From 4cbcc855382a06088e2f016f62cafdbcb7e40665 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sun, 20 Mar 2022 00:40:44 +0000 Subject: gentoo resync : 20.03.2022 --- sys-auth/polkit/Manifest | 12 +- ...lkit-0.118-make-netgroup-support-optional.patch | 228 +++++++++++++++++++++ .../polkit/files/polkit-0.120-CVE-2021-4115.patch | 78 +++++++ sys-auth/polkit/metadata.xml | 1 + sys-auth/polkit/polkit-0.117-r2.ebuild | 133 ------------ sys-auth/polkit/polkit-0.119-r2.ebuild | 132 ------------ sys-auth/polkit/polkit-0.120-r1.ebuild | 119 ----------- sys-auth/polkit/polkit-0.120-r2.ebuild | 121 ----------- sys-auth/polkit/polkit-0.120-r3.ebuild | 123 +++++++++++ sys-auth/polkit/polkit-0.120_p20220221.ebuild | 126 ++++++++++++ 10 files changed, 562 insertions(+), 511 deletions(-) create mode 100644 sys-auth/polkit/files/polkit-0.118-make-netgroup-support-optional.patch create mode 100644 sys-auth/polkit/files/polkit-0.120-CVE-2021-4115.patch delete mode 100644 sys-auth/polkit/polkit-0.117-r2.ebuild delete mode 100644 sys-auth/polkit/polkit-0.119-r2.ebuild delete mode 100644 sys-auth/polkit/polkit-0.120-r1.ebuild delete mode 100644 sys-auth/polkit/polkit-0.120-r2.ebuild create mode 100644 sys-auth/polkit/polkit-0.120-r3.ebuild create mode 100644 sys-auth/polkit/polkit-0.120_p20220221.ebuild (limited to 'sys-auth/polkit') diff --git a/sys-auth/polkit/Manifest b/sys-auth/polkit/Manifest index b37c4eefd3fa..894e967676d6 100644 --- a/sys-auth/polkit/Manifest +++ b/sys-auth/polkit/Manifest @@ -1,13 +1,13 @@ AUX polkit-0.115-elogind.patch 1069 BLAKE2B 6c5a3d7d3e716a994b951181808f64d864e6ca58b3a018a5354022f08c6e7c1d8987366c9777f47cc970916ad9fe39f288a1b1643113fc99745f333e02dab56f SHA512 06432fa56788699762c6978484640554f91728a1cb40679eb47b8514b3c7aa23aac5b9c26586eb4d7043a0af1b319bbe7f869d24844d9151317299b74a8e8f7f AUX polkit-0.117-CVE-2021-3560.patch 909 BLAKE2B a912312e60fc442645a94a93795912220019a668f18a6a0d4e3c34ea23ea4155b37673b5e8db516cbe389b49423ef6008006823897dc41795ee5ac5def3e2708 SHA512 e62f362a4486e5eab04a0acd582d5cb9c1def19dd1707a9e1c861bdea6f576e6c24838c722526908de9cad63a699b513e4f56d1d5bbb0fcb9578f542d65b2953 +AUX polkit-0.118-make-netgroup-support-optional.patch 7273 BLAKE2B 2ed2abc22b77db337d258be8a5cc18a28a2126d1ebf982fcc519472f271fa3e7191d990db3af51b5fb490f92110d16f8e1a0ed0d9a4f3fa980e04f3ee4b64181 SHA512 2e582b8c4a2535cdf6464fc8905e26e8401bfecff6f121ba05c085247acd61d0ee331f134147ebfe3e3ce543ab6f8d337766099fdcca767de3c046cdab413179 AUX polkit-0.120-CVE-2021-4034.patch 1933 BLAKE2B f125b6c55428c2c12dbb89e7bc8619400d914f5b2b955d4e6ec24c4ac2cb02ba8e624f5c1a61dda74b1c24cd5c81a3f2985b9f4cf828bd801d940e707d62bec7 SHA512 cd32461e95297e29d7a5b7ba999b4f27c8296c964eb41c94b4511dc5181538ad0a50554340dae3c5a87629e07b8b22477478ffbf478f0fc16de856f8efb791d6 +AUX polkit-0.120-CVE-2021-4115.patch 2244 BLAKE2B 731e583d9657de6e3b7c384a0122487b71253539066ca17debf6172d6e6d45dee292bd421de5cc406c97d32862250d170ea42e83fb15103581c1443b7c39df35 SHA512 b9032fb05e4a18d72caf8eeed3f400d774798de28d5dde679f769f0d60cc1818ae688f6aa86c074517f2789eb61011368288c7ebafd0361af2c63f08ada3d00a AUX polkit-0.120-meson.patch 1201 BLAKE2B cae66df3db2c92392a07d3b39219a3c16819a9c2393b2bbfc65a32e4beac921e17bb09220cbfe2622edc21c7f81c64058cf60c315d48b8d80ba643d8336d5171 SHA512 f3a4feafae83dcc8bd665557cfc755c08888a78575313d510ec5ff140a2174a709755aa5e23081291ade6b2d333887a10848ae5c7a99b700a2e18476af21844d DIST polkit-0.117.tar.gz 1554536 BLAKE2B 1cf7e0ff9db19a29be626f4bea96c9e2ef8b1eab4b8287a5f1f4d2a818b86d58c1c4c4a41849d95e31559dba1b18853a31e934ebbadd8e07f94dfd58b45240e0 SHA512 c10ea984f2386fe436e58a2866e5323afc80d24f744f0ee61d966941259aa491bd96b07d911434aa731b300c3cca25b647804b396501175ab5b3c53384e94c70 -DIST polkit-0.119.tar.gz 1387409 BLAKE2B aeb605598393d1cab40f7c77954008a0392600584c5fe8cc9acaa0e122418ee48b9cce0b6839189ea415277ff0ae4dbd5b7c71cb910aa349dcaf7e1f3f70ef06 SHA512 0260fb15da1c4c1f429e8223260981e64e297f1be8ced42f6910f09ea6581b8205aca06c9c601eb4a128acba2f468de0223118f96862ba769f95721894cf1578 DIST polkit-0.120.tar.gz 1626659 BLAKE2B 745727445b4946d44b8ea470d21ac131ca7706e83f5dbaf85cf3541ac60a1bbe23b3bf3172a62d9256ebb3dae02d2b2d476e3e0f7fe79a80c47864a120e62ed9 SHA512 db072769439d5e17d0eed681e7b94251b77828c1474b40fe40b94293903a64333e7fa17515a3270648691f04a1374d8b404405ead6abf292a8eb8483164adc46 -EBUILD polkit-0.117-r2.ebuild 3330 BLAKE2B 844d327d9f6c391ea89b305677adf98e823718f620c307586bf96172678dc94a4b1a5ad870e6ebacf0fd579839b73359de33fa0173f46c425e0f7cd0228c6bd3 SHA512 99673f56722f4e105eaad28a3f8e1a9aee1664e5552e940bf286bf84a76a52145745905f080f859ce4991a29ce6f3e47f6ab3d59a012e69ffd71de98557ca8bd +DIST polkit-0.120_p20220221.tar.bz2 