summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorV3n3RiX <venerix@redcorelinux.org>2020-07-05 13:55:24 +0100
committerV3n3RiX <venerix@redcorelinux.org>2020-07-05 13:55:24 +0100
commitfd890516aacba5ee2d8902fb31cc27964c4632c1 (patch)
tree666b979dfc54571d6c6e04e1939ca5a9bb06b0f0
parent3f081bc83000affd8ec16e0b941c6c08925ea098 (diff)
x11-misc/sddm : version bump (bugfix: https://bugs.redcorelinux.org/show_bug.cgi?id=117)
-rw-r--r--x11-misc/sddm/Manifest2
-rw-r--r--x11-misc/sddm/files/pam-1.4-substack.patch31
-rw-r--r--x11-misc/sddm/files/sddm-0.13.0-pam_kwallet.patch10
-rw-r--r--x11-misc/sddm/files/sddm-0.14.0-avatars.patch33
-rw-r--r--x11-misc/sddm/files/sddm-0.14.0-consolekit.patch2
-rw-r--r--x11-misc/sddm/files/sddm-0.16.0-ck2-revert.patch20
-rw-r--r--x11-misc/sddm/files/sddm-0.18.0-Xsession.patch24
-rw-r--r--x11-misc/sddm/files/sddm-0.18.0-sddmconfdir.patch32
-rw-r--r--x11-misc/sddm/files/sddm-0.18.1-honor-PAM-supplemental-groups-v2.patch182
-rw-r--r--x11-misc/sddm/files/sddm-0.18.1-only-reuse-online-sessions.patch27
-rw-r--r--x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch87
-rw-r--r--x11-misc/sddm/files/sddm-dont-source-files-in-home.patch87
-rw-r--r--x11-misc/sddm/files/sddm-enable-elogind.patch56
-rw-r--r--x11-misc/sddm/files/sddm-redcore-consolekit.conf114
-rw-r--r--x11-misc/sddm/files/sddm.conf (renamed from x11-misc/sddm/files/sddm-redcore-elogind.conf)24
-rw-r--r--x11-misc/sddm/sddm-0.14.0-r5.ebuild105
-rw-r--r--x11-misc/sddm/sddm-0.18.1-r10.ebuild106
17 files changed, 532 insertions, 410 deletions
diff --git a/x11-misc/sddm/Manifest b/x11-misc/sddm/Manifest
index 66e4b9f2..d1006dba 100644
--- a/x11-misc/sddm/Manifest
+++ b/x11-misc/sddm/Manifest
@@ -1 +1 @@
-DIST sddm-0.14.0.tar.xz 3298360 BLAKE2B e1af6c5ad967df0553606bc7f9472976152f507da69f014a1d6b834f391daec4bed81492d6546a03ec2fb6af0e883d71fb5859c77866d6dc192b4a57f9916ff8 SHA512 ae6f02e168dbb4ef1d5d360e6b26a2c45a9891fba9d53b73d41a5cc14906f3fcca3bde6d16d7bb109132d23e3e0e768c5976934fd2f59c23d919cc9f81fbd366
+DIST sddm-0.18.1.tar.xz 3402972 BLAKE2B 99ab43d374e9a3d318f692a6d496d8a6d68927af3c8e8fc2208d7355ec90649a14758b39f5733dd32f942ed569de88085576d4f5f8666f4f97079e0fb6dcb99e SHA512 ff0637600cda2f4da1f643f047f8ee822bd9651ae4ccbb614b9804175c97360ada7af93e07a7b63832f014ef6e7d1b5380ab2b8959f8024ea520fa5ff17efd60
diff --git a/x11-misc/sddm/files/pam-1.4-substack.patch b/x11-misc/sddm/files/pam-1.4-substack.patch
new file mode 100644
index 00000000..b0467b26
--- /dev/null
+++ b/x11-misc/sddm/files/pam-1.4-substack.patch
@@ -0,0 +1,31 @@
+--- sddm-0.18.1/services/sddm-autologin.pam.bak 2020-06-19 22:27:57.305580696 +0200
++++ sddm-0.18.1/services/sddm-autologin.pam 2020-06-19 22:30:50.513583973 +0200
+@@ -1,6 +1,5 @@
+ #%PAM-1.0
+ auth required pam_env.so
+-auth required pam_tally.so file=/var/log/faillog onerr=succeed
+ auth required pam_shells.so
+ auth required pam_nologin.so
+ auth required pam_permit.so
+--- sddm-0.18.1/services/sddm.pam.bak 2020-06-19 22:27:26.721580117 +0200
++++ sddm-0.18.1/services/sddm.pam 2020-06-19 22:27:48.729580533 +0200
+@@ -1,15 +1,15 @@
+ #%PAM-1.0
+
+-auth include system-login
++auth substack system-login
+ -auth optional pam_gnome_keyring.so
+ -auth optional pam_kwallet5.so
+
+-account include system-login
++account substack system-login
+
+-password include system-login
++password substack system-login
+ -password optional pam_gnome_keyring.so use_authtok
+
+ session optional pam_keyinit.so force revoke
+-session include system-login
++session substack system-login
+ -session optional pam_gnome_keyring.so auto_start
+ -session optional pam_kwallet5.so auto_start \ No newline at end of file
diff --git a/x11-misc/sddm/files/sddm-0.13.0-pam_kwallet.patch b/x11-misc/sddm/files/sddm-0.13.0-pam_kwallet.patch
deleted file mode 100644
index ff1c4d2d..00000000
--- a/x11-misc/sddm/files/sddm-0.13.0-pam_kwallet.patch
+++ /dev/null
@@ -1,10 +0,0 @@
---- a/services/sddm.pam 2015-08-17 18:06:19.000000000 +0200
-+++ b/services/sddm.pam 2016-02-21 19:54:08.654091951 +0100
-@@ -4,3 +4,7 @@
- account include system-login
- password include system-login
- session include system-login
-+-auth optional pam_kwallet.so kdehome=.kde4
-+-auth optional pam_kwallet5.so
-+-session optional pam_kwallet.so
-+-session optional pam_kwallet5.so auto_start
diff --git a/x11-misc/sddm/files/sddm-0.14.0-avatars.patch b/x11-misc/sddm/files/sddm-0.14.0-avatars.patch
deleted file mode 100644
index d40f68c1..00000000
--- a/x11-misc/sddm/files/sddm-0.14.0-avatars.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From ecb903e48822bd90650bdd64fe80754e3e9664cb Mon Sep 17 00:00:00 2001
-From: Bastian Beischer <bastian.beischer@gmail.com>
-Date: Fri, 2 Sep 2016 13:05:18 +0200
-Subject: [PATCH] Fix display of user avatars. (#684)
-
-QFile::exists("...") does not understand file:// URLs, at least in Qt
-5.7.0 and Qt 4.8.7.
