пользователя делает») позволяет системному администратору делегировать полномочия, чтобы дать определенным пользователям (или группам пользователей) возможность выполнять некоторые (или все) команды от имени пользователя root или другого пользователя, обеспечивая при этом контрольный журнал команд и их аргументы.
Вы можете установить sudo из репозиториев, а затем настроить его, чтобы предоставить вашему пользователю jack доступ к привилегированным командам путем редактирования /etc/sudoers . Убедитесь, что вы делаете это с помощью visudo команды.
Чтобы предоставить пользователю jack полные права суперпользователя, вы должны добавить эту строку:
Обычно я включаю привилегии root для определенной группы. Таким образом, вы можете просто добавить пользователей, которым вы хотите привилегии root, в эту группу.
Редактировать /etc/sudoers с помощью visudo и добавить (или закомментировать):
Затем добавьте своего пользователя в эту группу:
Я могу использовать pacman с root’ом, но есть ли способ разрешить моему новому пользователю выполнять эти действия?
Вы можете создать свой $USER , добавив их в wheel группу в одиночку:
Затем обновите, /etc/sudoers как предложено Эриком Леннартссоном. Но если вы ищете программный подход, вы можете вместо этого создать файл в /etc/sudoers.d виде:
Описанный выше метод был предложен Борисом в Ask Ubuntu, и он вообще не требует использования visudo . При использовании с префиксом pacman команды с sudo выглядят так:
Источник
Arch Linux
You are not logged in.
#1 2013-02-10 21:26:19
Pacman refuses to run as non-root user, I don’t agree 🙂
I would like to run pacman as a user with limited rights, so it can not overwrite my personal files. In order for this to work, I would like to change the ownership of all the needed directories for pacman to a new user, and then run pacman as this new user.
Pacman however refuses to run as the root user:
$ pacman -Suy
error: you cannot perform this operation unless you are root.
Is it a good idea to change pacman so it does work as a non-root user? Please also tell me if this is a terrible idea 🙂
#2 2013-02-10 21:30:39
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
How do you intend to update your system, which is almost entirely root-owned? And no, it doesn’t overwrite your personal files unless they somehow belong to an installed package, which they shouldn’t. In case of configs in /etc, pacman just creates new config as .pacnew files to be reviewed by user.
Last edited by kaszak696 (2013-02-10 21:32:31)
‘What can be asserted without evidence can also be dismissed without evidence.’ — Christopher Hitchens
‘There’s no such thing as addiction, there’s only things that you enjoy doing more than life.’ — Doug Stanhope
GitHub Junkyard
#3 2013-02-10 21:33:07
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
What «personal» files do you think pacman is overwriting?
Sakura:-
Mobo: MSI MAG X570S TORPEDO MAX // Processor: AMD Ryzen 9 5950X @4.9GHz // GFX: AMD Radeon RX 5700 XT // RAM: 32GB (4x 8GB) Corsair DDR4 (@ 3000MHz) // Storage: 1x 3TB HDD, 6x 1TB SSD, 2x 120GB SSD, 1x 275GB M2 SSD
Making lemonade from lemons since 2015.
#4 2013-02-10 21:50:02
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
This is a terrible idea. Use «pacman -Qii » and look at the bottom of the output. It is smart enough to be told to treat config files differently. Ergo, if they are changed and an update occurs, you will end up with a *.pacnew file. If you remove the package, these files stay unless specifically told to remove them.
#5 2013-02-10 21:50:51
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
How do you intend to update your system, which is almost entirely root-owned?
I would first change the ownership of the files pacman needs access to, then run pacman as that user. I don’t know exactly yet what files they are, but I guess it’s everything below /usr, and the /var/cache/pacman, and probably some other places.
And no, it doesn’t overwrite your personal files unless they somehow belong to an installed package, which they shouldn’t. In case of configs in /etc, pacman just creates new config as .pacnew files to be reviewed by user.
You are absolutely right. This should not happen. But why not make it impossible to happen? Adding the new user, and chowning the needed files/directories only has to be done once, after that the system is more secure.
#6 2013-02-10 21:54:04
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
Chowning everything in /usr is a giant gaping security hole, you are just asking for trouble. Even if not, files in packages are owned by root by default, so i don’t thing chowning would be permament.
