diff options
author | Thomas Deutschmann <whissi@gentoo.org> | 2021-04-30 23:48:39 +0200 |
---|---|---|
committer | Thomas Deutschmann <whissi@gentoo.org> | 2021-04-30 23:48:48 +0200 |
commit | 18023eacab3717be38b9f88ffeb0bebf5ee81f56 (patch) | |
tree | 2c2bb359e4c21f1e553945ce8160232416a297d7 | |
parent | dev-perl/Convert-Binary-C: Version bump 0.84 (diff) | |
download | gentoo-18023eacab3717be38b9f88ffeb0bebf5ee81f56.tar.gz gentoo-18023eacab3717be38b9f88ffeb0bebf5ee81f56.tar.bz2 gentoo-18023eacab3717be38b9f88ffeb0bebf5ee81f56.zip |
x11-base/xorg-server: security cleanup
Bug: https://bugs.gentoo.org/782679
Package-Manager: Portage-3.0.18, Repoman-3.0.3
Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
-rw-r--r-- | x11-base/xorg-server/Manifest | 1 | ||||
-rw-r--r-- | x11-base/xorg-server/xorg-server-1.20.10-r2.ebuild | 227 | ||||
-rw-r--r-- | x11-base/xorg-server/xorg-server-1.20.10-r3.ebuild | 225 |
3 files changed, 0 insertions, 453 deletions
diff --git a/x11-base/xorg-server/Manifest b/x11-base/xorg-server/Manifest index be796cbae5bb..fad1256833d4 100644 --- a/x11-base/xorg-server/Manifest +++ b/x11-base/xorg-server/Manifest @@ -1,2 +1 @@ -DIST xorg-server-1.20.10.tar.bz2 6307058 BLAKE2B 13306e5f4f7f2b4531f2af5103337defa1d441bff78f20ea4d564a7d046ee546406812b6836fe94ca9323189382754270989b2ac7ded8950ddb2b15562c6ff21 SHA512 a07bee380bb72f2117fe6f831a6e4aded19bea1f2b36e42a019a30348e98d6fe65c0617cf819be9c6b405502f88cafb829df30aab32393774b71f1418a4cefae DIST xorg-server-1.20.11.tar.bz2 6476116 BLAKE2B 71ec31c4ed050a3e27fadd525f1039895e43571c04b0a1efa9b35fda318f17b3c89d403c914c591345e7d245a7ebbd6e0f206e4415c1d54f1368fb0735a3d7ef SHA512 1017015b9fd5d53788abe3641d877e6df8609841fa5c1847c0a5e133ddcc1b758a5d695304ebd36828099ec201a85b6b70b46f5ea4f81c5bd3a16fa6e175e3c2 diff --git a/x11-base/xorg-server/xorg-server-1.20.10-r2.ebuild b/x11-base/xorg-server/xorg-server-1.20.10-r2.ebuild deleted file mode 100644 index 42c430c43f20..000000000000 --- a/x11-base/xorg-server/xorg-server-1.20.10-r2.ebuild +++ /dev/null @@ -1,227 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -XORG_DOC=doc -inherit xorg-3 multilib flag-o-matic toolchain-funcs -EGIT_REPO_URI="https://gitlab.freedesktop.org/xorg/xserver.git" - -DESCRIPTION="X.Org X servers" -SLOT="0/${PV}" -if [[ ${PV} != 9999* ]]; then - KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux" -fi - -IUSE_SERVERS="dmx kdrive wayland xephyr xnest xorg xvfb" -IUSE="${IUSE_SERVERS} debug +elogind ipv6 minimal selinux suid systemd test +udev unwind xcsecurity" -RESTRICT="!test? ( test )" - -CDEPEND=" - media-libs/libglvnd[X] - dev-libs/openssl:0= - >=x11-apps/iceauth-1.0.2 - >=x11-apps/rgb-1.0.3 - >=x11-apps/xauth-1.0.3 - x11-apps/xkbcomp - >=x11-libs/libdrm-2.4.89 - >=x11-libs/libpciaccess-0.12.901 - >=x11-libs/libXau-1.0.4 - >=x11-libs/libXdmcp-1.0.2 - >=x11-libs/libXfont2-2.0.1 - >=x11-libs/libxkbfile-1.0.4 - >=x11-libs/libxshmfence-1.1 - >=x11-libs/pixman-0.27.2 - >=x11-libs/xtrans-1.3.5 - >=x11-misc/xbitmaps-1.0.1 - >=x11-misc/xkeyboard-config-2.4.1-r3 - dmx? ( - x11-libs/libXt - >=x11-libs/libdmx-1.0.99.1 - >=x11-libs/libX11-1.1.5 - >=x11-libs/libXaw-1.0.4 - >=x11-libs/libXext-1.0.99.4 - >=x11-libs/libXfixes-5.0 - >=x11-libs/libXi-1.2.99.1 - >=x11-libs/libXmu-1.0.3 - x11-libs/libXrender - >=x11-libs/libXres-1.0.3 - >=x11-libs/libXtst-1.0.99.2 - ) - kdrive? ( - >=x11-libs/libXext-1.0.5 - x11-libs/libXv - ) - xephyr? ( - x11-libs/libxcb[xkb] - x11-libs/xcb-util - x11-libs/xcb-util-image - x11-libs/xcb-util-keysyms - x11-libs/xcb-util-renderutil - x11-libs/xcb-util-wm - ) - !minimal? ( - >=x11-libs/libX11-1.1.5 - >=x11-libs/libXext-1.0.5 - >=media-libs/mesa-18[X(+),egl,gbm] - >=media-libs/libepoxy-1.5.4[X,egl(+)] - ) - udev? ( virtual/libudev:= ) - unwind? ( sys-libs/libunwind ) - wayland? ( - >=dev-libs/wayland-1.3.0 - >=media-libs/libepoxy-1.5.4[egl(+)] - >=dev-libs/wayland-protocols-1.18 - ) - >=x11-apps/xinit-1.3.3-r1 - systemd? ( - sys-apps/dbus - sys-apps/systemd - ) - elogind? ( - sys-apps/dbus - sys-auth/elogind[pam] - sys-auth/pambase[elogind] - ) - !!x11-drivers/nvidia-drivers[-libglvnd(+)] -" - -DEPEND="${CDEPEND} - sys-devel/flex - >=x11-base/xorg-proto-2018.4 - dmx? ( - doc? ( - || ( - www-client/links - www-client/lynx - www-client/w3m - ) - ) - )" - -RDEPEND="${CDEPEND} - selinux? ( sec-policy/selinux-xserver ) -" - -PDEPEND=" - xorg? ( >=x11-base/xorg-drivers-$(ver_cut 1-2) )" - -REQUIRED_USE="!minimal? ( - || ( ${IUSE_SERVERS} ) - ) - elogind? ( udev ) - ?? ( elogind systemd ) - minimal? ( !wayland ) - xephyr? ( kdrive )" - -UPSTREAMED_PATCHES=( -) - -PATCHES=( - "${UPSTREAMED_PATCHES[@]}" - "${FILESDIR}"/${PN}-1.12-unloadsubmodule.patch - # needed for new eselect-opengl, bug #541232 - "${FILESDIR}"/${PN}-1.18-support-multiple-Files-sections.patch -) - -pkg_setup() { - if use wayland && use minimal; then - ewarn "glamor is necessary for acceleration under Xwayland." - ewarn "Performance may be unacceptable without it." - ewarn "Build with USE=-minimal to enable glamor." - fi - - # localstatedir is used for the log location; we need to override the default - # from ebuild.sh - # sysconfdir is used for the xorg.conf location; same applies - # NOTE: fop is used for doc generating; and I have no idea if Gentoo - # package it somewhere - XORG_CONFIGURE_OPTIONS=( - $(use_enable ipv6) - $(use_enable debug) - $(use_enable dmx) - $(use_enable kdrive) - $(use_enable test unit-tests) - $(use_enable unwind libunwind) - $(use_enable wayland xwayland) - $(use_enable !minimal record) - $(use_enable !minimal xfree86-utils) - $(use_enable !minimal dri) - $(use_enable !minimal dri2) - $(use_enable !minimal dri3) - $(use_enable !minimal glamor) - $(use_enable !minimal glx) - $(use_enable xcsecurity) - $(use_enable xephyr) - $(use_enable xnest) - $(use_enable xorg) - $(use_enable xvfb) - $(use_enable udev config-udev) - $(use_with doc doxygen) - $(use_with doc xmlto) - $(use_with systemd systemd-daemon) - --enable-libdrm - --sysconfdir="${EPREFIX}"/etc/X11 - --localstatedir="${EPREFIX}"/var - --with-fontrootdir="${EPREFIX}"/usr/share/fonts - --with-xkb-output="${EPREFIX}"/var/lib/xkb - --disable-config-hal - --disable-linux-acpi - --without-dtrace - --without-fop - --with-os-vendor=Gentoo - --with-sha1=libcrypto - CPP="$(tc-getPROG CPP cpp)" - ) - - if use systemd || use elogind; then - XORG_CONFIGURE_OPTIONS+=( - "--enable-systemd-logind" - "--disable-install-setuid" - "$(use_enable suid suid-wrapper)" - ) - else - XORG_CONFIGURE_OPTIONS+=( - "--disable-systemd-logind" - "--disable-suid-wrapper" - "$(use_enable suid install-setuid)" - ) - fi -} - -src_install() { - xorg-3_src_install - - server_based_install - - if ! use minimal && use xorg; then - # Install xorg.conf.example into docs - dodoc "${S}"/hw/xfree86/xorg.conf.example - fi - - newinitd "${FILESDIR}"/xdm-setup.initd-1 xdm-setup - newinitd "${FILESDIR}"/xdm.initd-11 xdm - newconfd "${FILESDIR}"/xdm.confd-4 xdm - - # install the @x11-module-rebuild set for Portage - insinto /usr/share/portage/config/sets - newins "${FILESDIR}"/xorg-sets.conf xorg.conf - - find "${ED}"/var -type d -empty -delete || die -} - -pkg_postrm() { - # Get rid of module dir to ensure opengl-update works properly - if [[ -z ${REPLACED_BY_VERSION} && -e ${EROOT}/usr/$(get_libdir)/xorg/modules ]]; then - rm -rf "${EROOT}"/usr/$(get_libdir)/xorg/modules - fi -} - -server_based_install() { - if ! use xorg; then - rm "${ED}"/usr/share/man/man1/Xserver.1x \ - "${ED}"/usr/$(get_libdir)/xserver/SecurityPolicy \ - "${ED}"/usr/$(get_libdir)/pkgconfig/xorg-server.pc \ - "${ED}"/usr/share/man/man1/Xserver.1x - fi -} diff --git a/x11-base/xorg-server/xorg-server-1.20.10-r3.ebuild b/x11-base/xorg-server/xorg-server-1.20.10-r3.ebuild deleted file mode 100644 index 241f73b55e23..000000000000 --- a/x11-base/xorg-server/xorg-server-1.20.10-r3.ebuild +++ /dev/null @@ -1,225 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -XORG_DOC=doc -inherit xorg-3 multilib flag-o-matic toolchain-funcs -EGIT_REPO_URI="https://gitlab.freedesktop.org/xorg/xserver.git" - -DESCRIPTION="X.Org X servers" -SLOT="0/${PV}" -if [[ ${PV} != 9999* ]]; then - KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~amd64-linux ~x86-linux" -fi - -IUSE_SERVERS="dmx kdrive wayland xephyr xnest xorg xvfb" -IUSE="${IUSE_SERVERS} debug +elogind ipv6 minimal selinux suid systemd test +udev unwind xcsecurity" -RESTRICT="!test? ( test )" - -CDEPEND=" - media-libs/libglvnd[X] - dev-libs/openssl:0= - >=x11-apps/iceauth-1.0.2 - >=x11-apps/rgb-1.0.3 - >=x11-apps/xauth-1.0.3 - x11-apps/xkbcomp - >=x11-libs/libdrm-2.4.89 - >=x11-libs/libpciaccess-0.12.901 - >=x11-libs/libXau-1.0.4 - >=x11-libs/libXdmcp-1.0.2 - >=x11-libs/libXfont2-2.0.1 - >=x11-libs/libxkbfile-1.0.4 - >=x11-libs/libxshmfence-1.1 - >=x11-libs/pixman-0.27.2 - >=x11-misc/xbitmaps-1.0.1 - >=x11-misc/xkeyboard-config-2.4.1-r3 - dmx? ( - x11-libs/libXt - >=x11-libs/libdmx-1.0.99.1 - >=x11-libs/libX11-1.1.5 - >=x11-libs/libXaw-1.0.4 - >=x11-libs/libXext-1.0.99.4 - >=x11-libs/libXfixes-5.0 - >=x11-libs/libXi-1.2.99.1 - >=x11-libs/libXmu-1.0.3 - x11-libs/libXrender - >=x11-libs/libXres-1.0.3 - >=x11-libs/libXtst-1.0.99.2 - ) - kdrive? ( - >=x11-libs/libXext-1.0.5 - x11-libs/libXv - ) - xephyr? ( - x11-libs/libxcb[xkb] - x11-libs/xcb-util - x11-libs/xcb-util-image - x11-libs/xcb-util-keysyms - x11-libs/xcb-util-renderutil - x11-libs/xcb-util-wm - ) - !minimal? ( - >=x11-libs/libX11-1.1.5 - >=x11-libs/libXext-1.0.5 - >=media-libs/mesa-18[X(+),egl,gbm] - >=media-libs/libepoxy-1.5.4[X,egl(+)] - ) - udev? ( virtual/libudev:= ) - unwind? ( sys-libs/libunwind ) - wayland? ( - >=dev-libs/wayland-1.3.0 - >=media-libs/libepoxy-1.5.4[egl(+)] - >=dev-libs/wayland-protocols-1.18 - ) - >=x11-apps/xinit-1.3.3-r1 - systemd? ( - sys-apps/dbus - sys-apps/systemd - ) - elogind? ( - sys-apps/dbus - sys-auth/elogind[pam] - sys-auth/pambase[elogind] - ) - !!x11-drivers/nvidia-drivers[-libglvnd(+)] -" -DEPEND="${CDEPEND} - >=x11-base/xorg-proto-2018.4 - >=x11-libs/xtrans-1.3.5 - dmx? ( - doc? ( - || ( - www-client/links - www-client/lynx - www-client/w3m - ) - ) - ) -" -RDEPEND="${CDEPEND} - !systemd? ( gui-libs/display-manager-init ) - selinux? ( sec-policy/selinux-xserver ) -" -BDEPEND=" - sys-devel/flex - wayland? ( dev-util/wayland-scanner ) -" -PDEPEND=" - xorg? ( >=x11-base/xorg-drivers-$(ver_cut 1-2) )" - -REQUIRED_USE="!minimal? ( - || ( ${IUSE_SERVERS} ) - ) - elogind? ( udev ) - ?? ( elogind systemd ) - minimal? ( !wayland ) - xephyr? ( kdrive )" - -UPSTREAMED_PATCHES=( -) - -PATCHES=( - "${UPSTREAMED_PATCHES[@]}" - "${FILESDIR}"/${PN}-1.12-unloadsubmodule.patch - # needed for new eselect-opengl, bug #541232 - "${FILESDIR}"/${PN}-1.18-support-multiple-Files-sections.patch -) - -pkg_setup() { - if use wayland && use minimal; then - ewarn "glamor is necessary for acceleration under Xwayland." - ewarn "Performance may be unacceptable without it." - ewarn "Build with USE=-minimal to enable glamor." - fi - - # localstatedir is used for the log location; we need to override the default - # from ebuild.sh - # sysconfdir is used for the xorg.conf location; same applies - # NOTE: fop is used for doc generating; and I have no idea if Gentoo - # package it somewhere - XORG_CONFIGURE_OPTIONS=( - $(use_enable ipv6) - $(use_enable debug) - $(use_enable dmx) - $(use_enable kdrive) - $(use_enable test unit-tests) - $(use_enable unwind libunwind) - $(use_enable wayland xwayland) - $(use_enable !minimal record) - $(use_enable !minimal xfree86-utils) - $(use_enable !minimal dri) - $(use_enable !minimal dri2) - $(use_enable !minimal dri3) - $(use_enable !minimal glamor) - $(use_enable !minimal glx) - $(use_enable xcsecurity) - $(use_enable xephyr) - $(use_enable xnest) - $(use_enable xorg) - $(use_enable xvfb) - $(use_enable udev config-udev) - $(use_with doc doxygen) - $(use_with doc xmlto) - $(use_with systemd systemd-daemon) - --enable-libdrm - --sysconfdir="${EPREFIX}"/etc/X11 - --localstatedir="${EPREFIX}"/var - --with-fontrootdir="${EPREFIX}"/usr/share/fonts - --with-xkb-output="${EPREFIX}"/var/lib/xkb - --disable-config-hal - --disable-linux-acpi - --without-dtrace - --without-fop - --with-os-vendor=Gentoo - --with-sha1=libcrypto - CPP="$(tc-getPROG CPP cpp)" - ) - - if use systemd || use elogind; then - XORG_CONFIGURE_OPTIONS+=( - "--enable-systemd-logind" - "--disable-install-setuid" - "$(use_enable suid suid-wrapper)" - ) - else - XORG_CONFIGURE_OPTIONS+=( - "--disable-systemd-logind" - "--disable-suid-wrapper" - "$(use_enable suid install-setuid)" - ) - fi -} - -src_install() { - xorg-3_src_install - - server_based_install - - if ! use minimal && use xorg; then - # Install xorg.conf.example into docs - dodoc "${S}"/hw/xfree86/xorg.conf.example - fi - - # install the @x11-module-rebuild set for Portage - insinto /usr/share/portage/config/sets - newins "${FILESDIR}"/xorg-sets.conf xorg.conf - - find "${ED}"/var -type d -empty -delete || die -} - -pkg_postrm() { - # Get rid of module dir to ensure opengl-update works properly - if [[ -z ${REPLACED_BY_VERSION} && -e ${EROOT}/usr/$(get_libdir)/xorg/modules ]]; then - rm -rf "${EROOT}"/usr/$(get_libdir)/xorg/modules - fi -} - -server_based_install() { - if ! use xorg; then - rm "${ED}"/usr/share/man/man1/Xserver.1x \ - "${ED}"/usr/$(get_libdir)/xserver/SecurityPolicy \ - "${ED}"/usr/$(get_libdir)/pkgconfig/xorg-server.pc \ - "${ED}"/usr/share/man/man1/Xserver.1x - fi -} |