[arch-commits] Commit in rtkit/trunk (4 files)

Jan Steffens heftig at archlinux.org
Tue Oct 4 18:50:13 UTC 2016


    Date: Tuesday, October 4, 2016 @ 18:50:12
  Author: heftig
Revision: 277708

0.11+6+g417bb7d-1

Modified:
  rtkit/trunk/PKGBUILD
Deleted:
  rtkit/trunk/0001-SECURITY-Pass-uid-of-caller-to-polkit.patch
  rtkit/trunk/libsystemd.patch
  rtkit/trunk/systemd205.patch

--------------------------------------------------+
 0001-SECURITY-Pass-uid-of-caller-to-polkit.patch |   48 -----------------
 PKGBUILD                                         |   35 ++++++------
 libsystemd.patch                                 |   57 ---------------------
 systemd205.patch                                 |   16 -----
 4 files changed, 17 insertions(+), 139 deletions(-)

Deleted: 0001-SECURITY-Pass-uid-of-caller-to-polkit.patch
===================================================================
--- 0001-SECURITY-Pass-uid-of-caller-to-polkit.patch	2016-10-04 18:37:09 UTC (rev 277707)
+++ 0001-SECURITY-Pass-uid-of-caller-to-polkit.patch	2016-10-04 18:50:12 UTC (rev 277708)
@@ -1,48 +0,0 @@
-From f44c5776b25ca2abd7569fb8532c6aede9b0c6b0 Mon Sep 17 00:00:00 2001
-From: Colin Walters <walters at verbum.org>
-Date: Thu, 22 Aug 2013 16:05:22 -0400
-Subject: [PATCH] [SECURITY] Pass uid of caller to polkit
-
-Otherwise, we force polkit to look up the uid itself in /proc, which
-is racy if they execve() a setuid binary.
----
- rtkit-daemon.c |   11 ++++++++++-
- 1 files changed, 10 insertions(+), 1 deletions(-)
-
-diff --git a/rtkit-daemon.c b/rtkit-daemon.c
-index 2ebe673..3ecc1f7 100644
---- a/rtkit-daemon.c
-+++ b/rtkit-daemon.c
-@@ -1170,12 +1170,14 @@ static int verify_polkit(DBusConnection *c, struct rtkit_user *u, struct process
-         DBusMessage *m = NULL, *r = NULL;
-         const char *unix_process = "unix-process";
-         const char *pid = "pid";
-+        const char *uid = "uid";
-         const char *start_time = "start-time";
-         const char *cancel_id = "";
-         uint32_t flags = 0;
-         uint32_t pid_u32 = p->pid;
--        uint64_t start_time_u64 = p->starttime;
-+        uint32_t uid_u32 = (uint32_t)u->uid;
-         DBusMessageIter iter_msg, iter_struct, iter_array, iter_dict, iter_variant;
-+        uint64_t start_time_u64 = p->starttime;
-         int ret;
-         dbus_bool_t authorized = FALSE;
- 
-@@ -1206,6 +1208,13 @@ static int verify_polkit(DBusConnection *c, struct rtkit_user *u, struct process
-         assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant));
-         assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict));
- 
-+        assert_se(dbus_message_iter_open_container(&iter_array, DBUS_TYPE_DICT_ENTRY, NULL, &iter_dict));
-+        assert_se(dbus_message_iter_append_basic(&iter_dict, DBUS_TYPE_STRING, &uid));
-+        assert_se(dbus_message_iter_open_container(&iter_dict, DBUS_TYPE_VARIANT, "u", &iter_variant));
-+        assert_se(dbus_message_iter_append_basic(&iter_variant, DBUS_TYPE_UINT32, &uid_u32));
-+        assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant));
-+        assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict));
-+
-         assert_se(dbus_message_iter_close_container(&iter_struct, &iter_array));
-         assert_se(dbus_message_iter_close_container(&iter_msg, &iter_struct));
- 
--- 
-1.7.1
-

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2016-10-04 18:37:09 UTC (rev 277707)
+++ PKGBUILD	2016-10-04 18:50:12 UTC (rev 277708)
@@ -3,32 +3,31 @@
 # Contributor: Corrado Primier <bardo at aur.archlinux.org>
 
 pkgname=rtkit
-pkgver=0.11
-pkgrel=5
+pkgver=0.11+6+g417bb7d
+pkgrel=1
 pkgdesc="Realtime Policy and Watchdog Daemon"
 arch=(i686 x86_64)
-url="http://git.0pointer.de/?p=rtkit.git"
-license=(GPL 'custom:BSD')
+url="https://github.com/heftig/rtkit"
+license=(GPL3 'custom:BSD')
 depends=(dbus polkit systemd)
+makedepends=(git)
 install=rtkit.install
-source=(http://0pointer.de/public/$pkgname-$pkgver.tar.xz
-        libsystemd.patch systemd205.patch
-        0001-SECURITY-Pass-uid-of-caller-to-polkit.patch)
-md5sums=('a96c33b9827de66033d2311f82d79a5d'
-         '35089c0a284005f4abcf45168415857e'
-         '95195a70551057aca833da6bdbf2e35b'
-         '70df212cba2a6366ff960b60d55858d3')
+_commit=417bb7d79b39ebf7dc799f2b4da62e3996b65542  # master
+source=("git+https://github.com/heftig/rtkit#commit=$_commit")
+sha256sums=('SKIP')
 