----
- src/greeter/UserModel.cpp | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/src/greeter/UserModel.cpp b/src/greeter/UserModel.cpp
-index 41a9f10..94c492d 100644
---- a/src/greeter/UserModel.cpp
-+++ b/src/greeter/UserModel.cpp
-@@ -107,13 +107,13 @@ namespace SDDM {
- d->lastIndex = i;
-
- if (avatarsEnabled) {
-- const QString userFace = QStringLiteral("file://%1/.face.icon").arg(user->homeDir);
-- const QString systemFace = QStringLiteral("file://%1/%2.face.icon").arg(facesDir).arg(user->name);
-+ const QString userFace = QStringLiteral("%1/.face.icon").arg(user->homeDir);
-+ const QString systemFace = QStringLiteral("%1/%2.face.icon").arg(facesDir).arg(user->name);
-
- if (QFile::exists(userFace))
-- user->icon = userFace;
-+ user->icon = QStringLiteral("file://%1").arg(userFace);
- else if (QFile::exists(systemFace))
-- user->icon = systemFace;
-+ user->icon = QStringLiteral("file://%1").arg(systemFace);
- }
- }
- }
diff --git a/x11-misc/sddm/files/sddm-0.14.0-consolekit.patch b/x11-misc/sddm/files/sddm-0.14.0-consolekit.patch
index 6a792b66..64ea0648 100644
--- a/x11-misc/sddm/files/sddm-0.14.0-consolekit.patch
+++ b/x11-misc/sddm/files/sddm-0.14.0-consolekit.patch
@@ -5,5 +5,5 @@
exec xmessage -center -buttons OK:0 -default OK "Sorry, $DESKTOP_SESSION is no valid session."
else
- exec $@
-+ exec ck-launch-session dbus-launch --sh-syntax --exit-with-session $@
++ exec ck-launch-session $@
fi
diff --git a/x11-misc/sddm/files/sddm-0.16.0-ck2-revert.patch b/x11-misc/sddm/files/sddm-0.16.0-ck2-revert.patch
new file mode 100644
index 00000000..bbe2a272
--- /dev/null
+++ b/x11-misc/sddm/files/sddm-0.16.0-ck2-revert.patch
@@ -0,0 +1,20 @@
+SDDM 0.16.0 fails to start with consolekit2 because it assumes consolekit2
+has the same interface names as logind.
+
+This patch forces sddm to use legacy behaviour when consolekit2 is detected.
+
+Bug: https://bugs.gentoo.org/633920
+Bug: https://github.com/sddm/sddm/issues/903
+Bug: https://github.com/ConsoleKit2/ConsoleKit2/issues/99
+
+--- a/src/daemon/LogindDBusTypes.cpp
++++ b/src/daemon/LogindDBusTypes.cpp
+@@ -60,7 +60,7 @@
+
+ if (QDBusConnection::systemBus().interface()->isServiceRegistered(QStringLiteral("org.freedesktop.ConsoleKit"))) {
+ qDebug() << "Console kit interface found";
+- available = true;
++ available = false;
+ serviceName = QStringLiteral("org.freedesktop.ConsoleKit");
+ managerPath = QStringLiteral("/org/freedesktop/ConsoleKit/Manager");
+ managerIfaceName = QStringLiteral("/org.freedesktop.ConsoleKit.Manager"); //note this doesn't match logind
diff --git a/x11-misc/sddm/files/sddm-0.18.0-Xsession.patch b/x11-misc/sddm/files/sddm-0.18.0-Xsession.patch
new file mode 100644
index 00000000..41c813a0
--- /dev/null
+++ b/x11-misc/sddm/files/sddm-0.18.0-Xsession.patch
@@ -0,0 +1,24 @@
+--- a/data/scripts/Xsession 2016-08-28 14:52:04.910181422 +0200
++++ b/data/scripts/Xsession 2017-10-21 15:25:47.668886596 +0200
+@@ -50,6 +50,10 @@
+ ;;
+ esac
+
++# Make D-Bus and ConsoleKit start properly, see:
++# /etc/X11/xinit/xinitrc.d/{80-dbus,90-consolekit}
++command="$@"
++
+ [ -f /etc/xprofile ] && . /etc/xprofile
+ [ -f $HOME/.xprofile ] && . $HOME/.xprofile
+
+@@ -94,8 +98,8 @@
+ . "$USERXSESSION"
+ fi
+
+-if [ -z "$*" ]; then
++if [ -z "$command" ]; then
+ exec xmessage -center -buttons OK:0 -default OK "Sorry, $DESKTOP_SESSION is no valid session."
+ else
+- exec $@
++ exec $command
+ fi
diff --git a/x11-misc/sddm/files/sddm-0.18.0-sddmconfdir.patch b/x11-misc/sddm/files/sddm-0.18.0-sddmconfdir.patch
new file mode 100644
index 00000000..9d8f2b54
--- /dev/null
+++ b/x11-misc/sddm/files/sddm-0.18.0-sddmconfdir.patch
@@ -0,0 +1,32 @@
+From 300078995ae82495cf09a0646a07e0214f0ae030 Mon Sep 17 00:00:00 2001
+From: Andreas Sturmlechner <andreas.sturmlechner@gmail.com>
+Date: Sat, 21 Jul 2018 22:41:29 +0200
+Subject: [PATCH] Change location of sddm.conf.d to DATAROOTDIR
+
+/usr/lib is not a location that should be hardcoded - depending on
+distribution and architecture this can be different. So far, SDDM
+does not use this path unless the above conditions happen to make
+it coincide with the install location of its Qml modules.
+
+DATAROOTDIR is defined as: Read-only architecture-independent data.
+This seems to be a better fit for a system SDDM default config dir.
