[arch-commits] Commit in libgksu/trunk (PKGBUILD libgksu-2.0.12-revert-forkpty.patch)

Jan de Groot jgc at archlinux.org
Tue Sep 14 09:37:48 UTC 2010


    Date: Tuesday, September 14, 2010 @ 05:37:47
  Author: jgc
Revision: 90625

upgpkg: libgksu 2.0.12-3
Add gconf to depends (FS#20752)
Revert use of forkpty (FS#19614)

Added:
  libgksu/trunk/libgksu-2.0.12-revert-forkpty.patch
Modified:
  libgksu/trunk/PKGBUILD

-------------------------------------+
 PKGBUILD                            |   19 +
 libgksu-2.0.12-revert-forkpty.patch |  359 ++++++++++++++++++++++++++++++++++
 2 files changed, 370 insertions(+), 8 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2010-09-13 22:00:39 UTC (rev 90624)
+++ PKGBUILD	2010-09-14 09:37:47 UTC (rev 90625)
@@ -3,26 +3,29 @@
 
 pkgname=libgksu
 pkgver=2.0.12
-pkgrel=2
+pkgrel=3
 pkgdesc="gksu authorization library"
 arch=(i686 x86_64)
 url="http://www.nongnu.org/gksu/index.html"
 license=(GPL)
-depends=('libgnome-keyring>=2.30.1' 'libgtop>=2.28.1' 'startup-notification>=0.10')
+depends=('libgnome-keyring>=2.30.1' 'libgtop>=2.28.1' 'startup-notification>=0.10' 'gconf>=2.28.1')
 makedepends=('gtk-doc' 'pkgconfig' 'intltool')
 options=('!libtool' '!emptydirs')
 install=libgksu.install
-source=(http://people.debian.org/~kov/gksu/${pkgname}-${pkgver}.tar.gz)
-md5sums=('c7154c8806f791c10e7626ff123049d3')
+source=(http://people.debian.org/~kov/gksu/${pkgname}-${pkgver}.tar.gz
+        libgksu-2.0.12-revert-forkpty.patch)
+md5sums=('c7154c8806f791c10e7626ff123049d3'
+         'aebbe57e5286c654e27cf714cf3b704a')
 
 build() {
   cd "${srcdir}/${pkgname}-${pkgver}"
+  patch -Np1 -i "${srcdir}/libgksu-2.0.12-revert-forkpty.patch"
   ./configure --prefix=/usr --sysconfdir=/etc \
-      --localstatedir=/var --disable-static || return 1
-  make || return 1
-  make GCONF_DISABLE_MAKEFILE_SCHEMA_INSTALL=1 DESTDIR="${pkgdir}" install || return 1
+      --localstatedir=/var --disable-static
+  make
+  make GCONF_DISABLE_MAKEFILE_SCHEMA_INSTALL=1 DESTDIR="${pkgdir}" install
   rm -f ${pkgdir}/usr/lib/*.a
   install -m755 -d "${pkgdir}/usr/share/gconf/schemas"
-  gconf-merge-schema "${pkgdir}/usr/share/gconf/schemas/${pkgname}.schemas" --domain libgksu ${pkgdir}/etc/gconf/schemas/*.schemas || return 1
+  gconf-merge-schema "${pkgdir}/usr/share/gconf/schemas/${pkgname}.schemas" --domain libgksu ${pkgdir}/etc/gconf/schemas/*.schemas
   rm -f ${pkgdir}/etc/gconf/schemas/*.schemas
 }

