summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJason Zaman <perfinion@gentoo.org>2016-08-02 22:39:34 +0800
committerJason Zaman <perfinion@gentoo.org>2016-08-02 23:14:35 +0800
commitf9e388bc278bd56c96fbf193ba36947092b4489c (patch)
tree3dd469b1a5f76097eeb3b633298210b429ad25b7 /sys-auth
parentnet-misc/openssh: version bump to 7.3_p1 (diff)
downloadgentoo-f9e388bc278bd56c96fbf193ba36947092b4489c.tar.gz
gentoo-f9e388bc278bd56c96fbf193ba36947092b4489c.tar.bz2
gentoo-f9e388bc278bd56c96fbf193ba36947092b4489c.zip
sys-auth/consolekit: Remove root restrictions, bug 585688
Package-Manager: portage-2.2.28
Diffstat (limited to 'sys-auth')
-rw-r--r--sys-auth/consolekit/consolekit-1.1.0-r1.ebuild119
-rw-r--r--sys-auth/consolekit/files/consolekit-1.1.0-Remove-the-root-restriction-for-runtime-dirs.patch57
2 files changed, 176 insertions, 0 deletions
diff --git a/sys-auth/consolekit/consolekit-1.1.0-r1.ebuild b/sys-auth/consolekit/consolekit-1.1.0-r1.ebuild
new file mode 100644
index 000000000000..61010e4498ba
--- /dev/null
+++ b/sys-auth/consolekit/consolekit-1.1.0-r1.ebuild
@@ -0,0 +1,119 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+inherit linux-info pam
+
+MY_PN=ConsoleKit2
+MY_P=${MY_PN}-${PV}
+
+DESCRIPTION="Framework for defining and tracking users, login sessions and seats"
+HOMEPAGE="https://github.com/ConsoleKit2/ConsoleKit2 https://www.freedesktop.org/wiki/Software/ConsoleKit"
+SRC_URI="https://github.com/${MY_PN}/${MY_PN}/releases/download/${PV}/${MY_P}.tar.bz2"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ppc ~ppc64 ~x86 ~amd64-fbsd ~x86-fbsd ~x86-freebsd ~amd64-linux ~ia64-linux ~x86-linux"
+IUSE="acl cgroups debug doc kernel_linux pam pm-utils policykit selinux test"
+
+COMMON_DEPEND=">=dev-libs/glib-2.40:2=[dbus]
+ >=sys-devel/gettext-0.19
+ sys-apps/dbus
+ sys-libs/zlib:=
+ x11-libs/libX11:=
+ acl? (
+ sys-apps/acl:=
+ >=virtual/udev-200
+ )
+ cgroups? (
+ app-admin/cgmanager
+ >=sys-libs/libnih-1.0.2[dbus]
+ )
+ pam? ( virtual/pam )
+ policykit? ( >=sys-auth/polkit-0.110 )"
+# pm-utils: bug 557432
+RDEPEND="${COMMON_DEPEND}
+ kernel_linux? ( sys-apps/coreutils[acl?] )
+ pm-utils? ( sys-power/pm-utils )
+ selinux? ( sec-policy/selinux-consolekit )"
+DEPEND="${COMMON_DEPEND}
+ dev-libs/libxslt
+ virtual/pkgconfig
+ doc? ( app-text/xmlto )
+ test? (
+ app-text/docbook-xml-dtd:4.1.2
+ app-text/xmlto
+ )"
+
+S=${WORKDIR}/${MY_P}
+
+QA_MULTILIB_PATHS="usr/lib/ConsoleKit/.*"
+
+PATCHES=( "${FILESDIR}/${P}-Remove-the-root-restriction-for-runtime-dirs.patch" )
+
+pkg_setup() {
+ if use kernel_linux; then
+ # This is from https://bugs.gentoo.org/376939
+ use acl && CONFIG_CHECK="~TMPFS_POSIX_ACL"
+ # This is required to get login-session-id string with pam_ck_connector.so
+ use pam && CONFIG_CHECK+=" ~AUDITSYSCALL"
+ linux-info_pkg_setup
+ fi
+}
+
+src_prepare() {
+ sed -i -e '/SystemdService/d' data/org.freedesktop.ConsoleKit.service.in || die
+
+ default
+}
+
+src_configure() {
+ econf \
+ XMLTO_FLAGS='--skip-validation' \
+ --libexecdir="${EPREFIX}"/usr/lib/ConsoleKit \
