pkg_comp icon indicating copy to clipboard operation
pkg_comp copied to clipboard
verified publisher icon jmmv

request: really simple UNPRIVILEGED support

Open schmonz opened this issue 7 years ago • 2 comments

I'd find it very useful if pkg_comp, still using sandboxctl and requiring root to run, could be configured to create an unprivileged user inside the sandbox and do an --unprivileged build as that user.

I'd use this in a VM configured to match the OS of a hosting provider where I have shell access but can't compile much of anything (thanks to process limits). I'd build binary packages in the VM, taking care that the sandbox $HOME matches my hosting provider $HOME, and then upload and install them.

schmonz avatar Aug 12 '18 22:08 schmonz

Haven't thought much about this, but what settings would you need for this to work properly in your environment? I can imagine having to tell pkg_comp at least these:

  • User details: name, UID, primary GID, maybe supplementary GIDs, home directory.
  • Group details: name, GID (optional; just in case the user has to belong to a special group).
  • Whether to use --unprivileged or not.

Anything else?

jmmv avatar Sep 04 '18 01:09 jmmv

That sounds right in general. For my particular case, I suspect I could get by with as little as username, home dir, and --unprivileged.

schmonz avatar Sep 12 '18 15:09 schmonz