Added: libgksu-2.0.12-revert-forkpty.patch
===================================================================
--- libgksu-2.0.12-revert-forkpty.patch	                        (rev 0)
+++ libgksu-2.0.12-revert-forkpty.patch	2010-09-14 09:37:47 UTC (rev 90625)
@@ -0,0 +1,359 @@
+diff --exclude-from=/home/dang/.scripts/diffrc -up -ruN libgksu-2.0.12.orig/libgksu/libgksu.c libgksu-2.0.12/libgksu/libgksu.c
+--- libgksu-2.0.12.orig/libgksu/libgksu.c	2009-06-29 13:48:24.000000000 -0400
++++ libgksu-2.0.12/libgksu/libgksu.c	2010-01-12 07:32:10.450657456 -0500
+@@ -1,7 +1,6 @@
+ /*
+  * Gksu -- a library providing access to su functionality
+  * Copyright (C) 2004-2009 Gustavo Noronha Silva
+- * Portions Copyright (C) 2009 VMware, Inc.
+  *
+  * This library is free software; you can redistribute it and/or
+  * modify it under the terms of the GNU Lesser General Public
+@@ -56,9 +55,6 @@
+ static void
+ gksu_context_launch_complete (GksuContext *context);
+ 
+-static void
+-read_line (int fd, gchar *buffer, int n);
+-
+ GType
+ gksu_error_get_type (void)
+ {
+@@ -2009,8 +2005,6 @@ gksu_su_fuller (GksuContext *context,
+       for (i = 0 ; cmd[i] != NULL ; i++)
+ 	g_free (cmd[i]);
+       g_free(cmd);
+-
+-      _exit(1);
+     }
+   else if (pid == -1)
+     {
+@@ -2125,10 +2119,10 @@ gksu_su_fuller (GksuContext *context,
+ 	  /* drop the \n echoed on password entry if su did request
+ 	     a password */
+ 	  if (password_needed)
+-	    read_line (fdpty, buf, 255);
++	    read (fdpty, buf, 255);
+ 	  if (context->debug)
+ 	    fprintf (stderr, "DEBUG (run:post-after-pass) buf: -%s-\n", buf);
+-	  read_line (fdpty, buf, 255);
++	  read (fdpty, buf, 255);
+ 	  if (context->debug)
+ 	    fprintf (stderr, "DEBUG (run:post-after-pass) buf: -%s-\n", buf);
+ 	}
+@@ -2142,9 +2136,7 @@ gksu_su_fuller (GksuContext *context,
+ 	{
+ 	  int retval = 0;
+ 
+-	  /* Red Hat's su shows the full path to su in its error messages. */
+-	  if (!strncmp (buf, "su:", 3) ||
+-	      !strncmp (buf, "/bin/su:", 7))
++	  if (!strncmp (buf, "su", 2))
+ 	    {
+ 	      gchar **strings;
+ 
+@@ -2155,11 +2147,7 @@ gksu_su_fuller (GksuContext *context,
+ 		}
+ 
+ 	      strings = g_strsplit (buf, ":", 2);
+-
+-	      /* Red Hat and Fedora use 'incorrect password'. */
+-	      if (strings[1] &&
+-	          (g_str_has_prefix(strings[1], " Authentication failure") ||
+-	           g_str_has_prefix(strings[1], " incorrect password")))
++	      if (strings[1] && !strncmp (strings[1], " Authentication failure", 23))
+ 		{
+ 		  if (used_gnome_keyring)
+ 		    g_set_error (error, gksu_quark,
+@@ -2473,12 +2461,6 @@ gksu_sudo_fuller (GksuContext *context,
+ {
+   char **cmd;
+   char buffer[256] = {0};
+-  char *child_stderr = NULL;
+-  /* This command is used to gain a token */
+-  char *const verifycmd[] =
+-    {
+-      "/usr/bin/sudo", "-p", "GNOME_SUDO_PASS", "-v", NULL
+-    };
+   int argcount = 8;
+   int i, j;
+ 
+@@ -2489,8 +2471,9 @@ gksu_sudo_fuller (GksuContext *context,
+ 
+   pid_t pid;
+   int status;
+-  FILE *fdfile = NULL;
+-  int fdpty = -1;
++  FILE *infile, *outfile;
++  int parent_pipe[2];	/* For talking to the parent */
++  int child_pipe[2];	/* For talking to the child */
+ 
+   context->sudo_mode = TRUE;
+ 
+@@ -2565,10 +2548,6 @@ gksu_sudo_fuller (GksuContext *context,
+   cmd[argcount] = g_strdup("-S");
+   argcount++;
+ 
+-  /* Make sudo noninteractive (we should already have a token) */
+-  cmd[argcount] = g_strdup("-n");
+-  argcount++;
+-
+   /* Make sudo use next arg as prompt */
+   cmd[argcount] = g_strdup("-p");
+   argcount++;
+@@ -2647,21 +2626,26 @@ gksu_sudo_fuller (GksuContext *context,
+ 	fprintf (stderr, "cmd[%d]: %s\n", i, cmd[i]);
+     }
+ 
+-  pid = forkpty(&fdpty, NULL, NULL, NULL);
+-  if (pid == 0)
++  if ((pipe(parent_pipe)) == -1)
+     {
+-      // Child
+-      setsid();   // make us session leader
+-
+-      execv(verifycmd[0], verifycmd);
++      g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
++		   _("Error creating pipe: %s"),
++		   strerror(errno));
++      sudo_reset_xauth (context, xauth, xauth_env);
++      return FALSE;
++    }
+ 
+-      g_set_error (error, gksu_quark, GKSU_ERROR_EXEC,
+-		   _("Failed to exec new process: %s"),
++  if ((pipe(child_pipe)) == -1)
++    {
++      g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
++		   _("Error creating pipe: %s"),
+ 		   strerror(errno));
+       sudo_reset_xauth (context, xauth, xauth_env);
+       return FALSE;
+     }
+-  else if (pid == -1)
++
++  pid = fork();
++  if (pid == -1)
+     {
+       g_set_error (error, gksu_quark, GKSU_ERROR_FORK,
+ 		   _("Failed to fork new process: %s"),
+@@ -2669,26 +2653,56 @@ gksu_sudo_fuller (GksuContext *context,
+       sudo_reset_xauth (context, xauth, xauth_env);
+       return FALSE;
+     }
++  else if (pid == 0)
++    {
++      // Child
++      setsid();   // make us session leader
++      close(child_pipe[1]);
++      dup2(child_pipe[0], STDIN_FILENO);
++      dup2(parent_pipe[1], STDERR_FILENO);
+ 
++      execv(cmd[0], cmd);
++
++      g_set_error (error, gksu_quark, GKSU_ERROR_EXEC,
++		   _("Failed to exec new process: %s"),
++		   strerror(errno));
++      sudo_reset_xauth (context, xauth, xauth_env);
++      return FALSE;
++    }
+   else
+     {
+       gint counter = 0;
+       gchar *cmdline = NULL;
+-      struct termios tio;
+ 
+       // Parent
+-      fdfile = fdopen(fdpty, "w+");
++      close(parent_pipe[1]);
+ 
+-      /* make sure we notice that ECHO is turned off, if it gets
+-         turned off */
+-      tcgetattr (fdpty, &tio);
+-      for (counter = 0; (tio.c_lflag & ECHO) && counter < 15; counter++)
+-      {
+-        usleep (1000);
+-        tcgetattr (fdpty, &tio);
+-      }
++      infile = fdopen(parent_pipe[0], "r");
++      if (!infile)
++	{
++	  g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
++		       _("Error opening pipe: %s"),
++		       strerror(errno));
++	  sudo_reset_xauth (context, xauth, xauth_env);
++	  return FALSE;
++	}
+ 
+-      fcntl (fdpty, F_SETFL, O_NONBLOCK);
++      outfile = fdopen(child_pipe[1], "w");
++      if (!outfile)
++	{
++	  g_set_error (error, gksu_quark, GKSU_ERROR_PIPE,
++		       _("Error opening pipe: %s"),
++		       strerror(errno));
++	  sudo_reset_xauth (context, xauth, xauth_env);
++	  return FALSE;
++	}
++
++      /*
++	we are expecting to receive a GNOME_SUDO_PASS
++	if we don't there are two possibilities: an error
++	or a password is not needed
++      */
++      fcntl (parent_pipe[0], F_SETFL, O_NONBLOCK);
+ 
+       { /* no matter if we can read, since we're using
+ 	   O_NONBLOCK; this is just to avoid the prompt
+@@ -2697,11 +2711,11 @@ gksu_sudo_fuller (GksuContext *context,
+ 	struct timeval tv;
+ 
+ 	FD_ZERO(&rfds);
+-	FD_SET(fdpty, &rfds);
++	FD_SET(parent_pipe[0], &rfds);
+ 	tv.tv_sec = 1;
+ 	tv.tv_usec = 0;
+ 
+-	select (fdpty + 1, &rfds, NULL, NULL, &tv);
++	select (parent_pipe[0] + 1, &rfds, NULL, NULL, &tv);
+       }
+ 
+       /* Try hard to find the prompt; it may happen that we're
+@@ -2713,7 +2727,7 @@ gksu_sudo_fuller (GksuContext *context,
+ 	  if (strncmp (buffer, "GNOME_SUDO_PASS", 15) == 0)
+ 	    break;
+ 
+-	  read_line (fdpty, buffer, 256);
++	  read_line (parent_pipe[0], buffer, 256);
+ 
+ 	  if (context->debug)
+ 	    fprintf (stderr, "buffer: -%s-\n", buffer);
+@@ -2747,17 +2761,18 @@ gksu_sudo_fuller (GksuContext *context,
+ 
+ 	  usleep (1000);
+ 
+-	  write (fdpty, password, strlen(password) + 1);
+-	  write (fdpty, "\n", 1);
++	  fprintf (outfile, "%s\n", password);
++	  fclose (outfile);
+ 
+ 	  nullify_password (password);
+ 
+-	  fcntl(fdpty, F_SETFL, fcntl(fdpty, F_GETFL) & ~O_NONBLOCK);
++	  /* turn NONBLOCK off */
++	  fcntl(parent_pipe[0], F_SETFL, fcntl(parent_pipe[0], F_GETFL) & ~O_NONBLOCK);