Last edited by kaszak696 (2013-02-10 21:58:29)
‘What can be asserted without evidence can also be dismissed without evidence.’ — Christopher Hitchens
‘There’s no such thing as addiction, there’s only things that you enjoy doing more than life.’ — Doug Stanhope
GitHub Junkyard
#7 2013-02-10 21:55:42
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
I don’t know exactly yet what files they are, but I guess it’s everything below /usr, and the /var/cache/pacman, and probably some other places.
This is what is commonly refrerred to in the literature as the «fatal flaw».
Registered Linux User #482438
#8 2013-02-10 21:57:04
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
This is a terrible idea. Use «pacman -Qii » and look at the bottom of the output. It is smart enough to be told to treat config files differently. Ergo, if they are changed and an update occurs, you will end up with a *.pacnew file. If you remove the package, these files stay unless specifically told to remove them.
In order for this to work, pacman still does not need to be run as root, it only needs write access to some files under /etc.
#9 2013-02-11 00:03:48
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
You asked «is this a terrible idea?» and several people have told you, yes, this is a terrible idea, and have even told you why. Yet you persist. Why did you ask for opinions in the first place if you already knew what you were going to do? This begins to look like trolling. Go ahead, do whatever you want. It’s your system.
Last edited by 2ManyDogs (2013-02-11 00:40:36)
How to post. A sincere effort to use modest and proper language and grammar is a sign of respect toward the community.
#10 2013-02-11 00:53:11
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
chown all the files pacman needs access to? OK, pacman is the package manager. It manages all packages. All files installed in a fresh install are owned by packages. Pacman needs access to all of them; ALL of them. The only files pacman should not need access to are your personal files which are stored under /home/, and perhaps any files you have independently placed under /opt/.
Pacman needs access to /usr and /var as already noted, but also to /boot . you do get kernel upgrades, right? It also needs access to /bin /sbin and /etc. That only really leaves /opt, /root and /home as real (i.e., on disk) directories. The first of those could well be empty (mine is) and the second can be pretty darn close to empty. The third contains those personal files you don’t want pacman to touch . which it doesn’t anyways.
So you would want to chown your entire root and boot partitions to some user so pacman could have access to everything that it currently has access to but does not have access to what it wouldn’t touch anyways?
EDIT: if my sarcasm burried the point, the point is this new user that you’d create would effectively be a root account. The only differences is that the new user could access your home directory(ies) — that’s it. If this is your end goal, to protect your home partition from pacman (which as an aside has no code that would have it touch your home directory), then you could just unmount your home partition every time you run pacman. This would be far easier . though no less pointless.
Last edited by Trilby (2013-02-11 00:56:31)
«UNIX is simple and coherent. » — Dennis Ritchie, «GNU’s Not UNIX» — Richard Stallman
#11 2013-02-11 01:19:36
Re: Pacman refuses to run as non-root user, I don’t agree 🙂
I’ve heard a lot of crazy things about package management in my time, but nothing could top the damage done by doing what you are proposing. On my system with
600 packages, pacman is right now managing 131840 files. That’s a lot of things that chowning can break. If you want to keep personal configs, then keep them in your $HOME directory. If they’re system configuration files, pacman will not overwrite them anyway becuase it’s not dumb. If the file has been modified, it will install a `file.pacnew` file next to `file`. Unless you somehow manage to trick pacman into thinking you didn’t modify the file, then you have nothing to worry about. If there is a package that is having configs overwritten, then contact the maintainer, because there’s something missing in their PKGBUILD. (Hell, systemd has a whole infrastructure for user and system configs, with three different places for them so that even dumb package managers con’t break things.)
I thought that the reason for not wanting to run pacman as root was for a good reason, like you want to just download files to a user owned directory, but no. Not even a valid reason.
As other people have said, try running `pacman -Qii
` and looking at the output on the bottom. It will tell you which config files pacman is tracking and which ones have been modified since the package was installed.
Thinkpad T420 | Intel 3000 | systemd
PKGBUILDs I use | pywer AUR helper
Источник
Arch Linux
You are not logged in.
#1 2008-03-20 10:44:28
Problem with sudo [SOLVED]
I added line to /etc/sudoers but now, when I try to use sudo i get
>>> sudoers file: syntax error, line 36
Gnu/Linux User on Arch(x86_64)
#2 2008-03-20 10:49:43
Re: Problem with sudo [SOLVED]
Could you paste line 36 of /etc/sudoers?
flack 2.0.6: menu-driven BASH script to easily tag FLAC files (AUR)
knock-once 1.2: BASH script to easily create/send one-time sequences for knockd (forum/AUR)
#3 2008-03-20 10:50:03
Re: Problem with sudo [SOLVED]
Could you paste line 36 of /etc/sudoers?
there lies the problem. I can’t get to the file.
