@@ -, +, @@ related sections optional via configure defines --- sys-auth/polkit/Manifest | 3 + .../polkit-make-netgroup-support-optional.patch | 86 ++++++++++++++ sys-auth/polkit/polkit-0.112-r2.ebuild | 123 +++++++++++++++++++++ 3 files changed, 212 insertions(+) create mode 100644 sys-auth/polkit/Manifest create mode 100644 sys-auth/polkit/files/polkit-make-netgroup-support-optional.patch create mode 100644 sys-auth/polkit/polkit-0.112-r2.ebuild --- a/sys-auth/polkit/Manifest +++ a/sys-auth/polkit/Manifest @@ -0,0 +1,3 @@ +AUX polkit-make-netgroup-support-optional.patch 2818 SHA256 840f295f8c99005938a501e696080136bcea6696a2e0abfe4c5f0f1e46a079a0 SHA512 90ad57cdbdfcd706b1443b596eb2aa849e73e56d6c25c72683270a8f71d5e8c0144c9fa39e4267928531b1b7bf1870ab29cb6f19981ef1621419da7540d8ccbb WHIRLPOOL c68e260ce7fa65001fe0a4fcff97ebff9c447cad7d6fb8a564ebfb13e27b5c6e09be6b8f30a56cd1a3fcd0efe4346c6736e75004fd4aaeb1163209ad61eb77b7 +DIST polkit-0.112.tar.gz 1429240 SHA256 d695f43cba4748a822fbe864dd32c4887c5da1c71694a47693ace5e88fcf6af6 SHA512 e4ad1bd287b38e5650cb94b1897a959b2ceaa6c19b4478ba872eacb13b58758fd42f6ab1718976162d823d850cd5c99b3ccadf1b57d75dea7790101422029d5f WHIRLPOOL af5dd0a17b7356302b0319e80565d6ac916128dfc85b6e2711147f3de86651f11fe8d08f3d6067d7abd24e263be92403f9d8f46935ba93db571e386a603a038a +EBUILD polkit-0.112-r2.ebuild 3462 SHA256 ba9b4392856af766eee1b604031da6492ac6bcb809159ccb177a7328e98d3f8c SHA512 92ba37b9e8f37308152851b9242ccab7448e10591f39184bb8dbae0f8b2faf5f47fb97182a2270153be827e9a87ed4290617c3e3c31138b00612d94cc14cb29c WHIRLPOOL ac95d0f2e4761214a2ec192e81814ba69ee67d9d37881ea39640f702ecd6500d82ac2a4c66cf888871c2c7c541febb6b96b332ed9c4ab8eba9ca0c99a34b4c41 --- a/sys-auth/polkit/files/polkit-make-netgroup-support-optional.patch +++ a/sys-auth/polkit/files/polkit-make-netgroup-support-optional.patch @@ -0,0 +1,86 @@ +diff --git a/configure.ac b/configure.ac +index 4bb6d90..8d30a95 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -158,7 +158,7 @@ AC_CHECK_LIB(expat,XML_ParserCreate,[EXPAT_LIBS="-lexpat"], + [AC_MSG_ERROR([Can't find expat library. Please install expat.])]) + AC_SUBST(EXPAT_LIBS) + +-AC_CHECK_FUNCS(clearenv) ++AC_CHECK_FUNCS(clearenv getnetgrent innetgr) + + if test "x$GCC" = "xyes"; then + LDFLAGS="-Wl,--as-needed $LDFLAGS" +diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c +index 3bd2f0b..9d2ec61 100644 +--- a/src/polkitbackend/polkitbackendinteractiveauthority.c ++++ b/src/polkitbackend/polkitbackendinteractiveauthority.c +@@ -2103,6 +2103,7 @@ get_users_in_group (PolkitIdentity *group, + return ret; + } + ++#if defined HAVE_GETNETGRENT + static GList * + get_users_in_net_group (PolkitIdentity *group, + gboolean include_root) +@@ -2154,6 +2155,7 @@ get_users_in_net_group (PolkitIdentity *group, + endnetgrent (); + return ret; + } ++#endif + + /* ---------------------------------------------------------------------------------------------------- */ + +@@ -2243,10 +2245,12 @@ authentication_agent_initiate_challenge (AuthenticationAgent *agent, + { + user_identities = g_list_concat (user_identities, get_users_in_group (identity, FALSE)); + } ++#if defined HAVE_GETNETGRENT + else if (POLKIT_IS_UNIX_NETGROUP (identity)) + { + user_identities = g_list_concat (user_identities, get_users_in_net_group (identity, FALSE)); + } ++#endif + else + { + g_warning ("Unsupported identity"); +diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c +index bc2fe22..b84c110 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.c ++++ b/src/polkitbackend/polkitbackendjsauthority.c +@@ -29,6 +29,7 @@ + #include + #include + #include ++#include + + #include + #include "polkitbackendjsauthority.h" +@@ -1450,13 +1451,16 @@ js_polkit_user_is_in_netgroup (JSContext *cx, + JSBool ret = JS_FALSE; + JSString *user_str; + JSString *netgroup_str; +- char *user; +- char *netgroup; + JSBool is_in_netgroup = JS_FALSE; + + if (!JS_ConvertArguments (cx, argc, JS_ARGV (cx, vp), "SS", &user_str, &netgroup_str)) + goto out; + ++#if defined(HAVE_INNETGR) ++ { ++ char *user; ++ char *netgroup; ++ + user = JS_EncodeString (cx, user_str); + netgroup = JS_EncodeString (cx, netgroup_str); + +@@ -1470,6 +1474,8 @@ js_polkit_user_is_in_netgroup (JSContext *cx, + + JS_free (cx, netgroup); + JS_free (cx, user); ++ } ++#endif + + ret = JS_TRUE; + --- a/sys-auth/polkit/polkit-0.112-r2.ebuild +++ a/sys-auth/polkit/polkit-0.112-r2.ebuild @@ -0,0 +1,123 @@ +# Copyright 1999-2015 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-auth/polkit/polkit-0.112-r2.ebuild,v 1.17 2015/02/11 03:45:06 patrick Exp $ + +EAPI=5 +inherit eutils autotools multilib pam pax-utils systemd user + +DESCRIPTION="Policy framework for controlling privileges for system-wide services" +HOMEPAGE="http://www.freedesktop.org/wiki/Software/polkit" +SRC_URI="http://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz" + +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86" +IUSE="examples gtk +introspection jit kde nls pam selinux systemd" + +CDEPEND=" + ia64? ( =dev-lang/spidermonkey-1.8.5*[-debug] ) + hppa? ( =dev-lang/spidermonkey-1.8.5*[-debug] ) + mips? ( =dev-lang/spidermonkey-1.8.5*[-debug] ) + !hppa? ( !ia64? ( !mips? ( dev-lang/spidermonkey:17[-debug,jit=] ) ) ) + >=dev-libs/glib-2.32 + >=dev-libs/expat-2:= + introspection? ( >=dev-libs/gobject-introspection-1 ) + pam? ( + sys-auth/pambase + virtual/pam + ) + systemd? ( sys-apps/systemd:0= )" +DEPEND="${CDEPEND} + app-text/docbook-xml-dtd:4.1.2 + app-text/docbook-xsl-stylesheets + dev-libs/libxslt + dev-util/intltool + virtual/pkgconfig" +RDEPEND="${CDEPEND} + selinux? ( sec-policy/selinux-policykit ) +" +PDEPEND=" + gtk? ( || ( + >=gnome-extra/polkit-gnome-0.105 + lxde-base/lxpolkit + ) ) + kde? ( || ( + kde-plasma/polkit-kde-agent + sys-auth/polkit-kde-agent + ) ) + !systemd? ( sys-auth/consolekit[policykit] )" + +QA_MULTILIB_PATHS=" + usr/lib/polkit-1/polkit-agent-helper-1 + usr/lib/polkit-1/polkitd" + +pkg_setup() { + local u=polkitd + local g=polkitd + local h=/var/lib/polkit-1 + + enewgroup ${g} + enewuser ${u} -1 -1 ${h} ${g} + esethome ${u} ${h} +} + +src_prepare() { + sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513 + epatch "${FILESDIR}"/${PN}-make-netgroup-support-optional.patch + eautoreconf || die +} + +src_configure() { + econf \ + --localstatedir="${EPREFIX}"/var \ + --disable-static \ + --enable-man-pages \ + --disable-gtk-doc \ + $(use_enable systemd libsystemd-login) \ + $(use_enable introspection) \ + --disable-examples \ + $(use_enable nls) \ + $(if use hppa || use ia64 || use mips; then echo --with-mozjs=mozjs185; else echo --with-mozjs=mozjs-17.0; fi) \ + "$(systemd_with_unitdir)" \ + --with-authfw=$(usex pam pam shadow) \ + $(use pam && echo --with-pam-module-dir="$(getpam_mod_dir)") \ + --with-os-type=gentoo +} + +src_compile() { + default + + # Required for polkitd on hardened/PaX due to spidermonkey's JIT + local f='src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest' + local m='' + # Only used when USE="jit" is enabled for 'dev-lang/spidermonkey:17' wrt #485910 + has_version 'dev-lang/spidermonkey:17[jit]' && m='m' + # hppa, ia64 and mips uses spidermonkey-1.8.5 which requires different pax-mark flags + use hppa && m='mr' + use ia64 && m='mr' + use mips && m='mr' + [ -n "$m" ] && pax-mark ${m} ${f} +} + +src_install() { + emake DESTDIR="${D}" install + + dodoc docs/TODO HACKING NEWS README + + fowners -R polkitd:root /{etc,usr/share}/polkit-1/rules.d + + diropts -m0700 -o polkitd -g polkitd + keepdir /var/lib/polkit-1 + + if use examples; then + insinto /usr/share/doc/${PF}/examples + doins src/examples/{*.c,*.policy*} + fi + + prune_libtool_files +} + +pkg_postinst() { + chown -R polkitd:root "${EROOT}"/{etc,usr/share}/polkit-1/rules.d + chown -R polkitd:polkitd "${EROOT}"/var/lib/polkit-1 +} --