[arch-commits] Commit in polkit/trunk (4 files)
Jan de Groot
jgc at archlinux.org
Mon Jan 7 11:39:18 UTC 2013
Date: Monday, January 7, 2013 @ 06:39:18
Author: jgc
Revision: 174765
upgpkg: polkit 0.109-1
Update to 109, add upstream patch to fix issues with missing XAUTHORITY environment variable set
Added:
polkit/trunk/fix-xauthority.patch
Modified:
polkit/trunk/PKGBUILD
Deleted:
polkit/trunk/autogen.sh
polkit/trunk/fix-empty-wheel.patch
-----------------------+
PKGBUILD | 14 ++---
autogen.sh | 123 ------------------------------------------------
fix-empty-wheel.patch | 47 ------------------
fix-xauthority.patch | 58 ++++++++++++++++++++++
4 files changed, 65 insertions(+), 177 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2013-01-07 09:30:41 UTC (rev 174764)
+++ PKGBUILD 2013-01-07 11:39:18 UTC (rev 174765)
@@ -2,8 +2,8 @@
# Maintainer: Jan de Groot <jgc at archlinux.org>
pkgname=polkit
-pkgver=0.107
-pkgrel=4
+pkgver=0.109
+pkgrel=1
pkgdesc="Application development toolkit for controlling system-wide privileges"
arch=(i686 x86_64)
license=('LGPL')
@@ -14,16 +14,16 @@
options=('!libtool')
install=polkit.install
source=(http://www.freedesktop.org/software/polkit/releases/$pkgname-$pkgver.tar.gz
- polkit.pam fix-empty-wheel.patch)
-md5sums=('0e4f9c53f43fd1b25ac3f0d2e09b2ae1'
+ polkit.pam
+ fix-xauthority.patch)
+md5sums=('8c3f08287dd3e1e546e3c2ae00090908'
'6564f95878297b954f0572bc1610dd15'
- 'c99ab2a7919ad0b69fde4804c043b07f')
+ '78db344a30d7aa089b4705009ec95b58')
build() {
cd $pkgname-$pkgver
- # https://bugs.archlinux.org/task/31717
- patch -Np1 -i ../fix-empty-wheel.patch
+ patch -Np1 -i ../fix-xauthority.patch
./configure --prefix=/usr --sysconfdir=/etc \
--localstatedir=/var --libexecdir=/usr/lib/polkit-1 \
Deleted: autogen.sh
===================================================================
--- autogen.sh 2013-01-07 09:30:41 UTC (rev 174764)
+++ autogen.sh 2013-01-07 11:39:18 UTC (rev 174765)
@@ -1,123 +0,0 @@
-#!/bin/sh
-# Run this to generate all the initial makefiles, etc.
-
-srcdir=`dirname $0`
-test -z "$srcdir" && srcdir=.
-
-DIE=0
-
-(test -f $srcdir/configure.ac) || {
- echo -n "**Error**: Directory $srcdir does not look like the"
- echo " top-level package directory"
- exit 1
-}
-
-olddir=`pwd`
-cd "$srcdir"
-
-touch ChangeLog
-
-(autoconf --version) < /dev/null > /dev/null 2>&1 || {
- echo
- echo "**Error**: You must have autoconf installed."
- echo "Download the appropriate package for your distribution,"
- echo "or get the source tarball at ftp://ftp.gnu.org/pub/gnu/"
- DIE=1
-}
-
-(grep "^AM_PROG_LIBTOOL" configure.ac >/dev/null) && {
- (libtoolize --version) < /dev/null > /dev/null 2>&1 || {
- echo
- echo "**Error**: You must have libtool installed."
- echo "You can get it from: ftp://ftp.gnu.org/pub/gnu/"
- DIE=1
- }
-}
-
-(gtkdocize --flavour no-tmpl) < /dev/null > /dev/null 2>&1 || {
- echo
- echo "You must have gtk-doc installed to compile $PROJECT."
