summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTravis Tilley <ttilley@gmail.com>2015-03-21 17:50:43 -0400
committerAnthony G. Basile <blueness@gentoo.org>2015-05-13 12:48:49 -0400
commit6a64102794465357801f86c5a814e5b9698016fa (patch)
tree36fbd6873bd2a33f00c2fae0a30795cae888f5ef
parentd61bf15ea960700eb4a2eff05ebad194315ca655 (diff)
downloadhardened-dev-6a64102794465357801f86c5a814e5b9698016fa.tar.gz
hardened-dev-6a64102794465357801f86c5a814e5b9698016fa.tar.bz2
hardened-dev-6a64102794465357801f86c5a814e5b9698016fa.tar.xz
hardened-dev-6a64102794465357801f86c5a814e5b9698016fa.zip
sys-auth/polkit: fix compilation with musl by making netgroup related sections optional via configure defines
-rw-r--r--sys-auth/polkit/Manifest3
-rw-r--r--sys-auth/polkit/files/polkit-make-netgroup-support-optional.patch86
-rw-r--r--sys-auth/polkit/polkit-0.112-r2.ebuild123
3 files changed, 212 insertions, 0 deletions
diff --git a/sys-auth/polkit/Manifest b/sys-auth/polkit/Manifest
new file mode 100644
index 0000000..6b69bca
--- /dev/null
+++ b/sys-auth/polkit/Manifest
@@ -0,0 +1,3 @@
+AUX polkit-make-netgroup-support-optional.patch 2818 SHA256 840f295f8c99005938a501e696080136bcea6696a2e0abfe4c5f0f1e46a079a0 SHA512 90ad57cdbdfcd706b1443b596eb2aa849e73e56d6c25c72683270a8f71d5e8c0144c9fa39e4267928531b1b7bf1870ab29cb6f19981ef1621419da7540d8ccbb WHIRLPOOL c68e260ce7fa65001fe0a4fcff97ebff9c447cad7d6fb8a564ebfb13e27b5c6e09be6b8f30a56cd1a3fcd0efe4346c6736e75004fd4aaeb1163209ad61eb77b7
+DIST polkit-0.112.tar.gz 1429240 SHA256 d695f43cba4748a822fbe864dd32c4887c5da1c71694a47693ace5e88fcf6af6 SHA512 e4ad1bd287b38e5650cb94b1897a959b2ceaa6c19b4478ba872eacb13b58758fd42f6ab1718976162d823d850cd5c99b3ccadf1b57d75dea7790101422029d5f WHIRLPOOL af5dd0a17b7356302b0319e80565d6ac916128dfc85b6e2711147f3de86651f11fe8d08f3d6067d7abd24e263be92403f9d8f46935ba93db571e386a603a038a
+EBUILD polkit-0.112-r2.ebuild 3462 SHA256 ba9b4392856af766eee1b604031da6492ac6bcb809159ccb177a7328e98d3f8c SHA512 92ba37b9e8f37308152851b9242ccab7448e10591f39184bb8dbae0f8b2faf5f47fb97182a2270153be827e9a87ed4290617c3e3c31138b00612d94cc14cb29c WHIRLPOOL ac95d0f2e4761214a2ec192e81814ba69ee67d9d37881ea39640f702ecd6500d82ac2a4c66cf888871c2c7c541febb6b96b332ed9c4ab8eba9ca0c99a34b4c41
diff --git a/sys-auth/polkit/files/polkit-make-netgroup-support-optional.patch b/sys-auth/polkit/files/polkit-make-netgroup-support-optional.patch
new file mode 100644
index 0000000..07efd0e
--- /dev/null
+++ b/sys-auth/polkit/files/polkit-make-netgroup-support-optional.patch
@@ -0,0 +1,86 @@
+diff --git a/configure.ac b/configure.ac
+index 4bb6d90..8d30a95 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -158,7 +158,7 @@ AC_CHECK_LIB(expat,XML_ParserCreate,[EXPAT_LIBS="-lexpat"],
+ [AC_MSG_ERROR([Can't find expat library. Please install expat.])])
