Installing a compiler by default

Cefiar cef at optus.net
Mon Jun 12 14:29:27 BST 2006


On Sunday 11 June 2006 17:24, Pete Ryland wrote:
> On Sat, Jun 10, 2006 at 12:35:04PM -0500, Scott Dier wrote:
> > >Restrict it to all users in the group adm (or some other admin group) or
> > >give it it's own group, by default. This allows easy additions (just add
> > >the user to the group and they can compile), and means that anyone NOT
> > > in that group
> >
> > If such a plan is adopted it *must* be configurable at install time via
> > debconf and preferably the option will disable and remove out of the
> > path any such wrapper scripts, not just act as a way to shim over to gcc
> > with some sgid script.
>
> A wrapper script wouldn't be necessary, nor use of the sgid bit.  Just have
> a group called gcc and set the permissions on the binaries to:
>
> -rwxr-x--- 1 root gcc 93584 2006-04-20 23:22 /usr/bin/gcc-4.0

Which was sort of what I was alluding to for the first part.

The second part however would have to use a wrapper script (checking for a UID 
within a set range), however it's no where near as useful IMO and that option 
could safely be ignored, at least in the short term. In fact, it would be 
better to have something just add the users to the gcc group automatically. 
How to handle this for newly created users after install is another thing 
entirely.

Of course, to allow anyone to run gcc, it's a simple matter of..
 "chmod o+rx gcc-4.0"
 .. as a user with root privileges, so nice and easy to do in post-inst via 
debconf.

-- 
 Stuart Young - aka Cefiar - cef at optus.net



More information about the sounder mailing list