jmmisiti
asked on
Installing Using RPM
I was trying to install a *.rpm file. I was logged in as my own name and it was giving me the following errors:
error: cannot get exclusive lock on /var/lib/rpm/Packages
error: cannot open Packages index using db3 - Operation not permitted (1)
error: cannot open Packages database in /var/lib/rpm
I read about the errors and it said you had to be logged in as root, so I logged in and the rpm installed fine.
Is there any way I can change my preferences so I can install files under my own name, and not have to go under root.
Thanks,
J M M I S I T I
error: cannot get exclusive lock on /var/lib/rpm/Packages
error: cannot open Packages index using db3 - Operation not permitted (1)
error: cannot open Packages database in /var/lib/rpm
I read about the errors and it said you had to be logged in as root, so I logged in and the rpm installed fine.
Is there any way I can change my preferences so I can install files under my own name, and not have to go under root.
Thanks,
J M M I S I T I
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
your other option is to use sudo
check your /etc/sudoers file you will see something like:
root ALL=(ALL) ALL
copy that line and put your username like
majorwoo ALL=(ALL) ALL
now whenever majorwoo wants to do somethign that requires root, he just type sudo whatever - sudo standing for "SuperUserDO" or - do this as root.
[josh@woo josh]$ ls /root/
ls: /root/: Permission denied
[josh@woo josh]$ sudo ls /root/
1009a7md.zip Desktop install.log.syslog NVIDIA_GLX-1.0-4191.i386.r pm
aflash.exe doc-pak mail NVIDIA_kernel-1.0-4191.src .rpm
anaconda-ks.cfg install.log nedit-5.3-1.i386.rpm README
[josh@woo josh]$
when you do this, you are running the command as root:
[josh@woo josh]$ whoami
josh
[josh@woo josh]$ sudo whoami
root
[josh@woo josh]$
check your /etc/sudoers file you will see something like:
root ALL=(ALL) ALL
copy that line and put your username like
majorwoo ALL=(ALL) ALL
now whenever majorwoo wants to do somethign that requires root, he just type sudo whatever - sudo standing for "SuperUserDO" or - do this as root.
[josh@woo josh]$ ls /root/
ls: /root/: Permission denied
[josh@woo josh]$ sudo ls /root/
1009a7md.zip Desktop install.log.syslog NVIDIA_GLX-1.0-4191.i386.r
aflash.exe doc-pak mail NVIDIA_kernel-1.0-4191.src
anaconda-ks.cfg install.log nedit-5.3-1.i386.rpm README
[josh@woo josh]$
when you do this, you are running the command as root:
[josh@woo josh]$ whoami
josh
[josh@woo josh]$ sudo whoami
root
[josh@woo josh]$
Such a change is only advisable (well not even advisable) when there is 100% no chance of someone else logging in on the system as said user.
If you are to make use of sudo then do so correctly when the box in question has an outside connection. Otherwise create an RPM admin account and assign the correct privilegs.
chuck
If you are to make use of sudo then do so correctly when the box in question has an outside connection. Otherwise create an RPM admin account and assign the correct privilegs.
chuck
anybody you trust enough to administer RPM's is root really, because if not they could just make an rpm to install whatever they wanted...
Then why use sudo in such a fashion? It's just one more security weakness that isn't really needed.
simply do su -c 'rpm -i package.rpm' and all is good.
simply do su -c 'rpm -i package.rpm' and all is good.
im not gonna start a flame war here (and we are getting way off topic) so this is the last I'm gonna say:
using su -c is great, except you have to pass out the root password - which means if you change it, you have to tell everyone and once you give it to them you have no way of telling what they did with it.
sudo can be configured to allow only certain commands to be run as opposed to all, if you prefer (and yes giving someone all sudo is a risk too) - but everything is a security risk, you have to balance security with practicality.
Personally i find sudo more secure/flexible then creating groups on each machine or setting things SUID - once you setup a proper sudo file you can copy it to all your machine if you so wish - but hey, this is me and my 57 machines, it's just what i think.
if you decide to go the sudo route, and something is not clear let me know (man sudo is great, but sometimes the examples are harder to follow then you want)
using su -c is great, except you have to pass out the root password - which means if you change it, you have to tell everyone and once you give it to them you have no way of telling what they did with it.
sudo can be configured to allow only certain commands to be run as opposed to all, if you prefer (and yes giving someone all sudo is a risk too) - but everything is a security risk, you have to balance security with practicality.
Personally i find sudo more secure/flexible then creating groups on each machine or setting things SUID - once you setup a proper sudo file you can copy it to all your machine if you so wish - but hey, this is me and my 57 machines, it's just what i think.
if you decide to go the sudo route, and something is not clear let me know (man sudo is great, but sometimes the examples are harder to follow then you want)
I totally agree. However, that is not what you proposed and that is what I was commenting on.
done.
chuck
done.
chuck
Just give the user access to run the /bin/rpm command in the /etc/sudoers file (like majorwoo said above)...
someuser ALL = /bin/rpm
ChrisP
someuser ALL = /bin/rpm
ChrisP
jmmisiti:
This old question needs to be finalized -- accept an answer, split points, or get a refund. For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations! No comment means you don't care.
This old question needs to be finalized -- accept an answer, split points, or get a refund. For information on your options, please click here-> http:/help/closing.jsp#1
EXPERTS:
Post your closing recommendations! No comment means you don't care.
No comment has been added lately, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question is:
PAQ / No Refund ; Can't split 30points, good answers and the original questioner has stopped responding
Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
TheWeakestLink
EE Cleanup Volunteer
I will leave a recommendation in the Cleanup topic area that this question is:
PAQ / No Refund ; Can't split 30points, good answers and the original questioner has stopped responding
Please leave any comments here within the next seven days.
PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!
TheWeakestLink
EE Cleanup Volunteer
You can give dorward the points. His answer was first and correct.
I'm happy either way. The "rules" say that the PAQ / No refund is appropriate under these circumstances, but it's down to judgement.
P.
P.
correct, you've become quite the cleanup hound!
Points to dorward.
Yensidmod
EE Moderator
Yensidmod
EE Moderator
chuck