summaryrefslogtreecommitdiff
path: root/sys-auth
diff options
context:
space:
mode:
Diffstat (limited to 'sys-auth')
-rw-r--r--sys-auth/Manifest.gzbin9255 -> 9260 bytes
-rw-r--r--sys-auth/pambase/Manifest6
-rw-r--r--sys-auth/pambase/metadata.xml4
-rw-r--r--sys-auth/pambase/pambase-20240119.ebuild116
-rw-r--r--sys-auth/pambase/pambase-999999999.ebuild24
-rw-r--r--sys-auth/polkit/Manifest6
-rw-r--r--sys-auth/polkit/files/polkit-124-systemd-fixup.patch28
-rw-r--r--sys-auth/polkit/files/polkit-124-systemd.patch50
-rw-r--r--sys-auth/polkit/metadata.xml2
-rw-r--r--sys-auth/polkit/polkit-124-r1.ebuild165
10 files changed, 385 insertions, 16 deletions
diff --git a/sys-auth/Manifest.gz b/sys-auth/Manifest.gz
index fdacdd7b37ee..155308f73681 100644
--- a/sys-auth/Manifest.gz
+++ b/sys-auth/Manifest.gz
Binary files differ
diff --git a/sys-auth/pambase/Manifest b/sys-auth/pambase/Manifest
index 6bffadf80968..4c10b686af92 100644
--- a/sys-auth/pambase/Manifest
+++ b/sys-auth/pambase/Manifest
@@ -1,4 +1,6 @@
DIST pambase-20220214.tar.gz 3372 BLAKE2B fc560005c48598d972cf68bfbd33784be7d7e5a12f5ebcd06e708241a169b1bcf7cb7dcd7109f44c2d9802ae0b294eaeb61782640f0b0cb9767f2ecf8c053c7f SHA512 57d037944cf6d9db69d5eb8ce32b087ac4781fae13c1daba1e248a1818dfcbbf2cb66fce79cad7808f2b0f89d3f3dd05455a1c8f3c976561769b056dc8bf7323
+DIST pambase-20240119.tar.bz2 5132 BLAKE2B 830afd9fe570a8b782a8bf4e0b5f73e50fff59b884a95bf67352de76529f81c2b7482c352b561ece19c662480827a99923df4658049fe857937436b01cf69a98 SHA512 8cbf9196a008a575652b95071cef32d7117370887c9194f2c80de6ae725edb3cff52385555d09bb1c5492d8f068d17f358f8fdf72d9bd4b4f7743ec3a0c98cc8
EBUILD pambase-20220214.ebuild 2990 BLAKE2B 1b4df77cb1ef13c8e89c2293b7ba960cf7b1932d3660c2e6352b6a03e6c69b08d23a671ae67c9aa7c5fd99c851daa718dc51516eb9aac1a2884b395d6be169ee SHA512 17c4084e974a02ca4c502bc1b4adcc3a36265869bade04dbc7fe0d7614d9adeb3e6e016edaa0a0a96561c2e25b17119687b9df52322187bb789eb9293f5595dd
-EBUILD pambase-999999999.ebuild 2983 BLAKE2B 4f21d3d3b134e1c0ea1a91f4a1fd76e25724d1e28ea4474184873041c6e8b1abca28be7b2ba7a6f4b4a99667a6e85cb59449cba8d377b86060f2e5268e5f27e9 SHA512 1586fbe7d95257d12c0ffdd9cd40403f4d1fce5c93dc0846853652f94e2a15f763d093f9e270de8e0f1cb46cdb801245f5248ab4067b35fa73abb49f4995ebef
-MISC metadata.xml 4168 BLAKE2B 898cfb8b48119e7a6f1bb5d435463331cf8a338ef015921ee96559e080883f60d56a4f7b94bef4b104681f42cb0ad245be82503b3d25260e3d142a35bee1ba05 SHA512 043f0f87f0fb5228eff5656ee52e4d889e9d9a0d5e7c1a0da266c5526f2a91728260a6b791c727d8e0cd16c2c3876c1ae6288a0334487637e68ab465bda83875