734510 BLAKE2B 412f943d6d7b8ec493280073ed75c73f6acc89958d1507b416067ce742cc91e648956015a8d40a38c41ef061c79fc62004aa99b9902cdee0b8302852fa2df42c SHA512 15b09ba274f9b09ff5bf11d6238da43b0ee1fd76d53aa489b062f168a79f5de74cbd3953b45fa3bfad458e09e4c04032d08fe369bec6ffa35114da610741eb9f EBUILD polkit-0.117-r3.ebuild 3427 BLAKE2B 3725159a592d2072fde8f5e4d6ae6a12dfd24f86e81b8c84a7d36beda89e22588d87b63c1e6b96c65533423b383a1ad1f9a68462b95fa5068fdb238d446afd9a SHA512 44065ebcdf8b6bafc4b87a9841526ed72e6b27490d3ca550383b38b4d5c98f370e9feac3c13617acf3c760dbc8b91ac47454e62a052b0c674af71d73c088d6e5 -EBUILD polkit-0.119-r2.ebuild 3302 BLAKE2B e56f5505dfdfa245ed3dd78199de5439d7ff6d5ddb8778d785c69e3900dfdc7f9d4aa46e101bab2eee7ebdb4097eecfda0f9d29be97dbd348629cc218a988d87 SHA512 32e836e9c17bb7aae519031beaf35a3cba4da983bb29e875b7dcbc8ffae5d0a15218147904d0d942557210e240ffb252d9d548c6bf508027be337feba9e61923 -EBUILD polkit-0.120-r1.ebuild 2990 BLAKE2B c8a385dc9199099fc966388d918c25a7a154aa76b4cc58020a202d84680a0b2ee9a437f3ab21a8f5bd4be2fe5610becb13a98a14ed7e8e6ee6f06a5db629f558 SHA512 b9d8356a7d5eeb555912f8598a5dafa90d9adae6210dabf12d87c49aea2bf1a59282891cf9d5877c170fc3ec77c45f428390066da0b485ebe3c0d4e37f877635 -EBUILD polkit-0.120-r2.ebuild 3172 BLAKE2B 2c007462e5a72cd8a7b0ff3d47b1292e161e2354ef981f0096b9208f07593d195e38cd31cb5674cb5c0988848913032b8c3a556866dd5725cadb720e47a05f2f SHA512 4e19152d5f873e3265020c025ea341d52e9592d9d6fcc7c0b4160a7f9b36287d3ee86f339fbf889afbcd3d68d7fa4b00c119624b45f9337fd31c24e21422fa2c -MISC metadata.xml 410 BLAKE2B 5b1bae6f1252bbafdc0ddd0eefeaca74f93ed183f46a2e4f22f36656c681d87acdd6ea86807a4b68350c1c8197cb97b6b421a88f5f0a2322b1fd85c599c09b39 SHA512 9b097838f0e0dfdbb788e4794e667d43ba3f3a08de45fffa5826142b8416afde68ec0202c429f1cd6f79ad9681b050c8aef736a8399d9551ea8784c97c123766 +EBUILD polkit-0.120-r3.ebuild 3222 BLAKE2B 1f2b78f9e73e90ebfe62fd32bf1677b0653921db96c8ae4af1fe0eebb9119807cf483b702ae82378451a2d122d6d8b6a970e4904e26b0871351af4b9891de5b7 SHA512 ad360a8dfab8f966d81c459ff41bbdc5a2d1f843bc1342788f5ebab6bcf736b0e3ccb878204cff08550e81e9550b6d8d8afb5733e2c845bd58d525e54d46e999 +EBUILD polkit-0.120_p20220221.ebuild 3236 BLAKE2B eaaf9b0df71c26deb5058c1b044d425a3ff178fbcc94ae6321562492af1bcfba96cec620f64f79855f40f4a7c87cec70058d9066e43aa9f5c32057c8e61b4f31 SHA512 539904d67358da0abcc6a894afb87abc04ffb5b113ac052add76846b895dc5dffdea0c486a01beff5a172448a887e94de68b5bfbda53e3493265aebc31eda72e +MISC metadata.xml 537 BLAKE2B 990f855eefe670eec229bdd37d597dbe568651ff4fefbad6c0f5bb1be53479b2b60ae44001d8af34c5730dba273878d47500f3dce120526a15618edfb42ed0ac SHA512 c30b94411055d404eb31b26b80b647500f8ef8c31d338b6753878298cde7e8c8657887cc0cf50fc23538401ac4239892a50f417c7e7840aa8c73c84c73518be2 diff --git a/sys-auth/polkit/files/polkit-0.118-make-netgroup-support-optional.patch b/sys-auth/polkit/files/polkit-0.118-make-netgroup-support-optional.patch new file mode 100644 index 000000000000..b11250fd3992 --- /dev/null +++ b/sys-auth/polkit/files/polkit-0.118-make-netgroup-support-optional.patch @@ -0,0 +1,228 @@ +Pulled in from https://github.com/gentoo/musl/blob/master/sys-auth/polkit/files/polkit-0.118-make-netgroup-support-optional.patch. + +https://bugs.gentoo.org/833753 +https://bugs.gentoo.org/561672 +https://bugs.freedesktop.org/show_bug.cgi?id=50145 +https://gitlab.freedesktop.org/polkit/polkit/-/issues/14 + +Patch has been rebased a bit since but keeping original headers. + +From c7ad7cb3ca8fca32b9b64b0fc33867b98935b76b Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Wed, 11 Jul 2018 04:54:26 -0500 +Subject: [PATCH] make netgroup support optional + +On at least Linux/musl and Linux/uclibc, netgroup support is not +available. PolKit fails to compile on these systems for that reason. + +This change makes netgroup support conditional on the presence of the +setnetgrent(3) function which is required for the support to work. If +that function is not available on the system, an error will be returned +to the administrator if unix-netgroup: is specified in configuration. + +Fixes bug 50145. + +Signed-off-by: A. Wilcox +--- a/configure.ac ++++ b/configure.ac +@@ -100,7 +100,7 @@ AC_CHECK_LIB(expat,XML_ParserCreate,[EXPAT_LIBS="-lexpat"], + [AC_MSG_ERROR([Can't find expat library. Please install expat.])]) + AC_SUBST(EXPAT_LIBS) + +-AC_CHECK_FUNCS(clearenv fdatasync) ++AC_CHECK_FUNCS(clearenv fdatasync setnetgrent) + + if test "x$GCC" = "xyes"; then + LDFLAGS="-Wl,--as-needed $LDFLAGS" +--- a/src/polkit/polkitidentity.c ++++ b/src/polkit/polkitidentity.c +@@ -182,7 +182,15 @@ polkit_identity_from_string (const gchar *str, + } + else if (g_str_has_prefix (str, "unix-netgroup:")) + { ++#ifndef