+---
+ CMakeLists.txt | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 8500c65..5150b7d 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -184,7 +184,7 @@ set(WAYLAND_SESSION_COMMAND "${DATA_INSTALL_DIR}/scripts/wayland-session"
+
+ set(CONFIG_FILE "${CMAKE_INSTALL_FULL_SYSCONFDIR}/sddm.conf" CACHE PATH "Path of the sddm config file")
+ set(CONFIG_DIR "${CMAKE_INSTALL_FULL_SYSCONFDIR}/sddm.conf.d" CACHE PATH "Path of the sddm config directory")
+-set(SYSTEM_CONFIG_DIR "${CMAKE_INSTALL_PREFIX}/lib/sddm/sddm.conf.d" CACHE PATH "Path of the system sddm config directory")
++set(SYSTEM_CONFIG_DIR "${CMAKE_INSTALL_FULL_DATAROOTDIR}/sddm/sddm.conf.d" CACHE PATH "Path of the system sddm config directory")
+ set(LOG_FILE "${CMAKE_INSTALL_FULL_LOCALSTATEDIR}/log/sddm.log" CACHE PATH "Path of the sddm log file")
+ set(DBUS_CONFIG_FILENAME "org.freedesktop.DisplayManager.conf" CACHE STRING "Name of the sddm config file")
+ set(COMPONENTS_TRANSLATION_DIR "${DATA_INSTALL_DIR}/translations" CACHE PATH "Components translations directory")
+--
+2.18.0
+
diff --git a/x11-misc/sddm/files/sddm-0.18.1-honor-PAM-supplemental-groups-v2.patch b/x11-misc/sddm/files/sddm-0.18.1-honor-PAM-supplemental-groups-v2.patch
new file mode 100644
index 00000000..f4ce7ae7
--- /dev/null
+++ b/x11-misc/sddm/files/sddm-0.18.1-honor-PAM-supplemental-groups-v2.patch
@@ -0,0 +1,182 @@
+From 75e6e00d9e1ecf25e3a9c8332530a1e40d737cdb Mon Sep 17 00:00:00 2001
+From: "J. Konrad Tegtmeier-Rottach" <jktr@0x16.de>
+Date: Thu, 9 May 2019 03:06:48 +0200
+Subject: [PATCH] Honor PAM's supplemental groups (v2) (#834, #1159)
+
+This moves the supplemental group initialization step from
+UserSession.cpp to the Backend system, so that the Pam Backend can
+inject additional supplemental groups via modules like pam_group.so.
+
+pam_setcred(3) assumes that it operates on an already initialized
+supplemental group list. However, PamBackend calls
+pam_setcred(PAM_ESTABLISH_CRED) earlier, at the start
+PamBackend::openSession, so a pam_setcred(PAM_REINITIALIZE_CRED) call
+must be issued to repeat the injection of PAM's supplemental groups.
+---
+ src/helper/Backend.cpp | 5 +++++
+ src/helper/Backend.h | 3 +++
+ src/helper/HelperApp.cpp | 4 ++++
+ src/helper/HelperApp.h | 1 +
+ src/helper/UserSession.cpp | 13 ++++++++-----
+ src/helper/backend/PamBackend.cpp | 18 ++++++++++++++++++
+ src/helper/backend/PamBackend.h | 2 ++
+ 7 files changed, 41 insertions(+), 5 deletions(-)
+
+diff --git a/src/helper/Backend.cpp b/src/helper/Backend.cpp
+index d6bb4d0a..35ae2bdf 100644
+--- a/src/helper/Backend.cpp
++++ b/src/helper/Backend.cpp
+@@ -29,6 +29,7 @@
+ #include <QtCore/QProcessEnvironment>
+
+ #include <pwd.h>
++#include <grp.h>
+
+ namespace SDDM {
+ Backend::Backend(HelperApp* parent)
+@@ -79,4 +80,8 @@ namespace SDDM {
+ bool Backend::closeSession() {
+ return true;
+ }
++
++ bool Backend::setupSupplementalGroups(struct passwd *pw) {
++ return !initgroups(pw->pw_name, pw->pw_gid);
++ }
+ }
+diff --git a/src/helper/Backend.h b/src/helper/Backend.h
+index b790e001..3caf1592 100644
+--- a/src/helper/Backend.h
++++ b/src/helper/Backend.h
+@@ -22,6 +22,7 @@
+ #define BACKEND_H
+
+ #include <QtCore/QObject>
++#include <pwd.h>
+
+ namespace SDDM {
+ class HelperApp;
+@@ -38,6 +39,8 @@ namespace SDDM {
+ void setAutologin(bool on = true);
+ void setGreeter(bool on = true);
+
++ virtual bool setupSupplementalGroups(struct passwd *pw);
++
+ public slots:
+ virtual bool start(const QString &user = QString()) = 0;
+ virtual bool authenticate() = 0;
+diff --git a/src/helper/HelperApp.cpp b/src/helper/HelperApp.cpp
+index cad93bd8..d0891d75 100644
+--- a/src/helper/HelperApp.cpp
++++ b/src/helper/HelperApp.cpp
+@@ -253,6 +253,10 @@ namespace SDDM {
+ return m_session;
+ }
+
++ Backend *HelperApp::backend() {
++ return m_backend;
++ }
++
+ const QString& HelperApp::user() const {
+ return m_user;
+ }
+diff --git a/src/helper/HelperApp.h b/src/helper/HelperApp.h
+index 3742df12..cb5959a7 100644
+--- a/src/helper/HelperApp.h
++++ b/src/helper/HelperApp.h
+@@ -39,6 +39,7 @@ namespace SDDM {
+ virtual ~HelperApp();
+
+ UserSession *session();
++ Backend *backend();
+ const QString &user() const;
+ const QString &cookie() const;
+
+diff --git a/src/helper/UserSession.cpp b/src/helper/UserSession.cpp
+index f71fd358..62fd4d70 100644
+--- a/src/helper/UserSession.cpp
++++ b/src/helper/UserSession.cpp
+@@ -19,6 +19,7 @@
+ *
+ */
+
++#include "Backend.h"
+ #include "Configuration.h"
+ #include "UserSession.h"
+ #include "HelperApp.h"
+@@ -129,7 +130,8 @@ namespace SDDM {
+ #endif
+
+ // switch user
+- const QByteArray username = qobject_cast<HelperApp*>(parent())->user().toLocal8Bit();
++ HelperApp* app = qobject_cast<HelperApp*>(parent());
++ const QByteArray username = app->user().toLocal8Bit();
+ struct passwd pw;
+ struct passwd *rpw;
+ long bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
+@@ -146,12 +148,13 @@ namespace SDDM {
+ qCritical() << "getpwnam_r(" << username << ") failed with error: " << strerror(err);
+ exit(Auth::HELPER_OTHER_ERROR);
+ }
+- if (setgid(pw.pw_gid) != 0) {
+- qCritical() << "setgid(" << pw.pw_gid << ") failed for user: " << username;
++
++ if (!app->backend()->setupSupplementalGroups(&pw)) {
++ qCritical() << "failed to set up supplemental groups for user: " << username;
+ exit(Auth::HELPER_OTHER_ERROR);
+ }
+- if (initgroups(pw.pw_name, pw.pw_gid) != 0) {
+- qCritical() << "initgroups(" << pw.pw_name << ", " << pw.pw_gid << ") failed for user: " << username;
++ if (setgid(pw.pw_gid) != 0) {
++ qCritical() << "setgid(" << pw.pw_gid << ") failed for user: " << username;
+ exit(Auth::HELPER_OTHER_ERROR);
+ }
+ if (setuid(pw.pw_uid) != 0) {
+diff --git a/src/helper/backend/PamBackend.cpp b/src/helper/backend/PamBackend.cpp
+index f86d77d6..cccfa258 100644
+--- a/src/helper/backend/PamBackend.cpp
++++ b/src/helper/backend/PamBackend.cpp
+@@ -289,6 +289,24 @@ namespace SDDM {
+ return QString::fromLocal8Bit((const char*) m_pam->getItem(PAM_USER));
+ }
+
++ bool PamBackend::setupSupplementalGroups(struct passwd *pw) {
++ if (!Backend::setupSupplementalGroups(pw))
++ return false;
++
++ // pam_setcred(3) may inject additional groups into the user's
++ // list of supplemental groups, and assumes that the user's
++ // supplemental groups have already been initialized before
++ // its invocation. Since pam_setcred was already called at the
++ // start of openSession, we need to repeat this step here as
++ // the user's groups have only just now been initialized.