+EBUILD pambase-20240119.ebuild 3041 BLAKE2B c200d80e0ec0304700e56ecacb09a30a4f64c86ce582d021a2c68f63ad44a9e5ecc21a6efda91c78d452324f0d52055e78555634ae1a143d869435a84853bae9 SHA512 0524d107c9a4f98cee9b62f55b14e7b8b27c26c51859bc7e9fd2d97da61ff6961f5b3972417bb49d16b03a6d91dbc0a043206a80ee27f5fed29f62ee79b15a49
+EBUILD pambase-999999999.ebuild 3041 BLAKE2B c200d80e0ec0304700e56ecacb09a30a4f64c86ce582d021a2c68f63ad44a9e5ecc21a6efda91c78d452324f0d52055e78555634ae1a143d869435a84853bae9 SHA512 0524d107c9a4f98cee9b62f55b14e7b8b27c26c51859bc7e9fd2d97da61ff6961f5b3972417bb49d16b03a6d91dbc0a043206a80ee27f5fed29f62ee79b15a49
+MISC metadata.xml 4170 BLAKE2B 72042c7e3593a7f26805df66721d0399820c1f719d1f889d83bd043ee45e6f36f7d25abb96def26340a2492ccfadca644712b43216d3ca25681eb5140a735062 SHA512 da2b81ae108f79d425928963a6a69eb565d0ff1c38755085004e3a6ef3c54ab76266db9be75692bc69c622c3a86c6f42fd2f6d8cc692914cd97dd278dfcba745
diff --git a/sys-auth/pambase/metadata.xml b/sys-auth/pambase/metadata.xml
index 8c6bc7d0d64a..45396281fe28 100644
--- a/sys-auth/pambase/metadata.xml
+++ b/sys-auth/pambase/metadata.xml
@@ -72,8 +72,8 @@
</flag>
<flag name="pam_krb5">
Enable pam_krb5 module on system auth stack, as an alternative
- to pam_unix. If Kerberos authentication succeed, only pam_unix
- will be ignore, and all the other modules will proceed as usual,
+ to pam_unix. If Kerberos authentication succeeds, only pam_unix
+ will be ignorde, and all the other modules will proceed as usual,
including Gnome Keyring and other session modules. It requires
<pkg>sys-libs/pam</pkg> as PAM implementation.
</flag>
diff --git a/sys-auth/pambase/pambase-20240119.ebuild b/sys-auth/pambase/pambase-20240119.ebuild
new file mode 100644
index 000000000000..f1bcc8c30fab
--- /dev/null
+++ b/sys-auth/pambase/pambase-20240119.ebuild
@@ -0,0 +1,116 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..12} )
+
+inherit pam python-any-r1 readme.gentoo-r1
+
+DESCRIPTION="PAM base configuration files"
+HOMEPAGE="https://github.com/gentoo/pambase"
+
+if [[ ${PV} == *9999 ]]; then
+ inherit git-r3
+ EGIT_REPO_URI="
+ https://anongit.gentoo.org/git/proj/pambase.git
+ https://github.com/gentoo/pambase.git
+ "
+else
+ SRC_URI="https://gitweb.gentoo.org/proj/pambase.git/snapshot/${P}.tar.bz2"
+
