On Mon, Nov 10, 2025 at 12:43:55PM +0000, Stuart Henderson wrote:
> On 2025/11/10 13:29, Walter Alejandro Iglesias wrote:
> > On Mon, Nov 10, 2025 at 11:56:25AM +0000, Stuart Henderson wrote:
> > > doas doesn't work very well with this, and "persist" intentionally does not 
> > > pass 'upwards'.
> > > 
> > > on systems which are mainly setup for ports development I'll use "SUDO=sudo 
> > > -E".
> > > 
> > > on those where I might just build something once in a while I'll allow my 
> > > own user to run things as _pbuild/_pfetch without adding, and just deal 
> > > with routing in the password a few times for installs.
> > 
> > In my case, for example, when compiling mplayer just now, I had to enter
> > the password about two hundred times. :-)
> > 
> > > 
> > > permit nopass keepenv sthen as _pfetch
> > > permit nopass keepenv sthen as _pbuild
> > 
> > I've already tried this.  I'll try once more time using "sudo" as you
> > recommend me.

With sudo I get this:

  sudo: sorry, you are not allowed to preserve the environment

I don't expect you to tell me what to do, I'll figure it out on my own
someday.

> > 
> > > 
> > > "leave the permissions as they are and work as root" even if you choose to 
> > > ignore how dangerous this is (you should regard the system as potentially 
> > > compromised if you do this, and I wouldn't like to assume that building in 
> > > a guest VM would protect the hypervisor OS either),
> > 
> > Could you give me an example of what you mean by "dangerous", please?
> 
> You are running at least hundreds of thousands of lines of code, which
> nobody is looking at all that carefully, as root.
> 
> Even just the average autoconf script is 20k lines.
> 
> > > some ports will not 
> > > build (or not build correctly) if done as root.
> > 
> > I would also appreciate an example of this, if it's not too much
> > trouble.
> 
> I don't remember.
> 

-- 
Walter