From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 00249138334 for ; Tue, 26 Mar 2019 14:27:40 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id ECEB7E0837; Tue, 26 Mar 2019 14:27:39 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id AB174E0837 for ; Tue, 26 Mar 2019 14:27:39 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 08BA7335CFE for ; Tue, 26 Mar 2019 14:27:38 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id EDA0852F for ; Tue, 26 Mar 2019 14:27:35 +0000 (UTC) From: "Jory Pratt" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Jory Pratt" Message-ID: <1553610412.c1ebe39a68169364f202397d6474b255dbae8b32.anarchy@gentoo> Subject: [gentoo-commits] proj/musl:master commit in: sys-auth/polkit/files/, sys-auth/polkit/ X-VCS-Repository: proj/musl X-VCS-Files: sys-auth/polkit/files/polkit-0.115-spidermonkey-60.patch sys-auth/polkit/polkit-0.115-r4.ebuild X-VCS-Directories: sys-auth/polkit/ sys-auth/polkit/files/ X-VCS-Committer: anarchy X-VCS-Committer-Name: Jory Pratt X-VCS-Revision: c1ebe39a68169364f202397d6474b255dbae8b32 X-VCS-Branch: master Date: Tue, 26 Mar 2019 14:27:35 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: 45b48e88-20d3-4979-9de5-918f6eea0de5 X-Archives-Hash: 0660d5eb16e9fdc0db8e370b3f6157ac commit: c1ebe39a68169364f202397d6474b255dbae8b32 Author: Jory Pratt gentoo org> AuthorDate: Tue Mar 26 14:26:52 2019 +0000 Commit: Jory Pratt gentoo org> CommitDate: Tue Mar 26 14:26:52 2019 +0000 URL: https://gitweb.gentoo.org/proj/musl.git/commit/?id=c1ebe39a sys-auth/polkit: sync with in tree update Signed-off-by: Jory Pratt gentoo.org> .../files/polkit-0.115-spidermonkey-60.patch | 180 +++++++++++++++++++++ sys-auth/polkit/polkit-0.115-r4.ebuild | 144 +++++++++++++++++ 2 files changed, 324 insertions(+) diff --git a/sys-auth/polkit/files/polkit-0.115-spidermonkey-60.patch b/sys-auth/polkit/files/polkit-0.115-spidermonkey-60.patch new file mode 100644 index 0000000..8a4510a --- /dev/null +++ b/sys-auth/polkit/files/polkit-0.115-spidermonkey-60.patch @@ -0,0 +1,180 @@ +From c9cd7024140b837b5693d7c1bbaad1b0cd31cce6 Mon Sep 17 00:00:00 2001 +From: Emmanuele Bassi +Date: Fri, 31 Aug 2018 13:32:16 +0100 +Subject: [PATCH] Depend on mozjs-60 + +This is the new ESR version of the Mozilla JS engine, superceding +mozjs-52. +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index 5c37e48..5cedb4e 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -79,7 +79,7 @@ PKG_CHECK_MODULES(GLIB, [gmodule-2.0 gio-unix-2.0 >= 2.30.0]) + AC_SUBST(GLIB_CFLAGS) + AC_SUBST(GLIB_LIBS) + +-PKG_CHECK_MODULES(LIBJS, [mozjs-52]) ++PKG_CHECK_MODULES(LIBJS, [mozjs-60]) + + AC_SUBST(LIBJS_CFLAGS) + AC_SUBST(LIBJS_CXXFLAGS) + + +From dd00683e8781d230a45781d509d86ad676138564 Mon Sep 17 00:00:00 2001 +From: Emmanuele Bassi +Date: Fri, 31 Aug 2018 13:33:20 +0100 +Subject: [PATCH] Port the JS authority to mozjs-60 + +API changes in mozjs that need to be reflected in the JS authority: + + - the JS::CompileOptions constructor and the JS::CompartmentOptions + do not allow setting a JS version any more + + - do not use NULL comparisons for C++ objects + + - the resize() method for a vector has a return value that needs + to be handled + + - JSClassOps has different fields +--- + .../polkitbackendjsauthority.cpp | 65 +++++++++---------- + 1 file changed, 32 insertions(+), 33 deletions(-) + +diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp +index 7602714..984a0f0 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.cpp ++++ b/src/polkitbackend/polkitbackendjsauthority.cpp +@@ -150,18 +150,17 @@ G_DEFINE_TYPE (PolkitBackendJsAuthority, polkit_backend_js_authority, POLKIT_BAC + /* ---------------------------------------------------------------------------------------------------- */ + + static const struct JSClassOps js_global_class_ops = { +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL ++ nullptr, // addProperty ++ nullptr, // deleteProperty ++ nullptr, // enumerate ++ nullptr, // newEnumerate ++ nullptr, // resolve ++ nullptr, // mayResolve ++ nullptr, // finalize ++ nullptr, // call ++ nullptr, // hasInstance ++ nullptr, // construct ++ JS_GlobalObjectTraceHook + }; + + static JSClass js_global_class = { +@@ -172,18 +171,17 @@ static JSClass js_global_class = { + + /* ---------------------------------------------------------------------------------------------------- */ + static const struct JSClassOps js_polkit_class_ops = { +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL, +- NULL ++ nullptr, // addProperty ++ nullptr, // deleteProperty ++ nullptr, // enumerate ++ nullptr, // newEnumerate ++ nullptr, // resolve ++ nullptr, // mayResolve ++ nullptr, // finalize ++ nullptr, // call ++ nullptr, // hasInstance ++ nullptr, // construct ++ nullptr // trace + }; + + static JSClass js_polkit_class = { +@@ -469,19 +467,18 @@ polkit_backend_js_authority_constructed (GObject *object) + + { + JS::CompartmentOptions compart_opts; +- compart_opts.behaviors().setVersion(JSVERSION_LATEST); ++ + JS::RootedObject global(authority->priv->cx); + + authority->priv->js_global = new JS::Heap (JS_NewGlobalObject (authority->priv->cx, &js_global_class, NULL, JS::FireOnNewGlobalHook, compart_opts)); + + global = authority->priv->js_global->get (); +- +- if (global == NULL) ++ if (!global) + goto fail; + + authority->priv->ac = new JSAutoCompartment(authority->priv->cx, global); + +- if (authority->priv->ac == NULL) ++ if (!authority->priv->ac) + goto fail; + + if (!JS_InitStandardClasses (authority->priv->cx, global)) +@@ -493,7 +490,7 @@ polkit_backend_js_authority_constructed (GObject *object) + + polkit = authority->priv->js_polkit->get (); + +- if (polkit == NULL) ++ if (!polkit) + goto fail; + + if (!JS_DefineProperty(authority->priv->cx, global, "polkit", polkit, JSPROP_ENUMERATE)) +@@ -504,7 +501,7 @@ polkit_backend_js_authority_constructed (GObject *object) + js_polkit_functions)) + goto fail; + +- JS::CompileOptions options(authority->priv->cx, JSVERSION_UNKNOWN); ++ JS::CompileOptions options(authority->priv->cx); + JS::RootedValue rval(authority->priv->cx); + if (!JS::Evaluate (authority->priv->cx, + options, +@@ -684,7 +681,9 @@ set_property_strv (PolkitBackendJsAuthority *authority, + JS::AutoValueVector elems(authority->priv->cx); + guint n; + +- elems.resize(value->len); ++ if (!elems.resize(value->len)) ++ g_error ("Unable to resize vector"); ++ + for (n = 0; n < value->len; n++) + { + const char *c_string = (const char *) g_ptr_array_index(value, n); +@@ -741,7 +740,7 @@ subject_to_jsval (PolkitBackendJsAuthority *authority, + GError **error) + { + gboolean ret = FALSE; +- JS::CompileOptions options(authority->priv->cx, JSVERSION_UNKNOWN); ++ JS::CompileOptions options(authority->priv->cx); + const char *src; + JS::RootedObject obj(authority->priv->cx); + pid_t pid; +@@ -868,7 +867,7 @@ action_and_details_to_jsval (PolkitBackendJsAuthority *authority, + GError **error) + { + gboolean ret = FALSE; +- JS::CompileOptions options(authority->priv->cx, JSVERSION_UNKNOWN); ++ JS::CompileOptions options(authority->priv->cx); + const char *src; + JS::RootedObject obj(authority->priv->cx); + gchar **keys; diff --git a/sys-auth/polkit/polkit-0.115-r4.ebuild b/sys-auth/polkit/polkit-0.115-r4.ebuild new file mode 100644 index 