summaryrefslogtreecommitdiff
path: root/sys-auth/polkit
diff options
context:
space:
mode:
Diffstat (limited to 'sys-auth/polkit')
-rw-r--r--sys-auth/polkit/Manifest2
-rw-r--r--sys-auth/polkit/files/polkit-0.115-spidermonkey-60.patch180
-rw-r--r--sys-auth/polkit/polkit-0.115-r4.ebuild143
3 files changed, 325 insertions, 0 deletions
diff --git a/sys-auth/polkit/Manifest b/sys-auth/polkit/Manifest
index 640f4156a821..d5d4ee95d6c7 100644
--- a/sys-auth/polkit/Manifest
+++ b/sys-auth/polkit/Manifest
@@ -1,10 +1,12 @@
AUX CVE-2018-19788.patch 12204 BLAKE2B d139c3e9e9814af9bbc3d605e4d25e354c860359b095d12a0269f6d44d83471cf08d96190ae8dbea173bf298512670bd36168fa1aad20592de9f27cb6dca7581 SHA512 b9be88d53521626914ba9c65c00d145b6e377835452defb1951f6fb40502e09325fe217de20469ac64d838b19f0a2c24a2e22d816e83c38c20dc3dab90ea86f1
AUX polkit-0.113-elogind.patch 6149 BLAKE2B 5e99eab21887f4504e07bd1fe803f8534aad227ec0ec8fcacf207ee5179a3ca6a670c1c3cf1f52e932096f27d39a911ca95c11adf1461833b4d3d4dda410973d SHA512 9a3e928d77c023c3f895f7fec7893f0355729808c4ee3bcd5419a7e408b613faefcff6d43f87cdab94b3fa15b7eaddc9ce40cf9b7b0954624360489c4d2c3b52
AUX polkit-0.115-elogind.patch 1069 BLAKE2B 6c5a3d7d3e716a994b951181808f64d864e6ca58b3a018a5354022f08c6e7c1d8987366c9777f47cc970916ad9fe39f288a1b1643113fc99745f333e02dab56f SHA512 06432fa56788699762c6978484640554f91728a1cb40679eb47b8514b3c7aa23aac5b9c26586eb4d7043a0af1b319bbe7f869d24844d9151317299b74a8e8f7f
+AUX polkit-0.115-spidermonkey-60.patch 5562 BLAKE2B 8f262d682ea413f83bc555bacbeb4306cdee156cc1ee1a98ab76de20f1aeaef405e772536190eaf3a842ef365514f7b68760200e9ddb9342498b01f40f0f9662 SHA512 41d6a9e63dfbd788267b7de231161d57988b4bf90fd52fb49ac7c139a4621476e76b891ae510786611a0c3cf9914a62aa105e2a1a202d29c47a2091fe6e7e9b9
DIST polkit-0.113.tar.gz 1448865 BLAKE2B 93cb6abf03d0de193e9f64b953bee40faf3bd07cf6f86beb4f84edd740dedc0bcf7a1ffd6b3a1a816e5adad0ee59536dacae3d991add4c4965cc6a98566b7470 SHA512 ab177c89a20eeb2978ddbe28afb205d3619f9c5defe833eb68a85e71a0f2c905367f1295cbbfb85da5eafdd661bce474d5d84aca9195cd425a18c9b4170eb5f9
DIST polkit-0.115.tar.gz 1550932 BLAKE2B 3185ebed46209f88a9ffccbbcaf1bf180d1ae6d5ec53cf3c66d867ad43910b47a1123a3db190991ebb382a0d28fc5a119ea4bab942db324e9af5663056cf6ee1 SHA512 1153011fa93145b2c184e6b3446d3ca21b38918641aeccd8fac3985ac3e30ec6bc75be6973985fde90f2a24236592f1595be259155061c2d33358dd17c4ee4fc
EBUILD polkit-0.113-r4.ebuild 3471 BLAKE2B 521e37d8ac00c3dfaed2f31e5aaedfec1e11b3ffd629e362b310c91b134642538fbea7fe2f9280ca21cd5bf1136b3142781e589660b08d1f1d2a8102a01e2bea SHA512 86ec712423c855648a56e998f8c77d37f24d3e9efe0898c8acc4a9e5ac09eb1cc5135f997c5a8dfa06bde4153f734d1bdbf44425eb004be4fb74df258a443a63
EBUILD polkit-0.115-r1.ebuild 3470 BLAKE2B e3b4028f4fdf524834395990f2bb3e2688ca6c75744bc60d19d443d7c0789beef23ba7a634129bbe1cdd8ae7db1a030977a901fb7a1ca376fc773d36cff9560e SHA512 7114d38dc204eb8c4036837b388fa05294400963beaec71dbf178663bada70ba90d50714a792d596f190aa85c40930f65091dce97a1a34a627b3ca4fff31d331
EBUILD polkit-0.115-r2.ebuild 3513 BLAKE2B a15953a542bfdee5bc3b774c05f1e9df9908266b006262a8f8c78c4d02bb755adf86ad7cb70e13306a2b0a8039f0c22ab7d5b0586f31405608b81b66e9cd90ab SHA512 ea5f3de2e0ff002601dc48ce412b2722cdb0aa360933ceb46f783c4fc1fdcf54b3d0fcf444b1bd5141434753e341acff44a5d6418fab1136192708c91321a52a