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+fi
+
+LICENSE="MIT"
+SLOT="0"
+IUSE="caps debug elogind gnome-keyring homed minimal mktemp +nullok pam_krb5 pam_ssh +passwdqc pwhistory pwquality securetty selinux +sha512 systemd yescrypt"
+
+RESTRICT="binchecks"
+
+REQUIRED_USE="
+ ?? ( elogind systemd )
+ ?? ( passwdqc pwquality )
+ ?? ( sha512 yescrypt )
+ pwhistory? ( || ( passwdqc pwquality ) )
+ homed? ( !pam_krb5 )
+ pam_krb5? ( !homed )
+"
+
+MIN_PAM_REQ=1.4.0
+
+RDEPEND="
+ >=sys-libs/pam-${MIN_PAM_REQ}
+ elogind? ( sys-auth/elogind[pam] )
+ gnome-keyring? ( gnome-base/gnome-keyring[pam] )
+ mktemp? ( sys-auth/pam_mktemp )
+ pam_krb5? (
+ >=sys-libs/pam-${MIN_PAM_REQ}
+ sys-auth/pam_krb5
+ )
+ caps? ( sys-libs/libcap[pam] )
+ pam_ssh? ( sys-auth/pam_ssh )
+ passwdqc? ( >=sys-auth/passwdqc-1.4.0-r1 )
+ pwquality? ( dev-libs/libpwquality[pam] )
+ selinux? ( sys-libs/pam[selinux] )
+ sha512? ( >=sys-libs/pam-${MIN_PAM_REQ} )
+ homed? ( sys-apps/systemd[homed] )
+ systemd? ( sys-apps/systemd[pam] )
+ yescrypt? ( sys-libs/libxcrypt[system] )
+"
+BDEPEND="
+ $(python_gen_any_dep '
+ dev-python/jinja[${PYTHON_USEDEP}]
+ ')
+"
+
+python_check_deps() {
+ python_has_version "dev-python/jinja[${PYTHON_USEDEP}]"
+}
+
+src_configure() {
+ ${EPYTHON} ./${PN}.py \
+ $(usex caps '--caps' '') \
+ $(usex debug '--debug' '') \
+ $(usex elogind '--elogind' '') \
+ $(usex gnome-keyring '--gnome-keyring' '') \
+ $(usex homed '--homed' '') \
+ $(usex minimal '--minimal' '') \
+ $(usex mktemp '--mktemp' '') \
+ $(usex nullok '--nullok' '') \
+ $(usex pam_krb5 '--krb5' '') \
+ $(usex pam_ssh '--pam-ssh' '') \
+ $(usex passwdqc '--passwdqc' '') \
+ $(usex pwhistory '--pwhistory' '') \
+ $(usex pwquality '--pwquality' '') \
+ $(usex securetty '--securetty' '') \
+ $(usex selinux '--selinux' '') \
+ $(usex sha512 '--sha512' '') \
+ $(usex systemd '--systemd' '') \
+ $(usex yescrypt '--yescrypt' '') \
+ || die
+}
+
+src_test() { :; }
+
+src_install() {
+ local DOC_CONTENTS
+
+ if use passwdqc; then
+ DOC_CONTENTS="To amend the existing password policy please see the man 5 passwdqc.conf
+ page and then edit the /etc/security/passwdqc.conf file"
+ fi
+
+ if use pwquality; then
+ DOC_CONTENTS="To amend the existing password policy please see the man 5 pwquality.conf
+ page and then edit the /etc/security/pwquality.conf file"
+ fi
+
+ { use passwdqc || use pwquality; } && readme.gentoo_create_doc
+
+ dopamd -r stack/.