++
++ if (!m_pam->setCred(PAM_REINITIALIZE_CRED)) {
++ m_app->error(m_pam->errorString(), Auth::ERROR_AUTHENTICATION);
++ return false;
++ }
++ return true;
++ }
++
+ int PamBackend::converse(int n, const struct pam_message **msg, struct pam_response **resp) {
+ qDebug() << "[PAM] Conversation with" << n << "messages";
+
+diff --git a/src/helper/backend/PamBackend.h b/src/helper/backend/PamBackend.h
+index 4c8b4b35..5b079099 100644
+--- a/src/helper/backend/PamBackend.h
++++ b/src/helper/backend/PamBackend.h
+@@ -28,6 +28,7 @@
+ #include <QtCore/QObject>
+
+ #include <security/pam_appl.h>
++#include <pwd.h>
+
+ namespace SDDM {
+ class PamHandle;
+@@ -61,6 +62,7 @@ namespace SDDM {
+ explicit PamBackend(HelperApp *parent);
+ virtual ~PamBackend();
+ int converse(int n, const struct pam_message **msg, struct pam_response **resp);
++ virtual bool setupSupplementalGroups(struct passwd *pw);
+
+ public slots:
+ virtual bool start(const QString &user = QString());
diff --git a/x11-misc/sddm/files/sddm-0.18.1-only-reuse-online-sessions.patch b/x11-misc/sddm/files/sddm-0.18.1-only-reuse-online-sessions.patch
new file mode 100644
index 00000000..b3ea90ff
--- /dev/null
+++ b/x11-misc/sddm/files/sddm-0.18.1-only-reuse-online-sessions.patch
@@ -0,0 +1,27 @@
+From f131270ff3ae6e6b4e2dc965cd05b46e194b48c1 Mon Sep 17 00:00:00 2001
+From: Fabian Vogt <fabian@ritter-vogt.de>
+Date: Tue, 31 Jul 2018 16:51:13 +0200
+Subject: [PATCH] Session reuse: Only consider "online" sessions
+
+Otherwise it might switch to already dead sessions ("closing" or "lingering").
+---
+ src/daemon/Display.cpp | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/daemon/Display.cpp b/src/daemon/Display.cpp
+index 86e597e..ec442b0 100644
+--- a/src/daemon/Display.cpp
++++ b/src/daemon/Display.cpp
+@@ -290,8 +290,8 @@ namespace SDDM {
+ foreach(const SessionInfo &s, reply.value()) {
+ if (s.userName == user) {
+ OrgFreedesktopLogin1SessionInterface session(Logind::serviceName(), s.sessionPath.path(), QDBusConnection::systemBus());
+- if (session.service() == QLatin1String("sddm")) {
+- m_reuseSessionId = s.sessionId;
++ if (session.service() == QLatin1String("sddm") && session.state() == QLatin1String("online")) {
++ m_reuseSessionId = s.sessionId;
+ break;
+ }
+ }
+--
+2.18.0
diff --git a/x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch b/x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch
new file mode 100644
index 00000000..f14ff767
--- /dev/null
+++ b/x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch
@@ -0,0 +1,87 @@
+From d3953e88a94ec25a87d3c5136517b3d1009cb1fd Mon Sep 17 00:00:00 2001
+From: "J. Konrad Tegtmeier-Rottach" <jktr@0x16.de>
+Date: Wed, 8 May 2019 18:58:53 +0200
+Subject: [PATCH] Revert "Honor PAM's ambient supplemental groups. (#834)"
+
+This reverts commit 1bc813d08b8130e458a6550ec47fb2bfbe6de080, which
+misuses PAM and leads to pulling in all of root's supplemental groups
+during session initialization instead of only adding PAM's extra
+groups. The problem was masked due to the root user not having any
+supplemental groups in some common contexts, like running sddm from a
+systemd unit.
