1. I have privilege separation enabled in /etc/mk.conf:

PORTS_PRIVSEP=Yes
SUDO=doas

2. doas is configured to let my user run as the ports users:

permit keepenv nopass dsilva as _pbuild
permit keepenv nopass dsilva as _pfetch

3. Permissions in the ports directory were fixed with the make target "fix-permissions"

4. cd to a port (e.g. net/tor) and run all the make targets from "fetch" to "extract".

$ cd /usr/ports/net/tor
$ make fetch
$ make checksum
$ make extract


Most make targets use the privilege separation as expected, and I get no authentication prompts. The "extract" target doesn't.

I wonder if it's safe to run it as root? I'm not sure. I'm still trying to learn how this works. But if that's a requirement, I think it would be best to make it exit with an error when it's not root — to make that clear.

It seems to require authentication once for every dependency it has to build. For the net/tor port, I get approximately 7 doas prompts — maybe more... I didn't count.

What am I doing wrong?