On 11/29/2013 01:07 PM, Jan Engelhardt wrote:
On Friday 2013-11-29 12:12, Ludwig Nussel wrote:
Stephan Kulow wrote:
Possibly I can even have a su without pam for this purpose - now that I think about it.
Maybe su is not needed at all as chroot nowadays has the ability to change uids as well.
Nice. Fantastic. Yes, /usr/bin/build should probably just use chroot --userspec if available. One caveat however is that some essential environment variables that pam used to do need to be set manually then, such as HOME.
... and be aware about the groups of the new process: chroot can only add them via the --groups option. Maybe better use 'runuser' (which is util-linux again)? -- Have a nice day, Berny -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-packaging+owner@opensuse.org