+---
+ src/helper/UserSession.cpp | 57 --------------------------------------
+ 1 file changed, 57 deletions(-)
+
+diff --git a/src/helper/UserSession.cpp b/src/helper/UserSession.cpp
+index b3aec356..f71fd358 100644
+--- a/src/helper/UserSession.cpp
++++ b/src/helper/UserSession.cpp
+@@ -150,67 +150,10 @@ namespace SDDM {
+ qCritical() << "setgid(" << pw.pw_gid << ") failed for user: " << username;
+ exit(Auth::HELPER_OTHER_ERROR);
+ }
+-
+-#ifdef USE_PAM
+-
+- // fetch ambient groups from PAM's environment;
+- // these are set by modules such as pam_groups.so
+- int n_pam_groups = getgroups(0, NULL);
+- gid_t *pam_groups = NULL;
+- if (n_pam_groups > 0) {
+- pam_groups = new gid_t[n_pam_groups];
+- if ((n_pam_groups = getgroups(n_pam_groups, pam_groups)) == -1) {
+- qCritical() << "getgroups() failed to fetch supplemental"
+- << "PAM groups for user:" << username;
+- exit(Auth::HELPER_OTHER_ERROR);
+- }
+- } else {
+- n_pam_groups = 0;
+- }
+-
+- // fetch session's user's groups
+- int n_user_groups = 0;
+- gid_t *user_groups = NULL;
+- if (-1 == getgrouplist(username.constData(), pw.pw_gid,
+- NULL, &n_user_groups)) {
+- user_groups = new gid_t[n_user_groups];
+- if ((n_user_groups = getgrouplist(username.constData(),
+- pw.pw_gid, user_groups,
+- &n_user_groups)) == -1 ) {
+- qCritical() << "getgrouplist(" << username << ", " << pw.pw_gid
+- << ") failed";
+- exit(Auth::HELPER_OTHER_ERROR);
+- }
+- }
+-
+- // set groups to concatenation of PAM's ambient
+- // groups and the session's user's groups
+- int n_groups = n_pam_groups + n_user_groups;
+- if (n_groups > 0) {
+- gid_t *groups = new gid_t[n_groups];
+- memcpy(groups, pam_groups, (n_pam_groups * sizeof(gid_t)));
+- memcpy((groups + n_pam_groups), user_groups,
+- (n_user_groups * sizeof(gid_t)));
+-
+- // setgroups(2) handles duplicate groups
+- if (setgroups(n_groups, groups) != 0) {
+- qCritical() << "setgroups() failed for user: " << username;
+- exit (Auth::HELPER_OTHER_ERROR);
+- }
+- delete[] groups;
+- }
+- delete[] pam_groups;
+- delete[] user_groups;
+-
+-#else
+-
+ if (initgroups(pw.pw_name, pw.pw_gid) != 0) {
+ qCritical() << "initgroups(" << pw.pw_name << ", " << pw.pw_gid << ") failed for user: " << username;
+ exit(Auth::HELPER_OTHER_ERROR);
+ }
+-
+-#endif /* USE_PAM */
+-
+ if (setuid(pw.pw_uid) != 0) {
+ qCritical() << "setuid(" << pw.pw_uid << ") failed for user: " << username;
+ exit(Auth::HELPER_OTHER_ERROR);
diff --git a/x11-misc/sddm/files/sddm-dont-source-files-in-home.patch b/x11-misc/sddm/files/sddm-dont-source-files-in-home.patch
deleted file mode 100644
index 63b4f53a..00000000
--- a/x11-misc/sddm/files/sddm-dont-source-files-in-home.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-diff -Nur a/data/scripts/wayland-session b/data/scripts/wayland-session
---- a/data/scripts/wayland-session 2016-08-22 18:51:12.000000000 +0100
-+++ b/data/scripts/wayland-session 2018-05-04 11:53:18.083001476 +0100
-@@ -11,13 +11,6 @@
- [ -z "$BASH" ] && exec $SHELL $0 "$@"
- set +o posix
- [ -f /etc/profile ] && . /etc/profile
-- if [ -f $HOME/.bash_profile ]; then
-- . $HOME/.bash_profile
-- elif [ -f $HOME/.bash_login ]; then
-- . $HOME/.bash_login
-- elif [ -f $HOME/.profile ]; then
-- . $HOME/.profile
-- fi
- ;;
- */zsh)
- [ -z "$ZSH_NAME" ] && exec $SHELL $0 "$@"
-@@ -25,22 +18,19 @@
- zhome=${ZDOTDIR:-$HOME}
- # zshenv is always sourced automatically.
- [ -f $zdir/zprofile ] && . $zdir/zprofile
-- [ -f $zhome/.zprofile ] && . $zhome/.zprofile
- [ -f $zdir/zlogin ] && . $zdir/zlogin
-- [ -f $zhome/.zlogin ] && . $zhome/.zlogin
- emulate -R sh
- ;;
- */csh|*/tcsh)
- # [t]cshrc is always sourced automatically.
- # Note that sourcing csh.login after .cshrc is non-standard.
- wlsess_tmp=`mktemp /tmp/wlsess-env-XXXXXX`
-- $SHELL -c "if (-f /etc/csh.login) source /etc/csh.login; if (-f ~/.login) source ~/.login; /bin/sh -c 'export -p' >! $wlsess_tmp"
-+ $SHELL -c "if (-f /etc/csh.login) source /etc/csh.login; /bin/sh -c 'export -p' >! $wlsess_tmp"
- . $wlsess_tmp
- rm -f $wlsess_tmp
- ;;
- *) # Plain sh, ksh, and anything we do not know.
- [ -f /etc/profile ] && . /etc/profile
-- [ -f $HOME/.profile ] && . $HOME/.profile
- ;;
- esac
-
-diff -Nur a/data/scripts/Xsession b/data/scripts/Xsession
---- a/data/scripts/Xsession 2016-08-22 18:51:12.000000000 +0100
-+++ b/data/scripts/Xsession 2018-05-04 11:53:38.548659869 +0100
-@@ -11,13 +11,6 @@
- [ -z "$BASH" ] && exec $SHELL $0 "$@"
- set +o posix
- [ -f /etc/profile ] && . /etc/profile
-- if [ -f $HOME/.bash_profile ]; then
-- . $HOME/.bash_profile
-- elif [ -f $HOME/.bash_login ]; then
-- . $HOME/.bash_login
-- elif [ -f $HOME/.profile ]; then
-- . $HOME/.profile
-- fi
- ;;
- */zsh)
- [ -z "$ZSH_NAME" ] && exec $SHELL $0 "$@"
-@@ -25,27 +18,23 @@
- zhome=${ZDOTDIR:-$HOME}
- # zshenv is always sourced automatically.
- [ -f $zdir/zprofile ] && . $zdir/zprofile
-- [ -f $zhome/.zprofile ] && . $zhome/.zprofile
- [ -f $zdir/zlogin ] && . $zdir/zlogin
-- [ -f $zhome/.zlogin ] && . $zhome/.zlogin
- emulate -R sh
- ;;
- */csh|*/tcsh)
- # [t]cshrc is always sourced automatically.
- # Note that sourcing csh.login after .cshrc is non-standard.