+ AC_SUBST(EXPAT_LIBS)
+
+-AC_CHECK_FUNCS(clearenv)
++AC_CHECK_FUNCS(clearenv getnetgrent innetgr)
+
+ if test "x$GCC" = "xyes"; then
+ LDFLAGS="-Wl,--as-needed $LDFLAGS"
+diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
+index 3bd2f0b..9d2ec61 100644
+--- a/src/polkitbackend/polkitbackendinteractiveauthority.c
++++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
+@@ -2103,6 +2103,7 @@ get_users_in_group (PolkitIdentity *group,
+ return ret;
+ }
+
++#if defined HAVE_GETNETGRENT
+ static GList *
+ get_users_in_net_group (PolkitIdentity *group,
+ gboolean include_root)
+@@ -2154,6 +2155,7 @@ get_users_in_net_group (PolkitIdentity *group,
+ endnetgrent ();
+ return ret;
+ }
++#endif
+
+ /* ---------------------------------------------------------------------------------------------------- */
+
+@@ -2243,10 +2245,12 @@ authentication_agent_initiate_challenge (AuthenticationAgent *agent,
+ {
+ user_identities = g_list_concat (user_identities, get_users_in_group (identity, FALSE));
+ }
++#if defined HAVE_GETNETGRENT
+ else if (POLKIT_IS_UNIX_NETGROUP (identity))
+ {
+ user_identities = g_list_concat (user_identities, get_users_in_net_group (identity, FALSE));
+ }
++#endif
+ else
+ {
+ g_warning ("Unsupported identity");
+diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c
+index bc2fe22..b84c110 100644
+--- a/src/polkitbackend/polkitbackendjsauthority.c
++++ b/src/polkitbackend/polkitbackendjsauthority.c
+@@ -29,6 +29,7 @@
+ #include <glib/gstdio.h>
+ #include <locale.h>
+ #include <glib/gi18n-lib.h>
++#include <sys/wait.h>
+
+ #include <polkit/polkit.h>
+ #include "polkitbackendjsauthority.h"
+@@ -1450,13 +1451,16 @@ js_polkit_user_is_in_netgroup (JSContext *cx,
+ JSBool ret = JS_FALSE;
+ JSString *user_str;
+ JSString *netgroup_str;
+- char *user;
+- char *netgroup;
+ JSBool is_in_netgroup = JS_FALSE;
+
+ if (!JS_ConvertArguments (cx, argc, JS_ARGV (cx, vp), "SS", &user_str, &netgroup_str))
+ goto out;
+
++#if defined(HAVE_INNETGR)
++ {
++ char *user;
++ char *netgroup;
++
+ user = JS_EncodeString (cx, user_str);
+ netgroup = JS_EncodeString (cx, netgroup_str);
+
+@@ -1470,6 +1474,8 @@ js_polkit_user_is_in_netgroup (JSContext *cx,
+
+ JS_free (cx, netgroup);
+ JS_free (cx, user);
++ }
++#endif
+
+ ret = JS_TRUE;
+
diff --git a/sys-auth/polkit/polkit-0.112-r2.ebuild b/sys-auth/polkit/polkit-0.112-r2.ebuild
new file mode 100644
index 0000000..ad596c3
--- /dev/null
+++ b/sys-auth/polkit/polkit-0.112-r2.ebuild
@@ -0,0 +1,123 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/sys-auth/polkit/polkit-0.112-r2.ebuild,v 1.17 2015/02/11 03:45:06 patrick Exp $
+
+EAPI=5
+inherit eutils autotools multilib pam pax-utils systemd user
+
+DESCRIPTION="Policy framework for controlling privileges for system-wide services"
+HOMEPAGE="http://www.freedesktop.org/wiki/Software/polkit"
+SRC_URI="http://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz"
+
+LICENSE="LGPL-2"
+SLOT="0"
+KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86"
+IUSE="examples gtk +introspection jit kde nls pam selinux systemd"
+
+CDEPEND="
+ ia64? ( =dev-lang/spidermonkey-1.8.5*[-debug] )
+ hppa? ( =dev-lang/spidermonkey-1.8.5*[-debug] )
+ mips? ( =dev-lang/spidermonkey-1.8.5*[-debug] )
+ !hppa? ( !ia64? ( !mips? ( dev-lang/spidermonkey:17[-debug,jit=] ) ) )
+ >=dev-libs/glib-2.32
+ >=dev-libs/expat-2:=
+ introspection? ( >=dev-libs/gobject-introspection-1 )
+ pam? (
+ sys-auth/pambase
+ virtual/pam
+ )
+ systemd? ( sys-apps/systemd:0= )"
+DEPEND="${CDEPEND}
+ app-text/docbook-xml-dtd:4.1.2
+ app-text/docbook-xsl-stylesheets
+ dev-libs/libxslt
+ dev-util/intltool
+ virtual/pkgconfig"
+RDEPEND="${CDEPEND}
+ selinux? ( sec-policy/selinux-policykit )
+"
+PDEPEND="
+ gtk? ( || (
+ >=gnome-extra/polkit-gnome-0.105
+ lxde-base/lxpolkit
+ ) )
+ kde? ( || (
+ kde-plasma/polkit-kde-agent
+ sys-auth/polkit-kde-agent
+ ) )
+ !systemd? ( sys-auth/consolekit[policykit] )"
+
+QA_MULTILIB_PATHS="
+ usr/lib/polkit-1/polkit-agent-helper-1
+ usr/lib/polkit-1/polkitd"
+
+pkg_setup() {
+ local u=polkitd
+ local g=polkitd
+ local h=/var/lib/polkit-1
+
+ enewgroup ${g}
+ enewuser ${u} -1 -1 ${h} ${g}
+ esethome ${u} ${h}
+}
+
+src_prepare() {
+ sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513
+ epatch "${FILESDIR}"/${PN}-make-netgroup-support-optional.patch
+ eautoreconf || die
+}
+
+src_configure() {
+ econf \
+ --localstatedir="${EPREFIX}"/var \
+ --disable-static \
+ --enable-man-pages \
+ --disable-gtk-doc \
+ $(use_enable systemd libsystemd-login) \
+ $(use_enable introspection) \
+ --disable-examples \
+ $(use_enable nls) \
+ $(if use hppa || use ia64 || use mips; then echo --with-mozjs=mozjs185; else echo --with-mozjs=mozjs-17.0; fi) \
+ "$(systemd_with_unitdir)" \
+ --with-authfw=$(usex pam pam shadow) \
+ $(use pam && echo --with-pam-module-dir="$(getpam_mod_dir)") \
+ --with-os-type=gentoo
+}
+
+src_compile() {
+ default
+
+ # Required for polkitd on hardened/PaX due to spidermonkey's JIT
+ local f='src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest'
+ local m=''
+ # Only used when USE="jit" is enabled for 'dev-lang/spidermonkey:17' wrt #485910
+ has_version 'dev-lang/spidermonkey:17[jit]' && m='m'
+ # hppa, ia64 and mips uses spidermonkey-1.8.5 which requires different pax-mark flags
+ use hppa && m='mr'
+ use ia64 && m='mr'
+ use mips && m='mr'
+ [ -n "$m" ] && pax-mark ${m} ${f}
+}
+
+src_install() {
+ emake DESTDIR="${D}" install
+
+ dodoc docs/TODO HACKING NEWS README
+
+ fowners -R polkitd:root /{etc,usr/share}/polkit-1/rules.d
+
+ diropts -m0700 -o polkitd -g polkitd
+ keepdir /var/lib/polkit-1
+
+ if use examples; then
+ insinto /usr/share/doc/${PF}/examples
+ doins src/examples/{*.c,*.policy*}
+ fi
+
+ prune_libtool_files
+}
+
+pkg_postinst() {
+ chown -R polkitd:root "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
+ chown -R polkitd:polkitd "${EROOT}"/var/lib/polkit-1
+}