HAVE_SETNETGRENT ++ g_set_error (error, ++ POLKIT_ERROR, ++ POLKIT_ERROR_FAILED, ++ "Netgroups are not available on this machine ('%s')", ++ str); ++#else + identity = polkit_unix_netgroup_new (str + sizeof "unix-netgroup:" - 1); ++#endif + } + + if (identity == NULL && (error != NULL && *error == NULL)) +@@ -344,6 +352,14 @@ polkit_identity_new_for_gvariant (GVariant *variant, + GVariant *v; + const char *name; + ++#ifndef HAVE_SETNETGRENT ++ g_set_error (error, ++ POLKIT_ERROR, ++ POLKIT_ERROR_FAILED, ++ "Netgroups are not available on this machine"); ++ goto out; ++#else ++ + v = lookup_asv (details_gvariant, "name", G_VARIANT_TYPE_STRING, error); + if (v == NULL) + { +@@ -353,6 +369,7 @@ polkit_identity_new_for_gvariant (GVariant *variant, + name = g_variant_get_string (v, NULL); + ret = polkit_unix_netgroup_new (name); + g_variant_unref (v); ++#endif + } + else + { +--- a/src/polkit/polkitunixnetgroup.c ++++ b/src/polkit/polkitunixnetgroup.c +@@ -194,6 +194,9 @@ polkit_unix_netgroup_set_name (PolkitUnixNetgroup *group, + PolkitIdentity * + polkit_unix_netgroup_new (const gchar *name) + { ++#ifndef HAVE_SETNETGRENT ++ g_assert_not_reached(); ++#endif + g_return_val_if_fail (name != NULL, NULL); + return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_NETGROUP, + "name", name, +--- a/src/polkitbackend/polkitbackendinteractiveauthority.c ++++ b/src/polkitbackend/polkitbackendinteractiveauthority.c +@@ -2233,25 +2233,26 @@ get_users_in_net_group (PolkitIdentity *group, + GList *ret; + + ret = NULL; ++#ifdef HAVE_SETNETGRENT + name = polkit_unix_netgroup_get_name (POLKIT_UNIX_NETGROUP (group)); + +-#ifdef HAVE_SETNETGRENT_RETURN ++# ifdef HAVE_SETNETGRENT_RETURN + if (setnetgrent (name) == 0) + { + g_warning ("Error looking up net group with name %s: %s", name, g_strerror (errno)); + goto out; + } +-#else ++# else + setnetgrent (name); +-#endif ++# endif /* HAVE_SETNETGRENT_RETURN */ + + for (;;) + { +-#if defined(HAVE_NETBSD) || defined(HAVE_OPENBSD) ++# if defined(HAVE_NETBSD) || defined(HAVE_OPENBSD) + const char *hostname, *username, *domainname; +-#else ++# else + char *hostname, *username, *domainname; +-#endif ++# endif /* defined(HAVE_NETBSD) || defined(HAVE_OPENBSD) */ + PolkitIdentity *user; + GError *error = NULL; + +@@ -2282,6 +2283,7 @@ get_users_in_net_group (PolkitIdentity *group, + + out: + endnetgrent (); ++#endif /* HAVE_SETNETGRENT */ + return ret; + } + +--- a/src/polkitbackend/polkitbackendjsauthority.cpp ++++ b/src/polkitbackend/polkitbackendjsauthority.cpp +@@ -1519,6 +1519,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, + + JS::CallArgs args = JS::CallArgsFromVp (argc, vp); + ++#ifdef HAVE_SETNETGRENT + JS::RootedString usrstr (authority->priv->cx); + usrstr = args[0].toString(); + user = JS_EncodeStringToUTF8 (cx, usrstr); +@@ -1533,6 +1534,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, + { + is_in_netgroup = true; + } ++#endif + + ret = true; + +--- a/test/polkit/polkitidentitytest.c ++++ b/test/polkit/polkitidentitytest.c +@@ -19,6 +19,7 @@ + * Author: Nikki VonHollen + */ + ++#include "config.h" + #include "glib.h" + #include + #include +@@ -145,11 +146,15 @@ struct ComparisonTestData comparison_test_data [] = { + {"unix-group:root", "unix-group:jane", FALSE}, + {"unix-group:jane", "unix-group:jane", TRUE}, + ++#ifdef HAVE_SETNETGRENT + {"unix-netgroup:foo", "unix-netgroup:foo", TRUE}, + {"unix-netgroup:foo", "unix-netgroup:bar", FALSE}, ++#endif + + {"unix-user:root", "unix-group:root", FALSE}, ++#ifdef HAVE_SETNETGRENT + {"unix-user:jane", "unix-netgroup:foo", FALSE}, ++#endif + + {NULL}, + }; +@@ -181,11 +186,13 @@ main (int argc, char *argv[]) + g_test_add_data_func ("/PolkitIdentity/group_string_2", "unix-group:jane", test_string); + g_test_add_data_func ("/PolkitIdentity/group_string_3", "unix-group:users", test_string); + ++#ifdef HAVE_SETNETGRENT + g_test_add_data_func ("/PolkitIdentity/netgroup_string", "unix-netgroup:foo", test_string); ++ g_test_add_data_func ("/PolkitIdentity/netgroup_gvariant", "unix-netgroup:foo", test_gvariant); ++#endif + + g_test_add_data_func ("/PolkitIdentity/user_gvariant", "unix-user:root", test_gvariant); + g_test_add_data_func ("/PolkitIdentity/group_gvariant", "unix-group:root", test_gvariant); +- g_test_add_data_func ("/PolkitIdentity/netgroup_gvariant", "unix-netgroup:foo", test_gvariant); + + add_comparison_tests (); + +--- a/test/polkit/polkitunixnetgrouptest.c ++++ b/test/polkit/polkitunixnetgrouptest.c +@@ -19,6 +19,7 @@ + * Author: Nikki VonHollen + */ + ++#include "config.h" + #include "glib.h" + #include + #include +@@ -69,7 +70,9 @@ int + main (int argc, char *argv[]) + { + g_test_init (&argc, &argv, NULL); ++#ifdef HAVE_SETNETGRENT + g_test_add_func ("/PolkitUnixNetgroup/new", test_new); + g_test_add_func ("/PolkitUnixNetgroup/set_name", test_set_name); ++#endif + return g_test_run (); + } +--- a/test/polkitbackend/test-polkitbackendjsauthority.c ++++ b/test/polkitbackend/test-polkitbackendjsauthority.c +@@ -137,12 +137,14 @@ test_get_admin_identities (void) + "unix-group:users" + } + }, ++#ifdef HAVE_SETNETGRENT + { + "net.company.action3", + { + "unix-netgroup:foo" + } + }, ++#endif + }; + guint n; + diff --git a/sys-auth/polkit/files/polkit-0.120-CVE-2021-4115.patch b/sys-auth/polkit/files/polkit-0.120-CVE-2021-4115.patch new file mode 100644 index 000000000000..a82ce25cae03 --- /dev/null +++ b/sys-auth/polkit/files/polkit-0.120-CVE-2021-4115.patch @@ -0,0 +1,78 @@ +https://gitlab.freedesktop.org/polkit/polkit/-/commit/41cb093f554da8772362654a128a84dd8a5542a7 +https://gitlab.freedesktop.org/polkit/polkit/-/issues/141 +https://bugs.gentoo.org/833574 + +From: Jan Rybar +Date: Mon, 21 Feb 2022 08:29:05 +0000 +Subject: [PATCH] CVE-2021-4115 (GHSL-2021-077) fix + +--- a/src/polkit/polkitsystembusname.c ++++ b/src/polkit/polkitsystembusname.c +@@ -62,6 +62,10 @@ enum + PROP_NAME, + }; + ++ ++guint8 dbus_call_respond_fails; // has to be global because of callback ++ ++ + static void subject_iface_init (PolkitSubjectIface *subject_iface); + + G_DEFINE_TYPE_WITH_CODE (PolkitSystemBusName, polkit_system_bus_name, G_TYPE_OBJECT, +@@ -364,6 +368,7 @@ on_retrieved_unix_uid_pid (GObject *src, + if (!v) + { + data->caught_error = TRUE; ++ dbus_call_respond_fails += 1; + } + else + { +@@ -405,6 +410,8 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName *system_bus + tmp_context = g_main_context_new (); + g_main_context_push_thread_default (tmp_context); + ++ dbus_call_respond_fails = 0; ++ + /* Do two async calls as it's basically as fast as one sync call. + */ + g_dbus_connection_call (connection, +@@ -432,11 +439,34 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName *system_bus + on_retrieved_unix_uid_pid, + &data); + +- while (!((data.retrieved_uid && data.retrieved_pid) || data.caught_error)) +- g_main_context_iteration (tmp_context, TRUE); ++ while (TRUE) ++ { ++ /* If one dbus call returns error, we must wait until the other call ++ * calls _call_finish(), otherwise fd leak is possible. ++ * Resolves: GHSL-2021-077 ++ */ + +- if (data.caught_error) +- goto out; ++ if ( (dbus_call_respond_fails > 1) ) ++ { ++ // we got two faults, we can leave ++ goto out; ++ } ++ ++ if ((data.caught_error && (data.retrieved_pid || data.retrieved_uid))) ++ { ++ // we got one fault and the other call finally finished, we can leave ++ goto out; ++ } ++ ++ if ( !(data.retrieved_uid && data.retrieved_pid) ) ++ { ++ g_main_context_iteration (tmp_context, TRUE); ++ } ++ else ++ { ++ break; ++ } ++ } + + if (out_uid) + *out_uid = data.uid; +GitLab diff --git a/sys-auth/polkit/metadata.xml b/sys-auth/polkit/metadata.xml index 3a32730179ec..e93e97eb38ac 100644 --- a/sys-auth/polkit/metadata.xml +++ b/sys-auth/polkit/metadata.xml @@ -5,6 +5,7 @@ freedesktop-bugs@gentoo.org + Use dev-lang/duktape instead of dev-lang/spidermonkey as JavaScript engine Use sys-auth/elogind for session tracking Use sys-apps/systemd for session tracking diff --git a/sys-auth/polkit/polkit-0.117-r2.ebuild b/sys-auth/polkit/polkit-0.117-r2.ebuild deleted file mode 100644 index c2446ea9b371..000000000000 --- a/sys-auth/polkit/polkit-0.117-r2.ebuild +++ /dev/null @@ -1,133 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit autotools pam pax-utils systemd xdg-utils - -DESCRIPTION="Policy framework for controlling privileges for system-wide services" -HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit" -SRC_URI="https://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz" - -LICENSE="LGPL-2" -SLOT="0" -KEYWORDS="~alpha ~amd64 arm ~arm64 ~hppa ~ia64 ~mips ppc ~ppc64 ~s390 sparc ~x86" -IUSE="elogind examples gtk +introspection kde nls pam selinux systemd test" -RESTRICT="!test? ( test )" - -REQUIRED_USE="^^ ( elogind systemd )" - -BDEPEND=" - acct-user/polkitd - app-text/docbook-xml-dtd:4.1.2 - app-text/docbook-xsl-stylesheets - dev-libs/glib - dev-libs/gobject-introspection-common - dev-libs/libxslt - dev-util/glib-utils - dev-util/gtk-doc-am - dev-util/intltool - sys-devel/gettext - virtual/pkgconfig - introspection? ( dev-libs/gobject-introspection ) -" -DEPEND=" - dev-lang/spidermonkey:68[-debug] - dev-libs/glib:2 - dev-libs/expat - elogind? ( sys-auth/elogind ) - pam? ( - sys-auth/pambase - sys-libs/pam - ) - !pam? ( virtual/libcrypt:= ) - systemd? ( sys-apps/systemd:0=[policykit] ) -" -RDEPEND="${DEPEND} - acct-user/polkitd - selinux? ( sec-policy/selinux-policykit ) -" -PDEPEND=" - gtk? ( || ( - >=gnome-extra/polkit-gnome-0.105 - >=lxde-base/lxsession-0.5.2 - ) ) - kde? ( kde-plasma/polkit-kde-agent ) -" - -DOCS=( docs/TODO HACKING NEWS README ) - -PATCHES=( - # bug 660880 - "${FILESDIR}"/polkit-0.115-elogind.patch -) - -QA_MULTILIB_PATHS=" - usr/lib/polkit-1/polkit-agent-helper-1 - usr/lib/polkit-1/polkitd" - -src_prepare() { - default - - sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513 - - # Workaround upstream hack around standard gtk-doc behavior, bug #552170 - sed -i -e 's/@ENABLE_GTK_DOC_TRUE@\(TARGET_DIR\)/\1/' \ - -e '/install-data-local:/,/uninstall-local:/ s/@ENABLE_GTK_DOC_TRUE@//' \ - -e 's/@ENABLE_GTK_DOC_FALSE@install-data-local://' \ - docs/polkit/Makefile.in || die - - # disable broken test - bug #624022 - sed -i -e "/^SUBDIRS/s/polkitbackend//" test/Makefile.am || die - - # Fix cross-building, bug #590764, elogind patch, bug #598615 - eautoreconf -} - -src_configure() { - xdg_environment_reset - - local myeconfargs=( - --localstatedir="${EPREFIX}"/var - --disable-static - --enable-man-pages - --disable-gtk-doc - --disable-examples - $(use_enable elogind libelogind) - $(use_enable introspection) - $(use_enable nls) - $(usex pam "--with-pam-module-dir=$(getpam_mod_dir)" '') - --with-authfw=$(usex pam pam shadow) - $(use_enable systemd libsystemd-login) - --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" - $(use_enable test) - --with-os-type=gentoo - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - default - - # Required for polkitd on hardened/PaX due to spidermonkey's JIT - pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest -} - -src_install() { - default - - if use examples; then - docinto examples - dodoc src/examples/{*.c,*.policy*} - fi - - diropts -m 0700 -o polkitd - keepdir /usr/share/polkit-1/rules.d - - find "${ED}" -name '*.la' -delete || die -} - -pkg_postinst() { - chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d - chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d -} diff --git a/sys-auth/polkit/polkit-0.119-r2.ebuild b/sys-auth/polkit/polkit-0.119-r2.ebuild deleted file mode 100644 index 1fd9a3e3feeb..000000000000 --- a/sys-auth/polkit/polkit-0.119-r2.ebuild +++ /dev/null @@ -1,132 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit autotools pam pax-utils systemd xdg-utils - -DESCRIPTION="Policy framework for controlling privileges for system-wide services" -HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit" -SRC_URI="https://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz" - -LICENSE="LGPL-2" -SLOT="0" -KEYWORDS="amd64 arm arm64 ~mips ppc64 ~riscv ~s390 x86" -IUSE="elogind examples gtk +introspection kde nls pam selinux systemd test" -RESTRICT="!test? ( test )" - -REQUIRED_USE="^^ ( elogind systemd )" - -BDEPEND=" - acct-user/polkitd - app-text/docbook-xml-dtd:4.1.2 - app-text/docbook-xsl-stylesheets - dev-libs/glib - dev-libs/gobject-introspection-common - dev-libs/libxslt - dev-util/glib-utils - dev-util/gtk-doc-am - dev-util/intltool - sys-devel/gettext - virtual/pkgconfig - introspection? ( dev-libs/gobject-introspection ) -" -DEPEND=" - dev-lang/spidermonkey:78[-debug] - dev-libs/glib:2 - dev-libs/expat - elogind? ( sys-auth/elogind ) - pam? ( - sys-auth/pambase - sys-libs/pam - ) - !pam? ( virtual/libcrypt:= ) - systemd? ( sys-apps/systemd:0=[policykit] ) -" -RDEPEND="${DEPEND} - acct-user/polkitd - selinux? ( sec-policy/selinux-policykit ) -" -PDEPEND=" - gtk? ( || ( - >=gnome-extra/polkit-gnome-0.105 - >=lxde-base/lxsession-0.5.2 - ) ) - kde? ( kde-plasma/polkit-kde-agent ) -" - -DOCS=( docs/TODO HACKING NEWS README ) - -PATCHES=( - "${FILESDIR}"/${PN}-0.115-elogind.patch # bug 660880 -) - -QA_MULTILIB_PATHS=" - usr/lib/polkit-1/polkit-agent-helper-1 - usr/lib/polkit-1/polkitd" - -src_prepare() { - default - - sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513 - - # Workaround upstream hack around standard gtk-doc behavior, bug #552170 - sed -i -e 's/@ENABLE_GTK_DOC_TRUE@\(TARGET_DIR\)/\1/' \ - -e '/install-data-local:/,/uninstall-local:/ s/@ENABLE_GTK_DOC_TRUE@//' \ - -e 's/@ENABLE_GTK_DOC_FALSE@install-data-local://' \ - docs/polkit/Makefile.in || die - - # disable broken test - bug #624022 - sed -i -e "/^SUBDIRS/s/polkitbackend//" test/Makefile.am || die - - # Fix cross-building, bug #590764, elogind patch, bug #598615 - eautoreconf -} - -src_configure() { - xdg_environment_reset - - local myeconfargs=( - --localstatedir="${EPREFIX}"/var - --disable-static - --enable-man-pages - --disable-gtk-doc - --disable-examples - $(use_enable elogind libelogind) - $(use_enable