- xsess_tmp=`mktemp /tmp/xsess-env-XXXXXX`
-- $SHELL -c "if (-f /etc/csh.login) source /etc/csh.login; if (-f ~/.login) source ~/.login; /bin/sh -c 'export -p' >! $xsess_tmp"
-+ $SHELL -c "if (-f /etc/csh.login) source /etc/csh.login; /bin/sh -c 'export -p' >! $xsess_tmp"
- . $xsess_tmp
- rm -f $xsess_tmp
- ;;
- *) # Plain sh, ksh, and anything we do not know.
- [ -f /etc/profile ] && . /etc/profile
-- [ -f $HOME/.profile ] && . $HOME/.profile
- ;;
- esac
-
- [ -f /etc/xprofile ] && . /etc/xprofile
--[ -f $HOME/.xprofile ] && . $HOME/.xprofile
-
- # run all system xinitrc shell scripts.
- if [ -d /etc/X11/xinit/xinitrc.d ]; then
diff --git a/x11-misc/sddm/files/sddm-enable-elogind.patch b/x11-misc/sddm/files/sddm-enable-elogind.patch
deleted file mode 100644
index b427ddd9..00000000
--- a/x11-misc/sddm/files/sddm-enable-elogind.patch
+++ /dev/null
@@ -1,56 +0,0 @@
---- a/CMakeLists.txt 2016-11-10 09:27:03.866358608 +0100
-+++ b/CMakeLists.txt 2016-11-10 10:28:25.384374766 +0100
-@@ -93,7 +93,7 @@
- endif()
-
- # systemd
--if(NOT NO_SYSTEMD)
-+if(NOT NO_SYSTEMD AND NOT USE_ELOGIND)
- pkg_check_modules(SYSTEMD "systemd")
- endif()
-
-@@ -127,12 +127,34 @@
- set(REBOOT_COMMAND "/usr/bin/systemctl reboot")
- else()
- set(SYSTEMD_FOUND 0)
-+endif()
-+add_feature_info("systemd" SYSTEMD_FOUND "systemd support")
-+add_feature_info("journald" JOURNALD_FOUND "journald support")
-+
-+# elogind
-+if(NO_SYSTEMD AND USE_ELOGIND)
-+ pkg_check_modules(ELOGIND "libelogind")
-+endif()
-+
-+if(ELOGIND_FOUND)
-+ add_definitions(-DHAVE_ELOGIND)
-+ set(CMAKE_AUTOMOC_MOC_OPTIONS -DHAVE_ELOGIND)
-+
-+ set(MINIMUM_VT 7)
-+ set(HALT_COMMAND "/bin/loginctl poweroff")
-+ set(REBOOT_COMMAND "/bin/loginctl reboot")
-+else()
-+ set(ELOGIND_FOUND 0)
-+endif()
-+add_feature_info("elogind" ELOGIND_FOUND "elogind support")
-+
-+# Default behaviour if neither systemd nor elogind is used
-+if (NOT ELOGIND_FOUND AND NOT SYSTEMD_FOUND)
- set(MINIMUM_VT 7)
- set(HALT_COMMAND "/sbin/shutdown -h -P now")
- set(REBOOT_COMMAND "/sbin/shutdown -r now")
- endif()
--add_feature_info("systemd" SYSTEMD_FOUND "systemd support")
--add_feature_info("journald" JOURNALD_FOUND "journald support")
-+
-
- # Set constants
- set(DATA_INSTALL_DIR "${CMAKE_INSTALL_FULL_DATADIR}/sddm" CACHE PATH "System application data install directory")
---- a/services/sddm-greeter.pam 2016-06-19 12:24:42.000000000 +0200
-+++ b/services/sddm-greeter.pam 2016-11-02 09:48:18.990032363 +0100
-@@ -14,4 +14,5 @@
-
- # Setup session
- session required pam_unix.so
- session optional pam_systemd.so
-+session optional pam_elogind.so
diff --git a/x11-misc/sddm/files/sddm-redcore-consolekit.conf b/x11-misc/sddm/files/sddm-redcore-consolekit.conf
deleted file mode 100644
index cb4bae90..00000000
--- a/x11-misc/sddm/files/sddm-redcore-consolekit.conf
+++ /dev/null
@@ -1,114 +0,0 @@
-[Autologin]
-# Whether sddm should automatically log back into sessions when they exit
-Relogin=false
-
-# Name of session file for autologin session
-Session=
-
-# Username for autologin session
-User=
-
-[General]
-# Halt command
-HaltCommand=/sbin/shutdown -h -P now
-
-# Input method module
-InputMethod=
-
-# Initial NumLock state. Can be on, off or none.
-# If property is set to none, numlock won't be changed
-# NOTE: Currently ignored if autologin is enabled.
-Numlock=off
-
-# Reboot command
-RebootCommand=/sbin/shutdown -r now
-
-[Theme]
-# Current theme name
-Current=redcore
-
-# Cursor theme used in the greeter
-CursorTheme=Hacked-Red
-
-# Number of users to use as threshold
-# above which avatars are disabled
-# unless explicitly enabled with EnableAvatars
-DisableAvatarsThreshold=7
-
-# Enable display of custom user avatars
-EnableAvatars=true
-
-# Global directory for user avatars
-# The files should be named <username>.face.icon
-FacesDir=/usr/share/sddm/faces
-
-# Theme directory path
-ThemeDir=/usr/share/sddm/themes
-
-[Users]
-# Default $PATH for logged in users
-DefaultPath=/bin:/usr/bin:/usr/local/bin
-
-# Comma-separated list of shells.
-# Users with these shells as their default won't be listed
-HideShells=
-
-# Comma-separated list of users that should not be listed
-HideUsers=
-
-# Maximum user id for displayed users
-MaximumUid=60000
-
-# Minimum user id for displayed users
-MinimumUid=1000
-
-# Remember the session of the last successfully logged in user
-RememberLastSession=true
-
-# Remember the last successfully logged in user
-RememberLastUser=true
-
-[Wayland]
-# Path to a script to execute when starting the desktop session
-SessionCommand=/usr/share/sddm/scripts/wayland-session
-
-# Directory containing available Wayland sessions
-SessionDir=/usr/share/wayland-sessions
-
-# Path to the user session log file
-SessionLogFile=.local/share/sddm/wayland-session.log
-
-[X11]
-# Path to a script to execute when starting the display server
-DisplayCommand=/usr/share/sddm/scripts/Xsetup
-
-# Path to a script to execute when stopping the display server
-DisplayStopCommand=/usr/share/sddm/scripts/Xstop
-
-# The lowest virtual terminal number that will be used.
