Quote:
Originally Posted by Queso
But it is a bit scary to just run scripts directly downloaded from github...
|
As opposed to directly running code in the actual program you download from a distribution's servers, which in turn have downloaded it from either github or the source tarballs I publish? I've never understood this crazy meme that runs around the internet about how it is "scary" to run installer scripts downloaded from the internet. It reeks of security theatre. The installer script typically runs as root, but so what, the actual program has access to all *your* data, which is what is truly important on your computer.
The calibre install script is downloaded using https from github, it downloads the binary tarball from my servers using http and then verifies that download's integrity against a sha512 hash downloaded securely (and by securely I mean it uses a pinned SSL certificate -- i.e. no certificate authorities are involved).
And if for some reason you dont want to run the script directly from the internet, you can download it first, then inspect it and then run it, you can even run it as a normal user, not root, if you want.
EDIT: As for your error, use the --detach flag or make sure you run the program in a context that has a working stdout/stderr. That is dont start it from a terminal and then close the terminal. If you want to do that, use --detach