0000000..5e8842d --- /dev/null +++ b/sys-auth/polkit/polkit-0.115-r4.ebuild @@ -0,0 +1,144 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit autotools pam pax-utils systemd user xdg-utils + +DESCRIPTION="Policy framework for controlling privileges for system-wide services" +HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit" +SRC_URI="https://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz" + +LICENSE="LGPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86" +IUSE="elogind examples gtk +introspection jit kde nls pam selinux systemd test" + +REQUIRED_USE="?? ( elogind systemd )" + +BDEPEND=" + app-text/docbook-xml-dtd:4.1.2 + app-text/docbook-xsl-stylesheets + dev-libs/gobject-introspection-common + dev-libs/libxslt + dev-util/glib-utils + dev-util/gtk-doc-am + dev-util/intltool + sys-devel/gettext + virtual/pkgconfig + introspection? ( dev-libs/gobject-introspection ) +" +DEPEND=" + dev-lang/spidermonkey:60[-debug] + dev-libs/glib:2 + dev-libs/expat + elogind? ( sys-auth/elogind ) + pam? ( + sys-auth/pambase + virtual/pam + ) + systemd? ( sys-apps/systemd:0=[policykit] ) +" +RDEPEND="${DEPEND} + selinux? ( sec-policy/selinux-policykit ) +" +PDEPEND=" + gtk? ( || ( + >=gnome-extra/polkit-gnome-0.105 + >=lxde-base/lxsession-0.5.2 + ) ) + kde? ( kde-plasma/polkit-kde-agent ) + !systemd? ( !elogind? ( sys-auth/consolekit[policykit] ) ) +" + +DOCS=( docs/TODO HACKING NEWS README ) + +PATCHES=( + # bug 660880 + "${FILESDIR}"/polkit-0.115-elogind.patch + "${FILESDIR}"/CVE-2018-19788.patch + "${FILESDIR}"/polkit-0.115-spidermonkey-60.patch + "${FILESDIR}"/${P}-make-netgroup-support-optional.patch +) + +QA_MULTILIB_PATHS=" + usr/lib/polkit-1/polkit-agent-helper-1 + usr/lib/polkit-1/polkitd" + +pkg_setup() { + local u=polkitd + local g=polkitd + local h=/var/lib/polkit-1 + + enewgroup ${g} + enewuser ${u} -1 -1 ${h} ${g} + esethome ${u} ${h} +} + +src_prepare() { + default + + sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513 + + # Workaround upstream hack around standard gtk-doc behavior, bug #552170 + sed -i -e 's/@ENABLE_GTK_DOC_TRUE@\(TARGET_DIR\)/\1/' \ + -e '/install-data-local:/,/uninstall-local:/ s/@ENABLE_GTK_DOC_TRUE@//' \ + -e 's/@ENABLE_GTK_DOC_FALSE@install-data-local://' \ + docs/polkit/Makefile.in || die + + # disable broken test - bug #624022 + sed -i -e "/^SUBDIRS/s/polkitbackend//" test/Makefile.am || die + + # Fix cross-building, bug #590764, elogind patch, bug #598615 + eautoreconf +} + +src_configure() { + xdg_environment_reset + + local myeconfargs=( + --localstatedir="${EPREFIX}"/var + --disable-static + --enable-man-pages + --disable-gtk-doc + --disable-examples + $(use_enable elogind libelogind) + $(use_enable introspection) + $(use_enable nls) + $(usex pam "--with-pam-module-dir=$(getpam_mod_dir)" '') + --with-authfw=$(usex pam pam shadow) + $(use_enable systemd libsystemd-login) + --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" + $(use_enable test) + --with-os-type=gentoo + ) + econf "${myeconfargs[@]}" +} + +src_compile() { + default + + # Required for polkitd on hardened/PaX due to spidermonkey's JIT + pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest +} + +src_install() { + default + + fowners -R polkitd:root /{etc,usr/share}/polkit-1/rules.d + + diropts -m0700 -o polkitd -g polkitd + keepdir /var/lib/polkit-1 + + if use examples; then + insinto /usr/share/doc/${PF}/examples + doins src/examples/{*.c,*.policy*} + fi + + find "${ED}" -name '*.la' -delete || die +} + +pkg_postinst() { + chown -R polkitd:root "${EROOT}"/{etc,usr/share}/polkit-1/rules.d + chown -R polkitd:polkitd "${EROOT}"/var/lib/polkit-1 +}