diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2019-04-05 21:17:31 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2019-04-05 21:17:31 +0100 |
commit | dc7cbdfa65fd814b3b9aa3c56257da201109e807 (patch) | |
tree | c85d72f6f31f21f178069c9d41d41a7c1ff4b362 /sys-auth/polkit | |
parent | 0706fc6986773f4e4d391deff4ad5143c464ea4e (diff) |
gentoo resync : 05.04.2019
Diffstat (limited to 'sys-auth/polkit')
-rw-r--r-- | sys-auth/polkit/Manifest | 2 | ||||
-rw-r--r-- | sys-auth/polkit/files/polkit-0.115-spidermonkey-60.patch | 180 | ||||
-rw-r--r-- | sys-auth/polkit/polkit-0.115-r4.ebuild | 143 |
3 files changed, 325 insertions, 0 deletions
diff --git a/sys-auth/polkit/Manifest b/sys-auth/polkit/Manifest index 640f4156a821..d5d4ee95d6c7 100644 --- a/sys-auth/polkit/Manifest +++ b/sys-auth/polkit/Manifest @@ -1,10 +1,12 @@ AUX CVE-2018-19788.patch 12204 BLAKE2B d139c3e9e9814af9bbc3d605e4d25e354c860359b095d12a0269f6d44d83471cf08d96190ae8dbea173bf298512670bd36168fa1aad20592de9f27cb6dca7581 SHA512 b9be88d53521626914ba9c65c00d145b6e377835452defb1951f6fb40502e09325fe217de20469ac64d838b19f0a2c24a2e22d816e83c38c20dc3dab90ea86f1 AUX polkit-0.113-elogind.patch 6149 BLAKE2B 5e99eab21887f4504e07bd1fe803f8534aad227ec0ec8fcacf207ee5179a3ca6a670c1c3cf1f52e932096f27d39a911ca95c11adf1461833b4d3d4dda410973d SHA512 9a3e928d77c023c3f895f7fec7893f0355729808c4ee3bcd5419a7e408b613faefcff6d43f87cdab94b3fa15b7eaddc9ce40cf9b7b0954624360489c4d2c3b52 AUX polkit-0.115-elogind.patch 1069 BLAKE2B 6c5a3d7d3e716a994b951181808f64d864e6ca58b3a018a5354022f08c6e7c1d8987366c9777f47cc970916ad9fe39f288a1b1643113fc99745f333e02dab56f SHA512 06432fa56788699762c6978484640554f91728a1cb40679eb47b8514b3c7aa23aac5b9c26586eb4d7043a0af1b319bbe7f869d24844d9151317299b74a8e8f7f +AUX polkit-0.115-spidermonkey-60.patch 5562 BLAKE2B 8f262d682ea413f83bc555bacbeb4306cdee156cc1ee1a98ab76de20f1aeaef405e772536190eaf3a842ef365514f7b68760200e9ddb9342498b01f40f0f9662 SHA512 41d6a9e63dfbd788267b7de231161d57988b4bf90fd52fb49ac7c139a4621476e76b891ae510786611a0c3cf9914a62aa105e2a1a202d29c47a2091fe6e7e9b9 DIST polkit-0.113.tar.gz 1448865 BLAKE2B 93cb6abf03d0de193e9f64b953bee40faf3bd07cf6f86beb4f84edd740dedc0bcf7a1ffd6b3a1a816e5adad0ee59536dacae3d991add4c4965cc6a98566b7470 SHA512 ab177c89a20eeb2978ddbe28afb205d3619f9c5defe833eb68a85e71a0f2c905367f1295cbbfb85da5eafdd661bce474d5d84aca9195cd425a18c9b4170eb5f9 DIST polkit-0.115.tar.gz 1550932 BLAKE2B 3185ebed46209f88a9ffccbbcaf1bf180d1ae6d5ec53cf3c66d867ad43910b47a1123a3db190991ebb382a0d28fc5a119ea4bab942db324e9af5663056cf6ee1 SHA512 1153011fa93145b2c184e6b3446d3ca21b38918641aeccd8fac3985ac3e30ec6bc75be6973985fde90f2a24236592f1595be259155061c2d33358dd17c4ee4fc EBUILD polkit-0.113-r4.ebuild 3471 BLAKE2B 521e37d8ac00c3dfaed2f31e5aaedfec1e11b3ffd629e362b310c91b134642538fbea7fe2f9280ca21cd5bf1136b3142781e589660b08d1f1d2a8102a01e2bea SHA512 86ec712423c855648a56e998f8c77d37f24d3e9efe0898c8acc4a9e5ac09eb1cc5135f997c5a8dfa06bde4153f734d1bdbf44425eb004be4fb74df258a443a63 EBUILD polkit-0.115-r1.ebuild 3470 BLAKE2B e3b4028f4fdf524834395990f2bb3e2688ca6c75744bc60d19d443d7c0789beef23ba7a634129bbe1cdd8ae7db1a030977a901fb7a1ca376fc773d36cff9560e SHA512 7114d38dc204eb8c4036837b388fa05294400963beaec71dbf178663bada70ba90d50714a792d596f190aa85c40930f65091dce97a1a34a627b3ca4fff31d331 EBUILD polkit-0.115-r2.ebuild 3513 BLAKE2B