[tex-live] pdftex and other binaries updates
George N. White III
gnwiii at gmail.com
Sat Sep 27 16:02:17 CEST 2008
On Sat, Sep 27, 2008 at 10:18 AM, <cfrees at imapmail.org> wrote:
> On Sat 27th Sep, 2008 at 08:00, George N. White III seems to have written:
>
>> Running something as complex and unproven as tlmgr with more than
>> ordinary privileges is a risk. The real TeX Live is self-contained, so
>> once
>> the top level directory is created and ownership changed to that of the TL
>> manager, root is not required.
>
> The MacTeX installer sets things up so that the texlive hierarchy is
> owned by root which obviously means that tlmgr requires root privileges
> if it is to make changes to the file system. Should users change this
> post-install? (Or should the installer really be setting things up
> differently?)
The MacTeX installer has to create directories and adjust the
default path. Post install you can do:
$ cd /usr/local/texlive
$ sudo chown -R <tladm user>:<tladm group> 2008
After that the <tladm user> can use tlmgr without the need
for "sudo". One problem is that other users can potentially
run tlmgr at the same time, so you might want to adjust
permissions on tlmgr so that only <tladm user> can run it:
$ chmod 700 /usr/local/texlive/2008/texmf/scripts/texlive/tlmgr.pl
If you adopt this approach, the <tladm user> can run the -sys
commands to update the main tree. If you have more than
one admin user, you can use "sudo -u <tladm user> tlmgr", etc.
It is hard to come up with an installer that handles all situations.
Similar issues come up with linux packages -- root permission
is needed to put files into "system" directories and update the
master database. Many organizations have realized this is a
big security problem, so people are looking into configurations
where root installs a basic set of system packages and users
control applications into a separate tree with a separate
database. This creates new problems (the app packages
have dependencies on system packages, so the app package
manager needs to read the system database), etc.
--
George N. White III <aa056 at chebucto.ns.ca>
Head of St. Margarets Bay, Nova Scotia
More information about the tex-live
mailing list