From f9a445729120f328139aad8832c6c9ea056d9c1b Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 1 Jul 2023 04:34:48 +0100 Subject: x11-misc/sddm : version bump --- metadata/md5-cache/x11-misc/sddm-0.18.1-r11 | 17 -- metadata/md5-cache/x11-misc/sddm-0.20.0 | 17 ++ metadata/pkg_desc_index | 2 +- x11-misc/sddm/Manifest | 2 +- x11-misc/sddm/files/pam-1.4-substack.patch | 31 ---- .../files/sddm-0.12.0-respect-user-flags.patch | 26 --- x11-misc/sddm/files/sddm-0.14.0-consolekit.patch | 9 - x11-misc/sddm/files/sddm-0.16.0-ck2-revert.patch | 20 --- x11-misc/sddm/files/sddm-0.18.0-Xsession.patch | 24 --- x11-misc/sddm/files/sddm-0.18.0-sddmconfdir.patch | 32 ---- x11-misc/sddm/files/sddm-0.18.1-Xsession.patch | 24 +++ .../sddm/files/sddm-0.18.1-cve-2020-28049.patch | 94 ----------- .../files/sddm-0.18.1-drop-wayland-suffix.patch | 28 ---- .../sddm/files/sddm-0.18.1-fix-qt-5.15.7.patch | 33 ---- ...m-0.18.1-honor-PAM-supplemental-groups-v2.patch | 182 --------------------- .../sddm-0.18.1-nvidia-glitches-vt-switch.patch | 46 ------ .../sddm-0.18.1-only-reuse-online-sessions.patch | 27 --- x11-misc/sddm/files/sddm-0.18.1-qt-5.15.2.patch | 23 --- ...18.1-revert-honor-PAM-supplemental-groups.patch | 87 ---------- .../sddm-0.20.0-disable-etc-debian-check.patch | 26 +++ .../sddm-0.20.0-fix-use-development-sessions.patch | 83 ++++++++++ ...sddm-0.20.0-no-default-pam_systemd-module.patch | 43 +++++ .../files/sddm-0.20.0-respect-user-flags.patch | 11 ++ .../files/sddm-0.20.0-sddm.pam-use-substack.patch | 37 +++++ x11-misc/sddm/sddm-0.18.1-r11.ebuild | 110 ------------- x11-misc/sddm/sddm-0.20.0.ebuild | 109 ++++++++++++ 26 files changed, 352 insertions(+), 791 deletions(-) delete mode 100644 metadata/md5-cache/x11-misc/sddm-0.18.1-r11 create mode 100644 metadata/md5-cache/x11-misc/sddm-0.20.0 delete mode 100644 x11-misc/sddm/files/pam-1.4-substack.patch delete mode 100644 x11-misc/sddm/files/sddm-0.12.0-respect-user-flags.patch delete mode 100644 x11-misc/sddm/files/sddm-0.14.0-consolekit.patch delete mode 100644 x11-misc/sddm/files/sddm-0.16.0-ck2-revert.patch delete mode 100644 x11-misc/sddm/files/sddm-0.18.0-Xsession.patch delete mode 100644 x11-misc/sddm/files/sddm-0.18.0-sddmconfdir.patch create mode 100644 x11-misc/sddm/files/sddm-0.18.1-Xsession.patch delete mode 100644 x11-misc/sddm/files/sddm-0.18.1-cve-2020-28049.patch delete mode 100644 x11-misc/sddm/files/sddm-0.18.1-drop-wayland-suffix.patch delete mode 100644 x11-misc/sddm/files/sddm-0.18.1-fix-qt-5.15.7.patch delete mode 100644 x11-misc/sddm/files/sddm-0.18.1-honor-PAM-supplemental-groups-v2.patch delete mode 100644 x11-misc/sddm/files/sddm-0.18.1-nvidia-glitches-vt-switch.patch delete mode 100644 x11-misc/sddm/files/sddm-0.18.1-only-reuse-online-sessions.patch delete mode 100644 x11-misc/sddm/files/sddm-0.18.1-qt-5.15.2.patch delete mode 100644 x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch create mode 100644 x11-misc/sddm/files/sddm-0.20.0-disable-etc-debian-check.patch create mode 100644 x11-misc/sddm/files/sddm-0.20.0-fix-use-development-sessions.patch create mode 100644 x11-misc/sddm/files/sddm-0.20.0-no-default-pam_systemd-module.patch create mode 100644 x11-misc/sddm/files/sddm-0.20.0-respect-user-flags.patch create mode 100644 x11-misc/sddm/files/sddm-0.20.0-sddm.pam-use-substack.patch delete mode 100644 x11-misc/sddm/sddm-0.18.1-r11.ebuild create mode 100644 x11-misc/sddm/sddm-0.20.0.ebuild diff --git a/metadata/md5-cache/x11-misc/sddm-0.18.1-r11 b/metadata/md5-cache/x11-misc/sddm-0.18.1-r11 deleted file mode 100644 index 3269e717..00000000 --- a/metadata/md5-cache/x11-misc/sddm-0.18.1-r11 +++ /dev/null @@ -1,17 +0,0 @@ -BDEPEND=dev-python/docutils >=dev-qt/linguist-tools-5.9.4:5 kde-frameworks/extra-cmake-modules:5 virtual/pkgconfig >=dev-util/ninja-1.8.2 >=dev-util/cmake-3.20.5 virtual/pkgconfig -DEFINED_PHASES=compile configure install postinst prepare test -DEPEND=acct-group/sddm acct-user/sddm >=dev-qt/qtcore-5.9.4:5 >=dev-qt/qtdbus-5.9.4:5 >=dev-qt/qtdeclarative-5.9.4:5 >=dev-qt/qtgui-5.9.4:5 >=dev-qt/qtnetwork-5.9.4:5 >=x11-base/xorg-server-1.15.1 x11-libs/libxcb[xkb] branding? ( x11-themes/redcore-theme-sddm ) consolekit? ( >=sys-auth/consolekit-0.9.4 ) elogind? ( sys-auth/elogind ) pam? ( sys-libs/pam ) systemd? ( sys-apps/systemd:= ) !systemd? ( sys-power/upower ) test? ( >=dev-qt/qttest-5.9.4:5 ) -DESCRIPTION=Simple Desktop Display Manager -EAPI=7 -HOMEPAGE=https://github.com/sddm/sddm -INHERIT=cmake plocale systemd tmpfiles -IUSE=+branding consolekit elogind +pam systemd test -KEYWORDS=~amd64 ~arm ~arm64 ~ppc64 ~x86 -LICENSE=GPL-2+ MIT CC-BY-3.0 CC-BY-SA-3.0 public-domain -RDEPEND=acct-group/sddm acct-user/sddm >=dev-qt/qtcore-5.9.4:5 >=dev-qt/qtdbus-5.9.4:5 >=dev-qt/qtdeclarative-5.9.4:5 >=dev-qt/qtgui-5.9.4:5 >=dev-qt/qtnetwork-5.9.4:5 >=x11-base/xorg-server-1.15.1 x11-libs/libxcb[xkb] branding? ( x11-themes/redcore-theme-sddm ) consolekit? ( >=sys-auth/consolekit-0.9.4 ) elogind? ( sys-auth/elogind ) pam? ( sys-libs/pam ) systemd? ( sys-apps/systemd:= ) !systemd? ( sys-power/upower ) virtual/tmpfiles -REQUIRED_USE=?? ( elogind systemd ) -RESTRICT=!test? ( test ) -SLOT=0 -SRC_URI=https://github.com/sddm/sddm/releases/download/v0.18.1/sddm-0.18.1.tar.xz -_eclasses_=cmake 1abaebfe913f48975739281ab7d7ab75 flag-o-matic ad475baa777c9978fa035216c8264a10 multilib c19072c3cd7ac5cb21de013f7e9832e0 multiprocessing b4e253ab22cef7b1085e9b67c7a3b730 ninja-utils 76050953ad5b70d7e09a6ca55558db92 plocale 950fbaec7deeba41b5bcc0572cca99b9 systemd 5f4bb0758df2e483babf68cd517078ca tmpfiles 216aa76c3a6fcb5d893c23a0de86048f toolchain-funcs 513c31b3346458ed1f3878b57da6d61c xdg-utils baea6080dd821f5562d715887954c9d3 -_md5_=ca1ef1efa15820a2c7e14f62c5471e4f diff --git a/metadata/md5-cache/x11-misc/sddm-0.20.0 b/metadata/md5-cache/x11-misc/sddm-0.20.0 new file mode 100644 index 00000000..b396f88b --- /dev/null +++ b/metadata/md5-cache/x11-misc/sddm-0.20.0 @@ -0,0 +1,17 @@ +BDEPEND=dev-python/docutils >=dev-qt/linguist-tools-5.15.2:5 kde-frameworks/extra-cmake-modules:5 virtual/pkgconfig >=dev-util/ninja-1.8.2 >=dev-util/cmake-3.20.5 virtual/pkgconfig +DEFINED_PHASES=compile configure install postinst prepare setup test +DEPEND=acct-group/sddm acct-user/sddm >=dev-qt/qtcore-5.15.2:5 >=dev-qt/qtdbus-5.15.2:5 >=dev-qt/qtdeclarative-5.15.2:5 >=dev-qt/qtgui-5.15.2:5 >=dev-qt/qtnetwork-5.15.2:5 sys-libs/pam x11-libs/libXau