Browse Source

[trunk] -> [testing] 'rtkit-0.12-1' add

master
artoo 3 years ago
parent
commit
c862ab00b2
  1. 49
      repos/testing-x86_64/PKGBUILD
  2. 41
      trunk/0001-SECURITY-Pass-uid-of-caller-to-polkit.patch
  3. 22
      trunk/0002-move-dbus-into-datadir.patch
  4. 46
      trunk/PKGBUILD

49
repos/testing-x86_64/PKGBUILD

@ -0,0 +1,49 @@
# Maintainer: Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>
# Contributor: Corrado Primier <bardo@aur.archlinux.org>
pkgname=rtkit
pkgver=0.12
pkgrel=1
pkgdesc="Realtime Policy and Watchdog Daemon"
arch=(x86_64)
url="https://github.com/heftig/rtkit"
license=(GPL3 'custom:BSD')
depends=(dbus polkit elogind)
makedepends=(git)
_commit=4c7e5ca63b1278b41c31b63a4ca5cce331d9db2e # tags/v0.12^0
source=("git+https://github.com/heftig/rtkit#commit=$_commit")
sha256sums=('SKIP')
pkgver() {
cd $pkgname
git describe --tags | sed 's/^v//;s/-/+/g'
}
prepare() {
cd $pkgname
./autogen.sh
}
build() {
cd $pkgname
./configure \
--prefix=/usr \
--sbindir=/usr/bin \
--sysconfdir=/etc \
--libexecdir=/usr/lib \
--with-systemdsystemunitdir=/usr/lib/systemd/system
make
}
package() {
cd $pkgname
make DESTDIR="$pkgdir" install
rm -r "$pkgdir/usr/lib/installed-tests"
rm -r "$pkgdir/usr/lib/systemd"
echo 'u rtkit 133 "RealtimeKit" /proc' |
install -Dm644 /dev/stdin "$pkgdir/usr/lib/sysusers.d/$pkgname.conf"
install -Dt "$pkgdir/usr/share/licenses/$pkgname" -m644 LICENSE
sed -ne '4,25p' rtkit.c >"$pkgdir/usr/share/licenses/$pkgname/COPYING"
}

41
trunk/0001-SECURITY-Pass-uid-of-caller-to-polkit.patch

@ -1,41 +0,0 @@
Author: Colin Walters <walters@verbum.org>
From: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-4326
Description: Pass uid of caller to polkit
Otherwise, we force polkit to look up the uid itself in /proc, which
is racy if they execve() a setuid binary.
---
rtkit-daemon.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
--- rtkit.orig/rtkit-daemon.c
+++ rtkit/rtkit-daemon.c
@@ -1170,12 +1170,14 @@ static int verify_polkit(DBusConnection
DBusMessage *m = NULL, *r = NULL;
const char *unix_process = "unix-process";
const char *pid = "pid";
+ const char *uid = "uid";
const char *start_time = "start-time";
const char *cancel_id = "";
uint32_t flags = 0;
uint32_t pid_u32 = p->pid;
- uint64_t start_time_u64 = p->starttime;
+ uint32_t uid_u32 = (uint32_t)u->uid;
DBusMessageIter iter_msg, iter_struct, iter_array, iter_dict, iter_variant;
+ uint64_t start_time_u64 = p->starttime;
int ret;
dbus_bool_t authorized = FALSE;
@@ -1206,6 +1208,13 @@ static int verify_polkit(DBusConnection
assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant));
assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict));
+ assert_se(dbus_message_iter_open_container(&iter_array, DBUS_TYPE_DICT_ENTRY, NULL, &iter_dict));
+ assert_se(dbus_message_iter_append_basic(&iter_dict, DBUS_TYPE_STRING, &uid));
+ assert_se(dbus_message_iter_open_container(&iter_dict, DBUS_TYPE_VARIANT, "u", &iter_variant));
+ assert_se(dbus_message_iter_append_basic(&iter_variant, DBUS_TYPE_UINT32, &uid_u32));
+ assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant));
+ assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict));
+
assert_se(dbus_message_iter_close_container(&iter_struct, &iter_array));
assert_se(dbus_message_iter_close_container(&iter_msg, &iter_struct));

