Changes from Version 1 of RunningWithoutRoot

james (IP:
07/22/09 17:33:23 (9 years ago)



  • RunningWithoutRoot

    v0 v1  
     1= Problems running without root = 
     3 Rpm/yum assume they are managing an entire single system (unlike, say, Zero Install), and generally assume root like privileges. Here is a list of things to think about if you are trying to break this assumption. 
     5== Problems running rpm without root == 
     7 * A significant portion of packaged rpm software assumes that scriptlets will be run as root, to do operations like add users or load SELinux policy into the kernel. 
     9 * Rpm assumes root like privileges, so it can change the owner of files and/or permissions, SELinux labels etc. 
     11 * Rpm needs to be able to write to at least the rpm DB files, which are owned by root. 
     13 * Rpm --relocate is generally considered to be unusable. 
     15== Problems running yum without root == 
     17 * Because of the above rpm problems, yum calls geteuid() and refuses to do certain commands unless that returns 0 (root). 
     19 * Even if you just used the yum API, yum would need to be able to write to at least /var/lib/yum/* /var/log/yum.log and a cache directory. Some rpm API calls will be untested (or at least much less tested) if run as non-root. 
     21 * --installroot is not intended to change the above, the assumption is that you will still be running yum as root. 
     23== Solutions == 
     25 * Use mock shell, if you want chroot type environments that normal users can create. 
     27 * Use some other packaging format, if you want to be able to "install packages" into $HOME/blah (but there are significant downsides which you should be aware of).