x11-libs/libxcb:= branding? ( x11-themes/redcore-theme-sddm ) elogind? ( sys-auth/elogind[pam] ) systemd? ( sys-apps/systemd:=[pam] ) !systemd? ( sys-power/upower ) test? ( >=dev-qt/qttest-5.15.2:5 ) +DESCRIPTION=Simple Desktop Display Manager +EAPI=8 +HOMEPAGE=https://github.com/sddm/sddm +INHERIT=cmake linux-info systemd tmpfiles +IUSE=+branding +elogind systemd test +KEYWORDS=~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86 +LICENSE=GPL-2+ MIT CC-BY-3.0 CC-BY-SA-3.0 public-domain +RDEPEND=acct-group/sddm acct-user/sddm >=dev-qt/qtcore-5.15.2:5 >=dev-qt/qtdbus-5.15.2:5 >=dev-qt/qtdeclarative-5.15.2:5 >=dev-qt/qtgui-5.15.2:5 >=dev-qt/qtnetwork-5.15.2:5 sys-libs/pam x11-libs/libXau x11-libs/libxcb:= branding? ( x11-themes/redcore-theme-sddm ) elogind? ( sys-auth/elogind[pam] ) systemd? ( sys-apps/systemd:=[pam] ) !systemd? ( sys-power/upower ) x11-base/xorg-server !systemd? ( gui-libs/display-manager-init ) virtual/tmpfiles +REQUIRED_USE=^^ ( elogind systemd ) +RESTRICT=!test? ( test ) +SLOT=0 +SRC_URI=https://github.com/sddm/sddm/archive/refs/tags/v0.20.0.tar.gz -> sddm-0.20.0.tar.gz +_eclasses_=cmake 1abaebfe913f48975739281ab7d7ab75 flag-o-matic ad475baa777c9978fa035216c8264a10 linux-info c4f1201b96a8a2c1f3b86cc8b2c71c91 multilib c19072c3cd7ac5cb21de013f7e9832e0 multiprocessing b4e253ab22cef7b1085e9b67c7a3b730 ninja-utils 76050953ad5b70d7e09a6ca55558db92 systemd 5f4bb0758df2e483babf68cd517078ca tmpfiles 216aa76c3a6fcb5d893c23a0de86048f toolchain-funcs 513c31b3346458ed1f3878b57da6d61c xdg-utils baea6080dd821f5562d715887954c9d3 +_md5_=c8c319cdabc2dc91af7f1257a3e7754f diff --git a/metadata/pkg_desc_index b/metadata/pkg_desc_index index 7f9ddcad..78393dff 100644 --- a/metadata/pkg_desc_index +++ b/metadata/pkg_desc_index @@ -78,7 +78,7 @@ x11-libs/gtk+ 2.24.33-r3 3.24.37-r1: Gimp ToolKit + x11-misc/nvidia-prime 314: NVIDIA Prime Render Offload configuration and utilities x11-misc/nvidia-settings 390.157-r2 470.182.03-r1 515.105.01-r1 525.116.03-r1 530.41.03: NVIDIA Linux X11 Settings Utility x11-misc/pcmanfm-qt-share 1337: PCManFM-QT custom action to share folder using Samba -x11-misc/sddm 0.18.1-r11: Simple Desktop Display Manager +x11-misc/sddm 0.20.0: Simple Desktop Display Manager x11-themes/material-icon-theme 1.314.1337: Icon theme following the Google's material design specifications x11-themes/redcore-artwork-calamares 1.314.1337-r1: Redcore Linux branding component for Calamares x11-themes/redcore-artwork-community 1.314.1337: Redcore Linux Community Wallpapers diff --git a/x11-misc/sddm/Manifest b/x11-misc/sddm/Manifest index d1006dba..dc2a0ee7 100644 --- a/x11-misc/sddm/Manifest +++ b/x11-misc/sddm/Manifest @@ -1 +1 @@ -DIST sddm-0.18.1.tar.xz 3402972 BLAKE2B 99ab43d374e9a3d318f692a6d496d8a6d68927af3c8e8fc2208d7355ec90649a14758b39f5733dd32f942ed569de88085576d4f5f8666f4f97079e0fb6dcb99e SHA512 ff0637600cda2f4da1f643f047f8ee822bd9651ae4ccbb614b9804175c97360ada7af93e07a7b63832f014ef6e7d1b5380ab2b8959f8024ea520fa5ff17efd60 +DIST sddm-0.20.0.tar.gz 3552722 BLAKE2B 8086c9555d5ce1598db3279353de077d51adbcc5222a929750e8558a1bcdad395a411f90608bffdc6e1ca7e7ac2b8325e25cf04cbf8476698d787ce7e60c2105 SHA512 0f64b405f1451873a01a2210530feb6f4cbbdea17be9d039c105088963a48322968db7b60c0d20ac5d97c8ec2a19e5130f0a74c0f9de58c61453d8ce8bb6272a diff --git a/x11-misc/sddm/files/pam-1.4-substack.patch b/x11-misc/sddm/files/pam-1.4-substack.patch deleted file mode 100644 index b0467b26..00000000 --- a/x11-misc/sddm/files/pam-1.4-substack.patch +++ /dev/null @@ -1,31 +0,0 @@ ---- sddm-0.18.1/services/sddm-autologin.pam.bak 2020-06-19 22:27:57.305580696 +0200 -+++ sddm-0.18.1/services/sddm-autologin.pam 2020-06-19 22:30:50.513583973 +0200 -@@ -1,6 +1,5 @@ - #%PAM-1.0 - auth required pam_env.so --auth required pam_tally.so file=/var/log/faillog onerr=succeed - auth required pam_shells.so - auth required pam_nologin.so - auth required pam_permit.so ---- sddm-0.18.1/services/sddm.pam.bak 2020-06-19 22:27:26.721580117 +0200 -+++ sddm-0.18.1/services/sddm.pam 2020-06-19 22:27:48.729580533 +0200 -@@ -1,15 +1,15 @@ - #%PAM-1.0 - --auth include system-login -+auth substack system-login - -auth optional pam_gnome_keyring.so - -auth optional pam_kwallet5.so - --account include system-login -+account substack system-login - --password include system-login -+password substack system-login - -password optional pam_gnome_keyring.so use_authtok - - session optional pam_keyinit.so force revoke --session include system-login -+session substack system-login - -session optional pam_gnome_keyring.so auto_start - -session optional pam_kwallet5.so auto_start \ No newline at end of file diff --git a/x11-misc/sddm/files/sddm-0.12.0-respect-user-flags.patch b/x11-misc/sddm/files/sddm-0.12.0-respect-user-flags.patch deleted file mode 100644 index fc450169..00000000 --- a/x11-misc/sddm/files/sddm-0.12.0-respect-user-flags.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff -u CMakeLists.txt CMakeLists.txt ---- a/CMakeLists.txt 2015-09-05 22:40:50.000000000 +0200 -+++ b/CMakeLists.txt 2015-09-07 12:15:33.419530808 +0200 -@@ -35,22 +35,6 @@ - # Definitions - add_definitions(-Wall -std=c++11 -DQT_NO_CAST_FROM_ASCII) - --# Default build type --if(NOT CMAKE_BUILD_TYPE) -- set(CMAKE_BUILD_TYPE Release) --endif() -- --# Handle build type --if(CMAKE_BUILD_TYPE MATCHES [Dd]ebug) -- message(STATUS "Debug build") -- add_definitions(-DDEBUG) -- set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -g -O0") --else() -- message(STATUS "Release build") -- add_definitions(-DNDEBUG) -- set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -O2") --endif() -- - # Default absolute paths - if(NOT DEFINED CMAKE_INSTALL_SYSCONFDIR) - set(CMAKE_INSTALL_SYSCONFDIR "/etc") diff --git a/x11-misc/sddm/files/sddm-0.14.0-consolekit.patch b/x11-misc/sddm/files/sddm-0.14.0-consolekit.patch deleted file mode 100644 index 64ea0648..00000000 --- a/x11-misc/sddm/files/sddm-0.14.0-consolekit.patch +++ /dev/null @@ -1,9 +0,0 @@ ---- a/data/scripts/Xsession 2016-08-28 14:52:04.910181422 +0200 -+++ b/data/scripts/Xsession 2016-08-28 14:53:07.157184480 +0200 -@@ -91,5 +91,5 @@ - if [ -z "$@" ]; then - exec xmessage -center -buttons OK:0 -default OK "Sorry, $DESKTOP_SESSION is no valid session." - else -- exec $@ -+ exec ck-launch-session $@ - fi diff --git a/x11-misc/sddm/files/sddm-0.16.0-ck2-revert.patch b/x11-misc/sddm/files/sddm-0.16.0-ck2-revert.patch deleted file mode 