[arch-commits] Commit in rtkit/trunk (4 files)
Jan Steffens
heftig at archlinux.org
Tue Oct 4 18:50:13 UTC 2016
Date: Tuesday, October 4, 2016 @ 18:50:12
Author: heftig
Revision: 277708
0.11+6+g417bb7d-1
Modified:
rtkit/trunk/PKGBUILD
Deleted:
rtkit/trunk/0001-SECURITY-Pass-uid-of-caller-to-polkit.patch
rtkit/trunk/libsystemd.patch
rtkit/trunk/systemd205.patch
--------------------------------------------------+
0001-SECURITY-Pass-uid-of-caller-to-polkit.patch | 48 -----------------
PKGBUILD | 35 ++++++------
libsystemd.patch | 57 ---------------------
systemd205.patch | 16 -----
4 files changed, 17 insertions(+), 139 deletions(-)
Deleted: 0001-SECURITY-Pass-uid-of-caller-to-polkit.patch
===================================================================
--- 0001-SECURITY-Pass-uid-of-caller-to-polkit.patch 2016-10-04 18:37:09 UTC (rev 277707)
+++ 0001-SECURITY-Pass-uid-of-caller-to-polkit.patch 2016-10-04 18:50:12 UTC (rev 277708)
@@ -1,48 +0,0 @@
-From f44c5776b25ca2abd7569fb8532c6aede9b0c6b0 Mon Sep 17 00:00:00 2001
-From: Colin Walters <walters at verbum.org>
-Date: Thu, 22 Aug 2013 16:05:22 -0400
-Subject: [PATCH] [SECURITY] Pass uid of caller to polkit
-
-Otherwise, we force polkit to look up the uid itself in /proc, which
-is racy if they execve() a setuid binary.
----
- rtkit-daemon.c | 11 ++++++++++-
- 1 files changed, 10 insertions(+), 1 deletions(-)
-
-diff --git a/rtkit-daemon.c b/rtkit-daemon.c
-index 2ebe673..3ecc1f7 100644
---- a/rtkit-daemon.c
-+++ b/rtkit-daemon.c
-@@ -1170,12 +1170,14 @@ static int verify_polkit(DBusConnection *c, struct rtkit_user *u, struct process
- DBusMessage *m = NULL, *r = NULL;
- const char *unix_process = "unix-process";
- const char *pid = "pid";
-+ const char *uid = "uid";
- const char *start_time = "start-time";
- const char *cancel_id = "";
- uint32_t flags = 0;
- uint32_t pid_u32 = p->pid;
-- uint64_t start_time_u64 = p->starttime;
-+ uint32_t uid_u32 = (uint32_t)u->uid;
- DBusMessageIter iter_msg, iter_struct, iter_array, iter_dict, iter_variant;
-+ uint64_t start_time_u64 = p->starttime;
- int ret;
- dbus_bool_t authorized = FALSE;
-
-@@ -1206,6 +1208,13 @@ static int verify_polkit(DBusConnection *c, struct rtkit_user *u, struct process
- assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant));
- assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict));
-
-+ assert_se(dbus_message_iter_open_container(&iter_array, DBUS_TYPE_DICT_ENTRY, NULL, &iter_dict));
-+ assert_se(dbus_message_iter_append_basic(&iter_dict, DBUS_TYPE_STRING, &uid));
-+ assert_se(dbus_message_iter_open_container(&iter_dict, DBUS_TYPE_VARIANT, "u", &iter_variant));
-+ assert_se(dbus_message_iter_append_basic(&iter_variant, DBUS_TYPE_UINT32, &uid_u32));
-+ assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant));
-+ assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict));
-+
- assert_se(dbus_message_iter_close_container(&iter_struct, &iter_array));
- assert_se(dbus_message_iter_close_container(&iter_msg, &iter_struct));
-
---
-1.7.1
-
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2016-10-04 18:37:09 UTC (rev 277707)
+++ PKGBUILD 2016-10-04 18:50:12 UTC (rev 277708)
@@ -3,32 +3,31 @@
# Contributor: Corrado Primier <bardo at aur.archlinux.org>
pkgname=rtkit
-pkgver=0.11
-pkgrel=5
+pkgver=0.11+6+g417bb7d
+pkgrel=1
pkgdesc="Realtime Policy and Watchdog Daemon"
arch=(i686 x86_64)
-url="http://git.0pointer.de/?p=rtkit.git"
-license=(GPL 'custom:BSD')
+url="https://github.com/heftig/rtkit"
+license=(GPL3 'custom:BSD')
depends=(dbus polkit systemd)
+makedepends=(git)
install=rtkit.install
-source=(http://0pointer.de/public/$pkgname-$pkgver.tar.xz
- libsystemd.patch systemd205.patch
- 0001-SECURITY-Pass-uid-of-caller-to-polkit.patch)
-md5sums=('a96c33b9827de66033d2311f82d79a5d'
- '35089c0a284005f4abcf45168415857e'
