diff options
| author |   Patrick J Volkerding <volkerdi@slackware.com> | 2016-06-30 20:26:57 +0000 |
|---|---|---|
| committer |   Eric Hameleers <alien@slackware.com> | 2018-05-31 23:31:18 +0200 |
| commit | d31c50870d0bee042ce660e445c9294a59a3a65b (patch) | |
| tree | 6bfc0de3c95267b401b620c2c67859557dc60f97 /source/l/polkit | |
| parent | 76fc4757ac91ac7947a01fb7b53dddf9a78a01d1 (diff) | |
| download | current-d31c50870d0bee042ce660e445c9294a59a3a65b.tar.gz current-d31c50870d0bee042ce660e445c9294a59a3a65b.tar.xz | |
Slackware 14.2slackware-14.2
Thu Jun 30 20:26:57 UTC 2016
Slackware 14.2 x86_64 stable is released!
The long development cycle (the Linux community has lately been living in
"interesting times", as they say) is finally behind us, and we're proud to
announce the release of Slackware 14.2. The new release brings many updates
and modern tools, has switched from udev to eudev (no systemd), and adds
well over a hundred new packages to the system. Thanks to the team, the
upstream developers, the dedicated Slackware community, and everyone else
who pitched in to help make this release a reality.
The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided
32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware
project by picking up a copy from store.slackware.com. We're taking
pre-orders now, and offer a discount if you sign up for a subscription.
Have fun! :-)
Diffstat (limited to 'source/l/polkit')
| -rw-r--r-- | source/l/polkit/05_revert-admin-identities-unix-group-wheel.patch | 39 | ||||
| -rw-r--r-- | source/l/polkit/10-org.freedesktop.NetworkManager.pkla | 6 | ||||
| -rw-r--r-- | source/l/polkit/10-org.freedesktop.NetworkManager.rules | 7 | ||||
| -rw-r--r-- | source/l/polkit/20-plugdev-group-mount-override.pkla | 6 | ||||
| -rw-r--r-- | source/l/polkit/20-plugdev-group-mount-override.rules | 16 | ||||
| -rw-r--r-- | source/l/polkit/doinst.sh | 25 | ||||
| -rw-r--r-- | source/l/polkit/dont-set-wheel-group-as-admin.diff | 10 | ||||
| -rwxr-xr-x | source/l/polkit/polkit.SlackBuild | 40 |
8 files changed, 76 insertions, 73 deletions
diff --git a/source/l/polkit/05_revert-admin-identities-unix-group-wheel.patch b/source/l/polkit/05_revert-admin-identities-unix-group-wheel.patch deleted file mode 100644 index 1562e69db..000000000 --- a/source/l/polkit/05_revert-admin-identities-unix-group-wheel.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 1892aeb9c13841335a4ac383e8a787a3c2728c45 Mon Sep 17 00:00:00 2001 -From: Michael Biebl <biebl@debian.org> -Date: Fri, 9 Dec 2011 00:31:21 +0100 -Subject: [PATCH] Revert "Default to AdminIdentities=unix-group:wheel for - local authority" - -This reverts commit 763faf434b445c20ae9529100d3ef5290976d0c9. ---- - docs/man/pklocalauthority.xml | 4 ++-- - src/polkitbackend/50-localauthority.conf | 2 +- - 2 files changed, 3 insertions(+), 3 deletions(-) - -Index: policykit/docs/man/pklocalauthority.xml -=================================================================== ---- policykit.orig/docs/man/pklocalauthority.xml 2012-01-06 10:34:01.830221577 +0100 -+++ policykit/docs/man/pklocalauthority.xml 2012-01-06 10:39:24.206237179 +0100 -@@ -385,10 +385,10 @@ - </para> - <programlisting> - [Configuration] --AdminIdentities=unix-group:staff -+AdminIdentities=unix-group:desktop_admin_r - </programlisting> - <para> -- specifies that any user in the <literal>staff</literal> UNIX -+ that any user in the <literal>desktop_admin_r</literal> UNIX - group can be used for authentication when administrator - authentication is needed. This file would typically be installed - in the <filename>/etc/polkit-1/localauthority.conf.d</filename> -Index: policykit/src/polkitbackend/50-localauthority.conf -=================================================================== ---- policykit.orig/src/polkitbackend/50-localauthority.conf 2012-01-06 10:33:58.254221404 +0100 -+++ policykit/src/polkitbackend/50-localauthority.conf 2012-01-06 10:39:24.210237180 +0100 -@@ -7,4 +7,4 @@ - # - - [Configuration] --AdminIdentities=unix-group:wheel -+AdminIdentities=unix-user:0 diff --git a/source/l/polkit/10-org.freedesktop.NetworkManager.pkla b/source/l/polkit/10-org.freedesktop.NetworkManager.pkla deleted file mode 100644 index b24916028..000000000 --- a/source/l/polkit/10-org.freedesktop.NetworkManager.pkla +++ /dev/null @@ -1,6 +0,0 @@ -[nm-applet] -Identity=unix-group:netdev -Action=org.freedesktop.NetworkManager.* -ResultAny=yes -ResultInactive=no -ResultActive=yes diff --git a/source/l/polkit/10-org.freedesktop.NetworkManager.rules b/source/l/polkit/10-org.freedesktop.NetworkManager.rules new file mode 100644 index 000000000..9d6557b3b --- /dev/null +++ b/source/l/polkit/10-org.freedesktop.NetworkManager.rules @@ -0,0 +1,7 @@ +polkit.addRule(function(action, subject) { + if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && + subject.isInGroup("netdev")) { + return polkit.Result.YES; + } +}); + diff --git a/source/l/polkit/20-plugdev-group-mount-override.pkla b/source/l/polkit/20-plugdev-group-mount-override.pkla deleted file mode 100644 index 8149de672..000000000 --- a/source/l/polkit/20-plugdev-group-mount-override.pkla +++ /dev/null @@ -1,6 +0,0 @@ -[plugdev group mount override] -Identity=unix-group:plugdev -Action=org.freedesktop.udisks2.filesystem-*;org.freedesktop.udisks2.eject-* -ResultAny=yes -ResultInactive=yes -ResultActive=yes diff --git a/source/l/polkit/20-plugdev-group-mount-override.rules b/source/l/polkit/20-plugdev-group-mount-override.rules new file mode 100644 index 000000000..c47a66cf2 --- /dev/null +++ b/source/l/polkit/20-plugdev-group-mount-override.rules @@ -0,0 +1,16 @@ +/* http://udisks.freedesktop.org/docs/latest/udisks-polkit-actions.html */ + +polkit.addRule(function(action, subject) { + if (action.id == "org.freedesktop.udisks2.filesystem-mount" && + subject.isInGroup("plugdev")) { + return polkit.Result.YES; + } +}); + +polkit.addRule(function(action, subject) { + if (action.id == "org.freedesktop.udisks2.eject-media" && + subject.isInGroup("plugdev")) { + return polkit.Result.YES; + } +}); + diff --git a/source/l/polkit/doinst.sh b/source/l/polkit/doinst.sh index bce9ca90e..887bb792d 100644 --- a/source/l/polkit/doinst.sh +++ b/source/l/polkit/doinst.sh @@ -1,13 +1,30 @@ config() { NEW="$1" - OLD="`dirname $NEW`/`basename $NEW .new`" + OLD="$(dirname $NEW)/$(basename $NEW .new)" # If there's no config file by that name, mv it over: if [ ! -r $OLD ]; then mv $NEW $OLD - elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy rm $NEW fi # Otherwise, we leave the .new copy for the admin to consider... } -config etc/polkit-1/localauthority/50-local.d/20-plugdev-group-mount-override.pkla.new -config etc/polkit-1/localauthority/50-local.d/10-org.freedesktop.NetworkManager.pkla.new +config etc/polkit-1/rules.d/20-plugdev-group-mount-override.rules.new +config etc/polkit-1/rules.d/10-org.freedesktop.NetworkManager.rules.new + +# Make sure the polkitd user and group exist: +if ! grep -q "^polkitd:" etc/passwd ; then + echo "polkitd:x:87:87:PolicyKit daemon owner:/var/lib/polkit:/bin/false" >> etc/passwd +fi +if ! grep -q "^polkitd:" etc/group ; then + echo "polkitd:x:87:" >> etc/group +fi + +# Remove obsolete rules: +rm -f etc/polkit-1/localauthority/50-local.d/*.pkla{,.new} +rm -f etc/polkit-1/rules.d/*.pkla{,.new} + +# Remove obsolete directory: +rmdir etc/polkit-1/localauthority/50-local.d 