100644 index bbe2a272..00000000 --- a/x11-misc/sddm/files/sddm-0.16.0-ck2-revert.patch +++ /dev/null @@ -1,20 +0,0 @@ -SDDM 0.16.0 fails to start with consolekit2 because it assumes consolekit2 -has the same interface names as logind. - -This patch forces sddm to use legacy behaviour when consolekit2 is detected. - -Bug: https://bugs.gentoo.org/633920 -Bug: https://github.com/sddm/sddm/issues/903 -Bug: https://github.com/ConsoleKit2/ConsoleKit2/issues/99 - ---- a/src/daemon/LogindDBusTypes.cpp -+++ b/src/daemon/LogindDBusTypes.cpp -@@ -60,7 +60,7 @@ - - if (QDBusConnection::systemBus().interface()->isServiceRegistered(QStringLiteral("org.freedesktop.ConsoleKit"))) { - qDebug() << "Console kit interface found"; -- available = true; -+ available = false; - serviceName = QStringLiteral("org.freedesktop.ConsoleKit"); - managerPath = QStringLiteral("/org/freedesktop/ConsoleKit/Manager"); - managerIfaceName = QStringLiteral("/org.freedesktop.ConsoleKit.Manager"); //note this doesn't match logind diff --git a/x11-misc/sddm/files/sddm-0.18.0-Xsession.patch b/x11-misc/sddm/files/sddm-0.18.0-Xsession.patch deleted file mode 100644 index 41c813a0..00000000 --- a/x11-misc/sddm/files/sddm-0.18.0-Xsession.patch +++ /dev/null @@ -1,24 +0,0 @@ ---- a/data/scripts/Xsession 2016-08-28 14:52:04.910181422 +0200 -+++ b/data/scripts/Xsession 2017-10-21 15:25:47.668886596 +0200 -@@ -50,6 +50,10 @@ - ;; - esac - -+# Make D-Bus and ConsoleKit start properly, see: -+# /etc/X11/xinit/xinitrc.d/{80-dbus,90-consolekit} -+command="$@" -+ - [ -f /etc/xprofile ] && . /etc/xprofile - [ -f $HOME/.xprofile ] && . $HOME/.xprofile - -@@ -94,8 +98,8 @@ - . "$USERXSESSION" - fi - --if [ -z "$*" ]; then -+if [ -z "$command" ]; then - exec xmessage -center -buttons OK:0 -default OK "Sorry, $DESKTOP_SESSION is no valid session." - else -- exec $@ -+ exec $command - fi diff --git a/x11-misc/sddm/files/sddm-0.18.0-sddmconfdir.patch b/x11-misc/sddm/files/sddm-0.18.0-sddmconfdir.patch deleted file mode 100644 index 9d8f2b54..00000000 --- a/x11-misc/sddm/files/sddm-0.18.0-sddmconfdir.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 300078995ae82495cf09a0646a07e0214f0ae030 Mon Sep 17 00:00:00 2001 -From: Andreas Sturmlechner -Date: Sat, 21 Jul 2018 22:41:29 +0200 -Subject: [PATCH] Change location of sddm.conf.d to DATAROOTDIR - -/usr/lib is not a location that should be hardcoded - depending on -distribution and architecture this can be different. So far, SDDM -does not use this path unless the above conditions happen to make -it coincide with the install location of its Qml modules. - -DATAROOTDIR is defined as: Read-only architecture-independent data. -This seems to be a better fit for a system SDDM default config dir. ---- - CMakeLists.txt | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/CMakeLists.txt b/CMakeLists.txt -index 8500c65..5150b7d 100644 ---- a/CMakeLists.txt -+++ b/CMakeLists.txt -@@ -184,7 +184,7 @@ set(WAYLAND_SESSION_COMMAND "${DATA_INSTALL_DIR}/scripts/wayland-session" - - set(CONFIG_FILE "${CMAKE_INSTALL_FULL_SYSCONFDIR}/sddm.conf" CACHE PATH "Path of the sddm config file") - set(CONFIG_DIR "${CMAKE_INSTALL_FULL_SYSCONFDIR}/sddm.conf.d" CACHE PATH "Path of the sddm config directory") --set(SYSTEM_CONFIG_DIR "${CMAKE_INSTALL_PREFIX}/lib/sddm/sddm.conf.d" CACHE PATH "Path of the system sddm config directory") -+set(SYSTEM_CONFIG_DIR "${CMAKE_INSTALL_FULL_DATAROOTDIR}/sddm/sddm.conf.d" CACHE PATH "Path of the system sddm config directory") - set(LOG_FILE "${CMAKE_INSTALL_FULL_LOCALSTATEDIR}/log/sddm.log" CACHE PATH "Path of the sddm log file") - set(DBUS_CONFIG_FILENAME "org.freedesktop.DisplayManager.conf" CACHE STRING "Name of the sddm config file") - set(COMPONENTS_TRANSLATION_DIR "${DATA_INSTALL_DIR}/translations" CACHE PATH "Components translations directory") --- -2.18.0 - diff --git a/x11-misc/sddm/files/sddm-0.18.1-Xsession.patch b/x11-misc/sddm/files/sddm-0.18.1-Xsession.patch new file mode 100644 index 00000000..e1e3c152 --- /dev/null +++ b/x11-misc/sddm/files/sddm-0.18.1-Xsession.patch @@ -0,0 +1,24 @@ +--- a/data/scripts/Xsession ++++ b/data/scripts/Xsession +@@ -50,6 +50,10 @@ + ;; + esac + ++# Make D-Bus start properly, see: ++# /etc/X11/xinit/xinitrc.d/80-dbus ++command="$@" ++ + [ -f /etc/xprofile ] && . /etc/xprofile + [ -f $HOME/.xprofile ] && . $HOME/.xprofile + +@@ -94,8 +98,8 @@ + . "$USERXSESSION" + fi + +-if [ -z "$*" ]; then ++if [ -z "$command" ]; then + exec xmessage -center -buttons OK:0 -default OK "Sorry, $DESKTOP_SESSION is no valid session." + else +- exec $@ ++ exec $command + fi diff --git a/x11-misc/sddm/files/sddm-0.18.1-cve-2020-28049.patch b/x11-misc/sddm/files/sddm-0.18.1-cve-2020-28049.patch deleted file mode 100644 index 8209c073..00000000 --- a/x11-misc/sddm/files/sddm-0.18.1-cve-2020-28049.patch +++ /dev/null @@ -1,94 +0,0 @@ -From be202f533ab98a684c6a007e8d5b4357846bc222 Mon Sep 17 00:00:00 2001 -From: Fabian Vogt -Date: Tue, 6 Oct 2020 21:21:38 +0200 -Subject: [PATCH] Fix X not having access control on startup - -If the auth file is empty, X allows any local application (= any user on the -system) to connect. This is currently the case until X wrote the display -number to sddm and sddm used that to write the entry into the file. -To work around this chicken-and-egg problem, make use of the fact that X -doesn't actually look at the display number in the passed auth file and just -use :0 unconditionally. Also make sure that writing the entry was actually -successful. - -CVE-2020-28049 ---- - src/daemon/XorgDisplayServer.cpp | 25 ++++++++++++++++++++----- - src/daemon/XorgDisplayServer.h | 2 +- - 2 files changed, 21 insertions(+), 6 deletions(-) - -diff --git a/src/daemon/XorgDisplayServer.cpp b/src/daemon/XorgDisplayServer.cpp -index d04f6344..df685b2d 100644 ---- a/src/daemon/XorgDisplayServer.cpp -+++ b/src/daemon/XorgDisplayServer.cpp -@@ -88,7 +88,7 @@ namespace SDDM { - return m_cookie; - } - -- void XorgDisplayServer::addCookie(const QString &file) { -+ bool XorgDisplayServer::addCookie(const QString &file) { - // log message - qDebug() << "Adding cookie to" << file; - -@@ -104,13 +104,13 @@ namespace SDDM { - - // check file - if (!fp) -- return; -+ return false; - fprintf(fp, "remove %s\n", qPrintable(m_display)); - fprintf(fp, "add %s . %s\n", qPrintable(m_display), qPrintable(m_cookie)); - fprintf(fp, "exit\n"); - - // close pipe -- pclose(fp); -+ return