Re: Are "user space" RPMs possible?

[Stephen Smoogen <smoogen lanl gov>]

If I am understanding your questions correctly.. it is answerable in a 
couple of parts:

1) Users building their own RPMS can do so by having a .rpmmacros file. 
Here is mine

[smoogen@smoogen1 smoogen]$ less .rpmmacros
#
# A standardized .rpmmacros file to allow for development in directories
# other than /usr/src/redhat/. Only override specific directories,
# distribution and packager. Keep compiler and such to default.
#
 
%_topdir        /home/smoogen/LANL_RPM_DVL/
%vendor         SmoogeSpace
%distribution   Smoogen Linux 1.x (RHL 7.1/7.2/7.3)
%packager       "Stephen J Smoogen (smoogen@lanl.gov)"
#%define __os_install_post %{nil}

Inside of LANL_RPM_DVL, I created a RPMS/i386, SRPMS, SPECS, SOURCES, 
and BUILD directories.

2) By making sure that your RPMS are as relocatable as possible you then
can have the users install the packages in another area that they
control. It would probably be safer for a developer to initialize their
own database and then install the packages there for testing.

3) Do not take the easy way out and set rpm setuid (I speak of this from
cleaning up too many machines where people did). RPM-intall is not code
meant to be run by anyone other than root and has probably never had the
security audit that a setuid code should have. Even if the code was 
perfectly secure it would not be safe. There is nothing in it that would 
check for a %pre, %post, etc that does a '/bin/rm -rf /' or replacing 
/etc/passwd or a billion other things.

On Sat, 20 Sep 2003 bernholdtde@ornl.gov wrote:

>I'm involved in a project that's looking for a convenient way to


-- 
Stephen John Smoogen            smoogen@lanl.gov
Los Alamos National Labrador  CCN-5 Sched 5/40  PH: 5-8058
Ta-03 SM-261  MailStop P208 DP 17U  Los Alamos, NM 87545
-- So shines a good deed in a weary world. = Willy Wonka --