If I try by normal user I get nothing. by sudo I get the message. by root I can’t(it’s disabled and I need sudo to set it up)
Last edited by The_ouroboros (2008-03-20 10:54:38)
Gnu/Linux User on Arch(x86_64)
#4 2008-03-20 10:58:12
Re: Problem with sudo [SOLVED]
You could try using the Arch install CD and «arch root=/dev/sda[x]» into your system. Then you’ll be able to edit the file. I would imagine it’s missing an apostrophe or something like that.
Take note of it and post the line up if it doesn’t appear to be wrong.
flack 2.0.6: menu-driven BASH script to easily tag FLAC files (AUR)
knock-once 1.2: BASH script to easily create/send one-time sequences for knockd (forum/AUR)
#5 2008-03-20 10:59:18
Re: Problem with sudo [SOLVED]
it’s seems that the file emptied itself. it contains nothing. but at the same time at line 36 I get an error. the take me into a unending loop I can’t break. :S
News:
I’m torrenting the cd and about to try your way(I thought about it the 5 sec before you posted it 
)
Last edited by The_ouroboros (2008-03-20 11:00:36)
Gnu/Linux User on Arch(x86_64)
#6 2008-03-20 11:02:32
Re: Problem with sudo [SOLVED]
it’s seems that the file emptied itself. it contains nothing. but at the same time at line 36 I get an error. the take me into a unending loop I can’t break. :S
That’s probably because you’re not looking at the right file. I thought you couldn’t see what was in the file anyways as you didn’t have a root account? What command are you using to edit?
flack 2.0.6: menu-driven BASH script to easily tag FLAC files (AUR)
knock-once 1.2: BASH script to easily create/send one-time sequences for knockd (forum/AUR)
#7 2008-03-20 13:32:54
Re: Problem with sudo [SOLVED]
I’m using visudo
Gnu/Linux User on Arch(x86_64)
#8 2008-03-20 13:45:09
Re: Problem with sudo [SOLVED]
the cd trick doesn’t work. I don’t know how to fix this.
I, therefore, can’t do administration task..
Last edited by The_ouroboros (2008-03-20 13:52:53)
Gnu/Linux User on Arch(x86_64)
#9 2008-03-20 13:53:24
Re: Problem with sudo [SOLVED]
You can view the sudoers file manually by listing /etc/sudoers file — that should let you see what’s wrong with line 36. You shouldn’t edit the file with a regular file editor though, at least in theory. Worse comes to worst you can always reinstall sudo using pacman and then copy the /etc/sudoers.pacnew file over /etc/sudoers to get back to the initial configuration.
#10 2008-03-20 14:13:42
Re: Problem with sudo [SOLVED]
You can view the sudoers file manually by listing /etc/sudoers file — that should let you see what’s wrong with line 36. You shouldn’t edit the file with a regular file editor though, at least in theory. Worse comes to worst you can always reinstall sudo using pacman and then copy the /etc/sudoers.pacnew file over /etc/sudoers to get back to the initial configuration.
I cant open the file with visudo coz I don’t have the permission and can’t use pacman/yaourt for the problem in sudoers.
(root is disabled)
Last edited by The_ouroboros (2008-03-20 14:15:30)
Gnu/Linux User on Arch(x86_64)
#11 2008-03-20 14:16:52
Re: Problem with sudo [SOLVED]
Gnu/Linux User on Arch(x86_64)
#12 2008-03-20 14:21:29
Re: Problem with sudo [SOLVED]
No, you’d have to do this doing the CD method, as you’ll have root access through the CD. I neither have tried the CD method, nor have sudo installed so I can’t help you further. The CD method IS the method to pursue though, IIRC.
flack 2.0.6: menu-driven BASH script to easily tag FLAC files (AUR)
knock-once 1.2: BASH script to easily create/send one-time sequences for knockd (forum/AUR)
#13 2008-03-20 14:24:58
Re: Problem with sudo [SOLVED]
In this case you will have to boot with a live cd of some sort, mount your arch partition and edit the file manually that way (root permissions are not going to be a problem because you’re using the live cd). You might also want to download the source sudo tarball ftp://ftp.sudo.ws/pub/sudo/sudo-1.6.9p14.tar.gz and extract it manually to get the default sudoers file. That way, in case there is something seriously wrong with the current file, you will be able to replace it manually using the live cd.