pclose(fp) == 0; - } - - bool XorgDisplayServer::start() { -@@ -127,6 +127,15 @@ namespace SDDM { - // log message - qDebug() << "Display server starting..."; - -+ // generate auth file. -+ // For the X server's copy, the display number doesn't matter. -+ // An empty file would result in no access control! -+ m_display = QStringLiteral(":0"); -+ if(!addCookie(m_authPath)) { -+ qCritical() << "Failed to write xauth file"; -+ return false; -+ } -+ - if (daemonApp->testing()) { - QStringList args; - QDir x11socketDir(QStringLiteral("/tmp/.X11-unix")); -@@ -217,8 +226,14 @@ namespace SDDM { - emit started(); - } - -- // generate auth file -- addCookie(m_authPath); -+ // The file is also used by the greeter, which does care about the -+ // display number. Write the proper entry, if it's different. -+ if(m_display != QStringLiteral(":0")) { -+ if(!addCookie(m_authPath)) { -+ qCritical() << "Failed to write xauth file"; -+ return false; -+ } -+ } - changeOwner(m_authPath); - - // set flag -diff --git a/src/daemon/XorgDisplayServer.h b/src/daemon/XorgDisplayServer.h -index d2bdf6d4..e97a0b53 100644 ---- a/src/daemon/XorgDisplayServer.h -+++ b/src/daemon/XorgDisplayServer.h -@@ -40,7 +40,7 @@ namespace SDDM { - - const QString &cookie() const; - -- void addCookie(const QString &file); -+ bool addCookie(const QString &file); - - public slots: - bool start(); diff --git a/x11-misc/sddm/files/sddm-0.18.1-drop-wayland-suffix.patch b/x11-misc/sddm/files/sddm-0.18.1-drop-wayland-suffix.patch deleted file mode 100644 index 70efa284..00000000 --- a/x11-misc/sddm/files/sddm-0.18.1-drop-wayland-suffix.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 9a440ba5917ff93c6a78726380c6267d91c13f19 Mon Sep 17 00:00:00 2001 -From: Alex -Date: Mon, 30 Sep 2019 16:50:16 -0400 -Subject: [PATCH] Prevent duplicate session name. - -Several desktop sessions (e.g. KDE Plasma) already include the string " (Wayland)" in the session name. When this happens, the session name displayed to the user is "Plasma (Wayland) (Wayland)". This change makes it so that only "Plasma (Wayland)" will be displayed. - -(cherry picked from commit f9a0648ff3f841b68a07c139c3540b9e75bfd279) ---- - src/common/Session.cpp | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/common/Session.cpp b/src/common/Session.cpp -index aa4dad3..923ecd4 100644 ---- a/src/common/Session.cpp -+++ b/src/common/Session.cpp -@@ -169,7 +169,7 @@ namespace SDDM { - - if (line.startsWith(QLatin1String("Name="))) { - if (type == WaylandSession) -- m_displayName = QObject::tr("%1 (Wayland)").arg(line.mid(5)); -+ m_displayName = QObject::tr("%1").arg(line.mid(5)); - else - m_displayName = line.mid(5); - } --- -2.38.1 - diff --git a/x11-misc/sddm/files/sddm-0.18.1-fix-qt-5.15.7.patch b/x11-misc/sddm/files/sddm-0.18.1-fix-qt-5.15.7.patch deleted file mode 100644 index 65e9b857..00000000 --- a/x11-misc/sddm/files/sddm-0.18.1-fix-qt-5.15.7.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 5fe712d0e73c6263647bf306f40fbac94a52f4a6 Mon Sep 17 00:00:00 2001 -From: Harald Sitter -Date: Mon, 24 Oct 2022 13:15:48 +0200 -Subject: disable automatic portal launching - -in Qt6 (and the KDE patch collection for Qt 5) genericunixservices will -internally attempt to probe the portal tech early on in the app life -cycle. this causes the protal system to launch app and then crash -because we aren't actually providing a fully functional session. instead -opt out of this altogether - -(cherry picked from commit fc24321541f6f65b7d1aac89cd82336ffd53e1a0) ---- - src/greeter/GreeterApp.cpp | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/src/greeter/GreeterApp.cpp b/src/greeter/GreeterApp.cpp -index 4e117a7..a491f4d 100644 ---- a/src/greeter/GreeterApp.cpp -+++ b/src/greeter/GreeterApp.cpp -@@ -318,6 +318,9 @@ int main(int argc, char **argv) - QSurfaceFormat::setDefaultFormat(format); - } - -+ // Qt internally may load the xdg portal system early on, prevent this, we do not have a functional session running. -+ qputenv("QT_NO_XDG_DESKTOP_PORTAL", "1"); -+ - QGuiApplication app(argc, argv); - - QCommandLineParser parser; --- -2.38.1 - diff --git a/x11-misc/sddm/files/sddm-0.18.1-honor-PAM-supplemental-groups-v2.patch b/x11-misc/sddm/files/sddm-0.18.1-honor-PAM-supplemental-groups-v2.patch deleted file mode 100644 index f4ce7ae7..00000000 --- a/x11-misc/sddm/files/sddm-0.18.1-honor-PAM-supplemental-groups-v2.patch +++ /dev/null @@ -1,182 +0,0 @@ -From 75e6e00d9e1ecf25e3a9c8332530a1e40d737cdb Mon Sep 17 00:00:00 2001 -From: "J. Konrad Tegtmeier-Rottach" -Date: Thu, 9 May 2019 03:06:48 +0200 -Subject: [PATCH] Honor PAM's supplemental groups (v2) (#834, #1159) - -This moves the supplemental group initialization step from -UserSession.cpp to the Backend system, so that the Pam Backend can -inject additional supplemental groups via modules like pam_group.so. - -pam_setcred(3) assumes that it operates on an already initialized -supplemental group list. However, PamBackend calls -pam_setcred(PAM_ESTABLISH_CRED) earlier, at the start -PamBackend::openSession, so a pam_setcred(PAM_REINITIALIZE_CRED) call -must be issued to repeat the injection of PAM's supplemental groups. ---- - src/helper/Backend.cpp | 5 +++++ - src/helper/Backend.h | 3 +++ - src/helper/HelperApp.cpp | 4 ++++ - src/helper/HelperApp.h | 1 + - src/helper/UserSession.cpp | 13 ++++++++----- - src/helper/backend/PamBackend.cpp | 18 ++++++++++++++++++ - src/helper/backend/PamBackend.h | 2 ++ - 7 files changed, 41 insertions(+), 5 deletions(-) - -diff --git a/src/helper/Backend.cpp b/src/helper/Backend.cpp -index d6bb4d0a..35ae2bdf 100644 ---- a/src/helper/Backend.cpp -+++ b/src/helper/Backend.cpp -@@ -29,6 +29,7 @@ - #include - - #include -+#include - - namespace SDDM { - Backend::Backend(HelperApp* parent) -@@ -79,4 +80,8 @@ namespace SDDM { - bool Backend::closeSession() { - return true; - } -+ -+ bool Backend::setupSupplementalGroups(struct passwd *pw) { -+ return !initgroups(pw->pw_name, pw->pw_gid); -+ } - } -diff --git a/src/helper/Backend.h b/src/helper/Backend.h -index b790e001..3caf1592 100644 ---- a/src/helper/Backend.h -+++ b/src/helper/Backend.h -@@ -22,6 +22,7 @@ - #define BACKEND_H - - #include -+#include - - namespace SDDM { - class HelperApp; -@@ -38,6 +39,8 @@ namespace SDDM { - void setAutologin(bool on = true); - void setGreeter(bool on = true); - -+ virtual bool setupSupplementalGroups(struct passwd *pw); -+ - public