22
trunk/0002-move-dbus-into-datadir.patch

@ -1,22 +0,0 @@
From a8e1cf1899cefad0f77196c161b615c2975418e4 Mon Sep 17 00:00:00 2001
From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
Date: Tue, 15 Jan 2019 21:22:56 +0100
Subject: [PATCH] Makefile.in: Move D-Bus system.d into datadir
---
Makefile.in | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile.in b/Makefile.in
index 2d1d07f..de99daf 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -21,7 +21,7 @@ AM_LDFLAGS = $(GCLDFLAGS)
ACLOCAL_AMFLAGS = -I m4
policykitdir = $(datadir)/polkit-1/actions/
-dbussystemdir = $(sysconfdir)/dbus-1/system.d/
+dbussystemdir = $(datadir)/dbus-1/system.d/
dbusservicedir = $(datadir)/dbus-1/system-services/
EXTRA_DIST = \

46
trunk/PKGBUILD

@ -1,47 +1,45 @@
# Maintainer: Muhammad Herdiansyah <koni@artixlinux.org>
# Contributor: Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>
# Maintainer: Jan Alexander Steffens (heftig) <jan.steffens@gmail.com>
# Contributor: Corrado Primier <bardo@aur.archlinux.org>
pkgname=rtkit
pkgver=0.11+11
_pkgver=0.11
pkgrel=2
pkgver=0.12
pkgrel=1
pkgdesc="Realtime Policy and Watchdog Daemon"
arch=(x86_64)
url="http://git.0pointer.de/?p=rtkit.git"
url="https://github.com/heftig/rtkit"
license=(GPL3 'custom:BSD')
depends=(dbus polkit)
source=("http://0pointer.de/public/$pkgname-$_pkgver.tar.xz"
"0001-SECURITY-Pass-uid-of-caller-to-polkit.patch"
"0002-move-dbus-into-datadir.patch")
sha256sums=('68859108cff6410901502b58365eb7607da37110a06b837762f771735f58acd0'
'690dce4fdaedeeadb2bbd9b02673ae5103e8bce08014cd8cb80b48ab19139c86'
'd12f29db52626cafe5499357a091f4f2e5da9fd2ce64932fa3bf80504375a85c')
depends=(dbus polkit elogind)
makedepends=(git)
_commit=4c7e5ca63b1278b41c31b63a4ca5cce331d9db2e # tags/v0.12^0
source=("git+https://github.com/heftig/rtkit#commit=$_commit")
sha256sums=('SKIP')
pkgver() {
cd $pkgname
git describe --tags | sed 's/^v//;s/-/+/g'
}
prepare() {
cd $pkgname-$_pkgver
patch -Np1 -i ../0001-SECURITY-Pass-uid-of-caller-to-polkit.patch
patch -Np1 -i ../0002-move-dbus-into-datadir.patch
cd $pkgname
./autogen.sh
}
build() {
cd $pkgname-$_pkgver
cd $pkgname
./configure \
--prefix=/usr \
--sbindir=/usr/bin \
--sysconfdir=/etc \
--libexecdir=/usr/lib
--libexecdir=/usr/lib \
--with-systemdsystemunitdir=/usr/lib/systemd/system
make
./rtkit-daemon --introspect > org.freedesktop.RealtimeKit1.xml
}
package() {
cd $pkgname-$_pkgver
cd $pkgname
make DESTDIR="$pkgdir" install
install -Dt "$pkgdir/usr/share/dbus-1/interfaces" -m644 org.freedesktop.RealtimeKit1.xml
rm -r "$pkgdir/usr/lib/installed-tests"
rm -r "$pkgdir/usr/lib/systemd"
echo 'u rtkit 133 "RealtimeKit" /proc' |
install -Dm644 /dev/stdin "$pkgdir/usr/lib/sysusers.d/$pkgname.conf"

Loading…
Cancel
Save