+ --localstatedir="${EPREFIX}"/var \
+ $(use_enable pam pam-module) \
+ $(use_enable doc docbook-docs) \
+ $(use_enable test docbook-docs) \
+ $(use_enable debug) \
+ $(use_enable policykit polkit) \
+ $(use_enable acl udev-acl) \
+ $(use_enable cgroups) \
+ $(use_enable test tests) \
+ --with-dbus-services="${EPREFIX}"/usr/share/dbus-1/services \
+ --with-pam-module-dir="$(getpam_mod_dir)" \
+ --with-xinitrc-dir=/etc/X11/xinit/xinitrc.d \
+ --without-systemdsystemunitdir
+}
+
+src_install() {
+ emake \
+ DESTDIR="${D}" \
+ htmldocdir="${EPREFIX}"/usr/share/doc/${PF}/html \
+ install
+
+ dosym /usr/lib/ConsoleKit /usr/lib/${PN}
+
+ dodoc AUTHORS HACKING NEWS README TODO
+
+ newinitd "${FILESDIR}"/${PN}-1.0.0.initd consolekit
+
+ keepdir /usr/lib/ConsoleKit/run-seat.d
+ keepdir /usr/lib/ConsoleKit/run-session.d
+ keepdir /etc/ConsoleKit/run-session.d
+ keepdir /var/log/ConsoleKit
+
+ exeinto /etc/X11/xinit/xinitrc.d
+ newexe "${FILESDIR}"/90-consolekit-3 90-consolekit
+
+ if use kernel_linux; then
+ # bug 571524
+ exeinto /usr/lib/ConsoleKit/run-session.d
+ doexe "${FILESDIR}"/pam-foreground-compat.ck
+ fi
+
+ prune_libtool_files --all # --all for pam_ck_connector.la
+
+ rm -rf "${ED}"/var/run || die # let the init script create the directory
+}
diff --git a/sys-auth/consolekit/files/consolekit-1.1.0-Remove-the-root-restriction-for-runtime-dirs.patch b/sys-auth/consolekit/files/consolekit-1.1.0-Remove-the-root-restriction-for-runtime-dirs.patch
new file mode 100644
index 000000000000..301c68f5d904
--- /dev/null
+++ b/sys-auth/consolekit/files/consolekit-1.1.0-Remove-the-root-restriction-for-runtime-dirs.patch
@@ -0,0 +1,57 @@
+From 664d2fdbd966764836b1f4da2dbc5750c7f01f0f Mon Sep 17 00:00:00 2001
+From: Eric Koegel <eric.koegel@gmail.com>
+Date: Sun, 10 Apr 2016 11:20:24 +0300
+Subject: [PATCH] Remove the root restriction for runtime dirs
+
+---
+ src/ck-sysdeps-unix.c | 5 -----
+ tools/ck-remove-directory.c | 10 ----------
+ 2 files changed, 15 deletions(-)
+
+diff --git a/src/ck-sysdeps-unix.c b/src/ck-sysdeps-unix.c
+index 67d8eac..ecd176a 100644
+--- a/src/ck-sysdeps-unix.c
++++ b/src/ck-sysdeps-unix.c
+@@ -409,11 +409,6 @@ ck_generate_runtime_dir_for_user (guint uid)
+
+ TRACE ();
+
+- if (uid < 1) {
+- g_debug ("We do not create runtime dirs for root");
+- return NULL;
+- }
+-
+ errno = 0;
+ pwent = getpwuid (uid);
+ if (pwent == NULL) {
+diff --git a/tools/ck-remove-directory.c b/tools/ck-remove-directory.c
+index cf44fd6..b1a5722 100644
+--- a/tools/ck-remove-directory.c
++++ b/tools/ck-remove-directory.c
+@@ -51,11 +51,6 @@ become_user (uid_t uid, const gchar* dest)
+ int res;
+ struct passwd *pwent;
+
+- if (uid < 1) {
+- g_critical ("invalid UID");
+- exit (1);
+- }
+-
+ if (dest == NULL) {
+ g_critical ("invalid dest");
+ exit (1);
+@@ -148,11 +143,6 @@ main (int argc,
+ exit (1);
+ }
+
+- if (user_id < 1) {
+- g_warning ("Invalid UID");
+- exit (1);
+- }
+-
+ /* Ensure we have a dest and that it starts with the correct prefix
+ * so we don't remove something important.
+ */
+--
+2.7.3
+