-MinimumVT=7
-
-# Arguments passed to the X server invocation
-ServerArguments=-nolisten tcp
-
-# Path to X server binary
-ServerPath=/usr/bin/X
-
-# Path to a script to execute when starting the desktop session
-SessionCommand=/usr/share/sddm/scripts/Xsession
-
-# Directory containing available X sessions
-SessionDir=/usr/share/xsessions
-
-# Path to the user session log file
-SessionLogFile=.local/share/sddm/xorg-session.log
-
-# Path to the Xauthority file
-UserAuthFile=.Xauthority
-
-# Path to xauth binary
-XauthPath=/usr/bin/xauth
-
-# Path to Xephyr binary
-XephyrPath=/usr/bin/Xephyr
-
diff --git a/x11-misc/sddm/files/sddm-redcore-elogind.conf b/x11-misc/sddm/files/sddm.conf
index 15721d22..802ad10b 100644
--- a/x11-misc/sddm/files/sddm-redcore-elogind.conf
+++ b/x11-misc/sddm/files/sddm.conf
@@ -2,12 +2,13 @@
# Whether sddm should automatically log back into sessions when they exit
Relogin=false
-# Name of session file for autologin session
+# Name of session file for autologin session (if empty try last logged in)
Session=
# Username for autologin session
User=
+
[General]
# Halt command
HaltCommand=/bin/loginctl poweroff
@@ -15,14 +16,18 @@ HaltCommand=/bin/loginctl poweroff
# Input method module
InputMethod=
+# Comma-separated list of Linux namespaces for user session to enter
+Namespaces=
+
# Initial NumLock state. Can be on, off or none.
# If property is set to none, numlock won't be changed
# NOTE: Currently ignored if autologin is enabled.
-Numlock=off
+Numlock=none
# Reboot command
RebootCommand=/bin/loginctl reboot
+
[Theme]
# Current theme name
Current=redcore
@@ -45,9 +50,10 @@ FacesDir=/usr/share/sddm/faces
# Theme directory path
ThemeDir=/usr/share/sddm/themes
+
[Users]
# Default $PATH for logged in users
-DefaultPath=/bin:/usr/bin:/usr/local/bin
+DefaultPath=/usr/local/bin:/usr/bin:/bin
# Comma-separated list of shells.
# Users with these shells as their default won't be listed
@@ -68,7 +74,14 @@ RememberLastSession=true
# Remember the last successfully logged in user
RememberLastUser=true
+# When logging in as the same user twice, restore the original session, rather than create a new one
+ReuseSession=true
+
+
[Wayland]
+# Enable Qt's automatic high-DPI scaling
+EnableHiDPI=true
+
# Path to a script to execute when starting the desktop session
SessionCommand=/usr/share/sddm/scripts/wayland-session
@@ -78,6 +91,7 @@ SessionDir=/usr/share/wayland-sessions
# Path to the user session log file
SessionLogFile=.local/share/sddm/wayland-session.log
+
[X11]
# Path to a script to execute when starting the display server
DisplayCommand=/usr/share/sddm/scripts/Xsetup
@@ -85,6 +99,9 @@ DisplayCommand=/usr/share/sddm/scripts/Xsetup
# Path to a script to execute when stopping the display server
DisplayStopCommand=/usr/share/sddm/scripts/Xstop
+# Enable Qt's automatic high-DPI scaling
+EnableHiDPI=true
+
# The lowest virtual terminal number that will be used.
MinimumVT=7
@@ -112,3 +129,4 @@ XauthPath=/usr/bin/xauth
# Path to Xephyr binary
XephyrPath=/usr/bin/Xephyr
+
diff --git a/x11-misc/sddm/sddm-0.14.0-r5.ebuild b/x11-misc/sddm/sddm-0.14.0-r5.ebuild
deleted file mode 100644
index 5f0adc98..00000000
--- a/x11-misc/sddm/sddm-0.14.0-r5.ebuild
+++ /dev/null
@@ -1,105 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-inherit cmake-utils user
-
-DESCRIPTION="Simple Desktop Display Manager"
-HOMEPAGE="https://github.com/sddm/sddm"
-SRC_URI="https://github.com/${PN}/${PN}/releases/download/v${PV}/${P}.tar.xz"
-KEYWORDS="amd64 ~arm x86"
-
-LICENSE="GPL-2+ MIT CC-BY-3.0 CC-BY-SA-3.0 public-domain"
-SLOT="0"
-IUSE="+branding consolekit elogind +pam systemd"
-
-REQUIRED_USE="elogind? ( !systemd !consolekit )
- systemd? ( !elogind !consolekit )
- consolekit? ( !elogind !systemd )
-"
-
-RDEPEND=">=dev-qt/qtcore-5.6:5
- >=dev-qt/qtdbus-5.6:5
- >=dev-qt/qtgui-5.6:5
- >=dev-qt/qtdeclarative-5.6:5
- >=dev-qt/qtnetwork-5.6:5
- >=x11-base/xorg-server-1.15.1
- x11-libs/libxcb[xkb(-)]
- branding? ( x11-themes/redcore-theme-sddm )
- consolekit? ( >=sys-auth/consolekit-0.9.4 )
- elogind? ( sys-auth/elogind )
- pam? ( sys-libs/pam )
- systemd? ( sys-apps/systemd:= )
- !systemd? ( || ( sys-power/upower sys-power/upower-pm-utils ) )"
-
-DEPEND="${RDEPEND}
- dev-python/docutils
- >=dev-qt/linguist-tools-5.6:5
- >=dev-qt/qttest-5.6:5
- kde-frameworks/extra-cmake-modules
- virtual/pkgconfig"
-
-PATCHES=(
- "${FILESDIR}/${PN}-0.13.0-pam_kwallet.patch"
- "${FILESDIR}/${PN}-0.12.0-respect-user-flags.patch"
- "${FILESDIR}/${P}-avatars.patch"
- "${FILESDIR}/${PN}-enable-elogind.patch"
- "${FILESDIR}/${PN}-dont-source-files-in-home.patch"
-)
-
-pkg_pretend() {
- if [[ ${MERGE_TYPE} != binary && $(tc-getCC) == *gcc* ]]; then
- if [[ $(gcc-major-version) -lt 4 || $(gcc-major-version) == 4 && $(gcc-minor-version) -lt 7 ]] ; then
- die 'The active compiler needs to be gcc 4.7 (or newer)'
- fi
- fi
-}
-
-src_prepare() {
- if use consolekit; then
- eapply "${FILESDIR}/${P}-consolekit.patch"
- fi
-
- cmake-utils_src_prepare
-}
-
-src_configure() {
- local mycmakeargs=(
- -DENABLE_PAM=$(usex pam)
- -DNO_SYSTEMD=$(usex '!systemd')
- -DUSE_ELOGIND=$(usex 'elogind')
- -DBUILD_MAN_PAGES=ON
- -DDBUS_CONFIG_FILENAME="org.freedesktop.sddm.conf"
- )
-
- cmake-utils_src_configure
-}
-
-src_install() {
- cmake-utils_src_install
- # overwrite autogenerated sddm.conf
- if use consolekit; then
- cp -avx ${FILESDIR}/sddm-redcore-consolekit.conf ${ED}etc/sddm.conf
- elif use elogind; then
- cp -avx ${FILESDIR}/sddm-redcore-elogind.conf ${ED}etc/sddm.conf
- fi
-}
-
-pkg_postinst() {
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} ${PN},video
-
- if use consolekit && use pam && [[ -e "${ROOT}"/etc/pam.d/system-login ]]; then
- local line=$(grep "pam_ck_connector.*nox11" "${ROOT}"/etc/pam.d/system-login)
- if [[ -z ${line} ]]; then
- ewarn
- ewarn "Erroneous /etc/pam.d/system-login settings detected!"
