summaryrefslogtreecommitdiffstats
path: root/abs/extra/policykit
diff options
context:
space:
mode:
Diffstat (limited to 'abs/extra/policykit')
-rw-r--r--abs/extra/policykit/PKGBUILD43
-rw-r--r--abs/extra/policykit/entry-leak.patch37
-rw-r--r--abs/extra/policykit/pk-ck-api-change.patch83
-rw-r--r--abs/extra/policykit/policykit.install30
-rw-r--r--abs/extra/policykit/polkit-0.8-dbus-policy.patch12
-rw-r--r--abs/extra/policykit/polkit.pam7
6 files changed, 212 insertions, 0 deletions
diff --git a/abs/extra/policykit/PKGBUILD b/abs/extra/policykit/PKGBUILD
new file mode 100644
index 0000000..d7dd90e
--- /dev/null
+++ b/abs/extra/policykit/PKGBUILD
@@ -0,0 +1,43 @@
+# $Id: $
+# Maintainer: Jan de Groot <jgc@archlinux.org>
+
+pkgname=policykit
+pkgver=0.9
+pkgrel=9
+pkgdesc="Application development toolkit for controlling system-wide privileges"
+arch=(i686 x86_64)
+license=('custom')
+url="http://hal.freedesktop.org/docs/PolicyKit/"
+depends=('dbus-glib>=0.80' 'expat>=2.0.1' 'pam')
+makedepends=('intltool' 'docbook-xsl' 'gtk-doc')
+options=('!libtool')
+backup=('etc/PolicyKit/PolicyKit.conf')
+install=policykit.install
+source=(http://hal.freedesktop.org/releases/PolicyKit-${pkgver}.tar.gz
+ polkit.pam
+ pk-ck-api-change.patch
+ polkit-0.8-dbus-policy.patch
+ entry-leak.patch)
+md5sums=('802fd13ae41f73d79359e5ecb0a98716'
+ '6564f95878297b954f0572bc1610dd15'
+ '15b42b41e98410d8d7ec4f91d0cff190'
+ 'da5129eee9517d00985a354055d778a9'
+ '62adbf90657b17dae429fc92937af513')
+
+build() {
+ cd "${srcdir}/PolicyKit-${pkgver}"
+ patch -Np1 -i "${srcdir}/pk-ck-api-change.patch" || return 1
+ patch -Np1 -i "${srcdir}/polkit-0.8-dbus-policy.patch" || return 1
+ patch -Np1 -i "${srcdir}/entry-leak.patch" || return 1
+ ./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \
+ --libexecdir=/usr/lib/PolicyKit --disable-static \
+ --with-polkit-user=policykit --with-polkit-group=policykit || return 1
+ make || return 1
+ make DESTDIR="${pkgdir}" install || return 1
+
+ install -m755 -d "${pkgdir}/usr/share/licenses/${pkgname}"
+ install -m644 COPYING "${pkgdir}/usr/share/licenses/${pkgname}/" || return 1
+
+ rm -rf "${pkgdir}/etc/profile.d"
+ install -m644 "${srcdir}/polkit.pam" "${pkgdir}/etc/pam.d/polkit" || return 1
+}
diff --git a/abs/extra/policykit/entry-leak.patch b/abs/extra/policykit/entry-leak.patch
new file mode 100644
index 0000000..f6b3295
--- /dev/null
+++ b/abs/extra/policykit/entry-leak.patch
@@ -0,0 +1,37 @@
+diff -up PolicyKit-0.9/src/polkit/polkit-policy-file-entry.c.entry-leak PolicyKit-0.9/src/polkit/polkit-policy-file-entry.c
+--- PolicyKit-0.9/src/polkit/polkit-policy-file-entry.c.entry-leak 2008-08-29 21:47:22.000000000 -0400
++++ PolicyKit-0.9/src/polkit/polkit-policy-file-entry.c 2008-08-29 21:50:13.000000000 -0400
+@@ -95,9 +95,11 @@ _polkit_policy_file_entry_new (const c
+ char *contents;
+ size_t contents_size;
+ PolKitPolicyFileEntry *pfe;
++ char **tokens;
+
+ path = NULL;
+ contents = NULL;
++ tokens = NULL;
+
+ kit_return_val_if_fail (action_id != NULL && polkit_action_validate_id (action_id), NULL);
