installing binary archives as non-root user

Ryan Schmidt ryandesign at macports.org
Sat Nov 18 19:38:18 UTC 2017 

On Nov 17, 2017, at 18:41, Ken Cunningham wrote:

> On 2017-11-17, at 3:46 PM, bh wrote:
> 
>> I use macports as a non-root user, and am trying to find a way to still be
>> able to install binary archives. 
>> 
>> I got myself write-access to /opt folder, and so I can install many ports.
>> However, I cannot get access to /Applications folder, and therefore, cannot
>> install archives of certain ports like Python and Qt5, which write into
>> /Applications/MacPorts folder.
>> 
>> I did ofcourse change the applications_dir, and it works if I build from
>> source, but I want to install binary. Is there a workaround for this? 
> 
> nope.

Yeah, really, nope. Ports are able to make decisions based on the install user; some ports do different things when installing as root vs. installing as a normal user.

The binary archives we produce on our build servers are made by a MacPorts installation installed as root. If we allowed you to install those binaries on your non-root install, some ports would be installed with contents that were inappropriate to your setup. We don't want you to run into such problems and then ask us about them, which is why we don't allow you to get into that situation in the first place.

It is preferable to install MacPorts with root (administrator) privileges and to run it with sudo. This is more secure, because, with those privileges, MacPorts can drop privileges and use the unprivileged "macports" user while building. In contrast, if you install MacPorts as your user, MacPorts builds as your user, which gives every port's build system the undesired ability to inadvertently affect any files that your user can affect. For example, if running MacPorts as your user, a badly-written build system could theoretically delete everything in your home directory; if running MacPorts with sudo, that can't happen because the "macports" user doesn't have the ability to modify your home directory.

If the administrator of your computer is ok with you running MacPorts, you could ask them to install the MacPorts pkg from an administrator account, and edit the sudoers file to give you permission to run just the port command with sudo.

P.S: We are no longer with macOS forge. Please use the new mailing list addresses at lists.macports.org, not the old addresses at lists.macosforge.org.

More information about the macports-users mailing list