The Following 5 Users Say Thank You to reinob For This Useful Post: | ||
|
2015-01-21
, 13:39
|
Posts: 2,290 |
Thanked: 4,134 times |
Joined on Apr 2010
@ UK
|
#12
|
The Following 6 Users Say Thank You to sixwheeledbeast For This Useful Post: | ||
|
2015-01-23
, 06:26
|
Posts: 2,225 |
Thanked: 3,822 times |
Joined on Jun 2010
@ Florida
|
#13
|
Nice tutorial!
Just one suggestion:
If you have a pre/postinst script that changes files that do not belong to your package, please also include a pre/postrm script that (optionally) restores their original condition!
I know this can be tricky at times, e.g. when two packages alter the same file but aren't installed/removed in a LIFO manner. But one should at least try by making a simple backup of the files one found during the installation or (maybe) better reversing the sed command.
Not taking care of what happens after your packages are removed usually results in a mess and in my opinion this is one of Maemo's main problems.
#!/bin/sh sed ' /^root ALL = (ALL) NOPASSWD: ALL$/ d /^user ALL = (ALL) PASSWD: ALL$/ d 6 i user = NOPASSWD: /usr/sbin/gainroot ' /etc/sudoers.d/01sudo update-sudoers
|
2015-01-23
, 06:34
|
Posts: 2,225 |
Thanked: 3,822 times |
Joined on Jun 2010
@ Florida
|
#14
|
HAM uses /etc/sudoers.d/hildon-application-manager.sudoers, which allows passwordless sudo for apt-worker (as well as for hildon-application-manager-util to handle repositories).
So no setuid here. If you force a password then I suppose HAM will just stop working because sudo will ask for a password without having a terminal for I/O. I suppose we could install some sort of graphical sudo ("gksudo" or whatever) and patch HAM to use it instead of "sudo apt-worker"..
Yup. Alternatively, "one" could implement a drop-in replacement for sudo which offers a graphical front-end if X is running. I would even go as far as configuring it with a different /etc/sudoers (like /etc/sudoers.mine) to prevent packages randomly adding themselves without asking.
I know, this is Maemo, which is like the wild west ..
.. but you know, this is Maemo, the user must have absolute control over the system.
|
2015-01-23
, 06:47
|
Posts: 2,225 |
Thanked: 3,822 times |
Joined on Jun 2010
@ Florida
|
#15
|
Just download all the source packages and grep them for 'sudo'.
stupid but effective
# find / -xdev -exec fgrep -H sudo {} + # find /home -xdev -exec fgrep -H sudo {} +
|
2015-01-23
, 07:45
|
Posts: 2,225 |
Thanked: 3,822 times |
Joined on Jun 2010
@ Florida
|
#16
|
|
2015-01-23
, 11:47
|
Posts: 915 |
Thanked: 3,209 times |
Joined on Jan 2011
@ Germany
|
#17
|
Or, if you don't mind burning time and battery juice on one of your N900s, you can run something like this on the N900 itself:
Code:# find / -xdev -exec fgrep -H sudo {} + # find /home -xdev -exec fgrep -H sudo {} +
The Following 3 Users Say Thank You to sulu For This Useful Post: | ||
|
2015-01-23
, 15:55
|
Posts: 2,225 |
Thanked: 3,822 times |
Joined on Jun 2010
@ Florida
|
#18
|
That only works for packages installed on YOUR N900 and it's usefulness is kind of limited if run on compiled binary programs instead of scripts.
I was more generally speaking, like searching the whole extras repo.
And I surely wouldn't do this on a six years old single core arm connected to a slow emmc or even slower µSD card guarded by a misbehaving watchdog.
The Following User Says Thank You to Mentalist Traceur For This Useful Post: | ||
|
2021-06-21
, 00:46
|
Posts: 35 |
Thanked: 18 times |
Joined on Jun 2010
|
#19
|
|
2021-06-21
, 10:13
|
|
Posts: 4,118 |
Thanked: 8,901 times |
Joined on Aug 2010
@ Ruhrgebiet, Germany
|
#20
|
Tags |
maemo 5, root access |
|
I know, this is Maemo, which is like the wild west ..
.. but you know, this is Maemo, the user must have absolute control over the system.