+}
+
+pkg_postinst() {
+ { use passwdqc || use pwquality; } && readme.gentoo_print_elog
+}
diff --git a/sys-auth/pambase/pambase-999999999.ebuild b/sys-auth/pambase/pambase-999999999.ebuild
index f1a0a423fa7e..f1bcc8c30fab 100644
--- a/sys-auth/pambase/pambase-999999999.ebuild
+++ b/sys-auth/pambase/pambase-999999999.ebuild
@@ -1,9 +1,9 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
-EAPI=7
+EAPI=8
-PYTHON_COMPAT=( python3_{9..11} )
+PYTHON_COMPAT=( python3_{10..12} )
inherit pam python-any-r1 readme.gentoo-r1
@@ -12,11 +12,14 @@ HOMEPAGE="https://github.com/gentoo/pambase"
if [[ ${PV} == *9999 ]]; then
inherit git-r3
- EGIT_REPO_URI="https://github.com/gentoo/pambase.git"
+ EGIT_REPO_URI="
+ https://anongit.gentoo.org/git/proj/pambase.git
+ https://github.com/gentoo/pambase.git
+ "
else
- SRC_URI="https://github.com/gentoo/pambase/archive/${P}.tar.gz"
- KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86"
- S="${WORKDIR}/${PN}-${P}"
+ SRC_URI="https://gitweb.gentoo.org/proj/pambase.git/snapshot/${P}.tar.bz2"
+
+ KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
fi
LICENSE="MIT"
@@ -55,10 +58,11 @@ RDEPEND="
systemd? ( sys-apps/systemd[pam] )
yescrypt? ( sys-libs/libxcrypt[system] )
"
-
-BDEPEND="$(python_gen_any_dep '
+BDEPEND="
+ $(python_gen_any_dep '
dev-python/jinja[${PYTHON_USEDEP}]
- ')"
+ ')
+"
python_check_deps() {
python_has_version "dev-python/jinja[${PYTHON_USEDEP}]"
diff --git a/sys-auth/polkit/Manifest b/sys-auth/polkit/Manifest
index 1c41135ed734..e15c77ade167 100644
--- a/sys-auth/polkit/Manifest
+++ b/sys-auth/polkit/Manifest
@@ -1,8 +1,12 @@
AUX polkit-122-libs-only-postinstall.patch 944 BLAKE2B bfd6dc47e477b80b3fc3b10a35f95fed5988a2ce07a1cb3b4df1e76fd364a7b456d28d2dab93acc84374653a7e433cb3151b7d82e34a0265525e62681045928b SHA512 3cd1d686db1125120d7bc493f871c027fc52599bde073b76287ed8c27c4f9e7b3516b23611dc7c0838519acce95cf2f01c40f0777e8527e012f1bcb4d0ac29c3
AUX polkit-123-mozjs-JIT.patch 1000 BLAKE2B 8754b7647923280842f06228d93ad2d48381e1b72792f519eceaf8021176268e13b153e11e8fe7c6b231293bd0e7c5010235df15b4c52df7043f6ad0092617fe SHA512 0e892643e400e625f13fe6fe5255190c41bb6d4a6d2d8fa8e9e6d65a2749712f86e80c089d569dafb728dbf354b1861fb53b72b85983d4904c219634b0e66415
AUX polkit-123-pkexec-uninitialized.patch 1118 BLAKE2B a6abfa5a67612c305823d43fc33332d4c58cef676a8e92f51e702861ac986092f50acc641b1fb0c0e020ce6ad33a971d9332b53f6db3cf7e49c1e580e3bec418 SHA512 90c62d553f84b4fa4f1a9fe30e12596b5214b7db52576b9de3fdb7ae2bd7299e38e8bf4a2eb2f43b23464f9750b31cd2e62d6185082fa24a25a4de1fdf4d038c
+AUX polkit-124-systemd-fixup.patch 1571 BLAKE2B e9f03f0239a4af15a05a8a83749f2da50c7457849d5f170556e3ca0e8c47ec9a90359a77a8255932b3843b8d50bedf1e07472cd1e33ba1cc76a7d2b5aa0560fd SHA512 b938ac6f4de8a2e2cc799c3fcaeca7f3d4f62f14868b0281329b3b102f8cc6d7474c96ed9a16e0197ef30db229df53e7287b816ecd16efce5f00fb2783cb049b
+AUX polkit-124-systemd.patch 2483 BLAKE2B 3323abefac5adff5046d7756ba19d87b9206baecce4937de6b29ca2e12025c173d503e2f6bc9274147f16a333b1dd46a3d089645708d051f7cdb59a52705dcae SHA512 97622cd525e6706e82aad8bb63f8721ae22f3da47727797556b468b9f01417f78a3c52733582c5f40ba5196261faa7a0aff1da4326baf57d9d8d470d88b2a538