slots: - virtual bool start(const QString &user = QString()) = 0; - virtual bool authenticate() = 0; -diff --git a/src/helper/HelperApp.cpp b/src/helper/HelperApp.cpp -index cad93bd8..d0891d75 100644 ---- a/src/helper/HelperApp.cpp -+++ b/src/helper/HelperApp.cpp -@@ -253,6 +253,10 @@ namespace SDDM { - return m_session; - } - -+ Backend *HelperApp::backend() { -+ return m_backend; -+ } -+ - const QString& HelperApp::user() const { - return m_user; - } -diff --git a/src/helper/HelperApp.h b/src/helper/HelperApp.h -index 3742df12..cb5959a7 100644 ---- a/src/helper/HelperApp.h -+++ b/src/helper/HelperApp.h -@@ -39,6 +39,7 @@ namespace SDDM { - virtual ~HelperApp(); - - UserSession *session(); -+ Backend *backend(); - const QString &user() const; - const QString &cookie() const; - -diff --git a/src/helper/UserSession.cpp b/src/helper/UserSession.cpp -index f71fd358..62fd4d70 100644 ---- a/src/helper/UserSession.cpp -+++ b/src/helper/UserSession.cpp -@@ -19,6 +19,7 @@ - * - */ - -+#include "Backend.h" - #include "Configuration.h" - #include "UserSession.h" - #include "HelperApp.h" -@@ -129,7 +130,8 @@ namespace SDDM { - #endif - - // switch user -- const QByteArray username = qobject_cast(parent())->user().toLocal8Bit(); -+ HelperApp* app = qobject_cast(parent()); -+ const QByteArray username = app->user().toLocal8Bit(); - struct passwd pw; - struct passwd *rpw; - long bufsize = sysconf(_SC_GETPW_R_SIZE_MAX); -@@ -146,12 +148,13 @@ namespace SDDM { - qCritical() << "getpwnam_r(" << username << ") failed with error: " << strerror(err); - exit(Auth::HELPER_OTHER_ERROR); - } -- if (setgid(pw.pw_gid) != 0) { -- qCritical() << "setgid(" << pw.pw_gid << ") failed for user: " << username; -+ -+ if (!app->backend()->setupSupplementalGroups(&pw)) { -+ qCritical() << "failed to set up supplemental groups for user: " << username; - exit(Auth::HELPER_OTHER_ERROR); - } -- if (initgroups(pw.pw_name, pw.pw_gid) != 0) { -- qCritical() << "initgroups(" << pw.pw_name << ", " << pw.pw_gid << ") failed for user: " << username; -+ if (setgid(pw.pw_gid) != 0) { -+ qCritical() << "setgid(" << pw.pw_gid << ") failed for user: " << username; - exit(Auth::HELPER_OTHER_ERROR); - } - if (setuid(pw.pw_uid) != 0) { -diff --git a/src/helper/backend/PamBackend.cpp b/src/helper/backend/PamBackend.cpp -index f86d77d6..cccfa258 100644 ---- a/src/helper/backend/PamBackend.cpp -+++ b/src/helper/backend/PamBackend.cpp -@@ -289,6 +289,24 @@ namespace SDDM { - return QString::fromLocal8Bit((const char*) m_pam->getItem(PAM_USER)); - } - -+ bool PamBackend::setupSupplementalGroups(struct passwd *pw) { -+ if (!Backend::setupSupplementalGroups(pw)) -+ return false; -+ -+ // pam_setcred(3) may inject additional groups into the user's -+ // list of supplemental groups, and assumes that the user's -+ // supplemental groups have already been initialized before -+ // its invocation. Since pam_setcred was already called at the -+ // start of openSession, we need to repeat this step here as -+ // the user's groups have only just now been initialized. -+ -+ if (!m_pam->setCred(PAM_REINITIALIZE_CRED)) { -+ m_app->error(m_pam->errorString(), Auth::ERROR_AUTHENTICATION); -+ return false; -+ } -+ return true; -+ } -+ - int PamBackend::converse(int n, const struct pam_message **msg, struct pam_response **resp) { - qDebug() << "[PAM] Conversation with" << n << "messages"; - -diff --git a/src/helper/backend/PamBackend.h b/src/helper/backend/PamBackend.h -index 4c8b4b35..5b079099 100644 ---- a/src/helper/backend/PamBackend.h -+++ b/src/helper/backend/PamBackend.h -@@ -28,6 +28,7 @@ - #include - - #include -+#include - - namespace SDDM { - class PamHandle; -@@ -61,6 +62,7 @@ namespace SDDM { - explicit PamBackend(HelperApp *parent); - virtual ~PamBackend(); - int converse(int n, const struct pam_message **msg, struct pam_response **resp); -+ virtual bool setupSupplementalGroups(struct passwd *pw); - - public slots: - virtual bool start(const QString &user = QString()); diff --git a/x11-misc/sddm/files/sddm-0.18.1-nvidia-glitches-vt-switch.patch b/x11-misc/sddm/files/sddm-0.18.1-nvidia-glitches-vt-switch.patch deleted file mode 100644 index ab2fc18c..00000000 --- a/x11-misc/sddm/files/sddm-0.18.1-nvidia-glitches-vt-switch.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 76c11653522453efcf86f6f2f53bca1a497ea350 Mon Sep 17 00:00:00 2001 -From: David Edmundson -Date: Thu, 28 Mar 2019 11:43:37 +0000 -Subject: Enable QSurfaceFormat::ResetNotification on new Qt - -This fixes graphical glitches on nvidia after VT switching. - -It's opt-in as it requires code paths to handle glGetError differently. -The version comparison is because my early implementations missed a code -path. This was fixed in 5.12.2, but we may as well play safe - -(cherry picked from commit cd4e1fa21e1ab7178fa5d2ef858f3271575fd315) ---- - src/greeter/GreeterApp.cpp | 9 +++++++++ - 1 file changed, 9 insertions(+) - -diff --git a/src/greeter/GreeterApp.cpp b/src/greeter/GreeterApp.cpp -index d47998e..4e117a7 100644 ---- a/src/greeter/GreeterApp.cpp -+++ b/src/greeter/GreeterApp.cpp -@@ -40,6 +40,9 @@ - #include - #include - #include -+#include -+#include -+#include - - #include - -@@ -309,6 +312,12 @@ int main(int argc, char **argv) - qDebug() << "High-DPI autoscaling not Enabled"; - } - -+ if (QLibraryInfo::version() >= QVersionNumber(5, 13, 0)) { -+ auto format(QSurfaceFormat::defaultFormat()); -+ format.setOption(QSurfaceFormat::ResetNotification); -+ QSurfaceFormat::setDefaultFormat(format); -+ } -+ - QGuiApplication app(argc, argv); - - QCommandLineParser parser; --- -2.38.1 - diff --git a/x11-misc/sddm/files/sddm-0.18.1-only-reuse-online-sessions.patch b/x11-misc/sddm/files/sddm-0.18.1-only-reuse-online-sessions.patch deleted file mode 100644 index b3ea90ff..00000000 --- a/x11-misc/sddm/files/sddm-0.18.1-only-reuse-online-sessions.patch +++ /dev/null @@ -1,27 +0,0 @@ -From f131270ff3ae6e6b4e2dc965cd05b46e194b48c1 Mon Sep 17 00:00:00 2001 -From: Fabian Vogt -Date: Tue, 31 Jul 2018 16:51:13 +0200 -Subject: [PATCH] Session reuse: Only consider "online" sessions - -Otherwise it might switch to already dead sessions ("closing" or "lingering"). ---- - src/daemon/Display.cpp | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/daemon/Display.cpp b/src/daemon/Display.cpp -index 86e597e..ec442b0 100644 ---- a/src/daemon/Display.cpp -+++ b/src/daemon/Display.cpp -@@ -290,8 +290,8 @@ namespace SDDM { - foreach(const SessionInfo &s, reply.value()) { - if (s.userName == user) { - OrgFreedesktopLogin1SessionInterface session(Logind::serviceName(), s.sessionPath.path(), QDBusConnection::systemBus()); -- if (session.service() == QLatin1String("sddm")) { -- m_reuseSessionId = s.sessionId; -+ if (session.service() == QLatin1String("sddm") && session.state() == QLatin1String("online")) { -+ m_reuseSessionId = s.sessionId; - break; - } - } --- -2.18.0 diff --git a/x11-misc/sddm/files/sddm-0.18.1-qt-5.15.2.patch b/x11-misc/sddm/files/sddm-0.18.1-qt-5.15.2.patch deleted file mode 100644 index 7179d14e..00000000 --- a/x11-misc/sddm/files/sddm-0.18.1-qt-5.15.2.patch +++ /dev/null @@ -1,23 +0,0 @@ -From e93bf95c54ad8c2a1604f8d7be05339164b19308 Mon Sep 17 00:00:00 2001 -From: "aacid@kde.org" -Date: Thu, 12 Nov 2020 23:42:48 +0100 -Subject: [PATCH] Fix compilation once QTBUG-88431 gets fixed - -And also comes closes to Qt6 compatibility ---- - src/daemon/XorgDisplayServer.cpp | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/daemon/XorgDisplayServer.cpp b/src/daemon/XorgDisplayServer.cpp -index 5f93a1b3..d5f29a94 100644 ---- a/src/daemon/XorgDisplayServer.cpp -+++ b/src/daemon/XorgDisplayServer.cpp -@@ -65,7 +65,7 @@ namespace SDDM { - // create a random hexadecimal number - const char *digits = "0123456789abcdef"; - for (int i = 0; i < 32; ++i) -- m_cookie[i] = digits[dis(gen)]; -+ m_cookie[i] = QLatin1Char(digits[dis(gen)]); - } - - XorgDisplayServer::~XorgDisplayServer() { diff --git a/x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch b/x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch deleted file mode 100644 index f14ff767..00000000 --- a/x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch +++ /dev/null @@ -1,87 +0,0 @@ -From d3953e88a94ec25a87d3c5136517b3d1009cb1fd Mon Sep 17 00:00:00 2001 -From: "J. Konrad Tegtmeier-Rottach" -Date: Wed, 8 May 2019 18:58:53 +0200 -Subject: [PATCH] Revert "Honor PAM's ambient supplemental groups. (#834)" - -This reverts commit 1bc813d08b8130e458a6550ec47fb2bfbe6de080, which -misuses PAM and leads to pulling in all of root's supplemental groups -during session initialization instead of only adding PAM's extra -groups. The problem was masked due to the root user not having any -supplemental groups in some common contexts, like running sddm from a -systemd unit. ---- - src/helper/UserSession.cpp | 57 -------------------------------------- - 1 file changed, 57 deletions(-) - -diff --git a/src/helper/UserSession.cpp b/src/helper/UserSession.cpp -index b3aec356..f71fd358 100644 ---- a/src/helper/UserSession.cpp -+++ b/src/helper/UserSession.cpp -@@ -150,67 +150,10 @@ namespace SDDM { - qCritical() << "setgid(" << pw.pw_gid << ") failed for user: " << username; - exit(Auth::HELPER_OTHER_ERROR); - } -- --#ifdef USE_PAM -- -- // fetch ambient groups from PAM's environment; -- // these are set by modules such as pam_groups.so -- int n_pam_groups = getgroups(0, NULL); -- gid_t *pam_groups = NULL; -- if (n_pam_groups > 0) { -- pam_groups = new gid_t[n_pam_groups]; -- if ((n_pam_groups = getgroups(n_pam_groups, pam_groups)) == -1) { -- qCritical() << "getgroups() failed to fetch supplemental" -- << "PAM groups for user:" << username; -- exit(Auth::HELPER_OTHER_ERROR); -- } -- } else { -- n_pam_groups = 0; -- } -- -- // fetch session's user's groups -- int n_user_groups = 0; -- gid_t *user_groups = NULL; -- if (-1 == getgrouplist(username.constData(), pw.pw_gid, -- NULL, &n_user_groups)) { -- user_groups = new gid_t[n_user_groups]; -- if ((n_user_groups = getgrouplist(username.constData(), -- pw.pw_gid, user_groups, -- &n_user_groups)) == -1 ) { -- qCritical() << "getgrouplist(" << username << ", " << pw.pw_gid -- << ") failed"; -- exit(Auth::HELPER_OTHER_ERROR); -- } -- } -- -- // set groups to concatenation of PAM's ambient -- // groups and the session's user's groups -- int n_groups = n_pam_groups + n_user_groups; -- if (n_groups > 0) { -- gid_t *groups = new gid_t[n_groups]; -- memcpy(groups, pam_groups, (n_pam_groups * sizeof(gid_t))); -- memcpy((groups + n_pam_groups), user_groups, -- (n_user_groups * sizeof(gid_t))); -- -- // setgroups(2) handles duplicate groups -- if (setgroups(n_groups, groups) != 0) { -- qCritical() << "setgroups() failed for user: " << username; -- exit (Auth::HELPER_OTHER_ERROR); -- } -- delete[] groups; -- } -- delete[] pam_groups; -- delete[] user_groups; -- --#else -- - if (initgroups(pw.pw_name, pw.pw_gid) != 0) { - qCritical() << "initgroups(" << pw.pw_name << ", " << pw.pw_gid << ") failed for user: " << username; - exit(Auth::HELPER_OTHER_ERROR); - } -- --#endif /* USE_PAM */ -- - if (setuid(pw.pw_uid) != 0) { - qCritical() << "setuid(" << pw.pw_uid << ") failed for user: " << username; - exit(Auth::HELPER_OTHER_ERROR); diff --git a/x11-misc/sddm/files/sddm-0.20.0-disable-etc-debian-check.patch b/x11-misc/sddm/files/sddm-0.20.0-disable-etc-debian-check.patch new file mode 100644 index 00000000..b851c852 --- /dev/null +++ b/x11-misc/sddm/files/sddm-0.20.0-disable-etc-debian-check.patch @@ -0,0 +1,26 @@ +From 20adb0eb3462e79ec76f93f2a622b99956145424 Mon Sep 17 00:00:00 2001 +From: Andreas Sturmlechner +Date: Tue, 13 Oct 2020 01:04:44 +0200 +Subject: [PATCH] Disable /etc/debian_version check + +Signed-off-by: Andreas Sturmlechner +--- + services/CMakeLists.txt | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/services/CMakeLists.txt b/services/CMakeLists.txt +index 5032f33..afa5fd5 100644 +--- a/services/CMakeLists.txt ++++ b/services/CMakeLists.txt +@@ -11,7 +11,7 @@ else() + endif() + configure_file("${CMAKE_CURRENT_SOURCE_DIR}/sddm-greeter.pam.in" "${CMAKE_CURRENT_BINARY_DIR}/sddm-greeter.pam") + +-if(EXISTS "/etc/debian_version") ++if(0) + install(FILES debian.sddm-autologin.pam DESTINATION ${CMAKE_INSTALL_FULL_SYSCONFDIR}/pam.d RENAME sddm-autologin) + install(FILES debian.sddm-greeter.pam DESTINATION ${CMAKE_INSTALL_FULL_SYSCONFDIR}/pam.d RENAME sddm-greeter) + install(FILES debian.sddm.pam DESTINATION ${CMAKE_INSTALL_FULL_SYSCONFDIR}/pam.d RENAME sddm) +-- +2.39.1 + diff --git a/x11-misc/sddm/files/sddm-0.20.0-fix-use-development-sessions.patch b/x11-misc/sddm/files/sddm-0.20.0-fix-use-development-sessions.patch new file mode 100644 index 00000000..32138281 --- /dev/null +++ b/x11-misc/sddm/files/sddm-0.20.0-fix-use-development-sessions.patch @@ -0,0 +1,83 @@ +From 5b702ae986464fe6dbc8557d4b2da725ac1ed175 