# Compiling as root is safe?



## pswinslow (Aug 23, 2015)

I'm a Linux user who just installed FreeBSD on two computers for the first time. I've always compiled software as an unprivileged user, including kernels. I don't see any simple way to do this with Ports. Do the build programs run with reduced privileges or in a jail or something?


----------



## kpa (Aug 24, 2015)

You can compile as a normal user but the system will prompt for `su`  now and then for tasks that require superuser privileges such as for fetching distfiles. You can set a few make(1) variables and divert the ports system to use your own directories for distfiles and for example saved port options. It won't work completely fine because there are some ports that do require root privileges to build.

There's a better option though and that is ports-mgmt/poudriere that can be configured to do most of the build process as nobody. It's not enabled by default in the configuration though, you have to enable it with this setting in poudriere.conf:


```
BUILD_AS_NON_ROOT=yes
```

See the handbook for how to set up and use ports-mgmt/poudriere:

https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports-poudriere.html

I also have a HOWTO here at the forums covering the same matter mostly but with some additional information:

Thread 38859


----------



## kpa (Aug 24, 2015)

Note that you still need to start ports-mgmt/poudriere as root, only the actual build phase of a port is done as an unprivileged user.


----------



## pswinslow (Aug 25, 2015)

Neat. Now I have a build server and local repository for my 32-bit systems which can't compile their own ports. Thanks.


----------

