Software installation opinions needed

Karl Denninger karl at naitc.naitc.com
Fri Sep 21 02:02:12 AEST 1990 

In article <EMERY.90Sep19131715 at aries.linus.mitre.org> emery at linus.mitre.org (David Emery) writes:
>Here's another do/don't do:
>
>     I get VERY UPSET by 3rd party installations that must be done as
>'root'.  An installation script should NOT require that it be run by the
>superuser to do mundane things such as get the stuff off the tape,
>build its directory structure, etc.  It should be MY decision what
>userid owns the software, and to run the installation using an userid
>other than root.  Besides, in this era of viruses, etc, who knows what
>an installation script is doing to your system?
>
>     Generally there is a little bit of installation that must be run
>as root, to install things in places like /usr/bin, and /usr/lib.  The
>right approach (in my opinion) is to provide these scripts separately,
>and also provide an alternate approach.  

Well, you're being not only unrealistic in some cases, but paranoid as well.

For commercial software (I publish a package under my own name, not AC
Nielsen) there is a good reason to run as root.  Namely, you have to do a
LOT of things as root to get the package installed.

For example, our package requires:

o)	Installation of two user id's in /etc/passwd under some
	circumstances (ie: if you select one of the options).

o)	SUID of the package if you select one of the options; it has
	to be able to write /etc/utmp if that option is chosen.  The package
	DOES relinquish SUID privs immediately after it does that operation
	on the /etc/utmp file, which is done prior to allowing the user any
	input beyond his/her password and login id.

o)	Installation of a group in /etc/group if it's not already there.

o)	Creation of a parameter file in /etc (so the rest of the package
	can "find itself" when it runs).

On the plus side, it does tell you exactly what it's doing during
installation, and DOES ask you where you want things installed -- including
the libraries it uses and the binaries.  There's an option for "fast
install" which chooses all defaults, but those are also displayed before
they're executed.

So yes, there are reasons to install as root.  For packages which don't do
system things, I don't like the idea, but for those which do (and lots do
either that kind of thing or install drivers, etc) you've got precious
little chance of getting people to break the scripts up.

Why?  Because I'll give you one guess at how many people will forget to run
the second script (to do the "root required" things) and then call tech
support asking why the product doesn't work.

--
Karl Denninger	AC Nielsen
kdenning at ksun.naitc.com
(708) 317-3285
Disclaimer:  Contents represent opinions of the author; I do not speak for
	     AC Nielsen on Usenet.

More information about the Comp.unix.admin mailing list