[arch-commits] Commit in networkmanager/trunk (3 files)
Jan Steffens
heftig at archlinux.org
Sun Apr 24 11:36:53 UTC 2016
Date: Sunday, April 24, 2016 @ 13:36:52
Author: heftig
Revision: 266108
1.2.0-2
Added:
networkmanager/trunk/hidepid.patch
Modified:
networkmanager/trunk/NetworkManager.conf
networkmanager/trunk/PKGBUILD
---------------------+
NetworkManager.conf | 6 -----
PKGBUILD | 28 ++++++++++++++++++-------
hidepid.patch | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 75 insertions(+), 13 deletions(-)
Modified: NetworkManager.conf
===================================================================
--- NetworkManager.conf 2016-04-24 10:59:47 UTC (rev 266107)
+++ NetworkManager.conf 2016-04-24 11:36:52 UTC (rev 266108)
@@ -1,12 +1,8 @@
[main]
plugins=keyfile
-dhcp=dhclient
+dhcp=internal
dns=default
-## Set static hostname
-#[keyfile]
-#hostname=foobar
-
## HTTP-based connectivity check
#[connectivity]
#uri=http://nmcheck.gnome.org/check_network_status.txt
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2016-04-24 10:59:47 UTC (rev 266107)
+++ PKGBUILD 2016-04-24 11:36:52 UTC (rev 266108)
@@ -9,25 +9,32 @@
pkgbase=networkmanager
pkgname=(networkmanager libnm-glib)
pkgver=1.2.0
-pkgrel=1
+pkgrel=2
pkgdesc="Network Management daemon"
arch=(i686 x86_64)
license=(GPL2 LGPL2.1)
url="http://www.gnome.org/projects/NetworkManager/"
_pppver=2.4.7
-makedepends=(intltool dhclient iptables gobject-introspection gtk-doc "ppp=$_pppver"
- modemmanager dbus-glib iproute2 libnl nss polkit wpa_supplicant libsoup
- systemd libgudev libmm-glib rp-pppoe libnewt libndp libteam vala perl-yaml
- python-gobject)
+makedepends=(intltool dhclient iptables gobject-introspection gtk-doc
+ "ppp=$_pppver" modemmanager dbus-glib iproute2 nss polkit
+ wpa_supplicant libsoup systemd libgudev libmm-glib rp-pppoe
+ libnewt libndp libteam vala perl-yaml python-gobject)
checkdepends=(libx11 python-dbus)
source=(https://download.gnome.org/sources/NetworkManager/${pkgver:0:3}/NetworkManager-$pkgver.tar.xz
+ hidepid.patch
NetworkManager.conf)
sha256sums=('e947cf30fa3d19dce88e6f6af51f06dc282b7db7996f946aaa37b03526ef2a80'
- '2c6a647b5aec9f3c356d5d95251976a21297c6e64bd8d2a59339f8450a86cb3b')
+ '1de5b511b6b4a933739b0ef48ede1830fa3d6dea2277c1302b12b08fa83a73f1'
+ '452e4f77c1de92b1e08f6f58674a6c52a2b2d65b7deb0ba436e9afa91ee15103')
prepare() {
cd NetworkManager-$pkgver
+
+ # https://bugs.archlinux.org/task/48984
+ patch -Np1 -i ../hidepid.patch
+
2to3 -w libnm src tools
+
NOCONFIGURE=1 ./autogen.sh
}
@@ -59,6 +66,8 @@
--enable-doc \
--enable-gtk-doc
+ sed -i -e 's/ -shared / -Wl,-O1,--as-needed\0 /g' -e 's/ if test "$export_dynamic" = yes && test -n "$export_dynamic_flag_spec"; then/ func_append compile_command " -Wl,-O1,--as-needed"\n func_append finalize_command " -Wl,-O1,--as-needed"\n\0/' libtool
+
make
}
@@ -68,13 +77,14 @@
}
package_networkmanager() {
- depends=(libnm-glib iproute2 libnl polkit wpa_supplicant dhclient libsoup
- libmm-glib libnewt libndp libteam libgudev)
+ depends=(libnm-glib iproute2 polkit wpa_supplicant libsoup libmm-glib
+ libnewt libndp libteam)
optdepends=('dnsmasq: connection sharing'
'bluez: Bluetooth support'
'openresolv: resolvconf support'
'ppp: dialup connection support'
'rp-pppoe: ADSL support'
+ 'dhclient: External DHCP client'
'modemmanager: cellular network support')
backup=('etc/NetworkManager/NetworkManager.conf')
@@ -93,6 +103,8 @@
install -m755 -d "$pkgdir/etc/NetworkManager/dnsmasq.d"
rm -r "$pkgdir/var/run"
+ rmdir -p --ignore-fail-on-non-empty \
+ "$pkgdir"/usr/{share/{vala/vapi,gir-1.0},lib/girepository-1.0}
}
package_libnm-glib() {
Added: hidepid.patch
===================================================================
--- hidepid.patch (rev 0)
+++ hidepid.patch 2016-04-24 11:36:52 UTC (rev 266108)
@@ -0,0 +1,54 @@
+From 4f06ae603e268f237d439afe3f3e7e662a0c2727 Mon Sep 17 00:00:00 2001
+From: Thomas Haller <thaller at redhat.com>
+Date: Fri, 22 Apr 2016 11:36:26 +0200
+Subject: auth: allow failures to read process start_time from /proc/$PID/stat
+ with hidepid
+
+When mounting /proc with hidepid, we might fail to read the
+start-time of the process from /proc/$PID/stat. In this case,
+we should just accept a start-time of zero.
+
+On the other side of authentication, polkit should accept a zero
+start-time too.
+
+nm_utils_get_start_time_for_pid() has other uses in NetworkManager,
+mostly when killing a process from a PIDFILE or during
+nm_utils_kill_process_sync(). In both these cases, this will only
+succeed if we try to kill a process that also runs a root.
+
+For processes started by the current instance, we don't care about the
+PIDFILE and use nm_utils_kill_child_?sync() -- so there is no problem
+with hidepid there.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=764502
+(cherry picked from commit 3d505b3f87c9cb9bfdc9b9a1fc67f57330701d03)
+
+diff --git a/src/nm-auth-subject.c b/src/nm-auth-subject.c
+index 494d52d..86b873f 100644
+--- a/src/nm-auth-subject.c
++++ b/src/nm-auth-subject.c
+@@ -360,9 +360,18 @@ constructed (GObject *object)
+ priv->unix_process.start_time = nm_utils_get_start_time_for_pid (priv->unix_process.pid, NULL, NULL);
+
+ if (!priv->unix_process.start_time) {
+- /* could not detect the process start time. The subject is invalid, but don't
+- * assert against it. */
+- _clear_private (priv);
++ /* Is the process already gone? Then fail creation of the auth subject
++ * by clearing the type. */
++ if (kill (priv->unix_process.pid, 0) != 0)
++ _clear_private (priv);
++
++ /* Otherwise, although we didn't detect a start_time, the process is still around.
++ * That could be due to procfs mounted with hidepid. So just accept the request.
++ *
++ * Polkit on the other side, will accept 0 and try to lookup /proc/$PID/stat
++ * itself (and if it fails to do so, assume a start-time of 0 and proceed).
++ * The only combination that would fail here, is when NM is able to read the
++ * start-time, but polkit is not. */
+ }
+ return;
+ default:
+--
+cgit v0.10.2
+
More information about the arch-commits
mailing list