ENH use custom home for makepkg builds
This commit is contained in:
parent
899490a229
commit
e2faf4bc50
|
@ -14,45 +14,45 @@
|
||||||
## 6. remove the temporary HOME for yay
|
## 6. remove the temporary HOME for yay
|
||||||
## 7. remove the pacman sudo privilege for nobody
|
## 7. remove the pacman sudo privilege for nobody
|
||||||
|
|
||||||
PKGBUILD_dir="$HOME/.local/share/packages"
|
PKGSRC_dir="$1"
|
||||||
|
PKGBUILD_dir=/tmp/makepkg
|
||||||
YAYTMP=/tmp/something
|
YAYTMP=/tmp/something
|
||||||
|
NOBODY_SUDO="nobody ALL=(root) NOPASSWD: /usr/bin/pacman"
|
||||||
NOBODY_SUDO_CONF=/etc/sudoers.d/10-nobody-pacman
|
NOBODY_SUDO_CONF=/etc/sudoers.d/10-nobody-pacman
|
||||||
|
|
||||||
mk_nobody_perms() {
|
mk_nobody_perms() {
|
||||||
echo "nobody ALL=(root) NOPASSWD: /usr/bin/pacman" > "$NOBODY_SUDO_CONF"
|
echo "Giving user nobody permission to use pacman without password"
|
||||||
}
|
echo "$NOBODY_SUDO" > "$NOBODY_SUDO_CONF"
|
||||||
|
|
||||||
rm_nobody_perms() {
|
|
||||||
rm "$NOBODY_SUDO_CONF"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
mk_yaytmp() {
|
mk_yaytmp() {
|
||||||
|
echo "Creating temporary build directory for yay at $YAYTMP"
|
||||||
mkdir "$YAYTMP"
|
mkdir "$YAYTMP"
|
||||||
chown -R nobody:nobody "$YAYTMP"
|
chown -R nobody:nobody "$YAYTMP"
|
||||||
# chgrp nobody "$YAYTMP"
|
|
||||||
# chmod g+ws "$YAYTMP"
|
|
||||||
# setfacl -m u::rwx,g::rwx "$YAYTMP"
|
|
||||||
# setfacl -d --set u::rwx,g::rwx,o::- "$YAYTMP"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
rm_yaytmp() {
|
mk_makepkg_dir() {
|
||||||
rm -f "$YAYTMP"
|
echo "Creating temporary makepkg build directory at $PKGBUILD_dir"
|
||||||
}
|
mkdir -p "$PKGBUILD_dir"
|
||||||
|
cp -r "$PKGSRC_dir"/* "$PKGBUILD_dir"
|
||||||
call_makepkg() {
|
chown -R nobody:nobody "$PKGBUILD_dir"
|
||||||
cd "$PKGBUILD_dir/$1" || exit
|
|
||||||
sudo -u nobody makepkg -s -r -i -f --noconfirm
|
|
||||||
}
|
}
|
||||||
|
|
||||||
try_nobody_update() {
|
try_nobody_update() {
|
||||||
## Try updating pacman as the nobody user. If this fails then something
|
## Try updating pacman as the nobody user. If this fails then something
|
||||||
## went wrong when setting up sudo permissions for nobody
|
## went wrong when setting up sudo permissions for nobody
|
||||||
|
echo "Testing pacman permissions for user nobody. Trying to update cache."
|
||||||
if ! sudo -u nobody -n sudo pacman -Syy; then
|
if ! sudo -u nobody -n sudo pacman -Syy; then
|
||||||
echo "Failed to obtain pacman permissions for user nobody. Exiting."
|
echo "Failed to obtain pacman permissions for user nobody. Exiting."
|
||||||
exit 1
|
return 1
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
call_makepkg() {
|
||||||
|
cd "$PKGBUILD_dir/$1" || return 1
|
||||||
|
sudo -u nobody makepkg -s -r -i -f --noconfirm
|
||||||
|
}
|
||||||
|
|
||||||
run_yay() {
|
run_yay() {
|
||||||
## TODO add template switches to control which of these get installed based
|
## TODO add template switches to control which of these get installed based
|
||||||
## on my config
|
## on my config
|
||||||
|
@ -103,6 +103,30 @@ run_makepkg() {
|
||||||
call_makepkg "xkb-hypermode"
|
call_makepkg "xkb-hypermode"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
rm_makepkg_dir() {
|
||||||
|
echo "Removing temporary makepkg build directory at $PKGBUILD_dir"
|
||||||
|
rm -r "$PKGBUILD_dir"
|
||||||
|
}
|
||||||
|
|
||||||
|
rm_yaytmp() {
|
||||||
|
echo "Removing temporary build directory for yay at $YAYTMP"
|
||||||
|
rm -f "$YAYTMP"
|
||||||
|
}
|
||||||
|
|
||||||
|
rm_nobody_perms() {
|
||||||
|
echo "Removing user nobody's permission to use pacman without password"
|
||||||
|
rm -r -f "$NOBODY_SUDO_CONF"
|
||||||
|
}
|
||||||
|
|
||||||
|
clean_up() {
|
||||||
|
rm_yaytmp
|
||||||
|
rm_makepkg_dir
|
||||||
|
rm_nobody_perms
|
||||||
|
exit
|
||||||
|
}
|
||||||
|
|
||||||
|
trap 'clean_up' ERR EXIT
|
||||||
|
|
||||||
if [[ ! "$(id -u)" = "0" ]]; then
|
if [[ ! "$(id -u)" = "0" ]]; then
|
||||||
echo "This script must be run as root. Exiting"
|
echo "This script must be run as root. Exiting"
|
||||||
exit 1
|
exit 1
|
||||||
|
@ -113,8 +137,7 @@ try_nobody_update
|
||||||
|
|
||||||
mk_yaytmp
|
mk_yaytmp
|
||||||
run_yay
|
run_yay
|
||||||
rm_yaytmp
|
|
||||||
|
|
||||||
|
mk_makepkg_dir
|
||||||
run_makepkg
|
run_makepkg
|
||||||
|
|
||||||
rm_nobody_perms
|
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
## Configuration is assumed to be handled elsewhere (for now) eg in etckeeper
|
## Configuration is assumed to be handled elsewhere (for now) eg in etckeeper
|
||||||
## or with ansible
|
## or with ansible
|
||||||
|
|
||||||
sudo bootstrap_pkgs
|
sudo "$HOME/.bin/bootstrap_pkgs"
|
||||||
|
|
||||||
# PKGBUILD_dir="$HOME/.local/share/packages"
|
# PKGBUILD_dir="$HOME/.local/share/packages"
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue