[arch-commits] Commit in gcr/trunk (10-gcr.conf PKGBUILD)
Jan Steffens
heftig at archlinux.org
Mon Nov 12 21:17:51 UTC 2012
Date: Monday, November 12, 2012 @ 16:17:50
Author: heftig
Revision: 170867
Let users lock some memory for secure storage purposes FS#32616
Added:
gcr/trunk/10-gcr.conf
Modified:
gcr/trunk/PKGBUILD
-------------+
10-gcr.conf | 3 +++
PKGBUILD | 13 ++++++++++---
2 files changed, 13 insertions(+), 3 deletions(-)
Added: 10-gcr.conf
===================================================================
--- 10-gcr.conf (rev 0)
+++ 10-gcr.conf 2012-11-12 21:17:50 UTC (rev 170867)
@@ -0,0 +1,3 @@
+ at users - memlock 1024
+
+# vim:set ft=limits:
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2012-11-12 20:16:17 UTC (rev 170866)
+++ PKGBUILD 2012-11-12 21:17:50 UTC (rev 170867)
@@ -3,7 +3,7 @@
pkgname=gcr
pkgver=3.6.2
-pkgrel=1
+pkgrel=2
pkgdesc="A library for bits of crypto UI and parsing"
arch=(i686 x86_64)
url="http://www.gnome.org"
@@ -12,8 +12,10 @@
makedepends=('intltool' 'gobject-introspection')
options=(!libtool)
install=gcr.install
-source=(http://download.gnome.org/sources/$pkgname/${pkgver%.*}/$pkgname-$pkgver.tar.xz)
-sha256sums=('f709db2435e3635b68d8aa212863e0a8e81b1cc33442852a5183762876c7be9b')
+source=(http://download.gnome.org/sources/$pkgname/${pkgver::3}/$pkgname-$pkgver.tar.xz
+ 10-gcr.conf)
+sha256sums=('f709db2435e3635b68d8aa212863e0a8e81b1cc33442852a5183762876c7be9b'
+ '5f2eda7175ae9f23ee0e09d2beceb24fd2f6daafd7bddfcc1c1f5a3734eb60fc')
build() {
cd "$pkgname-$pkgver"
@@ -28,6 +30,11 @@
package() {
cd "$pkgname-$pkgver"
make DESTDIR="$pkgdir" install
+
+ # gcr wants to lock some memory to prevent swapping out private keys
+ # https://bugs.archlinux.org/task/32616
+ # https://bugzilla.gnome.org/show_bug.cgi?id=688161
+ install -Dm644 ../10-gcr.conf "$pkgdir/etc/security/limits.d/10-gcr.conf"
}
# vim:set ts=2 sw=2 et:
More information about the arch-commits
mailing list