1) Its easy to just say "get a development machine off the corporate infrastructure", but that is harder for some of us due to government regulation (See http://pmddtc.state.gov/regulations_laws/itar_official.html for an example - encryption is considered an Armament in some circles) that requires complete security of systems. This results in no way that sudo access can be granted to any user, *and* requires complete traceability of development/documentation which requires *everything* is backed up and corralled in some SCM system. Yes, its a pain, but it is the reality for some of us...On Jul 6, 2012, at 1:22 AM, Stuart Hughes wrote:What are the real risk you talk about? There are no significant risks that I can see. Risk is commonly defined as:What does irritate me about the 'no root' business the lack of a real 'override'. I would prefer not bothering with sudo at all. As for greater 'corporate' IT concerns... get a development machine off the corporate infrastructure in the first place. In more than 30 years of unix use, there is only one incident where I've shot myself in the foot... I fsck'ed a distribution '/usr' disk... on a system that was just plain too small for running unix in the first place, and I was swapping the 'whopping' 14MB disk packs... and put the wrong one in... But other than that... no 'cd /; rm -rf *'... type errors ever. I realize this flies in the face of many IT people's need for control... and there is probably good reason why I have always preferred small development groups in small companies because of the much reduced need for IT departments to 'get involved'... if there's an IT department at all. IT departments are probably the greatest reason why Windows exists at all... and of course the holes in Windows probably provides IT departments guaranteed work for the foreseeable future...
2) Not everyone uses NFS. For those that don't then fakeroot is a viable alternative to generating rootfs images for non-NFS targets.
3) Yes, IT departments appear to some (most?) of us as:
Fakeroot will at least keep IT/ITAR at bay, and I'll help to implement it in LTIB. Anyone else want to help? Perhaps we could add a .ltibrc entry that selects fakeroot over sudo and suppress NFS as a deployment selection/method if using fakeroot...
-- Peter Barada address@hidden