EBUILD polkit-0.115-r3.ebuild 3530 BLAKE2B 9589254a81c6ff58fdc34d474c1ea1c059a8afeb3a36fa7ed51c737656f6d5c8f307776f3dfcf7f94363e21d04b723c7645cde67aa6ca26530a8aba93d96be9d SHA512 8c76dd7d324ef6e87a8ebe0922e3f284cc9cd5f7f11f0c98aeecfcdff00b3e28dc51ee46edaee4588205d648e6188fd013974981c78f86639a51eab35f5d1dd5
+EBUILD polkit-0.115-r4.ebuild 3614 BLAKE2B a13a1548c866cefdc2789a1e25b66bd2ddae02b8dee25f5c5a7edbbfe09b90d046f3b482172bee54e284743b3db8281704769daf1e73f0d6f952c04802997fc2 SHA512 0f9d27ee88c3a781fbba26d7d72d24eb99adab78f1b76158ab37c4d98333a11262096a0b96f9fcc2afc960dc82a40a699b2d6e0c87150db37df71850826938f2
MISC metadata.xml 493 BLAKE2B bbf2a4e83d0882480d0f2ba8b18ef439b234bd82538546d04753d63fa828f6b111afb78846c1a03f4aa93f89e6fd0a6a828c7908574a740c9c6880252a84e98d SHA512 9c7b199d1a3b1193beb4d01e52d5e90d81821aa6df6785482da7ee37c0ca777c12095f160bc997c77d0089429c2e338cf75d0a46836416736178cd661ffa80f5
diff --git a/sys-auth/polkit/files/polkit-0.115-spidermonkey-60.patch b/sys-auth/polkit/files/polkit-0.115-spidermonkey-60.patch
new file mode 100644
index 000000000000..8a4510ad2051
--- /dev/null
+++ b/sys-auth/polkit/files/polkit-0.115-spidermonkey-60.patch
@@ -0,0 +1,180 @@
+From c9cd7024140b837b5693d7c1bbaad1b0cd31cce6 Mon Sep 17 00:00:00 2001
+From: Emmanuele Bassi <ebassi@gnome.org>
+Date: Fri, 31 Aug 2018 13:32:16 +0100
+Subject: [PATCH] Depend on mozjs-60
+
+This is the new ESR version of the Mozilla JS engine, superceding
+mozjs-52.
+---
+ configure.ac | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/configure.ac b/configure.ac
+index 5c37e48..5cedb4e 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -79,7 +79,7 @@ PKG_CHECK_MODULES(GLIB, [gmodule-2.0 gio-unix-2.0 >= 2.30.0])
+ AC_SUBST(GLIB_CFLAGS)
+ AC_SUBST(GLIB_LIBS)
+
+-PKG_CHECK_MODULES(LIBJS, [mozjs-52])
++PKG_CHECK_MODULES(LIBJS, [mozjs-60])
+
+ AC_SUBST(LIBJS_CFLAGS)
+ AC_SUBST(LIBJS_CXXFLAGS)
+
+
+From dd00683e8781d230a45781d509d86ad676138564 Mon Sep 17 00:00:00 2001
+From: Emmanuele Bassi <ebassi@gnome.org>
+Date: Fri, 31 Aug 2018 13:33:20 +0100
+Subject: [PATCH] Port the JS authority to mozjs-60
+
+API changes in mozjs that need to be reflected in the JS authority:
+
+ - the JS::CompileOptions constructor and the JS::CompartmentOptions
+ do not allow setting a JS version any more
+
+ - do not use NULL comparisons for C++ objects
+
+ - the resize() method for a vector has a return value that needs
+ to be handled
+
+ - JSClassOps has different fields
+---
+ .../polkitbackendjsauthority.cpp | 65 +++++++++----------
+ 1 file changed, 32 insertions(+), 33 deletions(-)
+
+diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp
+index 7602714..984a0f0 100644
+--- a/src/polkitbackend/polkitbackendjsauthority.cpp
++++ b/src/polkitbackend/polkitbackendjsauthority.cpp
+@@ -150,18 +150,17 @@ G_DEFINE_TYPE (PolkitBackendJsAuthority, polkit_backend_js_authority, POLKIT_BAC
+ /* ---------------------------------------------------------------------------------------------------- */
+
+ static const struct JSClassOps js_global_class_ops = {
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL
++ nullptr, // addProperty
++ nullptr, // deleteProperty
++ nullptr, // enumerate
++ nullptr, // newEnumerate
++ nullptr, // resolve
++ nullptr, // mayResolve
++ nullptr, // finalize
++ nullptr, // call
++ nullptr, // hasInstance
++ nullptr, // construct
++ JS_GlobalObjectTraceHook
+ };
+
+ static JSClass js_global_class = {
