xbps-src: forbid use with root.
There's no reason to use xbps-src as root, and looks like there's a lot of reports of this abuse. Unless XBPS_ALLOW_CHROOT_BREAKOUT is set (travis), using xbps-src as root now returns an error.
This commit is contained in:
parent
a4b57776c4
commit
b1ecdb8bd0
2 changed files with 12 additions and 3 deletions
|
@ -33,10 +33,12 @@ multiple utilities to accomplish this task:
|
|||
- `xbps-uchroot(1)` - XBPS utility that uses `namespaces` and must be `setgid` (part of xbps).
|
||||
- `proot(1)` - utility that implements chroot/bind mounts in user space, see https://proot-me.github.io/.
|
||||
|
||||
> NOTE: you don't need to be `root` to use `xbps-src`, use your preferred chroot style as explained
|
||||
below.
|
||||
> NOTE: `xbps-src` does not allow building as root anymore. Use one of the chroot
|
||||
methods shown above.
|
||||
|
||||
#### xbps-uunshare(1)
|
||||
### chroot methods
|
||||
|
||||
#### xbps-uunshare(1) (default)
|
||||
|
||||
This utility requires these Linux kernel options:
|
||||
|
||||
|
|
7
xbps-src
7
xbps-src
|
@ -421,6 +421,13 @@ fi
|
|||
# Read settings from config file
|
||||
[ -s "$XBPS_CONFIG_FILE" ] && . $XBPS_CONFIG_FILE &>/dev/null
|
||||
|
||||
# Forbid root unless XBPS_ALLOW_CHROOT_BREAKOUT is set
|
||||
# (for travis CI).
|
||||
if [ -z "$IN_CHROOT" -a "$UID" -eq 0 -a -z "$XBPS_ALLOW_CHROOT_BREAKOUT" ]; then
|
||||
echo "ERROR: xbps-src cannot be used as root." 1>&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# if XBPS_MASTERDIR unset, defaults to $XBPS_DISTDIR/masterdir.
|
||||
: ${XBPS_MASTERDIR:=$XBPS_DISTDIR/masterdir}
|
||||
[ ! -d $XBPS_MASTERDIR ] && mkdir -p $XBPS_MASTERDIR
|
||||
|
|
Loading…
Reference in a new issue