~/.macports

Chris Jones jonesc at hep.phy.cam.ac.uk
Tue Feb 10 09:10:37 PST 2015


On 10/02/15 15:06, René J.V. Bertin wrote:
> On Tuesday February 10 2015 14:42:49 Jeremy Lavergne wrote:
>
>>> Not sure you can make extended ACLs propagate the right way.
>>
>> The old school option is creating a common group for both users and have
>> appropriate umasks.
>
> Yep. That's subject to the same conditions I enumerated in my previous email. If group read or write permissions aren't set in a source archive (or by tclsh) it doesn't help much.
>
> I do try to keep /opt/local in the admin group, with write access for group, though.
>
>>
>> However, if you're the admin user sudo is already available.
>
> I don't know about you, but I 1) don't like to have to type the same word everytime and 2) don't want to become used to prefixing every command with sudo, because one day I'm going to edit a previous command to do something "somewhere dangerous" and wipe out stuff. It happens I do a `rm -rf ./*` in a MacPorts working directory. I'd hate to repeat that command when I happen to be (say) somewhere under /System and forget there's a sudo before it...

1) at least is solvable as you can configure your sudoers list to allow 
your main user to run your port command (and that command only) through 
sudoers without requiring a password.

2) is then no longer so much an issue, as the fact'sudo port' no longer 
requires a password means if you then happen to run 'sudo <something 
else>' without think, you will be prompted for it, which should cause 
you to think about what you are doing...

Doing what you are doing, running as your main user is just a bad idea 
all round IMHO... Do what you want, I'm sure you will, but its not 
recommended or supported for very good reasons..



More information about the macports-dev mailing list