+@@ -172,18 +171,17 @@ static JSClass js_global_class = {
+
+ /* ---------------------------------------------------------------------------------------------------- */
+ static const struct JSClassOps js_polkit_class_ops = {
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL,
+- NULL
++ nullptr, // addProperty
++ nullptr, // deleteProperty
++ nullptr, // enumerate
++ nullptr, // newEnumerate
++ nullptr, // resolve
++ nullptr, // mayResolve
++ nullptr, // finalize
++ nullptr, // call
++ nullptr, // hasInstance
++ nullptr, // construct
++ nullptr // trace
+ };
+
+ static JSClass js_polkit_class = {
+@@ -469,19 +467,18 @@ polkit_backend_js_authority_constructed (GObject *object)
+
+ {
+ JS::CompartmentOptions compart_opts;
+- compart_opts.behaviors().setVersion(JSVERSION_LATEST);
++
+ JS::RootedObject global(authority->priv->cx);
+
+ authority->priv->js_global = new JS::Heap<JSObject*> (JS_NewGlobalObject (authority->priv->cx, &js_global_class, NULL, JS::FireOnNewGlobalHook, compart_opts));
+
+ global = authority->priv->js_global->get ();
+-
+- if (global == NULL)
++ if (!global)
+ goto fail;
+
+ authority->priv->ac = new JSAutoCompartment(authority->priv->cx, global);
+
+- if (authority->priv->ac == NULL)
++ if (!authority->priv->ac)
+ goto fail;
+
+ if (!JS_InitStandardClasses (authority->priv->cx, global))
+@@ -493,7 +490,7 @@ polkit_backend_js_authority_constructed (GObject *object)
+
+ polkit = authority->priv->js_polkit->get ();
+
+- if (polkit == NULL)
++ if (!polkit)
+ goto fail;
+
+ if (!JS_DefineProperty(authority->priv->cx, global, "polkit", polkit, JSPROP_ENUMERATE))
+@@ -504,7 +501,7 @@ polkit_backend_js_authority_constructed (GObject *object)
+ js_polkit_functions))
+ goto fail;
+
+- JS::CompileOptions options(authority->priv->cx, JSVERSION_UNKNOWN);
++ JS::CompileOptions options(authority->priv->cx);
+ JS::RootedValue rval(authority->priv->cx);
+ if (!JS::Evaluate (authority->priv->cx,
+ options,
+@@ -684,7 +681,9 @@ set_property_strv (PolkitBackendJsAuthority *authority,
+ JS::AutoValueVector elems(authority->priv->cx);
+ guint n;
+
+- elems.resize(value->len);
++ if (!elems.resize(value->len))
++ g_error ("Unable to resize vector");
++
+ for (n = 0; n < value->len; n++)
+ {
+ const char *c_string = (const char *) g_ptr_array_index(value, n);
+@@ -741,7 +740,7 @@ subject_to_jsval (PolkitBackendJsAuthority *authority,
+ GError **error)
+ {
+ gboolean ret = FALSE;
+- JS::CompileOptions options(authority->priv->cx, JSVERSION_UNKNOWN);
++ JS::CompileOptions options(authority->priv->cx);
+ const char *src;
+ JS::RootedObject obj(authority->priv->cx);
+ pid_t pid;
+@@ -868,7 +867,7 @@ action_and_details_to_jsval (PolkitBackendJsAuthority *authority,
+ GError **error)
+ {
+ gboolean ret = FALSE;
+- JS::CompileOptions options(authority->priv->cx, JSVERSION_UNKNOWN);
++ JS::CompileOptions options(authority->priv->cx);
+ const char *src;
+ JS::RootedObject obj(authority->priv->cx);
+ gchar **keys;
diff --git a/sys-auth/polkit/polkit-0.115-r4.ebuild b/sys-auth/polkit/polkit-0.115-r4.ebuild
new file mode 100644
index 000000000000..ecc024a27d3c
--- /dev/null
+++ b/sys-auth/polkit/polkit-0.115-r4.ebuild
@@ -0,0 +1,143 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+inherit autotools pam pax-utils systemd user xdg-utils
+
+DESCRIPTION="Policy framework for controlling privileges for system-wide services"
+HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit"
+SRC_URI="https://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz"
+
+LICENSE="LGPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86"
+IUSE="elogind examples gtk +introspection jit kde nls pam selinux systemd test"
+
+REQUIRED_USE="?? ( elogind systemd )"
+
+BDEPEND="
+ app-text/docbook-xml-dtd:4.1.2
+ app-text/docbook-xsl-stylesheets
+ dev-libs/gobject-introspection-common
+ dev-libs/libxslt
+ dev-util/glib-utils
+ dev-util/gtk-doc-am
+ dev-util/intltool
+ sys-devel/gettext
+ virtual/pkgconfig
+ introspection? ( dev-libs/gobject-introspection )
+"
+DEPEND="
+ dev-lang/spidermonkey:60[-debug]
+ dev-libs/glib:2
+ dev-libs/expat
+ elogind? ( sys-auth/elogind )
+ pam? (
+ sys-auth/pambase
+ virtual/pam
+ )
+ systemd? ( sys-apps/systemd:0=[policykit] )
+"
+RDEPEND="${DEPEND}
+ selinux? ( sec-policy/selinux-policykit )
+"
+PDEPEND="
+ gtk? ( || (
+ >=gnome-extra/polkit-gnome-0.105
+ >=lxde-base/lxsession-0.5.2
+ ) )
+ kde? ( kde-plasma/polkit-kde-agent )
+ !systemd? ( !elogind? ( sys-auth/consolekit[policykit] ) )
+"
+
+DOCS=( docs/TODO HACKING NEWS README )
+
+PATCHES=(
+ # bug 660880
+ "${FILESDIR}"/polkit-0.115-elogind.patch
+ "${FILESDIR}"/CVE-2018-19788.patch
+ "${FILESDIR}"/polkit-0.115-spidermonkey-60.patch
+)
+
+QA_MULTILIB_PATHS="
+ usr/lib/polkit-1/polkit-agent-helper-1
+ usr/lib/polkit-1/polkitd"
+
+pkg_setup() {
+ local u=polkitd
+ local g=polkitd
+ local h=/var/lib/polkit-1
+
+ enewgroup ${g}
+ enewuser ${u} -1 -1 ${h} ${g}
+ esethome ${u} ${h}
+}
+
+src_prepare() {
+ default
+
+ sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513
+
+ # Workaround upstream hack around standard gtk-doc behavior, bug #552170
+ sed -i -e 's/@ENABLE_GTK_DOC_TRUE@\(TARGET_DIR\)/\1/' \
+ -e '/install-data-local:/,/uninstall-local:/ s/@ENABLE_GTK_DOC_TRUE@//' \
+ -e 's/@ENABLE_GTK_DOC_FALSE@install-data-local://' \
+ docs/polkit/Makefile.in || die
+
+ # disable broken test - bug #624022
+ sed -i -e "/^SUBDIRS/s/polkitbackend//" test/Makefile.am || die
+
+ # Fix cross-building, bug #590764, elogind patch, bug #598615
+ eautoreconf
+}
+
+src_configure() {
+ xdg_environment_reset
+
+ local myeconfargs=(
+ --localstatedir="${EPREFIX}"/var
+ --disable-static
+ --enable-man-pages
+ --disable-gtk-doc
+ --disable-examples
+ $(use_enable elogind libelogind)
+ $(use_enable introspection)
+ $(use_enable nls)
+ $(usex pam "--with-pam-module-dir=$(getpam_mod_dir)" '')
+ --with-authfw=$(usex pam pam shadow)
+ $(use_enable systemd libsystemd-login)
+ --with-systemdsystemunitdir="$(systemd_get_systemunitdir)"
+ $(use_enable test)
+ --with-os-type=gentoo
+ )
+ econf "${myeconfargs[@]}"
+}
+
+src_compile() {
+ default
+
+ # Required for polkitd on hardened/PaX due to spidermonkey's JIT
+ pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest
+}
+
+src_install() {
+ default
+
+ fowners -R polkitd:root /{etc,usr/share}/polkit-1/rules.d
+
+ diropts -m0700 -o polkitd -g polkitd
+ keepdir /var/lib/polkit-1
+
+ if use examples; then
+ insinto /usr/share/doc/${PF}/examples
+ doins src/examples/{*.c,*.policy*}
+ fi
+
+ find "${ED}" -name '*.la' -delete || die
+}
+
+pkg_postinst() {
+ chown -R polkitd:root "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
+ chown -R polkitd:polkitd "${EROOT}"/var/lib/polkit-1
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-13 17:42:44 +0000