DIST polkit-122.tar.bz2 704972 BLAKE2B 601ed969de816d061a974b07490d64c144940898a75d4e1761462ee1ff0f00686b068298fa6fdc901879d8cd4bea4334c0187aa5bde50acf90728c37e73e21f4 SHA512 a7c0a951bbcdb09899adbc128296c74fc062441e996f4d6a782b214178f0936137e2fdc489eaa86a00599b988711735a5bd9b5c3b93bdb42fb915db9f9b04e26
DIST polkit-123.tar.bz2 707480 BLAKE2B 27d8764606d8156118269fb4cd5eda1cfd0d56df219e4157cd78fd4c2a2d001c474271b7bb31e7e82ca376eacd26411418695058cc888700690606348b4d014a SHA512 4306363d3ed7311243de462832199bd10ddda35e36449104daff0895725d8189b07a4c88340f28607846fdf761c23470da2d43288199c46aa816426384124bb6
+DIST polkit-124.tar.bz2 715490 BLAKE2B ecfc1ec73a7e1bbdf7374642ad4e1dbe534149a27e75bb1235eaa446ff912466ee0cdd978c34b7f110bc62a49b25ffddc9011e280686e3f304a234454be85a40 SHA512 db520882b0bedf1c96052570bf4c55d7e966d8172f6d26acf0791d98c4b911fce5ee39e6d830f06122ac8df33c6b43c252cdb7ba3a54523804824ebf355405dc
EBUILD polkit-122-r1.ebuild 4055 BLAKE2B bfec1bafa233c9f40d6416224b6f69cce2924092da83a213b7aa0565f93e2ba035016ba21ee2ebf88af5fb8815be23a311e4a05d9bfbac20c1afddcbe85f89db SHA512 175ffb9f05a563429d87993d0c8506d397373b8c2c3cf5038fa9fd8344427209237966416585c56d9b8df40c736ca7646dfecf88ca847cf14aeb8522054e96a6
EBUILD polkit-123.ebuild 4103 BLAKE2B 000dc7e9260379f36ef49256ab137a9d985c4a18af3a5949dcca2731d427de37fdcbe7b908ada0652e3910ffd10ba07ddd63fff2afe4260ef496c309e6fb1d54 SHA512 69ba195ab3a8dacd866899c7f12eb570351fa747a6463f7fdc9a6bf9b7536145fe75bb2aa59e4e7b86929c7bcf65f1aa5211f6513dfeea722d66e65179012d84
-MISC metadata.xml 613 BLAKE2B ce0a84d55703632a3adadda467e1350d86f33f4aff8d606bed59144a53428ece9c30624157d2d05ea0543132a219afe9ceff9550a6276736d6e1e7831578a948 SHA512 0b068d6bcc989d042956945029b426f09284b9a7b82182b4d3be1896cae713b510e5ba56f94fcbf1a7079d06183a7b82e2119d22c4146ce0bc3e06c31210fc74
+EBUILD polkit-124-r1.ebuild 4227 BLAKE2B a169bbf35a6fd71fc09d4be7addcf3506e0f36a7585f7e8c6e92bfbf64f927ba99fcbf78f12bca2cfa32b92c5ae6a236113e084f447c947db6f6525f0cad3257 SHA512 688eca33115699e8d948fe4ec44937bc2bdfce26bf4eca5fe0398a3857643e26adb3b9c17d3fc36f58c5341c622dbd8605d30819c34b793f77a8cb1f32821dcd
+MISC metadata.xml 605 BLAKE2B 80c7a5d7d4d370123b0ab3d40cbc51e7a606ed45fb29cf201dfb2ebf3dbb47a9c5c3648be971d18afee881bc5fc0402b27a26bcdc4ed29e083b22e8f194d415d SHA512 14f7b54a110db41ddb8ae53a6bd769352bf59b1ac8d519b448aa4a97b1dd6f7d6a315c4aec96f223effb7c84e0525e31076650d1331b17a150f614ee1aee4034
diff --git a/sys-auth/polkit/files/polkit-124-systemd-fixup.patch b/sys-auth/polkit/files/polkit-124-systemd-fixup.patch
new file mode 100644
index 000000000000..a4dd7eafcf92
--- /dev/null
+++ b/sys-auth/polkit/files/polkit-124-systemd-fixup.patch
@@ -0,0 +1,28 @@
+https://bugs.gentoo.org/922458
+https://github.com/polkit-org/polkit/pull/417/files#r1458416421
+--- a/meson.build
++++ b/meson.build
+@@ -212,14 +212,17 @@ if enable_logind
+ config_h.set10('HAVE_' + func.to_upper(), cc.has_function(func, dependencies: logind_dep))
+
+ # systemd unit / service files