- ewarn "Please restore 'nox11' option in the line containing pam_ck_connector:"
- ewarn
- ewarn "session optional pam_ck_connector.so nox11"
- ewarn
- ewarn "or 'emerge -1 sys-auth/pambase' and run etc-update."
- ewarn
- fi
- fi
-}
diff --git a/x11-misc/sddm/sddm-0.18.1-r10.ebuild b/x11-misc/sddm/sddm-0.18.1-r10.ebuild
new file mode 100644
index 00000000..308c6589
--- /dev/null
+++ b/x11-misc/sddm/sddm-0.18.1-r10.ebuild
@@ -0,0 +1,106 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PLOCALES="ar bn ca cs da de es et fi fr hi_IN hu is it ja kk ko lt lv nb nl nn pl pt_BR pt_PT ro ru sk sr sr@ijekavian sr@ijekavianlatin sr@latin sv tr uk zh_CN zh_TW"
+inherit cmake l10n systemd user
+
+DESCRIPTION="Simple Desktop Display Manager"
+HOMEPAGE="https://github.com/sddm/sddm"
+SRC_URI="https://github.com/${PN}/${PN}/releases/download/v${PV}/${P}.tar.xz"
+
+LICENSE="GPL-2+ MIT CC-BY-3.0 CC-BY-SA-3.0 public-domain"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86"
+IUSE="consolekit elogind +pam systemd test"
+RESTRICT="!test? ( test )"
+
+REQUIRED_USE="?? ( elogind systemd )"
+
+BDEPEND="
+ dev-python/docutils
+ >=dev-qt/linguist-tools-5.9.4:5
+ kde-frameworks/extra-cmake-modules:5
+ virtual/pkgconfig
+"
+RDEPEND="
+ >=dev-qt/qtcore-5.9.4:5
+ >=dev-qt/qtdbus-5.9.4:5
+ >=dev-qt/qtdeclarative-5.9.4:5
+ >=dev-qt/qtgui-5.9.4:5
+ >=dev-qt/qtnetwork-5.9.4:5
+ >=x11-base/xorg-server-1.15.1
+ x11-libs/libxcb[xkb]
+ consolekit? ( >=sys-auth/consolekit-0.9.4 )
+ elogind? ( sys-auth/elogind )
+ pam? ( sys-libs/pam )
+ systemd? ( sys-apps/systemd:= )
+ !systemd? ( sys-power/upower )
+"
+DEPEND="${RDEPEND}
+ test? ( >=dev-qt/qttest-5.9.4:5 )
+"
+
+PATCHES=(
+ "${FILESDIR}/${PN}-0.12.0-respect-user-flags.patch"
+ "${FILESDIR}/${PN}-0.18.0-Xsession.patch" # bug 611210
+ "${FILESDIR}/${PN}-0.18.0-sddmconfdir.patch"
+ # fix for groups: https://github.com/sddm/sddm/issues/1159
+ "${FILESDIR}/${P}-revert-honor-PAM-supplemental-groups.patch"
+ "${FILESDIR}/${P}-honor-PAM-supplemental-groups-v2.patch"
+ # fix for ReuseSession=true
+ "${FILESDIR}/${P}-only-reuse-online-sessions.patch"
+ # TODO: fix properly
+ "${FILESDIR}/${PN}-0.16.0-ck2-revert.patch" # bug 633920
+ "${FILESDIR}/pam-1.4-substack.patch"
+)
+
+src_prepare() {
+ cmake_src_prepare
+
+ disable_locale() {
+ sed -e "/${1}\.ts/d" -i data/translations/CMakeLists.txt || die
+ }
+ l10n_find_plocales_changes "data/translations" "" ".ts"
+ l10n_for_each_disabled_locale_do disable_locale
+
+ if ! use test; then
+ sed -e "/^find_package/s/ Test//" -i CMakeLists.txt || die
+ cmake_comment_add_subdirectory test
+ fi
+}
+
+src_configure() {
+ local mycmakeargs=(
+ -DENABLE_PAM=$(usex pam)
+ -DNO_SYSTEMD=$(usex '!systemd')
+ -DUSE_ELOGIND=$(usex 'elogind')
+ -DBUILD_MAN_PAGES=ON
+ -DDBUS_CONFIG_FILENAME="org.freedesktop.sddm.conf"
+ )
+ cmake_src_configure
+}
+
+src_install() {
+ cmake_src_install
+
+ # since 0.18.0 sddm no longer installs a config file
+ # install one ourselves in gentoo's default location
+ local confd="usr/share/sddm/sddm.conf.d"
+ dodir ${confd}
+ insinto ${confd}
+ newins ${FILESDIR}/${PN}.conf 00default.conf
+
+ # override gentoo's default location with the
+ # classical location which is /etc/sddm.conf
+ insinto etc
+ doins ${FILESDIR}/${PN}.conf
+}
+
+pkg_postinst() {
+ enewgroup ${PN}
+ enewuser ${PN} -1 -1 /var/lib/${PN} ${PN},video
+
+ systemd_reenable sddm.service
+}