- '95195a70551057aca833da6bdbf2e35b'
- '70df212cba2a6366ff960b60d55858d3')
+_commit=417bb7d79b39ebf7dc799f2b4da62e3996b65542 # master
+source=("git+https://github.com/heftig/rtkit#commit=$_commit")
+sha256sums=('SKIP')
+pkgver() {
+ cd $pkgname
+ git describe --tags | sed 's/^v//;s/-/+/g'
+}
+
prepare() {
- cd $pkgname-$pkgver
- patch -Np1 -i ../libsystemd.patch
- patch -Np1 -i ../systemd205.patch
- patch -Np1 -i ../0001-SECURITY-Pass-uid-of-caller-to-polkit.patch
- autoreconf -fi
+ cd $pkgname
+ ./autogen.sh
}
build() {
- cd $pkgname-$pkgver
+ cd $pkgname
./configure \
--prefix=/usr \
--sbindir=/usr/bin \
@@ -41,7 +40,7 @@
}
package() {
- cd $pkgname-$pkgver
+ cd $pkgname
make DESTDIR="$pkgdir" install
install -Dm644 org.freedesktop.RealtimeKit1.xml \
Deleted: libsystemd.patch
===================================================================
--- libsystemd.patch 2016-10-04 18:37:09 UTC (rev 277707)
+++ libsystemd.patch 2016-10-04 18:50:12 UTC (rev 277708)
@@ -1,57 +0,0 @@
-diff -u -r rtkit-0.11/configure.ac rtkit-0.11-sd/configure.ac
---- rtkit-0.11/configure.ac 2012-05-15 15:25:40.000000000 +0200
-+++ rtkit-0.11-sd/configure.ac 2013-05-13 08:12:17.616825455 +0200
-@@ -115,6 +115,7 @@
- AC_SEARCH_LIBS([cap_init], [cap])
-
- PKG_CHECK_MODULES(DBUS, dbus-1)
-+PKG_CHECK_MODULES(LIBSYSTEMD_DAEMON, libsystemd-daemon)
-
- AC_ARG_WITH([systemdsystemunitdir],
- AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]),
-diff -u -r rtkit-0.11/Makefile.am rtkit-0.11-sd/Makefile.am
---- rtkit-0.11/Makefile.am 2012-05-15 15:38:05.000000000 +0200
-+++ rtkit-0.11-sd/Makefile.am 2013-05-13 08:12:18.086822253 +0200
-@@ -56,13 +56,14 @@
- endif
-
- rtkit_daemon_SOURCES = \
-- rtkit-daemon.c rtkit.h \
-- sd-daemon.c sd-daemon.h
-+ rtkit-daemon.c rtkit.h
- rtkit_daemon_LDADD = \
-- $(DBUS_LIBS)
-+ $(DBUS_LIBS) \
-+ $(LIBSYSTEMD_DAEMON_LIBS)
- rtkit_daemon_CFLAGS = \
- $(AM_CFLAGS) \
-- $(DBUS_CFLAGS)
-+ $(DBUS_CFLAGS) \
-+ $(LIBSYSTEMD_DAEMON_CFLAGS)
-
- rtkitctl_SOURCES = \
- rtkitctl.c rtkit.h
-@@ -93,7 +94,3 @@
-
- DISTCHECK_CONFIGURE_FLAGS = \
- --with-systemdsystemunitdir=$$dc_install_base/$(systemdsystemunitdir)
--
--update-systemd:
-- curl http://cgit.freedesktop.org/systemd/systemd/plain/src/libsystemd-daemon/sd-daemon.c > sd-daemon.c
-- curl http://cgit.freedesktop.org/systemd/systemd/plain/src/systemd/sd-daemon.h > sd-daemon.h
-diff -u -r rtkit-0.11/rtkit-daemon.c rtkit-0.11-sd/rtkit-daemon.c
---- rtkit-0.11/rtkit-daemon.c 2012-05-15 15:25:40.000000000 +0200
-+++ rtkit-0.11-sd/rtkit-daemon.c 2013-05-13 08:13:07.933149359 +0200
-@@ -50,9 +50,9 @@
- #include <dirent.h>
- #include <syslog.h>
- #include <grp.h>
-+#include <systemd/sd-daemon.h>
-
- #include "rtkit.h"
--#include "sd-daemon.h"
-
- #ifndef __linux__
- #error "This stuff only works on Linux!"
-Only in rtkit-0.11: sd-daemon.c
-Only in rtkit-0.11: sd-daemon.h
Deleted: systemd205.patch
===================================================================
--- systemd205.patch 2016-10-04 18:37:09 UTC (rev 277707)
+++ systemd205.patch 2016-10-04 18:50:12 UTC (rev 277708)
@@ -1,16 +0,0 @@
-diff -u -r rtkit-0.11/rtkit-daemon.service.in rtkit-0.11-sd205/rtkit-daemon.service.in
---- rtkit-0.11/rtkit-daemon.service.in 2012-05-15 15:25:40.000000000 +0200
-+++ rtkit-0.11-sd205/rtkit-daemon.service.in 2013-07-25 10:27:37.790884664 +0200
-@@ -24,12 +24,7 @@
- BusName=org.freedesktop.RealtimeKit1
- NotifyAccess=main
- CapabilityBoundingSet=CAP_SYS_NICE CAP_DAC_READ_SEARCH CAP_SYS_PTRACE CAP_SYS_CHROOT CAP_SETGID CAP_SETUID
--PrivateTmp=yes
- PrivateNetwork=yes
-
--# Work around the fact that the Linux currently doesn't assign any RT
--# budget to CPU control groups that have none configured explicitly
--ControlGroup=cpu:/
--
- [Install]
- WantedBy=graphical.target
More information about the arch-commits
mailing list