# make xconfig, unable to save .config

## Silmano

I'm trying to use make xconfig to edit and save the .config file of the kernel. To do so I've tried loading the .config file in /usr/src/linux via xconfig and tried to save it somewhere else (/tmp, /home/user), but everytime I try to save it, xconfig returns the "unable to save file" error (despite I have rw permissions in the places I've tried to save it.

I also changed /usr/src/linux/.config permissions to 666 but again the error was the same.

Any clue what could it be or where could I find any other message/log about this that will point in the right direction to search?

----------

## paulj

Does it save it back to /usr/src/linux/.config ok? If you want to edit a config and save it somewhere else, you could also make a copy of the start file with a different name. Of course this is not to avoid the original bug, but to establish where the problem lies.

I'll have a go when I get home and see what my system does.

----------

## Silmano

No it doesn't work. The message from the xconfig is the following "Unable to save configuration".

I can open a .config file without problems, even I've tried to move the .config as root to /tmp and name it asd with rw permissions, but I'm unable to save it with a normal user.

EDIT: I've just tried using root porting xauth from a normal user and it seems root can do all just fine. Still the idea should be to be able to change it with a normal user, then compile it with root...

----------

## paulj

Bizarre!  I ran "make xconfig" as a user (not root), and it fails with the error message 

```
scripts/basic/fixdep.c:433:1: fatal error: opening dependency file scripts/basic/.fixdep.d: Permission denied
```

(just what I expected - no surprise really as I haven't touched the permissions in /usr/src/linux)

Running as root, selecting "save as..." from the menu and locating somewhere else on the disk, it completely ignores both the path and file name I enter, and saves .config in the /usr/src/linux directory! So it doesn't do what I would expect, but also it doesn't issue an error message.

make menuconfig (my normal tool choice) does exactly what it should and saves the file where I ask with the correct filename. I always do it as root as well.

----------

## mv

 *Silmano wrote:*   

> then compile it with root...

 

You shouldn't compile the kernel as root, only install it as root.

----------

## Silmano

 *paulj wrote:*   

> Bizarre!  I ran "make xconfig" as a user (not root), and it fails with the error message 
> 
> ```
> scripts/basic/fixdep.c:433:1: fatal error: opening dependency file scripts/basic/.fixdep.d: Permission denied
> ```
> ...

 

If you run "make xconfig" as root (despite not importing xauth), it will create the needed files to run it. Then you can run it with any user (but again can't save it).

I usually use "make menuconfig", but I wanted to try "make xconfig" since I found its faster to configure.

 *mv wrote:*   

> You shouldn't compile the kernel as root, only install it as root.

 

Should I install it and then change the permissions so another user can compile it? Any idea why I shouldn't compile it as root?

----------

## paulj

 *mv wrote:*   

>  *Silmano wrote:*   then compile it with root... 
> 
> You shouldn't compile the kernel as root, only install it as root.

 

If this is best practice, the permissions should be setup to allow this to happen on installation of the source. If general access is not such a good idea, there could be a group for kernel compiling to give some flexibility as to who can compile.

I recognise there are some risks from compiling the kernel as root, but since all packages are compiled as root in gentoo (admittedly in a sandbox), is the risk not limited? I have to admit I don't know much about security management during the package management process, so please don't flame me if I have exposed a big misunderstanding on my behalf!   :Embarassed: 

----------

## mv

 *paulj wrote:*   

>  *mv wrote:*   You shouldn't compile the kernel as root, only install it as root. 
> 
> If this is best practice, the permissions should be setup to allow this to happen

 

This is easy to do (as user):

```
mkdir ~/compiled_kernel

export KBUILD_OUTPUT=~/compiled_kernel

make xconfig

make
```

 *Quote:*   

> If general access is not such a good idea, there could be a group for kernel compiling to give some flexibility as to who can compile.

 

Read access of your kernel configuration, at least for user/group "portage", is a good idea, since some ebuilds need to read your kernel configuration. Therefore, I suggest to set KBUILD_OUTPUT globally system wide to a directory which is +rwx for user/group portage, and to compile the kernel as user portage.

(If you want to automate the calls to sudo and make, you can use the kernel script (install e.g. sys-kernel/kernel from the mv overlay with layman)).

 *Quote:*   

> but since all packages are compiled as root in gentoo (admittedly in a sandbox)

 

I would strongly suggest to use FEATURES="userfetch userpriv usersandbox usersync" (maybe some of these are even the default):

In this case, most things (including compiling) of portage are done as portage:portage.

----------