+- systemd_dep = dependency('systemd', not_found_message: 'systemd required but not found, please provide a valid systemd user unit dir or disable it')
+ systemd_systemdsystemunitdir = get_option('systemdsystemunitdir')
+- if systemd_systemdsystemunitdir == '' and session_tracking == 'libsystemd-login'
+- # FIXME: systemd.pc file does not use variables with relative paths, so `define_variable` cannot be used
+- systemd_systemdsystemunitdir = systemd_dep.get_pkgconfig_variable('systemdsystemunitdir')
+- endif
++ if session_tracking == 'libsystemd-login'
++ systemd_dep = dependency('systemd', not_found_message: 'systemd required but not found, please provide a valid systemd user unit dir or disable it')
+
+- systemd_sysusers_dir = systemd_dep.get_pkgconfig_variable('sysusers_dir', default: '/usr/lib/sysusers.d')
++ if systemd_systemdsystemunitdir == ''
++ # FIXME: systemd.pc file does not use variables with relative paths, so `define_variable` cannot be used
++ systemd_systemdsystemunitdir = systemd_dep.get_pkgconfig_variable('systemdsystemunitdir')
++ endif
++
++ systemd_sysusers_dir = systemd_dep.get_pkgconfig_variable('sysusers_dir', default: '/usr/lib/sysusers.d')
++ endif
+ endif
+ config_h.set('HAVE_LIBSYSTEMD', enable_logind)
+
diff --git a/sys-auth/polkit/files/polkit-124-systemd.patch b/sys-auth/polkit/files/polkit-124-systemd.patch
new file mode 100644
index 000000000000..e9b10e99e5da
--- /dev/null
+++ b/sys-auth/polkit/files/polkit-124-systemd.patch
@@ -0,0 +1,50 @@
+https://github.com/polkit-org/polkit/pull/417
+
+From 69d6b94d590b4dd1fbbac22b4f4d449f46ef61aa Mon Sep 17 00:00:00 2001
+From: Luca Boccassi <bluca@debian.org>
+Date: Thu, 18 Jan 2024 15:07:32 +0000
+Subject: [PATCH] meson: fix build failure when -Dsystemdsystemunitdir is
+ specified
+
+When 'systemdsystemunitdir' is specified as an option the systemd_dep
+variable is not defined, but the sysusers.d directory lookup uses it,
+causing a build failure:
+
+dh_auto_configure -- \
+ -Dexamples=false \
+ -Dintrospection=true \
+ -Dman=true \
+ -Dsystemdsystemunitdir=/usr/lib/systemd/system \
+ -Dtests=true \
+ -Dgtk_doc=true -Dsession_tracking=libsystemd-login
+ cd obj-x86_64-linux-gnu && DEB_PYTHON_INSTALL_LAYOUT=deb LC_ALL=C.UTF-8 meson setup .. --wrap-mode=nodownload --buildtype=plain --prefix=/usr --sysconfdir=/etc --localstatedir=/var --libdir=lib/x86_64-linux-gnu -Dpython.bytecompile=-1 -Dexamples=false -Dintrospection=true -Dman=true -Dsystemdsystemunitdir=/usr/lib/systemd/system -Dtests=true -Dgtk_doc=true -Dsession_tracking=libsystemd-login
+The Meson build system
+Version: 1.3.1
+Source dir: /builds/bluca/polkit/debian/output/source_dir
+Build dir: /builds/bluca/polkit/debian/output/source_dir/obj-x86_64-linux-gnu
+Build type: native build
+Project name: polkit
+Project version: 124
+
+<...>
+
+Run-time dependency libsystemd found: YES 255
+Checking for function "sd_uid_get_display" with dependency libsystemd: YES
+Checking for function "sd_pidfd_get_session" with dependency libsystemd: YES
+../meson.build:222:37: ERROR: Unknown variable "systemd_dep".