EDIT: I know that someone had mentioned using a cd already, but that suggestion was to boot your current arch system using the kernel from the cd — what you need to do is load a system completely from a cd (you don’t have to use arch cd, although you can), and then mount the partition that contains the broken file, and so on.
Last edited by fwojciec (2008-03-20 14:26:43)
#14 2008-03-20 14:25:19
Re: Problem with sudo [SOLVED]
I tried. I cant find the sudoers with the cd.
Gnu/Linux User on Arch(x86_64)
#15 2008-03-20 14:30:55
Re: Problem with sudo [SOLVED]
I tried. I cant find the sudoers with the cd.
There is no other way than using a live cd in your situation, at least nothing easy that I can think of. My guess is that you didn’t find the file because you did something wrong — there is no magic to it, the file has to be there physically because it’s returning errors when you try to issue the sudo command. If it’s really, really not there (which I find hard to believe, frankly), you can copy the sudoers file from the sudo source tarball to the /etc directory of your Arch partition manually (you’ll still need to use live cd for that, because you’d need root permissions to be able to do it from within your Arch system).
#16 2008-03-20 14:41:27
Re: Problem with sudo [SOLVED]
solved. with a strange workaround but solved.
Thanks you all 4 the support!
Gnu/Linux User on Arch(x86_64)
#17 2008-03-20 23:00:50
Re: Problem with sudo [SOLVED]
It would have been nice if you wrote how you solved the problem: this way it will be a reference for future users with the same issue.
futureguy «Cool, this guy had my same problem, let’s see how he solved it!»
you «Nevermind, I solved it!»
futureguy «Damn!»
Even if this was a trivial problem, you can’t really say.
#18 2009-04-08 22:30:08
Re: Problem with sudo [SOLVED]
I had a similar problem and what I did was :
1) Booted from the live CD
2) Mounted the partition with Arch installed
3) Edited /etc/sudoers and returned to initial state.
4) Rebooted and everything was grand.
Источник
Я только что установил Arch. Работает отлично. Я создал нового пользователя, вошел в систему с ним, и теперь я пытаюсь установить несколько вещей с pacman. Но я продолжаю получать сообщение об ошибке: error: you cannot perform this operation unless you are root.я могу pacmanнормально работать с root, но есть ли способ разрешить моему новому пользователю выполнять эти действия?
Я попытался войти в root и использовать gpasswd:
gpasswd -a jack root
но это ничего не сделало.
Ответы:
Вы должны прочитать страницу Arch Wiki на sudo .
sudo («Заместитель пользователя делает») позволяет системному администратору делегировать полномочия, чтобы дать определенным пользователям (или группам пользователей) возможность выполнять некоторые (или все) команды от имени пользователя root или другого пользователя, обеспечивая при этом контрольный журнал команд и их аргументы.
Вы можете установить sudoиз репозиториев, а затем настроить его, чтобы предоставить вашему пользователю jackдоступ к привилегированным командам путем редактирования /etc/sudoers. Убедитесь, что вы делаете это с помощью visudoкоманды.
Чтобы предоставить пользователю jackполные права суперпользователя, вы должны добавить эту строку:
jack ALL=(ALL) ALLОбычно я включаю привилегии root для определенной группы. Таким образом, вы можете просто добавить пользователей, которым вы хотите привилегии root, в эту группу.
Редактировать /etc/sudoersс помощью visudoи добавить (или закомментировать):
%wheel ALL=(ALL) ALL
Затем добавьте своего пользователя в эту группу:
gpasswd -a jack wheel
Я могу использовать pacman с root’ом, но есть ли способ разрешить моему новому пользователю выполнять эти действия?
Вы можете создать свой $USER, добавив их в wheelгруппу в одиночку:
useradd -Ng wheel --create-home --no-log-init $USER
Затем обновите, /etc/sudoers как предложено Эриком Леннартссоном. Но если вы ищете программный подход, вы можете вместо этого создать файл в /etc/sudoers.dвиде:
echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee /etc/sudoers.d/dont-prompt-$USER-for-password
Описанный выше метод был предложен Борисом в Ask Ubuntu, и он вообще не требует использования visudo. При использовании с префиксом pacman команды с sudo выглядят так:
sudo pacman -S docker docker-compose