+
+@@ -153,7 +155,6 @@ _polkit_policy_file_entry_new (const c
+ }
+
+ if (contents != NULL) {
+- char **tokens;
+ size_t num_tokens;
+ PolKitResult any;
+ PolKitResult inactive;
+@@ -183,11 +184,13 @@ _polkit_policy_file_entry_new (const c
+
+ kit_free (path);
+ kit_free (contents);
++ kit_strfreev (tokens);
+
+ return pfe;
+ error:
+ kit_free (path);
+ kit_free (contents);
++ kit_strfreev (tokens);
+ if (pfe != NULL)
+ polkit_policy_file_entry_unref (pfe);
+ return NULL;
diff --git a/abs/extra/policykit/pk-ck-api-change.patch b/abs/extra/policykit/pk-ck-api-change.patch
new file mode 100644
index 0000000..ae477f9
--- /dev/null
+++ b/abs/extra/policykit/pk-ck-api-change.patch
@@ -0,0 +1,83 @@
+diff --git a/src/polkit-dbus/polkit-dbus.c b/src/polkit-dbus/polkit-dbus.c
+index f7be03f..cad4a76 100644
+--- a/src/polkit-dbus/polkit-dbus.c
++++ b/src/polkit-dbus/polkit-dbus.c
+@@ -214,11 +214,17 @@ polkit_session_new_from_objpath (DBusConnection *con, const char *objpath, uid_t
+ dbus_message_unref (reply);
+ goto out;
+ }
++ /* GetUnixUser API Changed in CK 0.3.0 */
+ if (!dbus_message_get_args (reply, NULL,
+- DBUS_TYPE_INT32, &uid,
++ DBUS_TYPE_UINT32, &uid,
+ DBUS_TYPE_INVALID)) {
+- kit_warning ("Invalid GetUnixUser reply from CK");
+- goto out;
++ /* try the older API */
++ if (!dbus_message_get_args (reply, NULL,
++ DBUS_TYPE_INT32, &uid,
++ DBUS_TYPE_INVALID)) {
++ kit_warning ("Invalid GetUnixUser reply from CK");
++ goto out;
++ }
+ }
+ dbus_message_unref (message);
+ dbus_message_unref (reply);
+@@ -1326,16 +1332,21 @@ polkit_tracker_dbus_func (PolKitTracker *pk_tracker, DBusMessage *message)
+
+ dbus_error_init (&error);
+ seat_objpath = dbus_message_get_path (message);
+- if (!dbus_message_get_args (message, &error,
+- DBUS_TYPE_STRING, &session_objpath,
++ /* API fixed in CK 0.3 to match spec */
++ if (!dbus_message_get_args (message, &error,
++ DBUS_TYPE_OBJECT_PATH, &session_objpath,
+ DBUS_TYPE_INVALID)) {
++ if (!dbus_message_get_args (message, &error,
++ DBUS_TYPE_STRING, &session_objpath,
++ DBUS_TYPE_INVALID)) {
+
+- /* TODO: should be _pk_critical */
+- kit_warning ("The SessionAdded signal on the org.freedesktop.ConsoleKit.Seat "
+- "interface for object %s has the wrong signature! "
+- "Your system is misconfigured.", seat_objpath);
++ /* TODO: should be _pk_critical */
++ kit_warning ("The SessionAdded signal on the org.freedesktop.ConsoleKit.Seat "
++ "interface for object %s has the wrong signature! "
++ "Your system is misconfigured.", seat_objpath);
+
+- goto out;
++ goto out;
++ }
+ }
+
+ /* TODO: add to sessions - see polkit_tracker_is_authorization_relevant() */
+@@ -1353,16 +1364,21 @@ polkit_tracker_dbus_func (PolKitTracker *pk_tracker, DBusMessage *message)
+
+ dbus_error_init (&error);
+ seat_objpath = dbus_message_get_path (message);
+- if (!dbus_message_get_args (message, &error,
+- DBUS_TYPE_STRING, &session_objpath,
++ /* API fixed in CK 0.3 to match spec */
++ if (!dbus_message_get_args (message, &error,
++ DBUS_TYPE_OBJECT_PATH, &session_objpath,
+ DBUS_TYPE_INVALID)) {
