Bug 226506

Summary: ports-mgmt/portmaster: [patch] FETCH_ONLY fails for "Insufficient privileges to install ports"
Product: Ports & Packages Reporter: david
Component: Individual Port(s)Assignee: Stefan Esser <se>
Status: Open ---    
Severity: Affects Only Me Flags: bugzilla: maintainer-feedback? (se)
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
Patch to portmaster to allow FETCH_ONLY without requiring "install" privelege none

Description david 2018-03-10 21:55:51 UTC
Created attachment 191380 [details]
Patch to portmaster to allow FETCH_ONLY without requiring "install" privelege

During src-based system updates, it has been my practice to run `portmaster -aF` while "make buildworld" (& friends) run; usually, the timing is such that the distfiles are fetched by the time the installworld is done, and this makes a good use of resources.  Then, after the reboot, I can run `portmaster -ad` without that process getting bogged down in waiting on receipt of files (well, mostly, anyway).

However, I found that on a system where I (vs. a privileged user) own the /usr/ports hierarchy, I see thing like:

/usr/local/sbin/portmaster -aF
===>>> Starting check of installed ports for available updates
===>>> Launching child to update boehm-gc-7.6.2 to boehm-gc-7.6.4

===>>> All >> boehm-gc-7.6.2 (1/1)
0;portmaster: All >> boehm-gc-7.6.2 (1/1)^G
===>>> Currently installed version: boehm-gc-7.6.2
===>>> Port directory: /usr/ports/devel/boehm-gc

===>>> Insufficient privileges to install ports (run as root or set PM_SU_CMD)
===>>> Aborting update

===>>> Update for boehm-gc-7.6.2 failed
===>>> Aborting update

which seems a little silly, since I'm not trying to install anything. :-)

I've attached a patch that seems to work for me.

This was tested with portmaster at r461586, on a system running stable/11, amd64, at r330373.  The ports tree was at r464069 at the time.
Comment 1 Stefan Esser freebsd_committer 2018-03-11 06:56:21 UTC
Fetch will in general also require privileges, unless you make your distfiles directory writable for the user running portmaster.

I could implement a test for write-ability and skip asking for privileges, if that directory is found to be writeable.

Since I'm currently abroad, I'll probably not be able to work on this issue for some 10 days.
Comment 2 david 2018-03-11 15:45:53 UTC
While fetch can require privileges, the need for same will be quite evident quickly -- unlike the case of actually updating ports, where the first port may require significant time to build (e.g., www/chromium).  I have no objection to portmaster testing for requisite write-ability; I just don't think it's as useful for fetch as checking for requisite privilege is for an update.  And the current check breaks invocation of "portmaster -aF" via an unprivileged user's crontab entry, for example.  (I had been doing this successfully for some time.  I noted the issue a few weeks ago, but didn't get around to actually looking at it until yesterday.)

No hurry -- the patch works for my case.