Installing MIT-K5 client libraries as non-root
Mike Friedman
mikef at ack.berkeley.edu
Tue Sep 4 17:55:44 EDT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, 31 Aug 2007 at 01:45 (-0400), Marcus Watts wrote:
> On 8/29/07, Mike Friedman <mikef at berkeley.edu> wrote:
>
>> Is there a way to install K5 (1.6.2 in particular) for client use
>> without being superuser? I thought I could do this as long as my
>> userid owns all the directories into which I'm building and installing
>> (I'm not installing a KDC). However, now I find that 'make install'
>> wants to run 'ginstall' with the '-o root' option. Since I'm a non-root
>> user, I'm not going to be able to chown anything, much less to root.
>>
>> On this system (Solaris 10), I'm interested only in the K5 libraries
>> (for our own apps, written to the MIT K5 API) and the client utilities
>> (e.g., kinit, kadmin, etc.), not in the supplied apps such as those in
>> ../appl/bsd. Is there, perchance, a configure or make option to specify
>> that I don't want to install the binaries that are supposed to run as
>> root, in particular, that I don't want/need to do chowns or setuids?
>
> What you probably really want to pay attention to is autoconf's
> AC_PROG_INSTALL, which selects a copy of install to set as @INSTALL@,
> which then gets expanded when config/pre.in is prepended to all the
> output makefiles. You can override what AC_PROG_INSTALL would select by
> setting INSTALL=
>
> ie,
> configure ... INSTALL=my-own-install
>
> if you don't want to write your own install, you can use the shell
> script in the kerberos source,
>
> ./configure INSTALL=`pwd`/config/install-sh
>
> the neat thing about this shell script is that you can override the
> choices it makes for chown/chgrp at runtime. So when you do make
> install, you can instead do this:
>
> env CHOWNPROG=/bin/true CHGRPPROG=/bin/true make install
>
> This should answer's Mike's needs.
Marcus,
I just wanted to confirm that your suggestion works perfectly and is easy
to apply whenever I do a re-install. I just use a 'build.sh' script to
run configure as you suggest (I already had such a script because I supply
other overrides to configure) and an 'install.sh' script that sets the
environment variables and runs 'make install'.
Of course, all this assumes I don't need to run the programs that really
have to be setuid root. But that's the case in my present situation.
Thanks again for the help.
Mike
_________________________________________________________________________
Mike Friedman Information Services & Technology
mikef at ack.Berkeley.EDU 2484 Shattuck Avenue
1-510-642-1410 University of California at Berkeley
http://socrates.berkeley.edu/~mikef http://ist.berkeley.edu
_________________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8
iQA/AwUBRt3Ua60bf1iNr4mCEQLgWgCePdjSglDo64KFj4QqU01aKqrOe68AoN7X
Z02IFEQAPeG4u18ItkZZudlP
=sM1k
-----END PGP SIGNATURE-----
More information about the Kerberos
mailing list