From 47e22d8c2c89ea028d7beacb9266e773a8b551b6 Mon Sep 17 00:00:00 2001 From: fanyx Date: Sun, 2 Jun 2024 14:30:34 +0200 Subject: [PATCH] polkit: update to 124. --- .../fix-configuration-with-elogind.patch | 58 ++++ .../make-netgroup-support-optional.patch | 258 ------------------ srcpkgs/polkit/template | 17 +- 3 files changed, 67 insertions(+), 266 deletions(-) create mode 100644 srcpkgs/polkit/patches/fix-configuration-with-elogind.patch delete mode 100644 srcpkgs/polkit/patches/make-netgroup-support-optional.patch diff --git a/srcpkgs/polkit/patches/fix-configuration-with-elogind.patch b/srcpkgs/polkit/patches/fix-configuration-with-elogind.patch new file mode 100644 index 00000000000000..7ea7c1be625247 --- /dev/null +++ b/srcpkgs/polkit/patches/fix-configuration-with-elogind.patch @@ -0,0 +1,58 @@ +From 042897ed0efd5d622367c2ff4ac224d0b05cccee Mon Sep 17 00:00:00 2001 +From: Alyssa Ross +Date: Wed, 8 May 2024 11:20:42 +0200 +Subject: [PATCH] Fix configuration with elogind + +Previously, it would try to get sysusers_dir from systemd even though +systemd_dep was undefined. Determining systemd_systemdsystemunitdir +from systemd was already checking for systemd logind specifically, and +systemd_sysusers_dir is only used in the systemd logind case, so move +both of those into the systemd-logind-specific branch above. +--- + +diff --git a/meson.build b/meson.build +index 2f81c90..8e392a1 100644 +--- a/meson.build ++++ b/meson.build +@@ -202,6 +202,15 @@ if enable_logind + if not logind_dep.found() + logind_dep = dependency('libsystemd-login', not_found_message: 'libsystemd support requested but libsystemd or libsystemd-login library not found') + endif ++ # systemd unit / service files ++ systemd_systemdsystemunitdir = get_option('systemdsystemunitdir') ++ if systemd_systemdsystemunitdir == '' and session_tracking == 'libsystemd-login' ++ systemd_dep = dependency('systemd', not_found_message: 'systemd required but not found, please provide a valid systemd user unit dir or disable it') ++ # FIXME: systemd.pc file does not use variables with relative paths, so `define_variable` cannot be used ++ systemd_systemdsystemunitdir = systemd_dep.get_pkgconfig_variable('systemdsystemunitdir') ++ endif ++ ++ systemd_sysusers_dir = systemd_dep.get_pkgconfig_variable('sysusers_dir', default: '/usr/lib/sysusers.d') + else + logind_dep = dependency('libelogind', not_found_message: 'libelogind support requested but libelogind library not found') + endif +@@ -210,16 +219,6 @@ if enable_logind + config_h.set10('HAVE_' + func.to_upper(), cc.has_function(func, dependencies: logind_dep)) + func = 'sd_pidfd_get_session' + config_h.set10('HAVE_' + func.to_upper(), cc.has_function(func, dependencies: logind_dep)) +- +- # systemd unit / service files +- systemd_systemdsystemunitdir = get_option('systemdsystemunitdir') +- if systemd_systemdsystemunitdir == '' and session_tracking == 'libsystemd-login' +- systemd_dep = dependency('systemd', not_found_message: 'systemd required but not found, please provide a valid systemd user unit dir or disable it') +- # FIXME: systemd.pc file does not use variables with relative paths, so `define_variable` cannot be used +- systemd_systemdsystemunitdir = systemd_dep.get_pkgconfig_variable('systemdsystemunitdir') +- endif +- +- systemd_sysusers_dir = systemd_dep.get_pkgconfig_variable('sysusers_dir', default: '/usr/lib/sysusers.d') + endif + config_h.set('HAVE_LIBSYSTEMD', enable_logind) + +@@ -404,7 +403,7 @@ output += ' introspection: ' + enable_introspection.to_string( + output += ' Distribution/OS: ' + os_type + '\n' + output += ' Authentication framework: ' + auth_fw + '\n' + output += ' Session tracking: ' + session_tracking + '\n' +-if enable_logind ++if session_tracking == 'libsystemd-login' + output += ' systemdsystemunitdir: ' + systemd_systemdsystemunitdir + '\n' + endif + output += ' polkitd user: ' + polkitd_user + ' \n' diff --git a/srcpkgs/polkit/patches/make-netgroup-support-optional.patch b/srcpkgs/polkit/patches/make-netgroup-support-optional.patch deleted file mode 100644 index 3d4c89bd1eca82..00000000000000 --- a/srcpkgs/polkit/patches/make-netgroup-support-optional.patch +++ /dev/null @@ -1,258 +0,0 @@ -From b57deee8178190a7ecc75290fa13cf7daabc2c66 Mon Sep 17 00:00:00 2001 -From: "A. Wilcox" -Date: Sun, 15 May 2022 05:04:10 +0000 -Subject: [PATCH] Make netgroup support optional - -On at least Linux/musl and Linux/uclibc, netgroup support is not -available. PolKit fails to compile on these systems for that reason. - -This change makes netgroup support conditional on the presence of the -setnetgrent(3) function which is required for the support to work. If -that function is not available on the system, an error will be returned -to the administrator if unix-netgroup: is specified in configuration. - -(sam: rebased for Meson and Duktape.) - -Closes: https://gitlab.freedesktop.org/polkit/polkit/-/issues/14 -Closes: https://gitlab.freedesktop.org/polkit/polkit/-/issues/163 -Closes: https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/52 -Signed-off-by: A. Wilcox ---- - meson.build | 1 + - src/polkit/polkitidentity.c | 17 +++++++++++++++++ - src/polkit/polkitunixnetgroup.c | 3 +++ - .../polkitbackendduktapeauthority.c | 4 ++-- - .../polkitbackendinteractiveauthority.c | 14 ++++++++------ - src/polkitbackend/polkitbackendjsauthority.cpp | 2 ++ - test/polkit/polkitidentitytest.c | 8 +++++++- - test/polkit/polkitunixnetgrouptest.c | 2 ++ - .../test-polkitbackendjsauthority.c | 2 ++ - 9 files changed, 44 insertions(+), 9 deletions(-) - -diff --git a/meson.build b/meson.build -index 908f0aa..66c4e9b 100644 ---- a/meson.build -+++ b/meson.build -@@ -89,6 +89,7 @@ config_h.set('_GNU_SOURCE', true) - check_functions = [ - 'clearenv', - 'fdatasync', -+ 'setnetgrent', - ] - - foreach func: check_functions -diff --git a/src/polkit/polkitidentity.c b/src/polkit/polkitidentity.c -index 3aa1f7f..793f17d 100644 ---- a/src/polkit/polkitidentity.c -+++ b/src/polkit/polkitidentity.c -@@ -182,7 +182,15 @@ polkit_identity_from_string (const gchar *str, - } - else if (g_str_has_prefix (str, "unix-netgroup:")) - { -+#ifndef HAVE_SETNETGRENT -+ g_set_error (error, -+ POLKIT_ERROR, -+ POLKIT_ERROR_FAILED, -+ "Netgroups are not available on this machine ('%s')", -+ str); -+#else - identity = polkit_unix_netgroup_new (str + sizeof "unix-netgroup:" - 1); -+#endif - } - - if (identity == NULL && (error != NULL && *error == NULL)) -@@ -344,6 +352,14 @@ polkit_identity_new_for_gvariant (GVariant *variant, - GVariant *v; - const char *name; - -+#ifndef HAVE_SETNETGRENT -+ g_set_error (error, -+ POLKIT_ERROR, -+ POLKIT_ERROR_FAILED, -+ "Netgroups are not available on this machine"); -+ goto out; -+#else -+ - v = lookup_asv (details_gvariant, "name", G_VARIANT_TYPE_STRING, error); - if (v == NULL) - { -@@ -353,6 +369,7 @@ polkit_identity_new_for_gvariant (GVariant *variant, - name = g_variant_get_string (v, NULL); - ret = polkit_unix_netgroup_new (name); - g_variant_unref (v); -+#endif - } - else - { -diff --git a/src/polkit/polkitunixnetgroup.c b/src/polkit/polkitunixnetgroup.c -index 8a2b369..83f8d4a 