Mailinglist Archive: opensuse-support (90 mails)

< Previous Next >
Re: [opensuse-support] updatedb now fails for regular user with local db
On 26/11/2018 14.34, Patrick Shanahan wrote:

and perhaps my failing to read *completely* your question is another
problem. "updatedb" is NOT intended to be performed by non-root user on
openSUSE distro and has not in the past to my knowledge for a very long
time. but you must account for brown-bottle pickled and aged memory. you
must use "sudo" or otherwise elevate users privileges to root.

Sure you can :-)

You can run it as "nobody" or "root". See the system config file entries:

/etc/sysconfig/locate:

## Type: string(nobody, root, ...)
## Default: nobody
#
# updatedb has a parameter "--localuser".
# It runs the "find" command as this user. Some people think this is a
# security hole if set to 'root' (because some directory information can
# be read which is normally protected). Others think it is useful to hold
# all files in the database.
# So if you want full information in locate db, set RUN_UPDATEDB_AS=root.
# If you want security use RUN_UPDATEDB_AS=nobody.
#
RUN_UPDATEDB_AS="root"
#RUN_UPDATEDB_AS="nobody"


You can write there any user you like :-)


What Ralph has done different is storing the database on home.
Obviously, the program does support it:

-o, --output FILE
Write the database to FILE instead of using the default database.


It was the apparmour profile which did not contemplate this possibility.


I see some advantage running and storing as user: others have not access to it,
but you do, full access.


--
Cheers / Saludos,

Carlos E. R.
(from 42.3 x86_64 "Malachite" at Telcontar)

< Previous Next >