introspection) - $(use_enable nls) - $(usex pam "--with-pam-module-dir=$(getpam_mod_dir)" '') - --with-authfw=$(usex pam pam shadow) - $(use_enable systemd libsystemd-login) - --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" - $(use_enable test) - --with-os-type=gentoo - ) - econf "${myeconfargs[@]}" -} - -src_compile() { - default - - # Required for polkitd on hardened/PaX due to spidermonkey's JIT - pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest -} - -src_install() { - default - - if use examples; then - docinto examples - dodoc src/examples/{*.c,*.policy*} - fi - - diropts -m 0700 -o polkitd - keepdir /usr/share/polkit-1/rules.d - - find "${ED}" -name '*.la' -delete || die -} - -pkg_postinst() { - chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d - chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d -} diff --git a/sys-auth/polkit/polkit-0.120-r1.ebuild b/sys-auth/polkit/polkit-0.120-r1.ebuild deleted file mode 100644 index 3ec998fa6f02..000000000000 --- a/sys-auth/polkit/polkit-0.120-r1.ebuild +++ /dev/null @@ -1,119 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit meson pam pax-utils systemd xdg-utils - -DESCRIPTION="Policy framework for controlling privileges for system-wide services" -HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit" -SRC_URI="https://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz" - -LICENSE="LGPL-2" -SLOT="0" -KEYWORDS="amd64 arm arm64 ~mips ppc64 ~riscv ~s390 x86" -IUSE="examples gtk +introspection kde pam selinux systemd test" -#RESTRICT="!test? ( test )" -# Tests currently don't work with meson. See -# https://gitlab.freedesktop.org/polkit/polkit/-/issues/144 -RESTRICT="test" - -BDEPEND=" - acct-user/polkitd - app-text/docbook-xml-dtd:4.1.2 - app-text/docbook-xsl-stylesheets - dev-libs/glib - dev-libs/gobject-introspection-common - dev-libs/libxslt - dev-util/glib-utils - sys-devel/gettext - virtual/pkgconfig - introspection? ( dev-libs/gobject-introspection ) -" -DEPEND=" - dev-lang/spidermonkey:78[-debug] - dev-libs/glib:2 - dev-libs/expat - pam? ( - sys-auth/pambase - sys-libs/pam - ) - !pam? ( virtual/libcrypt:= ) - systemd? ( sys-apps/systemd:0=[policykit] ) - !systemd? ( sys-auth/elogind ) -" -RDEPEND="${DEPEND} - acct-user/polkitd - selinux? ( sec-policy/selinux-policykit ) -" -PDEPEND=" - gtk? ( || ( - >=gnome-extra/polkit-gnome-0.105 - >=lxde-base/lxsession-0.5.2 - ) ) - kde? ( kde-plasma/polkit-kde-agent ) -" - -DOCS=( docs/TODO HACKING NEWS README ) - -QA_MULTILIB_PATHS=" - usr/lib/polkit-1/polkit-agent-helper-1 - usr/lib/polkit-1/polkitd" - -src_prepare() { - local PATCHES=( - "${FILESDIR}/polkit-0.120-meson.patch" - ) - default - - sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513 -} - -src_configure() { - xdg_environment_reset - - local emesonargs=( - --localstatedir="${EPREFIX}"/var - -Dauthfw="$(usex pam pam shadow)" - -Dexamples=false - -Dgtk_doc=false - -Dman=true - -Dos_type=gentoo - -Dsession_tracking="$(usex systemd libsystemd-login libelogind)" - -Dsystemdsystemunitdir="$(systemd_get_systemunitdir)" - $(meson_use introspection) - $(meson_use test tests) - $(usex pam "-Dpam_module_dir=$(getpam_mod_dir)" '') - ) - meson_src_configure -} - -src_compile() { - meson_src_compile - - # Required for polkitd on hardened/PaX due to spidermonkey's JIT - pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest -} - -src_install() { - meson_src_install - - if use examples ; then - docinto examples - dodoc src/examples/{*.c,*.policy*} - fi - - diropts -m 0700 -o polkitd - keepdir /usr/share/polkit-1/rules.d - - # meson does not install required files with SUID bit. See - # https://bugs.gentoo.org/816393 - # Remove the following lines once this has been fixed by upstream - fperms u+s /usr/bin/pkexec - fperms u+s /usr/lib/polkit-1/polkit-agent-helper-1 -} - -pkg_postinst() { - chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d - chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d -} diff --git a/sys-auth/polkit/polkit-0.120-r2.ebuild b/sys-auth/polkit/polkit-0.120-r2.ebuild deleted file mode 100644 index 952906f5d88e..000000000000 --- a/sys-auth/polkit/polkit-0.120-r2.ebuild +++ /dev/null @@ -1,121 +0,0 @@ -# Copyright 1999-2022 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -inherit meson pam pax-utils systemd xdg-utils - -DESCRIPTION="Policy framework for controlling privileges for system-wide services" -HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit" -SRC_URI="https://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz" - -LICENSE="LGPL-2" -SLOT="0" -KEYWORDS="amd64 arm arm64 ~mips ppc64 ~riscv ~s390 x86" -IUSE="examples gtk +introspection kde pam selinux systemd