FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Gentoo > Gentoo Development

 
 
LinkBack Thread Tools
 
Old 07-04-2012, 05:46 PM
Tobias Klausmann
 
Default Kernel compiles and you

Hi!

Recently, I have again bumped into the question whether one
should compile the kernel as root. One of the things that puzzles
me is why almost every HowTo, blog post and book recommends
building as non-root -- yet basically no distribution /helps/ the
user with doing that.

I've discussed this with a few people on #gentoo-dev and they've
provided valuable insight (thanks AxS, Chainsaw and WilliamH), so
I have gathered the results so far here:

http://blog.i-no.de/archives/2012/07/index.html#e2012-07-04T19_28_32.txt

Feel free to comment (ideally here). Note that I'm aiming for a
solution that is not (overly) Gentoo-specific.

Thanks,
Tobias (aka Blackb|rd on Freenode)


--
Sent from aboard the Culture ship
GSV Just Read The Instructions
 
Old 07-04-2012, 05:58 PM
Michał Górny
 
Default Kernel compiles and you

On Wed, 4 Jul 2012 19:46:47 +0200
Tobias Klausmann <klausman@gentoo.org> wrote:

> Recently, I have again bumped into the question whether one
> should compile the kernel as root. One of the things that puzzles
> me is why almost every HowTo, blog post and book recommends
> building as non-root -- yet basically no distribution /helps/ the
> user with doing that.
>
> I've discussed this with a few people on #gentoo-dev and they've
> provided valuable insight (thanks AxS, Chainsaw and WilliamH), so
> I have gathered the results so far here:
>
> http://blog.i-no.de/archives/2012/07/index.html#e2012-07-04T19_28_32.txt
>
> Feel free to comment (ideally here). Note that I'm aiming for a
> solution that is not (overly) Gentoo-specific.

There's a very simple yet custom solution I'm using. Shortly saying:
checkout the kernel git to /usr/src/linux and chown to your user. As
far as it goes, it's superior to having kernel sources installed by
ebuilds.

I just have to remember to do 'git fetch' from time to time and 'git
merge' whenever a new version is tagged.

--
Best regards,
Michał Górny
 
Old 07-04-2012, 06:06 PM
Tobias Klausmann
 
Default Kernel compiles and you

Hi!

On Wed, 04 Jul 2012, Michał Górny wrote:
> There's a very simple yet custom solution I'm using. Shortly saying:
> checkout the kernel git to /usr/src/linux and chown to your user. As
> far as it goes, it's superior to having kernel sources installed by
> ebuilds.
>
> I just have to remember to do 'git fetch' from time to time and 'git
> merge' whenever a new version is tagged.

It is also beyond the package manager's control. That means users
who want to just configure their kernel (and run point releases
otherwise) have to actively check for new tags/versions.

Aside from that the git tree is not exactly lightweight: my
current 2.6 checkout weighs in at 1.4G whereas the unpacked tar
is 512M.

I'll amend the blog post, though.

Regards,
Tobias



--
Sent from aboard the Culture ship
GSV Just Read The Instructions
 
Old 07-04-2012, 06:20 PM
"Rick "Zero_Chaos" Farina"
 
Default Kernel compiles and you

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/04/2012 01:58 PM, Michał Górny wrote:
> On Wed, 4 Jul 2012 19:46:47 +0200
> Tobias Klausmann <klausman@gentoo.org> wrote:
>
>> Recently, I have again bumped into the question whether one
>> should compile the kernel as root. One of the things that puzzles
>> me is why almost every HowTo, blog post and book recommends
>> building as non-root -- yet basically no distribution /helps/ the
>> user with doing that.
>>
>> I've discussed this with a few people on #gentoo-dev and they've
>> provided valuable insight (thanks AxS, Chainsaw and WilliamH), so
>> I have gathered the results so far here:
>>
>> http://blog.i-no.de/archives/2012/07/index.html#e2012-07-04T19_28_32.txt
>>
>> Feel free to comment (ideally here). Note that I'm aiming for a
>> solution that is not (overly) Gentoo-specific.
>
> There's a very simple yet custom solution I'm using. Shortly saying:
> checkout the kernel git to /usr/src/linux and chown to your user. As
> far as it goes, it's superior to having kernel sources installed by
> ebuilds.
>
> I just have to remember to do 'git fetch' from time to time and 'git
> merge' whenever a new version is tagged.
>

Honestly I'm not certain if there is an easy way to do this....

Obvious easy way, make the ebuilds install the kernel sources and chown
root.users then chmod g+w. Of course, after this any user could trojan
the kernel...