+ 	  /* ignore the first newline that comes right after sudo receives
+ 	     the password */
+-	  fgets (buffer, 255, fdfile);
+-	  /* this is the status we are interested in */
+-	  fgets (buffer, 255, fdfile);
++	  fgets (buffer, 255, infile);
++	  /* this is the status we are interessted in */
++	  fgets (buffer, 255, infile);
+ 	}
+       else
+ 	{
+@@ -2766,7 +2781,7 @@ gksu_sudo_fuller (GksuContext *context,
+ 	    fprintf (stderr, "No password prompt found; we'll assume we don't need a password.\n");
+ 
+           /* turn NONBLOCK off, also if have no prompt */
+-          fcntl(fdpty, F_SETFL, fcntl(fdpty, F_GETFL) & ~O_NONBLOCK);
++          fcntl(parent_pipe[0], F_SETFL, fcntl(parent_pipe[0], F_GETFL) & ~O_NONBLOCK);
+ 
+ 	  should_display = gconf_client_get_bool (context->gconf_client,
+ 						  BASE_PATH "display-no-pass-info", NULL);
+@@ -2785,9 +2800,14 @@ gksu_sudo_fuller (GksuContext *context,
+ 	  fprintf (stderr, "%s", buffer);
+ 	}
+ 
+-      if (g_str_has_prefix (buffer, "Sorry, try again."))
++      if (!strcmp (buffer, "Sorry, try again.\n"))
+ 	g_set_error (error, gksu_quark, GKSU_ERROR_WRONGPASS,
+ 		     _("Wrong password."));
++      else if (!strncmp (buffer, "Sorry, user ", 12))
++	g_set_error (error, gksu_quark, GKSU_ERROR_NOT_ALLOWED,
++		     _("The underlying authorization mechanism (sudo) "
++		       "does not allow you to run this program. Contact "
++		       "the system administrator."));
+       else
+ 	{
+ 	  gchar *haystack = buffer;
+@@ -2805,10 +2825,6 @@ gksu_sudo_fuller (GksuContext *context,
+ 	    }
+ 	}
+ 
+-      /* If we have an error, let's just stop sudo right there. */
+-      if (error)
+-        close(fdpty);
+-
+       cmdline = g_strdup("sudo");
+       /* wait for the child process to end or become something other
+ 	 than sudo */
+@@ -2825,23 +2841,17 @@ gksu_sudo_fuller (GksuContext *context,
+       if (context->sn_context)
+ 	gksu_context_launch_complete (context);
+ 
++      while (read (parent_pipe[0], buffer, 255) > 0)
++	{
++	  fprintf (stderr, "%s", buffer);
++	  bzero(buffer, 256);
++	}
++
+       /* if the process is still active waitpid() on it */
+       if (pid_exited != pid)
+ 	waitpid(pid, &status, 0);
+       sudo_reset_xauth (context, xauth, xauth_env);
+ 
+-      /*
+-       * Did token acquisition succeed? If so, spawn sudo in
+-       * non-interactive mode. It should either succeed or die
+-       * immediately if you're not allowed to run the command.
+-       */
+-      if (WEXITSTATUS(status) == 0)
+-        {
+-          g_spawn_sync(NULL, cmd, NULL, 0, NULL, NULL,
+-                       NULL, &child_stderr, &status,
+-                       error);
+-        }
+-
+       if (exit_status)
+       {
+       	if (WIFEXITED(status)) {
+@@ -2853,13 +2863,6 @@ gksu_sudo_fuller (GksuContext *context,
+ 
+       if (WEXITSTATUS(status))
+ 	{
+-          if (g_str_has_prefix(child_stderr, "Sorry, user "))
+-            {
+-              g_set_error (error, gksu_quark, GKSU_ERROR_NOT_ALLOWED,
+-                           _("The underlying authorization mechanism (sudo) "
+-                             "does not allow you to run this program. Contact "
+-                             "the system administrator."));
+-            }
+ 	  if(cmdline)
+ 	    {
+ 	      /* sudo already exec()ed something else, don't report
+@@ -2868,7 +2871,6 @@ gksu_sudo_fuller (GksuContext *context,
+ 	      if (!g_str_has_suffix (cmdline, "sudo"))
+ 		{
+ 		  g_free (cmdline);
+-		  g_free (child_stderr);
+ 		  return FALSE;
+ 		}
+ 	      g_free (cmdline);
+@@ -2881,11 +2883,11 @@ gksu_sudo_fuller (GksuContext *context,
+ 	}
+     }
+ 
+-  fprintf(stderr, child_stderr);
+-  g_free(child_stderr);
+-
+   /* if error is set we have found an error condition */
+-  return (error == NULL);
++  if (error)
++    return FALSE;
++
++  return TRUE;
+ }
+ 
+ /**




More information about the arch-commits mailing list