> It's not about stopping stupid users from doing stupid things, it's about
> how much you trust. The less automatic and "hidden" the process is, the
> less likely things will go unnoticed.
Point taken... I know I've missed a kernel update before and rebooted
to no network and a mess of other problems that I should have fixed
when I updated (but I didn't know) - everyone's bound to do something
like that at least once...
> It's not pacman that needs to run as root. If I'm installing package x,
> which needs package y installed, how can makepkg build and install y before
> building x, if it's not being run as root?
adding similar functionality to makepkg should work... just have it
request a root password before running pacman (and yes, this should
probably be intelligent enough so it doesn't ask 9 times just to make
a package...)
> The other thing is, how can it put packages in /var/cache/pacman/pkg? I've
> already suggested a fix for this part.
$HOME/.cache/pacman if non-root? copy it later? *shrug*
> > c) why not just make a custom srcpac incarnation... srcpac-aur which
> > has a whole mess of "security" fixes?
>
> Didn't I say that already? But again, you'll be reimplementing a bunch of
> the pacman package upgrade logic. It'll also be really slow.
Yeah, I missed alot of specifics in the million replies to the original email
Sorry about that...
> Are you willing to donate your machine so I can blow it up? Didn't think
> so...
(snip)
> That also means that your package could potentially take hours to be
> "validated". Especially because building in something like a UML instance
> is significantly slower.
I'd do it... I got a spare crappy machine that could be used just to
chroot and attempt to build packages... but it'd take a long time...
sounds more like something like that'd be a nice batch process ("It
can take up to 24 hours to validate a new package...blah blah blah")
It also means the validation would probably have to do some minor
trapping in case anything fails...
I dunno, I'd personally love to have the AUR packages available to
install... but I can see how it would cause some big issues with most
users...
I'll put some thought into it... see what I can rattle out...
_______________________________________________
arch mailing list
[email protected]
http://www.archlinux.org/mailman/listinfo/arch