100644 ---- a/src/polkit/polkitunixnetgroup.c -+++ b/src/polkit/polkitunixnetgroup.c -@@ -194,6 +194,9 @@ polkit_unix_netgroup_set_name (PolkitUnixNetgroup *group, - PolkitIdentity * - polkit_unix_netgroup_new (const gchar *name) - { -+#ifndef HAVE_SETNETGRENT -+ g_assert_not_reached(); -+#endif - g_return_val_if_fail (name != NULL, NULL); - return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_NETGROUP, - "name", name, -diff --git a/src/polkitbackend/polkitbackendduktapeauthority.c b/src/polkitbackend/polkitbackendduktapeauthority.c -index c89dbcf..f4b4304 100644 ---- a/src/polkitbackend/polkitbackendduktapeauthority.c -+++ b/src/polkitbackend/polkitbackendduktapeauthority.c -@@ -1035,7 +1035,7 @@ js_polkit_user_is_in_netgroup (duk_context *cx) - - user = duk_require_string (cx, 0); - netgroup = duk_require_string (cx, 1); -- -+#ifdef HAVE_SETNETGRENT - if (innetgr (netgroup, - NULL, /* host */ - user, -@@ -1043,7 +1043,7 @@ js_polkit_user_is_in_netgroup (duk_context *cx) - { - is_in_netgroup = TRUE; - } -- -+#endif - duk_push_boolean (cx, is_in_netgroup); - return 1; - } -diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c -index d935a7a..1cfc88e 100644 ---- a/src/polkitbackend/polkitbackendinteractiveauthority.c -+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c -@@ -2248,25 +2248,26 @@ get_users_in_net_group (PolkitIdentity *group, - GList *ret; - - ret = NULL; -+#ifdef HAVE_SETNETGRENT - name = polkit_unix_netgroup_get_name (POLKIT_UNIX_NETGROUP (group)); - --#ifdef HAVE_SETNETGRENT_RETURN -+# ifdef HAVE_SETNETGRENT_RETURN - if (setnetgrent (name) == 0) - { - g_warning ("Error looking up net group with name %s: %s", name, g_strerror (errno)); - goto out; - } --#else -+# else - setnetgrent (name); --#endif -+# endif /* HAVE_SETNETGRENT_RETURN */ - - for (;;) - { --#if defined(HAVE_NETBSD) || defined(HAVE_OPENBSD) -+# if defined(HAVE_NETBSD) || defined(HAVE_OPENBSD) - const char *hostname, *username, *domainname; --#else -+# else - char *hostname, *username, *domainname; --#endif -+# endif /* defined(HAVE_NETBSD) || defined(HAVE_OPENBSD) */ - PolkitIdentity *user; - GError *error = NULL; - -@@ -2297,6 +2298,7 @@ get_users_in_net_group (PolkitIdentity *group, - - out: - endnetgrent (); -+#endif /* HAVE_SETNETGRENT */ - return ret; - } - -diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp -index 2568e8e..999269b 100644 ---- a/src/polkitbackend/polkitbackendjsauthority.cpp -+++ b/src/polkitbackend/polkitbackendjsauthority.cpp -@@ -1271,6 +1271,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, - - JS::CallArgs args = JS::CallArgsFromVp (argc, vp); - -+#ifdef HAVE_SETNETGRENT - JS::RootedString usrstr (authority->priv->cx); - usrstr = args[0].toString(); - user = JS_EncodeStringToUTF8 (cx, usrstr); -@@ -1285,6 +1286,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, - { - is_in_netgroup = true; - } -+#endif - - ret = true; - -diff --git a/test/polkit/polkitidentitytest.c b/test/polkit/polkitidentitytest.c -index e91967b..2635c4c 100644 ---- a/test/polkit/polkitidentitytest.c -+++ b/test/polkit/polkitidentitytest.c -@@ -145,11 +145,15 @@ struct ComparisonTestData comparison_test_data [] = { - {"unix-group:root", "unix-group:jane", FALSE}, - {"unix-group:jane", "unix-group:jane", TRUE}, - -+#ifdef HAVE_SETNETGRENT - {"unix-netgroup:foo", "unix-netgroup:foo", TRUE}, - {"unix-netgroup:foo", "unix-netgroup:bar", FALSE}, -+#endif - - {"unix-user:root", "unix-group:root", FALSE}, -+#ifdef HAVE_SETNETGRENT - {"unix-user:jane", "unix-netgroup:foo", FALSE}, -+#endif - - {NULL}, - }; -@@ -181,11 +185,13 @@ main (int argc, char *argv[]) - g_test_add_data_func ("/PolkitIdentity/group_string_2", "unix-group:jane", test_string); - g_test_add_data_func ("/PolkitIdentity/group_string_3", "unix-group:users", test_string); - -+#ifdef HAVE_SETNETGRENT - g_test_add_data_func ("/PolkitIdentity/netgroup_string", "unix-netgroup:foo", test_string); -+ g_test_add_data_func ("/PolkitIdentity/netgroup_gvariant", "unix-netgroup:foo", test_gvariant); -+#endif - - g_test_add_data_func ("/PolkitIdentity/user_gvariant", "unix-user:root", test_gvariant); - g_test_add_data_func ("/PolkitIdentity/group_gvariant", "unix-group:root", test_gvariant); -- g_test_add_data_func ("/PolkitIdentity/netgroup_gvariant", "unix-netgroup:foo", test_gvariant); - - add_comparison_tests (); - -diff --git a/test/polkit/polkitunixnetgrouptest.c b/test/polkit/polkitunixnetgrouptest.c -index 3701ba1..e1d211e 100644 ---- a/test/polkit/polkitunixnetgrouptest.c -+++ b/test/polkit/polkitunixnetgrouptest.c -@@ -69,7 +69,9 @@ int - main (int argc, char *argv[]) - { - g_test_init (&argc, &argv, NULL); -+#ifdef HAVE_SETNETGRENT - g_test_add_func ("/PolkitUnixNetgroup/new", test_new); - g_test_add_func ("/PolkitUnixNetgroup/set_name", test_set_name); -+#endif - return g_test_run (); - } -diff --git a/test/polkitbackend/test-polkitbackendjsauthority.c b/test/polkitbackend/test-polkitbackendjsauthority.c -index 2103b17..b187a2f 100644 ---- a/test/polkitbackend/test-polkitbackendjsauthority.c -+++ b/test/polkitbackend/test-polkitbackendjsauthority.c -@@ -137,12 +137,14 @@ test_get_admin_identities (void) - "unix-group:users" - } - }, -+#ifdef HAVE_SETNETGRENT - { - "net.company.action3", - { - "unix-netgroup:foo" - } - }, -+#endif - }; - guint n; - --- -GitLab - diff --git a/srcpkgs/polkit/template b/srcpkgs/polkit/template index 0435e1ce5976b8..b5eb658db5f7df 100644 --- a/srcpkgs/polkit/template +++ b/srcpkgs/polkit/template @@ -1,11 +1,12 @@ # Template file for 'polkit' pkgname=polkit -version=121 -revision=2 +version=124 +revision=1 build_style=meson build_helper=gir configure_args="$(vopt_bool gir introspection) -Dman=true - -Dsession_tracking=libelogind -Dsystemdsystemunitdir=/usr/lib/systemd/user" + -Dsession_tracking=libelogind -Dsystemdsystemunitdir=/usr/lib/systemd/system + -Dpam_prefix=/usr/lib/pam.d" make_dirs=" /etc/polkit-1/rules.d 0700 polkitd polkitd /usr/share/polkit-1/rules.d 0700 polkitd polkitd" @@ -16,10 +17,10 @@ checkdepends="python3-dbus python3-dbusmock" short_desc="Authorization Toolkit" maintainer="Enno Boland " license="GPL-2.0-or-later" -homepage="https://www.freedesktop.org/wiki/Software/polkit" -changelog="https://gitlab.freedesktop.org/polkit/polkit/-/raw/master/NEWS" -distfiles="${FREEDESKTOP_SITE}/${pkgname}/releases/${pkgname}-${version}.tar.gz" -checksum=9dc7ae341a797c994a5a36da21963f0c5c8e3e5a1780ccc2a5f52e7be01affaa +homepage="https://github.com/polkit-org/polkit" +changelog="https://raw.githubusercontent.com/polkit-org/polkit/main/NEWS.md" +distfiles="https://github.com/polkit-org/polkit/archive/${version}.tar.gz" +checksum=72457d96a0538fd03a3ca96a6bf9b7faf82184d4d67c793eb759168e4fd49e20 system_accounts="polkitd" #replaces="polkit-elogind>=0" #provides="polkit-elogind-${version}_${revision}" @@ -38,7 +39,7 @@ if [ "$XBPS_CHECK_PKGS" ]; then fi post_install() { - vinstall ${FILESDIR}/polkit-1.pam 644 etc/pam.d polkit-1 + vinstall ${FILESDIR}/polkit-1.pam 644 usr/lib/pam.d polkit-1 vsv polkitd # the build doesn't set setuid bits when not installing as root chmod u+s ${DESTDIR}/usr/bin/pkexec