++ if (!dbus_message_get_args (message, &error,
++ DBUS_TYPE_STRING, &session_objpath,
++ DBUS_TYPE_INVALID)) {
+
+- /* TODO: should be _pk_critical */
+- kit_warning ("The SessionRemoved signal on the org.freedesktop.ConsoleKit.Seat "
+- "interface for object %s has the wrong signature! "
+- "Your system is misconfigured.", seat_objpath);
++ /* TODO: should be _pk_critical */
++ kit_warning ("The SessionRemoved signal on the org.freedesktop.ConsoleKit.Seat "
++ "interface for object %s has the wrong signature! "
++ "Your system is misconfigured.", seat_objpath);
+
+- goto out;
++ goto out;
++ }
+ }
+
+ _remove_caller_by_session (pk_tracker, session_objpath);
diff --git a/abs/extra/policykit/policykit.install b/abs/extra/policykit/policykit.install
new file mode 100644
index 0000000..7bc653e
--- /dev/null
+++ b/abs/extra/policykit/policykit.install
@@ -0,0 +1,30 @@
+post_install() {
+ getent group policykit >/dev/null || usr/sbin/groupadd -g 102 policykit
+ getent passwd policykit >/dev/null || usr/sbin/useradd -c 'PolicyKit' -u 102 -g policykit -d '/' -s /sbin/nologin policykit
+ usr/bin/passwd -l policykit &>/dev/null
+
+ # set correct permissions
+ chgrp policykit var/{run,lib}/PolicyKit
+ chown policykit var/lib/PolicyKit-public
+ chown policykit:policykit var/lib/misc/PolicyKit.reload
+
+ chown policykit usr/lib/PolicyKit/polkit-set-default-helper
+ chmod u+s usr/lib/PolicyKit/polkit-set-default-helper
+
+ for i in polkit-read-auth-helper polkit-revoke-helper polkit-grant-helper polkit-explicit-grant-helper; do
+ chgrp policykit usr/lib/PolicyKit/$i
+ chmod g+s usr/lib/PolicyKit/$i
+ done
+
+ chgrp policykit usr/lib/PolicyKit/polkit-grant-helper-pam
+ chmod u+s usr/lib/PolicyKit/polkit-grant-helper-pam
+}
+
+post_upgrade() {
+ post_install
+}
+
+post_remove() {
+ usr/sbin/userdel policykit &>/dev/null
+ usr/sbin/groupdel policykit &>/dev/null
+}
diff --git a/abs/extra/policykit/polkit-0.8-dbus-policy.patch b/abs/extra/policykit/polkit-0.8-dbus-policy.patch
new file mode 100644
index 0000000..fa84936
--- /dev/null
+++ b/abs/extra/policykit/polkit-0.8-dbus-policy.patch
@@ -0,0 +1,12 @@
+--- PolicyKit-0.8.orig/polkitd/org.freedesktop.PolicyKit.conf.in 2008-12-08 10:55:12.000000000 -0500
++++ PolicyKit-0.8/polkitd/org.freedesktop.PolicyKit.conf.in 2008-12-08 12:05:33.000000000 -0500
+@@ -8,4 +8,9 @@
+ <policy user="@polkituser@">
+ <allow own="org.freedesktop.PolicyKit"/>
+ </policy>
++
++ <!-- any user can talk to the service (fd.o #18948) -->
++ <policy context="default">
++ <allow send_destination="org.freedesktop.PolicyKit"/>
++ </policy>
+ </busconfig>
diff --git a/abs/extra/policykit/polkit.pam b/abs/extra/policykit/polkit.pam
new file mode 100644
index 0000000..04f53e0
--- /dev/null
+++ b/abs/extra/policykit/polkit.pam
@@ -0,0 +1,7 @@
+auth requisite pam_nologin.so
+auth required pam_env.so
+auth required pam_unix.so
+account required pam_unix.so
+session required pam_limits.so
+session required pam_unix.so
+password required pam_unix.so
generated by cgit v0.12 at 2024-06-03 04:13:25 (GMT)