tags:

views:

18

answers:

1
Q: 

Makefile: install target usable from the CLI or a packaging system ?

Hi,

given this simple install target for my Makefile:

install: zrm $(CONF)
        install -D -m 0755 -o mysql -g mysql conf/lvm0.conf $(DESTDIR)/$(CONFDIR)/lvm0/mysql-zrm.conf
        install -D -m 0755 -o mysql -g mysql conf/inc1.conf $(DESTDIR)/$(CONFDIR)/inc1/mysql-zrm.conf
        install -D -m 0755 -o mysql -g mysql conf/dump0.conf $(DESTDIR)/$(CONFDIR)/dump0/mysql-zrm.conf

        install -d -m 0755 -o mysql -g mysql $(DESTDIR)/$(PLUGIN)
        install    -m 0755 -o mysql -g mysql post-backup-st-zrm.pl $(DESTDIR)/$(PLUGIN)

        install -d -m 0755 -o root -g root $(DESTDIR)/$(BINDIR)
        install    -m 4755 -o root -g root zrm $(DESTDIR)/$(BINDIR)

I can simply do make install as root (or use sudo) and it will beautifully install. As foo (unprivileged) user, calling make install will returns an error (-o option needs super-user).

I need to change this so that I can both sudo make install, make install DESTDIR=/tmp/foo or even package this into .deb or .rpm and just call the install target from my Makefile.

What will be the best solution for me ? Replace install calls to cp ? Remove -o and put a chown/chmod ?

Thank you.

+1  A: 

You can make install command a variable that can be overridden on the make command line, something like

INSTALL_USER = mysql
INSTALL_GROUP = mysql
INSTALL = install -d -m 0755 -o $(INSTALL_USER) -g $(INSTALL_GROUP)
INSTALL_DIR = $(INSTALL) -d

I'd expect packaging systems to be able to cope with your makefile anyway, because it's the kind of things other people have written. Debian package building runs as root (or rather usually pretends to run as root, through fakeroot), so it will allow and see the ownership changes.

Note that Debian policy would not allow the permissions you set, since it requires all files to be owned by root unless there is a compelling reason not to. I can't see a reason for any of the files to be owned by mysql (or have I missed some mysql-specific reason why the plugins and configuration files can't be owned by root?). The reason is a security issue: if someone manages to overwrite files as mysql, they should not be able to inject code into executables and configuration files.

Since distribution maintainers may want to override the permissions you set anyway, don't agonize over this.

Gilles  2010-08-19 09:16:12
I know that on Debian, building a package can be faked as root. What I am not sure about, is how this is done with the RPMbuild system.mysql:mysql is required in our environment and by mysql-zrm product as far as I know.
Xavier Maillard  2010-08-19 09:23:33

related questions

gcc error: wrong ELF class: ELFCLASS64
Make: $(wildcard) holding a directory open
Good way to do a "switch" in a Makefile
Modern equivalent of javadeps?
makefiles - compile all c files at once
What are some good java make utilities?
How do I include IBM XLC template *.c files in the make dependency file?
How do I make Ruby Gems installations on Windows use MinGW for making and compiling?
How do I run a series of processes in C# and keep their environment settings?
Delphi 7 make complains about files not found
What are the other uses of the "make" command ?
Using `pkg-config` as command line argument under cygwin/msys bash
Pause a DOS Console/GNU Makefile if an error occurs
How do I use my own compiler with Nant?
How did you learn the GNU make tools?
How can I efficiently build different versions of a component with one Makefile
Promising alternatives to make?
Tool for debugging makefiles
Any good building tools for a C++ project, which can replace make ??
Simplest way to reverse the order of strings in a make variable
How Does gcc on Solaris Find Its Libraries?
Make source with two targets
Trouble with parallel make not always starting another job when one finishes
JNI and Java: ant calling make or make calling ant?
any good tool for makefile generation?