+
+Follow-up for 24f1e0af3f7bd17e220cb96201f3c654e737ad34
+--- a/meson.build
++++ b/meson.build
+@@ -212,9 +212,9 @@ if enable_logind
+ config_h.set10('HAVE_' + func.to_upper(), cc.has_function(func, dependencies: logind_dep))
+
+ # systemd unit / service files
++ systemd_dep = dependency('systemd', not_found_message: 'systemd required but not found, please provide a valid systemd user unit dir or disable it')
+ systemd_systemdsystemunitdir = get_option('systemdsystemunitdir')
+ if systemd_systemdsystemunitdir == '' and session_tracking == 'libsystemd-login'
+- systemd_dep = dependency('systemd', not_found_message: 'systemd required but not found, please provide a valid systemd user unit dir or disable it')
+ # FIXME: systemd.pc file does not use variables with relative paths, so `define_variable` cannot be used
+ systemd_systemdsystemunitdir = systemd_dep.get_pkgconfig_variable('systemdsystemunitdir')
+ endif
+
diff --git a/sys-auth/polkit/metadata.xml b/sys-auth/polkit/metadata.xml
index 85f34e27e828..420dae0ebcd2 100644
--- a/sys-auth/polkit/metadata.xml
+++ b/sys-auth/polkit/metadata.xml
@@ -10,6 +10,6 @@
<flag name="systemd">Use <pkg>sys-apps/systemd</pkg> for session tracking</flag>
</use>
<upstream>
- <remote-id type="freedesktop-gitlab">polkit/polkit</remote-id>
+ <remote-id type="github">polkit-org/polkit</remote-id>
</upstream>
</pkgmetadata>
diff --git a/sys-auth/polkit/polkit-124-r1.ebuild b/sys-auth/polkit/polkit-124-r1.ebuild
new file mode 100644
index 000000000000..d5ae6fcf9f54
--- /dev/null
+++ b/sys-auth/polkit/polkit-124-r1.ebuild
@@ -0,0 +1,165 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+PYTHON_COMPAT=( python3_{10..12} )
+inherit meson pam pax-utils python-any-r1 systemd xdg-utils
+
+DESCRIPTION="Policy framework for controlling privileges for system-wide services"
+HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit"
+if [[ ${PV} == *_p* ]] ; then
+ # Upstream don't make releases very often. Test snapshots throughly
+ # and review commits, but don't shy away if there's useful stuff there
+ # we want.
+ MY_COMMIT=""
+ SRC_URI="https://gitlab.freedesktop.org/polkit/polkit/-/archive/${MY_COMMIT}/polkit-${MY_COMMIT}.tar.bz2 -> ${P}.tar.bz2"
+
+ S="${WORKDIR}"/${PN}-${MY_COMMIT}
+else
+ SRC_URI="https://gitlab.freedesktop.org/polkit/polkit/-/archive/${PV}/${P}.tar.bz2"
+fi
+
+LICENSE="LGPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+IUSE="+daemon +duktape examples gtk +introspection kde pam selinux systemd test"
+# https://gitlab.freedesktop.org/polkit/polkit/-/issues/181 for test restriction
+RESTRICT="!test? ( test ) test"
+
+# This seems to be fixed with 121?