test" -#RESTRICT="!test? ( test )" -# Tests currently don't work with meson. See -# https://gitlab.freedesktop.org/polkit/polkit/-/issues/144 -RESTRICT="test" - -BDEPEND=" - acct-user/polkitd - app-text/docbook-xml-dtd:4.1.2 - app-text/docbook-xsl-stylesheets - dev-libs/glib - dev-libs/gobject-introspection-common - dev-libs/libxslt - dev-util/glib-utils - sys-devel/gettext - virtual/pkgconfig - introspection? ( dev-libs/gobject-introspection ) -" -DEPEND=" - dev-lang/spidermonkey:78[-debug] - dev-libs/glib:2 - dev-libs/expat - pam? ( - sys-auth/pambase - sys-libs/pam - ) - !pam? ( virtual/libcrypt:= ) - systemd? ( sys-apps/systemd:0=[policykit] ) - !systemd? ( sys-auth/elogind ) -" -RDEPEND="${DEPEND} - acct-user/polkitd - selinux? ( sec-policy/selinux-policykit ) -" -PDEPEND=" - gtk? ( || ( - >=gnome-extra/polkit-gnome-0.105 - >=lxde-base/lxsession-0.5.2 - ) ) - kde? ( kde-plasma/polkit-kde-agent ) -" - -DOCS=( docs/TODO HACKING NEWS README ) - -QA_MULTILIB_PATHS=" - usr/lib/polkit-1/polkit-agent-helper-1 - usr/lib/polkit-1/polkitd" - -src_prepare() { - local PATCHES=( - "${FILESDIR}/polkit-0.120-meson.patch" - "${FILESDIR}/polkit-0.120-CVE-2021-4034.patch" - ) - default - - sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513 -} - -src_configure() { - xdg_environment_reset - - local emesonargs=( - --localstatedir="${EPREFIX}"/var - -Dauthfw="$(usex pam pam shadow)" - -Dexamples=false - -Dgtk_doc=false - -Dman=true - -Dos_type=gentoo - -Dsession_tracking="$(usex systemd libsystemd-login libelogind)" - -Dsystemdsystemunitdir="$(systemd_get_systemunitdir)" - $(meson_use introspection) - $(meson_use test tests) - $(usex pam "-Dpam_module_dir=$(getpam_mod_dir)" '') - ) - meson_src_configure -} - -src_compile() { - meson_src_compile - - # Required for polkitd on hardened/PaX due to spidermonkey's JIT - pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest -} - -src_install() { - meson_src_install - - if use examples ; then - docinto examples - dodoc src/examples/{*.c,*.policy*} - fi - - diropts -m 0700 -o polkitd - keepdir /usr/share/polkit-1/rules.d - - # meson does not install required files with SUID bit. See - # https://bugs.gentoo.org/816393 - # Remove the following lines once this has been fixed by upstream - # (should be fixed in next release: https://gitlab.freedesktop.org/polkit/polkit/-/commit/4ff1abe4a4c1f8c8378b9eaddb0346ac6448abd8) - fperms u+s /usr/bin/pkexec - fperms u+s /usr/lib/polkit-1/polkit-agent-helper-1 -} - -pkg_postinst() { - chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d - chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d -} diff --git a/sys-auth/polkit/polkit-0.120-r3.ebuild b/sys-auth/polkit/polkit-0.120-r3.ebuild new file mode 100644 index 000000000000..f2960680aca3 --- /dev/null +++ b/sys-auth/polkit/polkit-0.120-r3.ebuild @@ -0,0 +1,123 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit meson pam pax-utils systemd xdg-utils + +DESCRIPTION="Policy framework for controlling privileges for system-wide services" +HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit" +SRC_URI="https://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz" + +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="amd64 arm arm64 ~mips ppc64 ~riscv ~s390 x86" +IUSE="examples gtk +introspection kde pam selinux systemd test" +#RESTRICT="!test? ( test )" +# Tests currently don't work with meson. See +# https://gitlab.freedesktop.org/polkit/polkit/-/issues/144 +RESTRICT="test" + +BDEPEND=" + acct-user/polkitd + app-text/docbook-xml-dtd:4.1.2 + app-text/docbook-xsl-stylesheets + dev-libs/glib + dev-libs/gobject-introspection-common + dev-libs/libxslt + dev-util/glib-utils + sys-devel/gettext + virtual/pkgconfig + introspection? ( dev-libs/gobject-introspection ) +" +DEPEND=" + dev-lang/spidermonkey:78[-debug] + dev-libs/glib:2 + dev-libs/expat + pam? ( + sys-auth/pambase + sys-libs/pam + ) + !pam? ( virtual/libcrypt:= ) + systemd? ( sys-apps/systemd:0=[policykit] ) + !systemd? ( sys-auth/elogind ) +" +RDEPEND="${DEPEND} + acct-user/polkitd + selinux? ( sec-policy/selinux-policykit ) +" +PDEPEND=" + gtk? ( || ( + >=gnome-extra/polkit-gnome-0.105 + >=lxde-base/lxsession-0.5.2 + ) ) + kde? ( kde-plasma/polkit-kde-agent ) +" + +DOCS=( docs/TODO HACKING NEWS README ) + +QA_MULTILIB_PATHS=" + usr/lib/polkit-1/polkit-agent-helper-1 + usr/lib/polkit-1/polkitd" + +src_prepare() { + local PATCHES=( + "${FILESDIR}/polkit-0.120-meson.patch" + "${FILESDIR}/polkit-0.120-CVE-2021-4034.patch" + "${FILESDIR}/polkit-0.120-CVE-2021-4115.patch" + ) + + default + + sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513 +} + +src_configure() { + xdg_environment_reset + + local