If the user runs `sudo meson install` this may run ninja to build everything that gets installed. This naturally happens as root also, by default, which is bad. Instead, detect root elevation tools and drop the uid/gid of the child ninja process back to the original invoking user before doing anything.pull/11366/head
parent
a878c38476
commit
ecb32bf457
3 changed files with 55 additions and 3 deletions
@ -0,0 +1,16 @@ |
||||
## `sudo meson install` now drops privileges when rebuilding targets |
||||
|
||||
It is common to install projects using sudo, which should not affect build |
||||
outputs but simply install the results. Unfortunately, since the ninja backend |
||||
updates a state file when run, it's not safe to run ninja as root at all. |
||||
|
||||
It has always been possible to carefully build with: |
||||
|
||||
``` |
||||
ninja && sudo meson install --no-rebuild |
||||
``` |
||||
|
||||
Meson now tries to be extra safe as a general solution. `sudo meson install` |
||||
will attempt to rebuild, but has learned to run `ninja` as the original |
||||
(pre-sudo or pre-doas) user, ensuring that build outputs are generated/compiled |
||||
as non-root. |
Loading…
Reference in new issue