a15953a542bfdee5bc3b774c05f1e9df9908266b006262a8f8c78c4d02bb755adf86ad7cb70e13306a2b0a8039f0c22ab7d5b0586f31405608b81b66e9cd90ab SHA512 ea5f3de2e0ff002601dc48ce412b2722cdb0aa360933ceb46f783c4fc1fdcf54b3d0fcf444b1bd5141434753e341acff44a5d6418fab1136192708c91321a52a EBUILD polkit-0.115-r3.ebuild 3530 BLAKE2B 9589254a81c6ff58fdc34d474c1ea1c059a8afeb3a36fa7ed51c737656f6d5c8f307776f3dfcf7f94363e21d04b723c7645cde67aa6ca26530a8aba93d96be9d SHA512 8c76dd7d324ef6e87a8ebe0922e3f284cc9cd5f7f11f0c98aeecfcdff00b3e28dc51ee46edaee4588205d648e6188fd013974981c78f86639a51eab35f5d1dd5 +EBUILD polkit-0.115-r4.ebuild 3614 BLAKE2B a13a1548c866cefdc2789a1e25b66bd2ddae02b8dee25f5c5a7edbbfe09b90d046f3b482172bee54e284743b3db8281704769daf1e73f0d6f952c04802997fc2 SHA512 0f9d27ee88c3a781fbba26d7d72d24eb99adab78f1b76158ab37c4d98333a11262096a0b96f9fcc2afc960dc82a40a699b2d6e0c87150db37df71850826938f2 MISC metadata.xml 493 BLAKE2B bbf2a4e83d0882480d0f2ba8b18ef439b234bd82538546d04753d63fa828f6b111afb78846c1a03f4aa93f89e6fd0a6a828c7908574a740c9c6880252a84e98d SHA512 9c7b199d1a3b1193beb4d01e52d5e90d81821aa6df6785482da7ee37c0ca777c12095f160bc997c77d0089429c2e338cf75d0a46836416736178cd661ffa80f5 diff --git a/sys-auth/polkit/files/polkit-0.115-spidermonkey-60.patch b/sys-auth/polkit/files/polkit-0.115-spidermonkey-60.patch new file mode 100644 index 000000000000..8a4510ad2051 --- /dev/null +++ b/sys-auth/polkit/files/polkit-0.115-spidermonkey-60.patch @@ -0,0 +1,180 @@ +From c9cd7024140b837b5693d7c1bbaad1b0cd31cce6 Mon Sep 17 00:00:00 2001 +From: Emmanuele Bassi <ebassi@gnome.org> +Date: Fri, 31 Aug 2018 13:32:16 +0100 +Subject: [PATCH] Depend on mozjs-60 + +This is the new ESR version of the Mozilla JS engine, superceding +mozjs-52. +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 5c37e48..5cedb4e 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -79,7 +79,7 @@ PKG_CHECK_MODULES(GLIB, [gmodule-2.0 gio-unix-2.0 >= 2.30.0]) + AC_SUBST(GLIB_CFLAGS) + AC_SUBST(GLIB_LIBS) + +-PKG_CHECK_MODULES(LIBJS, [mozjs-52]) ++PKG_CHECK_MODULES(LIBJS, [mozjs-60]) + + AC_SUBST(LIBJS_CFLAGS) + AC_SUBST(LIBJS_CXXFLAGS) + + +From dd00683e8781d230a45781d509d86ad676138564 Mon Sep 17 00:00:00 2001 +From: Emmanuele Bassi <ebassi@gnome.org> +Date: Fri, 31 Aug 2018 13:33:20 +0100 +Subject: [PATCH] Port the JS authority to mozjs-60 + +API changes in mozjs that need to be reflected in the JS authority: + + - the JS::CompileOptions constructor and the JS::CompartmentOptions + do not allow setting a JS version any more + + - do not use NULL comparisons for C++ objects + + - the resize() method for a vector has a return value that needs + to be handled + + - JSClassOps has different fields +--- + .../polkitbackendjsauthority.cpp | 65 +++++++++---------- + 1 file changed, 32 insertions(+), 33 deletions(-) + +diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp +index 7602714..984a0f0 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.cpp ++++ b/src/polkitbackend/polkitbackendjsauthority.cpp +@@ -150,18 +150,17 @@ G_DEFINE_TYPE (PolkitBackendJsAuthority, polkit_backend_js_authority, POLKIT_BAC + /* ---------------------------------------------------------------------------------------------------- */ + + static const struct JSClassOps js_global_class_ops = { +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL ++ nullptr, // addProperty ++ nullptr, // deleteProperty ++ nullptr, // enumerate ++ nullptr, // newEnumerate ++ nullptr, // resolve ++ nullptr, // mayResolve ++ nullptr, // finalize ++ nullptr, // call ++ nullptr, // hasInstance ++ nullptr, // construct ++ JS_GlobalObjectTraceHook + }; + + static JSClass js_global_class = { +@@ -172,18 +171,17 @@ static JSClass js_global_class = { + + /* ---------------------------------------------------------------------------------------------------- */ + static const struct JSClassOps js_polkit_class_ops = { +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL ++ nullptr, // addProperty ++ nullptr, // deleteProperty ++ nullptr, // enumerate ++ nullptr, // newEnumerate ++ nullptr, // resolve ++ nullptr, // mayResolve ++ nullptr, // finalize ++ nullptr, // call ++ nullptr, // hasInstance ++ nullptr, // construct ++ nullptr // trace + }; + + static JSClass js_polkit_class = { +@@ -469,19 +467,18 @@ polkit_backend_js_authority_constructed (GObject *object) + + { + JS::CompartmentOptions compart_opts; +- compart_opts.behaviors().setVersion(JSVERSION_LATEST); ++ + JS::RootedObject global(authority->priv->cx); + + authority->priv->js_global = new JS::Heap<JSObject*> (JS_NewGlobalObject (authority->priv->cx, &js_global_class, NULL, JS::FireOnNewGlobalHook, compart_opts)); + + global = authority->priv->js_global->get (); +- +- if (global == NULL) ++ if (!global) + goto fail; + + authority->priv->ac = new JSAutoCompartment(authority->priv->cx, global); + +- if (authority->priv->ac == NULL) ++ if (!authority->priv->ac) + goto fail; + + if (!JS_InitStandardClasses (authority->priv->cx, global)) +@@ -493,7 +490,7 @@ polkit_backend_js_authority_constructed (GObject *object) + + polkit = authority->priv->js_polkit->get (); + +- if (polkit == NULL) ++ if (!polkit) + goto fail; + + if (!JS_DefineProperty(authority->priv->cx, global, "polkit", polkit, JSPROP_ENUMERATE)) +@@ -504,7 +501,7 @@ polkit_backend_js_authority_constructed (GObject *object) + js_polkit_functions)) + goto fail; + +- JS::CompileOptions options(authority->priv->cx, JSVERSION_UNKNOWN); ++ JS::CompileOptions options(authority->priv->cx); + JS::RootedValue rval(authority->priv->cx); + if (!JS::Evaluate (authority->priv->cx, + options, +@@ -684,7 +681,9 @@ set_property_strv (PolkitBackendJsAuthority *authority, + JS::AutoValueVector elems(authority->priv->cx); + guint n; + +- elems.resize(value->len); ++ if (!elems.resize(value->len)) ++ g_error ("Unable to resize vector"); ++ + for (n = 0; n < value->len; n++) + { + const char *c_string = (const char *) g_ptr_array_index(value, n); +@@ -741,7 +740,7 @@ subject_to_jsval (PolkitBackendJsAuthority *authority, + GError **error) + { + gboolean ret = FALSE; +- JS::CompileOptions options(authority->priv->cx, JSVERSION_UNKNOWN); ++ JS::CompileOptions options(authority->priv->cx); + const char *src; + JS::RootedObject obj(authority->priv->cx); + pid_t pid; +@@ -868,7 +867,7 @@ action_and_details_to_jsval (PolkitBackendJsAuthority *authority, + GError **error) + { + gboolean ret = FALSE; +- JS::CompileOptions options(authority->priv->cx, JSVERSION_UNKNOWN); ++ JS::CompileOptions options(authority->priv->cx); + const char *src; + JS::RootedObject obj(authority->priv->cx); + gchar **keys; diff --git a/sys-auth/polkit/polkit-0.115-r4.ebuild b/sys-auth/polkit/polkit-0.115-r4.ebuild new file mode 100644 index 000000000000..ecc024a27d3c --- /dev/null +++ b/sys-auth/polkit/polkit-0.115-r4.ebuild @@ -0,0 +1,143 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools pam pax-utils systemd user xdg-utils + +DESCRIPTION="Policy framework for controlling privileges for system-wide services" +HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit" +SRC_URI="https://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz" + +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="elogind examples gtk +introspection jit kde nls pam selinux systemd test" + +REQUIRED_USE="?? ( elogind systemd )" + +BDEPEND=" + app-text/docbook-xml-dtd:4.1.2 + app-text/docbook-xsl-stylesheets + dev-libs/gobject-introspection-common + dev-libs/libxslt + dev-util/glib-utils + dev-util/gtk-doc-am + dev-util/intltool + sys-devel/gettext + virtual/pkgconfig + introspection? ( dev-libs/gobject-introspection ) +" +DEPEND=" + dev-lang/spidermonkey:60[-debug] + dev-libs/glib:2 + dev-libs/expat + elogind? ( sys-auth/elogind ) + pam? ( + sys-auth/pambase + virtual/pam + ) + systemd? ( sys-apps/systemd:0=[policykit] ) +" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-policykit ) +" +PDEPEND=" + gtk? ( || ( + >=gnome-extra/polkit-gnome-0.105 + >=lxde-base/lxsession-0.5.2 + ) ) + kde? ( kde-plasma/polkit-kde-agent ) + !systemd? ( !elogind? ( sys-auth/consolekit[policykit] ) ) +" + +DOCS=( docs/TODO HACKING NEWS README ) + +PATCHES=( + # bug 660880 + "${FILESDIR}"/polkit-0.115-elogind.patch + "${FILESDIR}"/CVE-2018-19788.patch + "${FILESDIR}"/polkit-0.115-spidermonkey-60.patch +) + +QA_MULTILIB_PATHS=" + usr/lib/polkit-1/polkit-agent-helper-1 + usr/lib/polkit-1/polkitd" + +pkg_setup() { + local u=polkitd + local g=polkitd + local h=/var/lib/polkit-1 + + enewgroup ${g} + enewuser ${u} -1 -1 ${h} ${g} + esethome ${u} ${h} +} + +src_prepare() { + default + + sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513 + + # Workaround upstream hack around standard gtk-doc behavior, bug #552170 + sed -i -e 's/@ENABLE_GTK_DOC_TRUE@\(TARGET_DIR\)/\1/' \ + -e '/install-data-local:/,/uninstall-local:/ s/@ENABLE_GTK_DOC_TRUE@//' \ + -e 's/@ENABLE_GTK_DOC_FALSE@install-data-local://' \ + docs/polkit/Makefile.in || die + + # disable broken test - bug #624022 + sed -i -e "/^SUBDIRS/s/polkitbackend//" test/Makefile.am || die + + # Fix cross-building, bug #590764, elogind patch, bug #598615 + eautoreconf +} + +src_configure() { + xdg_environment_reset + + local myeconfargs=( + --localstatedir="${EPREFIX}"/var + --disable-static + --enable-man-pages + --disable-gtk-doc + --disable-examples + $(use_enable elogind libelogind) + $(use_enable introspection) + $(use_enable nls) + $(usex pam "--with-pam-module-dir=$(getpam_mod_dir)" '') + --with-authfw=$(usex pam pam shadow) + $(use_enable systemd libsystemd-login) + --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" + $(use_enable test) + --with-os-type=gentoo + ) + econf "${myeconfargs[@]}" +} + +src_compile() { + default + + # Required for polkitd on hardened/PaX due to spidermonkey's JIT + pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest +} + +src_install() { + default + + fowners -R polkitd:root /{etc,usr/share}/polkit-1/rules.d + + diropts -m0700 -o polkitd -g polkitd + keepdir /var/lib/polkit-1 + + if use examples; then + insinto /usr/share/doc/${PF}/examples + doins src/examples/{*.c,*.policy*} + fi + + find "${ED}" -name '*.la' -delete || die +} + +pkg_postinst() { + chown -R polkitd:root "${EROOT}"/{etc,usr/share}/polkit-1/rules.d + chown -R polkitd:polkitd "${EROOT}"/var/lib/polkit-1 +} |