+#if [[ ${PV} == *_p* ]] ; then
+# RESTRICT="!test? ( test )"
+#else
+# # Tests currently don't work with meson in the dist tarballs. See
+# # https://gitlab.freedesktop.org/polkit/polkit/-/issues/144
+# RESTRICT="test"
+#fi
+
+BDEPEND="
+ acct-user/polkitd
+ app-text/docbook-xml-dtd:4.1.2
+ app-text/docbook-xsl-stylesheets
+ dev-libs/glib
+ dev-libs/gobject-introspection-common
+ dev-libs/libxslt
+ dev-util/glib-utils
+ sys-devel/gettext
+ virtual/pkgconfig
+ introspection? ( >=dev-libs/gobject-introspection-0.6.2 )
+ test? (
+ $(python_gen_any_dep '
+ dev-python/dbus-python[${PYTHON_USEDEP}]
+ dev-python/python-dbusmock[${PYTHON_USEDEP}]
+ ')
+ )
+"
+DEPEND="
+ >=dev-libs/glib-2.32:2
+ dev-libs/expat
+ daemon? (
+ duktape? ( dev-lang/duktape:= )
+ !duktape? ( dev-lang/spidermonkey:115[-debug] )
+ )
+ pam? (
+ sys-auth/pambase
+ sys-libs/pam
+ )
+ !pam? ( virtual/libcrypt:= )
+ systemd? ( sys-apps/systemd:0=[policykit] )
+ !systemd? ( sys-auth/elogind )
+"
+RDEPEND="
+ ${DEPEND}
+ acct-user/polkitd
+ selinux? ( sec-policy/selinux-policykit )
+"
+PDEPEND="
+ gtk? ( || (
+ >=gnome-extra/polkit-gnome-0.105
+ >=lxde-base/lxsession-0.5.2
+ ) )
+ kde? ( kde-plasma/polkit-kde-agent )
+"
+
+DOCS=( docs/TODO HACKING.md NEWS.md README.md )
+
+QA_MULTILIB_PATHS="
+ usr/lib/polkit-1/polkit-agent-helper-1
+ usr/lib/polkit-1/polkitd
+"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-124-systemd.patch
+ "${FILESDIR}"/${PN}-124-systemd-fixup.patch
+)
+
+python_check_deps() {
+ python_has_version "dev-python/dbus-python[${PYTHON_USEDEP}]" &&
+ python_has_version "dev-python/python-dbusmock[${PYTHON_USEDEP}]"
+}
+
+pkg_setup() {
+ use test && python-any-r1_pkg_setup
+}
+
+src_prepare() {
+ default
+
+ # bug #401513
+ sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die
+}
+
+src_configure() {
+ xdg_environment_reset
+
+ local emesonargs=(
+ --localstatedir="${EPREFIX}"/var
+ -Dauthfw="$(usex pam pam shadow)"
+ -Dexamples=false
+ -Dgtk_doc=false
+ -Dman=true
+ -Dos_type=gentoo
+ -Dsession_tracking="$(usex systemd libsystemd-login libelogind)"
+ -Dsystemdsystemunitdir="$(systemd_get_systemunitdir)"
+ -Djs_engine=$(usex duktape duktape mozjs)
+ $(meson_use !daemon libs-only)
+ $(meson_use introspection)
+ $(meson_use test tests)
+ $(usex pam "-Dpam_module_dir=$(getpam_mod_dir)" '')
+ )
+ meson_src_configure
+}
+
+src_compile() {
+ meson_src_compile
+
+ # Required for polkitd on hardened/PaX due to spidermonkey's JIT
+ pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest
+}
+
+src_install() {
+ meson_src_install
+
+ # acct-user/polkitd installs its own (albeit with a different filename)
+ rm -rf "${ED}"/usr/lib/sysusers.d || die
+
+ if use examples ; then
+ docinto examples
+ dodoc src/examples/{*.c,*.policy*}
+ fi
+
+ if use daemon; then
+ if [[ ${EUID} == 0 ]]; then
+ diropts -m 0700 -o polkitd
+ fi
+ keepdir /etc/polkit-1/rules.d
+ fi
+}
+
+pkg_postinst() {
+ if use daemon && [[ ${EUID} == 0 ]]; then
+ chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
+ chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
+ fi
+}