- echo "Install the appropriate package for your distribution,"
- echo "or get the source tarball at http://ftp.gnome.org/pub/GNOME/sources/gtk-doc/"
- DIE=1
-}
-
-(automake --version) < /dev/null > /dev/null 2>&1 || {
- echo
- echo "**Error**: You must have automake installed."
- echo "You can get it from: ftp://ftp.gnu.org/pub/gnu/"
- DIE=1
- NO_AUTOMAKE=yes
-}
-
-
-# if no automake, don't bother testing for aclocal
-test -n "$NO_AUTOMAKE" || (aclocal --version) < /dev/null > /dev/null 2>&1 || {
- echo
- echo "**Error**: Missing aclocal. The version of automake"
- echo "installed doesn't appear recent enough."
- echo "You can get automake from ftp://ftp.gnu.org/pub/gnu/"
- DIE=1
-}
-
-
-# if no automake, don't bother testing for autoreconf
-test -n "$NO_AUTOMAKE" || (autoreconf --version) < /dev/null > /dev/null 2>&1 || {
- echo
- echo "**Error**: You must have autoreconf installed."
- echo "You can get autoreconf from ..."
- DIE=1
-}
-
-
-if test "$DIE" -eq 1; then
- exit 1
-fi
-
-if test -z "$*"; then
- echo "**Warning**: I am going to run configure with no arguments."
- echo "If you wish to pass any to it, please specify them on the"
- echo $0 " command line."
- echo
-fi
-
-case $CC in
-xlc )
- am_opt=--include-deps;;
-esac
-
- aclocalinclude="$ACLOCAL_FLAGS"
-
- echo "Running autoreconf on test/mocklibc ..."
- (cd "test/mocklibc"; autoreconf --install)
-
- if grep "^AM_PROG_LIBTOOL" configure.ac >/dev/null; then
- if test -z "$NO_LIBTOOLIZE" ; then
- echo "Running libtoolize..."
- libtoolize --force --copy
- fi
- fi
- echo "Running aclocal $aclocalinclude ..."
- aclocal $aclocalinclude
- if grep "^AM_CONFIG_HEADER" configure.ac >/dev/null; then
- echo "Running autoheader..."
- autoheader
- fi
- echo "Running automake --gnu -Wno-portability $am_opt ..."
- automake --add-missing --gnu -Wno-portability $am_opt
- echo "Running autoconf ..."
- autoconf
-
-intltoolize --copy --force --automake || exit 1
-
-cd "$olddir"
-
-conf_flags="--enable-maintainer-mode --enable-gtk-doc"
-
-if test x$NOCONFIGURE = x; then
- echo "Running $srcdir/configure $conf_flags $@ ..."
- $srcdir/configure $conf_flags "$@" \
- && echo "Now type make to compile." || exit 1
-else
- echo "Skipping configure process."