We could allow writes in the directories but not to the kernel source
files themselves... that seems moderately sane even as the source files
don't need to be written to be compiled, only the dir's need write
permissions...

Thoughts?

- -Zero
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJP9IlzAAoJEKXdFCfdEflK2r0P/1vM8la8nR6ZmZ4jkvMwSTnL
pEdbHKtYB3BbwBySpGPDWslxZ+CGAAlpsTTXDKhSnIB73IKZL1 zzWylD7VVrIt/s
ezpB2LDnZx2uae46CBMYh7fIzt3d4/so4Yprfpx45H89lcoTkfKai3xVkb2T/cQC
uP8XmeM0CO5wcwOEJD1FADmkThkOa1tunphr+jWZ3S09hJ9UZ/Zbk+zZr7+XTHG8
xJui8G6cdOsLOXdcQALIJzGDvUID++hJ4LVMr+JIGwfvrjQkwr GikB8WMH61Ftcs
Qvc1cidsTQEw4UZeGtYBy8BELpJaH00PTtoupCcOxq7luIz6F4 QYQm8X2nIBliHX
rpnwll08tbAZl5Dt1XsndHWiEevn8VWUIQrJSeeV/McayCjTUJAV9gcbksKASS6V
XXaJfUpeinUbOzjTIXscBOyd5HM60lU0IdprvczXop/q8nOUovQt04u69J3v6Fkc
W9Z8mugrRLTGr5XP6pMpfeLGzrmMYNRzPVx6eZb3a2+b/vi1gS0KlDeMbaed7CPI
BIBZbrn7rUWjnOv8bifcJZ6FIRhTpqG4azcLrb9RXyR7OxO+1r A82uc1+GLMhBHI
YYFVWUijIIE8lgcremmEYSqHpyGUWUNYBz7M+7MHA9I1hG7VMv buPpnlXPZxuvqI
5nyGGNnZtPtf1Pc+csKC
=8V1a
-----END PGP SIGNATURE-----
 
Old 07-04-2012, 06:56 PM
William Hubbs
 
Default Kernel compiles and you

On Wed, Jul 04, 2012 at 02:20:36PM -0400, Rick "Zero_Chaos" Farina wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 07/04/2012 01:58 PM, Michał Górny wrote:
> > On Wed, 4 Jul 2012 19:46:47 +0200
> > Tobias Klausmann <klausman@gentoo.org> wrote:
> >
> >> Recently, I have again bumped into the question whether one
> >> should compile the kernel as root. One of the things that puzzles
> >> me is why almost every HowTo, blog post and book recommends
> >> building as non-root -- yet basically no distribution /helps/ the
> >> user with doing that.
> >>
> >> I've discussed this with a few people on #gentoo-dev and they've
> >> provided valuable insight (thanks AxS, Chainsaw and WilliamH), so
> >> I have gathered the results so far here:
> >>
> >> http://blog.i-no.de/archives/2012/07/index.html#e2012-07-04T19_28_32.txt
> >>
> >> Feel free to comment (ideally here). Note that I'm aiming for a
> >> solution that is not (overly) Gentoo-specific.
> >
> > There's a very simple yet custom solution I'm using. Shortly saying:
> > checkout the kernel git to /usr/src/linux and chown to your user. As
> > far as it goes, it's superior to having kernel sources installed by
> > ebuilds.
> >
> > I just have to remember to do 'git fetch' from time to time and 'git
> > merge' whenever a new version is tagged.
> >
>
> Honestly I'm not certain if there is an easy way to do this....
>
> Obvious easy way, make the ebuilds install the kernel sources and chown
> root.users then chmod g+w. Of course, after this any user could trojan
> the kernel...

There is no need to chown or chmod anything. /usr/src/linux* is always
world readable.

> We could allow writes in the directories but not to the kernel source
> files themselves... that seems moderately sane even as the source files
> don't need to be written to be compiled, only the dir's need write
> permissions...

Actually the directories do not need write permissions either. Take a
look at the O= option documented in /usr/src/linux/README.

William
 
Old 07-04-2012, 07:07 PM
Michael Weber
 
Default Kernel compiles and you

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 07/04/2012 08:56 PM, William Hubbs wrote:
> On Wed, Jul 04, 2012 at 02:20:36PM -0400, Rick "Zero_Chaos" Farina
> wrote:
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>
>> On 07/04/2012 01:58 PM, Michał Górny wrote:

>> We could allow writes in the directories but not to the kernel
>> source files themselves... that seems moderately sane even as the
>> source files don't need to be written to be compiled, only the
>> dir's need write permissions...
>
> Actually the directories do not need write permissions either. Take
> a look at the O= option documented in /usr/src/linux/README.
>
> William
>

Um, well, users can then write the the compiled files (.o in the tree).
You can also set `chmod -R g+w /` and gave everyone full access.

