Control: severity -1 wishlist On Thu, Sep 26, 2024 at 10:36:58PM +0200, Erik Huelsmann wrote:
Thank you for reporting this problem. There is technically no problem with running LedgerSMB under root. Nor is there technically any reason to prohibit running the tests under root. However, running LedgerSMB (or any other server process) under root *is* a security risk.
As such, it's strongly recommended *not* to run LedgerSMB as root and *not* to run the test suite under root. I mean, sure. I don't disagree with this in general or even in principle.
I kindly disagree the package fails to build from source: it fails to run its tests under root, but if you run the tests under *any* other user, the tests will succeed. The failure to run under root also is not a technical one, but a deliberate choice or policy if you will. I consulted the opinions of some more debian developers, and indeed it appears that your policy doesn't necessarily contradict Debian's, and I just have an overly-legalist reading.
It would still be nice if the package was buildable as root. Best,