Mon Sep 17 00:00:00 2001 +From: Fabian Vogt +Date: Mon, 26 Jun 2023 09:52:05 +0200 +Subject: [PATCH] Session: Parse .desktop files manually again + +Using QSettings::IniFormat doesn't quite work. Implement a custom parser +for those files to handle them according to the specification. + +Fixes #1745 +--- + src/common/Session.cpp | 52 +++++++++++++++++++++++++++++++++++++++++- + 1 file changed, 51 insertions(+), 1 deletion(-) + +diff --git a/src/common/Session.cpp b/src/common/Session.cpp +index 4bb2142ca..5eec64859 100644 +--- a/src/common/Session.cpp ++++ b/src/common/Session.cpp +@@ -34,6 +34,56 @@ + const QString s_entryExtention = QStringLiteral(".desktop"); + + namespace SDDM { ++ // QSettings::IniFormat can't be used to read .desktop files due to different ++ // syntax of values (escape sequences, quoting, automatic QStringList detection). ++ // So implement yet another .desktop file parser. ++ class DesktopFileFormat { ++ static bool readFunc(QIODevice &device, QSettings::SettingsMap &map) ++ { ++ QString currentSectionName; ++ while(!device.atEnd()) ++ { ++ // Iterate each line, remove line terminators ++ const auto line = device.readLine().replace("\r", "").replace("\n", ""); ++ if(line.isEmpty() || line.startsWith('#')) ++ continue; // Ignore empty lines and comments ++ ++ if(line.startsWith('[')) // Section header ++ { ++ // Remove [ and ]. ++ currentSectionName = QString::fromUtf8(line.mid(1, line.length() - 2)); ++ } ++ else if(int equalsPos = line.indexOf('='); equalsPos > 0) // Key=Value ++ { ++ const auto key = QString::fromUtf8(line.left(equalsPos)); ++ ++ // Read the value, handle escape sequences ++ auto valueBytes = line.mid(equalsPos + 1); ++ valueBytes.replace("\\s", " ").replace("\\n", "\n"); ++ valueBytes.replace("\\t", "\t").replace("\\r", "\r"); ++ valueBytes.replace("\\\\", "\\"); ++ ++ auto value = QString::fromUtf8(valueBytes); ++ map.insert(currentSectionName + QLatin1Char('/') + key, value); ++ } ++ } ++ ++ return true; ++ } ++ public: ++ // Register the .desktop file format if necessary, return its id. ++ static QSettings::Format format() ++ { ++ static QSettings::Format s_format = QSettings::InvalidFormat; ++ if (s_format == QSettings::InvalidFormat) ++ s_format = QSettings::registerFormat(QStringLiteral("desktop"), ++ DesktopFileFormat::readFunc, nullptr, ++ Qt::CaseSensitive); ++ ++ return s_format; ++ } ++ }; ++ + Session::Session() + : m_valid(false) + , m_type(UnknownSession) +@@ -169,7 +219,7 @@ namespace SDDM { + if (!file.isOpen()) + return; + +- QSettings settings(m_fileName, QSettings::IniFormat); ++ QSettings settings(m_fileName, DesktopFileFormat::format()); + #if QT_VERSION < QT_VERSION_CHECK(6, 0, 0) + settings.setIniCodec("UTF-8"); + #endif diff --git a/x11-misc/sddm/files/sddm-0.20.0-no-default-pam_systemd-module.patch b/x11-misc/sddm/files/sddm-0.20.0-no-default-pam_systemd-module.patch new file mode 100644 index 00000000..2ad739a8 --- /dev/null +++ b/x11-misc/sddm/files/sddm-0.20.0-no-default-pam_systemd-module.patch @@ -0,0 +1,43 @@ +From 02a13d11dac72699e7580c538c152a7b5e0eb056 Mon Sep 17 00:00:00 2001 +From: Andreas Sturmlechner +Date: Tue, 13 Oct 2020 01:10:00 +0200 +Subject: Don't add pam_systemd.so to pam.d/sddm-greeter in case of NO_SYSTEMD + +--- + services/CMakeLists.txt | 7 +++++-- + services/sddm-greeter.pam.in | 2 +- + 2 files changed, 6 insertions(+), 3 deletions(-) + +diff --git a/services/CMakeLists.txt b/services/CMakeLists.txt +index 3d12eec..2ff13a8 100644 +--- a/services/CMakeLists.txt ++++ b/services/CMakeLists.txt +@@ -4,10 +4,13 @@ if(SYSTEMD_FOUND) + install(FILES "${CMAKE_CURRENT_BINARY_DIR}/sddm.service" DESTINATION "${SYSTEMD_SYSTEM_UNIT_DIR}") + endif() + ++set(LOGIND_PAM_MODULE "session optional") + if(USE_ELOGIND) +- set(LOGIND_PAM_MODULE "pam_elogind.so") ++ set(LOGIND_PAM_MODULE "${LOGIND_PAM_MODULE} pam_elogind.so") ++elseif(NOT NO_SYSTEMD) ++ set(LOGIND_PAM_MODULE "${LOGIND_PAM_MODULE} pam_systemd.so") + else() +- set(LOGIND_PAM_MODULE "pam_systemd.so") ++ set(LOGIND_PAM_MODULE "") + endif() + configure_file("${CMAKE_CURRENT_SOURCE_DIR}/sddm-greeter.pam.in" "${CMAKE_CURRENT_BINARY_DIR}/sddm-greeter.pam") + +diff --git a/services/sddm-greeter.pam.in b/services/sddm-greeter.pam.in +index d41792d..35dcfd5 100644 +--- a/services/sddm-greeter.pam.in ++++ b/services/sddm-greeter.pam.in +@@ -14,4 +14,4 @@ password required pam_deny.so + + # Setup session + session required pam_unix.so +-session optional @LOGIND_PAM_MODULE@ ++@LOGIND_PAM_MODULE@ +-- +2.35.1 + diff --git a/x11-misc/sddm/files/sddm-0.20.0-respect-user-flags.patch b/x11-misc/sddm/files/sddm-0.20.0-respect-user-flags.patch new file mode 100644 index 00000000..daaf9f52 --- /dev/null +++ b/x11-misc/sddm/files/sddm-0.20.0-respect-user-flags.patch @@ -0,0 +1,11 @@ +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -51,7 +51,7 @@ + message(STATUS "Debug build") + add_definitions(-DDEBUG) + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -g -O0") +-else() ++elseif(CMAKE_BUILD_TYPE MATCHES Release) + message(STATUS "Release build") + add_definitions(-DNDEBUG) + set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -O2") diff --git a/x11-misc/sddm/files/sddm-0.20.0-sddm.pam-use-substack.patch b/x11-misc/sddm/files/sddm-0.20.0-sddm.pam-use-substack.patch new file mode 100644 index 00000000..6267adc7 --- /dev/null +++ b/x11-misc/sddm/files/sddm-0.20.0-sddm.pam-use-substack.patch @@ -0,0 +1,37 @@ +From 9cbeb07664f4bd4273c2b62a522a864f6d4f27ae Mon Sep 17 00:00:00 2001 +From: Andreas Sturmlechner +Date: Sat, 4 Feb 2023 13:31:36 +0100 +Subject: [PATCH] sddm.pam: Change to substack for system-login + +Signed-off-by: Andreas Sturmlechner +--- + services/sddm.pam | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/services/sddm.pam b/services/sddm.pam +index df11003..0a073f4 100644 +--- a/services/sddm.pam ++++ b/services/sddm.pam +@@ -1,15 +1,15 @@ + #%PAM-1.0 + +-auth include system-login ++auth substack system-login + -auth optional pam_gnome_keyring.so + -auth optional pam_kwallet5.so + +-account include system-login ++account substack system-login + +-password include system-login ++password substack system-login + -password optional pam_gnome_keyring.so use_authtok + + session optional pam_keyinit.so force revoke +-session include system-login ++session substack system-login + -session optional pam_gnome_keyring.so auto_start + -session