+pkgver() {
+  cd $pkgname
+  git describe --tags | sed 's/^v//;s/-/+/g'
+}
+
 prepare() {
-  cd $pkgname-$pkgver
-  patch -Np1 -i ../libsystemd.patch
-  patch -Np1 -i ../systemd205.patch
-  patch -Np1 -i ../0001-SECURITY-Pass-uid-of-caller-to-polkit.patch
-  autoreconf -fi
+  cd $pkgname
+  ./autogen.sh
 }
 
 build() {
-  cd $pkgname-$pkgver
+  cd $pkgname
   ./configure \
     --prefix=/usr \
     --sbindir=/usr/bin \
@@ -41,7 +40,7 @@
 }
 
 package() {
-  cd $pkgname-$pkgver
+  cd $pkgname
   make DESTDIR="$pkgdir" install
 
   install -Dm644 org.freedesktop.RealtimeKit1.xml \

Deleted: libsystemd.patch
===================================================================
--- libsystemd.patch	2016-10-04 18:37:09 UTC (rev 277707)
+++ libsystemd.patch	2016-10-04 18:50:12 UTC (rev 277708)
@@ -1,57 +0,0 @@
-diff -u -r rtkit-0.11/configure.ac rtkit-0.11-sd/configure.ac
---- rtkit-0.11/configure.ac	2012-05-15 15:25:40.000000000 +0200
-+++ rtkit-0.11-sd/configure.ac	2013-05-13 08:12:17.616825455 +0200
-@@ -115,6 +115,7 @@
- AC_SEARCH_LIBS([cap_init], [cap])
- 
- PKG_CHECK_MODULES(DBUS, dbus-1)
-+PKG_CHECK_MODULES(LIBSYSTEMD_DAEMON, libsystemd-daemon)
- 
- AC_ARG_WITH([systemdsystemunitdir],
-         AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]),
-diff -u -r rtkit-0.11/Makefile.am rtkit-0.11-sd/Makefile.am
---- rtkit-0.11/Makefile.am	2012-05-15 15:38:05.000000000 +0200
-+++ rtkit-0.11-sd/Makefile.am	2013-05-13 08:12:18.086822253 +0200
-@@ -56,13 +56,14 @@
- endif
- 
- rtkit_daemon_SOURCES = \
--	rtkit-daemon.c rtkit.h \
--	sd-daemon.c sd-daemon.h
-+	rtkit-daemon.c rtkit.h
- rtkit_daemon_LDADD = \
--	$(DBUS_LIBS)
-+	$(DBUS_LIBS) \
-+	$(LIBSYSTEMD_DAEMON_LIBS)
- rtkit_daemon_CFLAGS = \
- 	$(AM_CFLAGS) \
--	$(DBUS_CFLAGS)
-+	$(DBUS_CFLAGS) \
-+	$(LIBSYSTEMD_DAEMON_CFLAGS)
- 
- rtkitctl_SOURCES = \
- 	rtkitctl.c rtkit.h
-@@ -93,7 +94,3 @@
- 
- DISTCHECK_CONFIGURE_FLAGS = \
- 	--with-systemdsystemunitdir=$$dc_install_base/$(systemdsystemunitdir)
--
--update-systemd:
--	curl http://cgit.freedesktop.org/systemd/systemd/plain/src/libsystemd-daemon/sd-daemon.c > sd-daemon.c
--	curl http://cgit.freedesktop.org/systemd/systemd/plain/src/systemd/sd-daemon.h > sd-daemon.h
-diff -u -r rtkit-0.11/rtkit-daemon.c rtkit-0.11-sd/rtkit-daemon.c
---- rtkit-0.11/rtkit-daemon.c	2012-05-15 15:25:40.000000000 +0200
-+++ rtkit-0.11-sd/rtkit-daemon.c	2013-05-13 08:13:07.933149359 +0200
-@@ -50,9 +50,9 @@
- #include <dirent.h>
- #include <syslog.h>
- #include <grp.h>
-+#include <systemd/sd-daemon.h>
- 
- #include "rtkit.h"
--#include "sd-daemon.h"
- 
- #ifndef __linux__
- #error "This stuff only works on Linux!"
-Only in rtkit-0.11: sd-daemon.c
-Only in rtkit-0.11: sd-daemon.h

Deleted: systemd205.patch
===================================================================
--- systemd205.patch	2016-10-04 18:37:09 UTC (rev 277707)
+++ systemd205.patch	2016-10-04 18:50:12 UTC (rev 277708)
@@ -1,16 +0,0 @@
-diff -u -r rtkit-0.11/rtkit-daemon.service.in rtkit-0.11-sd205/rtkit-daemon.service.in
---- rtkit-0.11/rtkit-daemon.service.in	2012-05-15 15:25:40.000000000 +0200
-+++ rtkit-0.11-sd205/rtkit-daemon.service.in	2013-07-25 10:27:37.790884664 +0200
-@@ -24,12 +24,7 @@
- BusName=org.freedesktop.RealtimeKit1
- NotifyAccess=main
- CapabilityBoundingSet=CAP_SYS_NICE CAP_DAC_READ_SEARCH CAP_SYS_PTRACE CAP_SYS_CHROOT CAP_SETGID CAP_SETUID
--PrivateTmp=yes
- PrivateNetwork=yes
- 
--# Work around the fact that the Linux currently doesn't assign any RT
--# budget to CPU control groups that have none configured explicitly
--ControlGroup=cpu:/
--
- [Install]
- WantedBy=graphical.target



More information about the arch-commits mailing list