-fi
Deleted: fix-empty-wheel.patch
===================================================================
--- fix-empty-wheel.patch 2013-01-07 09:30:41 UTC (rev 174764)
+++ fix-empty-wheel.patch 2013-01-07 11:39:18 UTC (rev 174765)
@@ -1,47 +0,0 @@
-From fa04223240d46641b0773dbf9f7d72f529046bea Mon Sep 17 00:00:00 2001
-From: David Zeuthen <zeuthen at gmail.com>
-Date: Tue, 18 Sep 2012 18:47:06 +0000
-Subject: Fall back to authenticating as uid 0 if the list of admin identities is empty
-
-For example, this can happen if the wheel group has no members. This
-was reported in Red Hat bug 834494, see
-
- https://bugzilla.redhat.com/show_bug.cgi?id=834494
-
-Signed-off-by: David Zeuthen <zeuthen at gmail.com>
----
-diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c
-index 1d4a555..3bd2f0b 100644
---- a/src/polkitbackend/polkitbackendinteractiveauthority.c
-+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c
-@@ -1293,15 +1293,11 @@ polkit_backend_interactive_authority_get_admin_identities (PolkitBackendInteract
- PolkitDetails *details)
- {
- PolkitBackendInteractiveAuthorityClass *klass;
-- GList *ret;
-+ GList *ret = NULL;
-
- klass = POLKIT_BACKEND_INTERACTIVE_AUTHORITY_GET_CLASS (authority);
-
-- if (klass->get_admin_identities == NULL)
-- {
-- ret = g_list_prepend (NULL, polkit_unix_user_new (0));
-- }
-- else
-+ if (klass->get_admin_identities != NULL)
- {
- ret = klass->get_admin_identities (authority,
- caller,
-@@ -2257,6 +2253,10 @@ authentication_agent_initiate_challenge (AuthenticationAgent *agent,
- }
- }
-
-+ /* Fall back to uid 0 if no users are available (rhbz #834494) */
-+ if (user_identities == NULL)
-+ user_identities = g_list_prepend (NULL, polkit_unix_user_new (0));
-+
- session = authentication_session_new (agent,
- cookie,
- subject,
---
-cgit v0.9.0.2-2-gbebe
Added: fix-xauthority.patch
===================================================================
--- fix-xauthority.patch (rev 0)
+++ fix-xauthority.patch 2013-01-07 11:39:18 UTC (rev 174765)
@@ -0,0 +1,58 @@
+From d6acecdd0ebb42e28ff28e04e0207cb01fa20910 Mon Sep 17 00:00:00 2001
+From: David Zeuthen <zeuthen at gmail.com>
+Date: Wed, 19 Dec 2012 19:28:29 +0000
+Subject: Set XAUTHORITY environment variable if is unset
+
+The way it works is that if XAUTHORITY is unset, then its default
+value is $HOME/.Xauthority. But since we're changing user identity
+this will not work since $HOME will now change. Therefore, if
+XAUTHORITY is unset, just set its default value before changing
+identity. This bug only affected login managers using X Window
+Authorization but not explicitly setting the XAUTHORITY variable.
+
+You can argue that XAUTHORITY is broken since it forces uid-changing
+apps like pkexec(1) to do more work - and get involved in intimate
+details of how X works and so on - but that doesn't change how things
+work.
+
+Based on a patch from Peter Wu <lekensteyn at gmail.com>.
+
+https://bugs.freedesktop.org/show_bug.cgi?id=51623
+
+Signed-off-by: David Zeuthen <zeuthen at gmail.com>
+---
+diff --git a/src/programs/pkexec.c b/src/programs/pkexec.c
+index 840eb3c..da9784a 100644
+--- a/src/programs/pkexec.c
++++ b/src/programs/pkexec.c
+@@ -608,6 +608,28 @@ main (int argc, char *argv[])
+ g_ptr_array_add (saved_env, g_strdup (value));
+ }
+
++ /* $XAUTHORITY is "special" - if unset, we need to set it to ~/.Xauthority. Yes,
++ * this is broken but it's unfortunately how things work (see fdo #51623 for
++ * details)
++ */
++ if (g_getenv ("XAUTHORITY") == NULL)
++ {
++ const gchar *home;
++
++ /* pre-2.36 GLib does not examine $HOME (it always looks in /etc/passwd) and
++ * this is not what we want
++ */
++ home = g_getenv ("HOME");
++ if (home == NULL)
++ home = g_get_home_dir ();
++
++ if (home != NULL)
++ {
++ g_ptr_array_add (saved_env, g_strdup ("XAUTHORITY"));
++ g_ptr_array_add (saved_env, g_build_filename (home, ".Xauthority", NULL));
++ }
++ }
++
+ /* Nuke the environment to get a well-known and sanitized environment to avoid attacks
+ * via e.g. the DBUS_SYSTEM_BUS_ADDRESS environment variable and similar.
+ */
+--
+cgit v0.9.0.2-2-gbebe
More information about the arch-commits
mailing list