optional pam_kwallet5.so auto_start +-- +2.39.1 + diff --git a/x11-misc/sddm/sddm-0.18.1-r11.ebuild b/x11-misc/sddm/sddm-0.18.1-r11.ebuild deleted file mode 100644 index 3318158b..00000000 --- a/x11-misc/sddm/sddm-0.18.1-r11.ebuild +++ /dev/null @@ -1,110 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PLOCALES="ar bn ca cs da de es et fi fr hi_IN hu is it ja kk ko lt lv nb nl nn pl pt_BR pt_PT ro ru sk sr sr@ijekavian sr@ijekavianlatin sr@latin sv tr uk zh_CN zh_TW" -inherit cmake plocale systemd tmpfiles - -DESCRIPTION="Simple Desktop Display Manager" -HOMEPAGE="https://github.com/sddm/sddm" -SRC_URI="https://github.com/${PN}/${PN}/releases/download/v${PV}/${P}.tar.xz" - -LICENSE="GPL-2+ MIT CC-BY-3.0 CC-BY-SA-3.0 public-domain" -SLOT="0" -KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~x86" -IUSE="+branding consolekit elogind +pam systemd test" -RESTRICT="!test? ( test )" - -REQUIRED_USE="?? ( elogind systemd )" - -BDEPEND=" - dev-python/docutils - >=dev-qt/linguist-tools-5.9.4:5 - kde-frameworks/extra-cmake-modules:5 - virtual/pkgconfig -" -RDEPEND=" - acct-group/${PN} - acct-user/${PN} - >=dev-qt/qtcore-5.9.4:5 - >=dev-qt/qtdbus-5.9.4:5 - >=dev-qt/qtdeclarative-5.9.4:5 - >=dev-qt/qtgui-5.9.4:5 - >=dev-qt/qtnetwork-5.9.4:5 - >=x11-base/xorg-server-1.15.1 - x11-libs/libxcb[xkb] - branding? ( x11-themes/redcore-theme-sddm ) - consolekit? ( >=sys-auth/consolekit-0.9.4 ) - elogind? ( sys-auth/elogind ) - pam? ( sys-libs/pam ) - systemd? ( sys-apps/systemd:= ) - !systemd? ( sys-power/upower ) -" -DEPEND="${RDEPEND} - test? ( >=dev-qt/qttest-5.9.4:5 ) -" - -PATCHES=( - "${FILESDIR}/${PN}-0.12.0-respect-user-flags.patch" - "${FILESDIR}/${PN}-0.18.0-Xsession.patch" # bug 611210 - "${FILESDIR}/${PN}-0.18.0-sddmconfdir.patch" - "${FILESDIR}/${P}-revert-honor-PAM-supplemental-groups.patch" - "${FILESDIR}/${P}-honor-PAM-supplemental-groups-v2.patch" - "${FILESDIR}/${P}-only-reuse-online-sessions.patch" - "${FILESDIR}/${PN}-0.16.0-ck2-revert.patch" # bug 633920 - "${FILESDIR}/pam-1.4-substack.patch" - "${FILESDIR}/${P}-qt-5.15.2.patch" - "${FILESDIR}/${P}-cve-2020-28049.patch" - "${FILESDIR}/${P}-drop-wayland-suffix.patch" - "${FILESDIR}/${P}-fix-qt-5.15.7.patch" - "${FILESDIR}/${P}-nvidia-glitches-vt-switch.patch" -) - -src_prepare() { - cmake_src_prepare - - disable_locale() { - sed -e "/${1}\.ts/d" -i data/translations/CMakeLists.txt || die - } - plocale_find_changes "data/translations" "" ".ts" - plocale_for_each_disabled_locale disable_locale - - if ! use test; then - sed -e "/^find_package/s/ Test//" -i CMakeLists.txt || die - cmake_comment_add_subdirectory test - fi -} - -src_configure() { - local mycmakeargs=( - -DENABLE_PAM=$(usex pam) - -DNO_SYSTEMD=$(usex '!systemd') - -DUSE_ELOGIND=$(usex 'elogind') - -DBUILD_MAN_PAGES=ON - -DDBUS_CONFIG_FILENAME="org.freedesktop.sddm.conf" - ) - cmake_src_configure -} - -src_install() { - cmake_src_install - newtmpfiles "${FILESDIR}/${PN}.tmpfiles" "${PN}.conf" - - # since 0.18.0 sddm no longer installs a config file - # install one ourselves in gentoo's default location - local confd="usr/share/sddm/sddm.conf.d" - dodir ${confd} - insinto ${confd} - newins ${FILESDIR}/${PN}.conf 00default.conf - - # override gentoo's default location with the - # classical location which is /etc/sddm.conf - insinto etc - doins ${FILESDIR}/${PN}.conf -} - -pkg_postinst() { - chown -R ${PN}:${PN} /var/lib/${PN} - systemd_reenable sddm.service -} diff --git a/x11-misc/sddm/sddm-0.20.0.ebuild b/x11-misc/sddm/sddm-0.20.0.ebuild new file mode 100644 index 00000000..8bf67d80 --- /dev/null +++ b/x11-misc/sddm/sddm-0.20.0.ebuild @@ -0,0 +1,109 @@ +# Copyright 1999-2023 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +SRC_URI="https://github.com/${PN}/${PN}/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz" +KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86" + +QTMIN=5.15.2 +inherit cmake linux-info systemd tmpfiles + +DESCRIPTION="Simple Desktop Display Manager" +HOMEPAGE="https://github.com/sddm/sddm" + +LICENSE="GPL-2+ MIT CC-BY-3.0 CC-BY-SA-3.0 public-domain" +SLOT="0" +IUSE="+branding +elogind systemd test" + +REQUIRED_USE="^^ ( elogind systemd )" +RESTRICT="!test? ( test )" + +COMMON_DEPEND=" + acct-group/sddm + acct-user/sddm + >=dev-qt/qtcore-${QTMIN}:5 + >=dev-qt/qtdbus-${QTMIN}:5 + >=dev-qt/qtdeclarative-${QTMIN}:5 + >=dev-qt/qtgui-${QTMIN}:5 + >=dev-qt/qtnetwork-${QTMIN}:5 + sys-libs/pam + x11-libs/libXau + x11-libs/libxcb:= + branding? ( x11-themes/redcore-theme-sddm ) + elogind? ( sys-auth/elogind[pam] ) + systemd? ( sys-apps/systemd:=[pam] ) + !systemd? ( sys-power/upower ) +" +DEPEND="${COMMON_DEPEND} + test? ( >=dev-qt/qttest-${QTMIN}:5 ) +" +RDEPEND="${COMMON_DEPEND} + x11-base/xorg-server + !systemd? ( gui-libs/display-manager-init ) +" +BDEPEND=" + dev-python/docutils + >=dev-qt/linguist-tools-${QTMIN}:5 + kde-frameworks/extra-cmake-modules:5 + virtual/pkgconfig +" + +PATCHES=( + # Downstream patches + "${FILESDIR}/${P}-respect-user-flags.patch" + "${FILESDIR}/${PN}-0.18.1-Xsession.patch" # bug 611210 + "${FILESDIR}/${P}-sddm.pam-use-substack.patch" # bug 728550 + "${FILESDIR}/${P}-disable-etc-debian-check.patch" + "${FILESDIR}/${P}-no-default-pam_systemd-module.patch" # bug 669980 + "${FILESDIR}/${P}-fix-use-development-sessions.patch" # git master +) + +pkg_setup() { + local CONFIG_CHECK="~DRM" + use kernel_linux && linux-info_pkg_setup +} + +src_prepare() { + cmake_src_prepare + + if ! use test; then + sed -e "/^find_package/s/ Test//" -i CMakeLists.txt || die + cmake_comment_add_subdirectory test + fi +} + +src_configure() { + local mycmakeargs=( + -DBUILD_MAN_PAGES=ON + -DDBUS_CONFIG_FILENAME="org.freedesktop.sddm.conf" + -DRUNTIME_DIR=/run/sddm + -DSYSTEMD_TMPFILES_DIR="/usr/lib/tmpfiles.d" + -DNO_SYSTEMD=$(usex !systemd) + -DUSE_ELOGIND=$(usex elogind) + ) + cmake_src_configure +} + +src_install() { + cmake_src_install + + # since 0.18.0 sddm no longer installs a config file + # install one ourselves in gentoo's default location + insinto /etc/sddm.conf.d/ + newins "${FILESDIR}"/"${PN}".conf 01redcore.conf + + # override gentoo's default location with the + # classical location which is /etc/sddm.conf + insinto etc + doins "${FILESDIR}"/"${PN}".conf +} + +pkg_postinst() { + tmpfiles_process "${PN}".conf + chown -R "${PN}":"${PN}" /var/lib/"${PN}" + + if use systemd; then + systemd_reenable sddm.service + fi +} -- cgit v1.2.3