emesonargs=( + --localstatedir="${EPREFIX}"/var + -Dauthfw="$(usex pam pam shadow)" + -Dexamples=false + -Dgtk_doc=false + -Dman=true + -Dos_type=gentoo + -Dsession_tracking="$(usex systemd libsystemd-login libelogind)" + -Dsystemdsystemunitdir="$(systemd_get_systemunitdir)" + $(meson_use introspection) + $(meson_use test tests) + $(usex pam "-Dpam_module_dir=$(getpam_mod_dir)" '') + ) + meson_src_configure +} + +src_compile() { + meson_src_compile + + # Required for polkitd on hardened/PaX due to spidermonkey's JIT + pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest +} + +src_install() { + meson_src_install + + if use examples ; then + docinto examples + dodoc src/examples/{*.c,*.policy*} + fi + + diropts -m 0700 -o polkitd + keepdir /usr/share/polkit-1/rules.d + + # meson does not install required files with SUID bit. See + # https://bugs.gentoo.org/816393 + # Remove the following lines once this has been fixed by upstream + # (should be fixed in next release: https://gitlab.freedesktop.org/polkit/polkit/-/commit/4ff1abe4a4c1f8c8378b9eaddb0346ac6448abd8) + fperms u+s /usr/bin/pkexec + fperms u+s /usr/lib/polkit-1/polkit-agent-helper-1 +} + +pkg_postinst() { + chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d + chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d +} diff --git a/sys-auth/polkit/polkit-0.120_p20220221.ebuild b/sys-auth/polkit/polkit-0.120_p20220221.ebuild new file mode 100644 index 000000000000..611d147ab31c --- /dev/null +++ b/sys-auth/polkit/polkit-0.120_p20220221.ebuild @@ -0,0 +1,126 @@ +# Copyright 1999-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit meson pam pax-utils systemd xdg-utils + +DESCRIPTION="Policy framework for controlling privileges for system-wide services" +HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit" +if [[ ${PV} == *_p* ]] ; then + MY_COMMIT="b10a1bdb697045db40774f2a9a8c58ae5c7189c3" + SRC_URI="https://gitlab.freedesktop.org/polkit/polkit/-/archive/${MY_COMMIT}/polkit-${MY_COMMIT}.tar.bz2 -> ${P}.tar.bz2" + S="${WORKDIR}"/${PN}-${MY_COMMIT} +else + SRC_URI="https://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz" +fi + +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86" +IUSE="+duktape examples gtk +introspection kde pam selinux systemd test" +#RESTRICT="!test? ( test )" +# Tests currently don't work with meson. See +# https://gitlab.freedesktop.org/polkit/polkit/-/issues/144 +RESTRICT="test" + +BDEPEND=" + acct-user/polkitd + app-text/docbook-xml-dtd:4.1.2 + app-text/docbook-xsl-stylesheets + dev-libs/glib + dev-libs/gobject-introspection-common + dev-libs/libxslt + dev-util/glib-utils + sys-devel/gettext + virtual/pkgconfig + introspection? ( dev-libs/gobject-introspection ) +" +DEPEND=" + dev-libs/glib:2 + dev-libs/expat + duktape? ( dev-lang/duktape:= ) + !duktape? ( dev-lang/spidermonkey:91[-debug] ) + pam? ( + sys-auth/pambase + sys-libs/pam + ) + !pam? ( virtual/libcrypt:= ) + systemd? ( sys-apps/systemd:0=[policykit] ) + !systemd? ( sys-auth/elogind ) +" +RDEPEND="${DEPEND} + acct-user/polkitd + selinux? ( sec-policy/selinux-policykit ) +" +PDEPEND=" + gtk? ( || ( + >=gnome-extra/polkit-gnome-0.105 + >=lxde-base/lxsession-0.5.2 + ) ) + kde? ( kde-plasma/polkit-kde-agent ) +" + +DOCS=( docs/TODO HACKING NEWS README ) + +QA_MULTILIB_PATHS=" + usr/lib/polkit-1/polkit-agent-helper-1 + usr/lib/polkit-1/polkitd" + +src_prepare() { + local PATCHES=( + # musl + "${FILESDIR}"/${PN}-0.118-make-netgroup-support-optional.patch + # Pending upstream + "${FILESDIR}"/${PN}-0.120-meson.patch + ) + + default + + # bug #401513 + sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die +} + +src_configure() { + xdg_environment_reset + + local emesonargs=( + --localstatedir="${EPREFIX}"/var + -Dauthfw="$(usex pam pam shadow)" + -Dexamples=false + -Dgtk_doc=false + -Dman=true + -Dos_type=gentoo + -Dsession_tracking="$(usex systemd libsystemd-login libelogind)" + -Dsystemdsystemunitdir="$(systemd_get_systemunitdir)" + -Djs_engine=$(usex duktape duktape mozjs) + $(meson_use introspection) + $(meson_use test tests) + $(usex pam "-Dpam_module_dir=$(getpam_mod_dir)" '') + ) + meson_src_configure +} + +src_compile() { + meson_src_compile + + # Required for polkitd on hardened/PaX due to spidermonkey's JIT + pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest +} + +src_install() { + meson_src_install + + if use examples ; then + docinto examples + dodoc src/examples/{*.c,*.policy*} + fi + + diropts -m 0700 -o polkitd + keepdir /usr/share/polkit-1/rules.d +} + +pkg_postinst() { + chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d + chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d +} -- cgit v1.2.3