I think running kernels from non-root checkouts is a pretty big
security hole.

Michael

- --
Gentoo Dev
http://xmw.de/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iF4EAREIAAYFAk/0lFQACgkQknrdDGLu8JD3AwD8CWdFJemXSh4O4xS94AXfo1Bw
6XwIhGspPvP/EGI/+7cBAI486fBSopMQxB/IaFyDnwVxriLZxOan5SrqMJXWa8b5
=+ocR
-----END PGP SIGNATURE-----
 
Old 07-04-2012, 08:30 PM
Peter Stuge
 
Default Kernel compiles and you

Michael Weber wrote:
> I think running kernels from non-root checkouts is a pretty big
> security hole.

Suggest think again.

The Linux kernel should not and really must not be built as root.
This is neither supported nor recommended nor tested by upstream.
You may recall there was a kernel build system bug which ran -rf /
which would be bad if you built as root.

The administrator usually has a normal user account somewhere. Use
that to build.

-sources ebuilds installing 755 root:root to /usr/src/linux is fine,
but best avoid building in-tree in that case.


//Peter
 
Old 07-04-2012, 08:38 PM
Michał Górny
 
Default Kernel compiles and you

On Wed, 4 Jul 2012 20:06:58 +0200
Tobias Klausmann <klausman@gentoo.org> wrote:

> Hi!
>
> On Wed, 04 Jul 2012, Michał Górny wrote:
> > There's a very simple yet custom solution I'm using. Shortly saying:
> > checkout the kernel git to /usr/src/linux and chown to your user. As
> > far as it goes, it's superior to having kernel sources installed by
> > ebuilds.
> >
> > I just have to remember to do 'git fetch' from time to time and 'git
> > merge' whenever a new version is tagged.
>
> It is also beyond the package manager's control. That means users
> who want to just configure their kernel (and run point releases
> otherwise) have to actively check for new tags/versions.

True. I think that's the direction I should look into improving.

> Aside from that the git tree is not exactly lightweight: my
> current 2.6 checkout weighs in at 1.4G whereas the unpacked tar
> is 512M.

Well, that's the other problem. On the other hand, you usually have to
have that 1G free anyway unless you intend to manually unmerge
the previous *-sources before installing the new one. And the time
needed to do that... git is so much faster.

--
Best regards,
Michał Górny
 
Old 07-04-2012, 11:35 PM
Greg KH
 
Default Kernel compiles and you

On Wed, Jul 04, 2012 at 07:46:47PM +0200, Tobias Klausmann wrote:
> Hi!
>
> Recently, I have again bumped into the question whether one
> should compile the kernel as root. One of the things that puzzles
> me is why almost every HowTo, blog post and book recommends
> building as non-root -- yet basically no distribution /helps/ the
> user with doing that.

Most distros don't have to do anything, they are not requiring users to
build their own kernels

So in reality, they all do help their users with this, it's trivial to
build a kernel as a user on those distros. Actually, it is also on
Gentoo, there's no need to ever put a kernel anywhere except in your
home directory when building it.

Oh, and one more reason you "never want to build your kernel as root", a
few years ago, the kernel build process had a bug where it accidentally
tried to do a 'rm -rf /*' on your filesystem. None of the kernel
developers ever noticed that as they didn't build a kernel as root, and
the bug stuck around for a relativly long time (weeks at least.) There
was also some semi-serious talk about leaving it in the build as well,
just to "catch" people who were doing this, but sanity prevailed and it
was fixed. But, you never know if that old bug might slip back in one
day

good luck,

greg k-h
 
Old 07-04-2012, 11:49 PM
Maxim Kammerer
 
Default Kernel compiles and you

On Wed, Jul 4, 2012 at 9:56 PM, William Hubbs <williamh@gentoo.org> wrote:
> Actually the directories do not need write permissions either. Take a
> look at the O= option documented in /usr/src/linux/README.

The KBUILD_OUTPUT / O= option seems like the best solution to me
(especially so as I build three kernel images from a single sources
tree), and it works well, except that it sometimes doesn't with
especially monstrous and hard to configure packages such as
virtualbox-guest-additions — see bug #424816.

[1] https://bugs.gentoo.org/show_bug.cgi?id=424816

--
Maxim Kammerer
Liberté Linux: http://dee.su/liberte
 

Thread Tools




All times are GMT. The time now is 09:42 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org