View previous topic :: View next topic |
Author |
Message |
EliasJonsson n00b
Joined: 18 Oct 2017 Posts: 53
|
Posted: Mon Oct 25, 2021 5:15 am Post subject: Trick Portage into having installed Rust |
|
|
I own a Raspberry Pi 4, 4GB RAM. 4 GB RAM isn't enough in order to compile the Rust package. Although, It is possible to just run
Code: | curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh |
and have Rust installed.
Is it possible to somehow tell Portage that the rust package already is installed so that other things that depends on Rust package can be installed? |
|
Back to top |
|
|
irets Apprentice
Joined: 17 Dec 2019 Posts: 228
|
|
Back to top |
|
|
mike155 Advocate
Joined: 17 Sep 2010 Posts: 4438 Location: Frankfurt, Germany
|
Posted: Mon Oct 25, 2021 1:42 pm Post subject: |
|
|
Quote: | Is it possible to somehow tell Portage that the rust package already is installed so that other things that depends on Rust package can be installed? |
Code: | /etc/portage/profile/package.provided |
|
|
Back to top |
|
|
mike155 Advocate
Joined: 17 Sep 2010 Posts: 4438 Location: Frankfurt, Germany
|
Posted: Mon Oct 25, 2021 1:46 pm Post subject: |
|
|
Quote: | Code: | curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh |
|
Oops... Never download anything from the internet and execute it without looking at it... Especially not as root... That's the road to hell! |
|
Back to top |
|
|
Hu Administrator
Joined: 06 Mar 2007 Posts: 22657
|
Posted: Mon Oct 25, 2021 3:49 pm Post subject: |
|
|
mike155 wrote: | EliasJonsson wrote: | Code: | curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh |
| Oops... Never download anything from the internet and execute it without looking at it... Especially not as root... That's the road to hell! | Indeed. From a purely academic standpoint, I wonder what OP installed with that command. Since he didn't save the text of what was fed to sh, nor run sh with -x, we'll never really know what commands were executed. At best, we can hope that he got a complete copy of whatever that host is serving today, and that such copy is safe. This is why curlpipesh is always the wrong solution, no matter what problem is under discussion. If it had been served with an emulation of something like subresource integrity, there would be a a bit of a trail. For example (not working, since the server doesn't support this, but in principle it could): Code: | (expected_sha256sum=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 ; set -euo pipefail; local_install_script="$(mktemp --tmpdir curlpipesh-rustup.sh.XXXXXX)"; curl --proto '=https' --tlsv1.2 --silent --show-error --fail https://sh.rustup.rs/curlpipesh/$expected_sha256sum/install.sh -o "$local_install_script"; printf '%s /dev/fd/3\n' "$expected_sha256sum" | sha256sum --quiet --strict --check - 3< "$local_install_script"; /bin/sh < "$local_install_script"; rm "$local_install_script") | Explained:- Record the expected checksum once, right at the top, for easy maintenance.
- Enable some safety options.
- Create a temporary file in which to save the downloaded script. This will be needed since we want to make two passes over it, and control flow requirements preclude using tee.
- Download the script to the temporary file, using the same curl invocation that Rust recommends for their curlpipesh (but with some parameters spelled out for easier reading). Notably, this fragment uses a (currently fictitious, but reasonable) path on the server to tell the server what script it expects, so that the server can provide an appropriate document. This could be omitted if you want the fragment to just fail outright whenever the server document changes.
- Run sha256sum to check the downloaded file against what it should be. Due to --check on sha256sum and set -e on the shell, a failed verification at this step will abort, and none of the later steps in my example will run.
- Run the script. Notably, this preserve's upstream's questionable decision not to set -euo pipefail.
- Delete the temporary file.
|
|
Back to top |
|
|
Zucca Moderator
Joined: 14 Jun 2007 Posts: 3701 Location: Rasi, Finland
|
Posted: Mon Oct 25, 2021 5:49 pm Post subject: |
|
|
At least the command has --tlsv1.2, but doing curlpipesh is bad.
As mentioned above, use rust-bin then instead if you cannot compile rust. _________________ ..: Zucca :..
My gentoo installs: | init=/sbin/openrc-init
-systemd -logind -elogind seatd |
Quote: | I am NaN! I am a man! |
|
|
Back to top |
|
|
EliasJonsson n00b
Joined: 18 Oct 2017 Posts: 53
|
Posted: Wed Oct 27, 2021 8:51 am Post subject: |
|
|
Zucca wrote: | At least the command has --tlsv1.2, but doing curlpipesh is bad.
As mentioned above, use rust-bin then instead if you cannot compile rust. |
Will do. Thanks for pointing that out! |
|
Back to top |
|
|
|