2> /dev/null +rmdir etc/polkit-1/localauthority 2> /dev/null + diff --git a/source/l/polkit/dont-set-wheel-group-as-admin.diff b/source/l/polkit/dont-set-wheel-group-as-admin.diff new file mode 100644 index 000000000..6a86ac280 --- /dev/null +++ b/source/l/polkit/dont-set-wheel-group-as-admin.diff @@ -0,0 +1,10 @@ +diff -Nur polkit-0.112.orig/src/polkitbackend/50-default.rules polkit-0.112/src/polkitbackend/50-default.rules +--- polkit-0.112.orig/src/polkitbackend/50-default.rules 2013-04-29 12:28:57.000000000 -0500 ++++ polkit-0.112/src/polkitbackend/50-default.rules 2015-01-01 23:32:40.154400050 -0600 +@@ -8,5 +8,5 @@ + // about configuring polkit. + + polkit.addAdminRule(function(action, subject) { +- return ["unix-group:wheel"]; ++ return ["unix-user:root"]; + }); diff --git a/source/l/polkit/polkit.SlackBuild b/source/l/polkit/polkit.SlackBuild index 9784bdb54..0d89e18b6 100755 --- a/source/l/polkit/polkit.SlackBuild +++ b/source/l/polkit/polkit.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2009, 2011 Robby Workman, Northport, Alabama, USA +# Copyright 2009, 2011, 2015 Robby Workman, Northport, Alabama, USA # Copyright 2010 Eric Hameleers, Eindhoven, NL # Copyright 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. @@ -24,13 +24,13 @@ PKGNAM=polkit -VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-4} +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -43,8 +43,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -72,7 +72,14 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -zcat $CWD/05_revert-admin-identities-unix-group-wheel.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/dont-set-wheel-group-as-admin.diff.gz | patch -p1 || exit 1 + +# If we get here and don't have a polkitd user/group, add one. +# Otherwise a few directories in the package will have wrong permissions. +if ! grep -q "^polkitd:" /etc/passwd ; then + groupadd -fg 87 polkitd + useradd -c "PolicyKit daemon owner" -d /var/lib/polkit -u 87 -g polkitd -s /bin/false polkitd +fi CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ @@ -86,28 +93,25 @@ CXXFLAGS="$SLKCFLAGS" \ --enable-gtk-doc \ --mandir=/usr/man \ --disable-static \ + --disable-examples \ --enable-introspection \ + --enable-libsystemd-login=no \ --with-authfw=shadow \ --enable-verbose-mode \ --with-os-type=Slackware \ --build=$ARCH-slackware-linux -#NOTE: The directory /etc/polkit-1/localauthority must be owned -# by root and have mode 700 -#NOTE: The directory /var/lib/polkit-1 must be owned -# by root and have mode 700 -#NOTE: The file ${exec_prefix}/libexec/polkit-agent-helper-1 must be owned -# by root and have mode 4755 (setuid root binary) -#NOTE: The file ${exec_prefix}/bin/pkexec must be owned by root and -# have mode 4755 (setuid root binary) - # Build and install: make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 +# Create homedir for polkit. This is mentioned in /etc/passwd, but isn't +# actually used for anything later. Perms don't matter. +mkdir -p $PKG/var/lib/polkit + # Add default policy files for udisks2 and NetworkManager events: -cat $CWD/20-plugdev-group-mount-override.pkla > $PKG/etc/polkit-1/localauthority/50-local.d/20-plugdev-group-mount-override.pkla.new -cat $CWD/10-org.freedesktop.NetworkManager.pkla > $PKG/etc/polkit-1/localauthority/50-local.d/10-org.freedesktop.NetworkManager.pkla.new +cat $CWD/10-org.freedesktop.NetworkManager.rules > $PKG/etc/polkit-1/rules.d/10-org.freedesktop.NetworkManager.rules.new +cat $CWD/20-plugdev-group-mount-override.rules > $PKG/etc/polkit-1/rules.d/20-plugdev-group-mount-override.rules.new # Strip binaries: find $PKG | xargs file | grep -e "executable" -e "shared object" \ |