diff options
Diffstat (limited to '')
8 files changed, 530 insertions, 0 deletions
diff --git a/patches/source/kdebase-workspace/config/Xsession b/patches/source/kdebase-workspace/config/Xsession new file mode 100644 index 000000000..736f5d5c2 --- /dev/null +++ b/patches/source/kdebase-workspace/config/Xsession @@ -0,0 +1,88 @@ +#! /bin/sh +# Xsession - run as user + +# Merged in parts of the old Xsession to load defaults from +# Xresources and Xmodmap files, 2006-02-09 volkerdi +# Merged with the new Xsession (original) from KDE4, 20071220 rworkman + + session=$1 + +# This section is borrowed from the old X11 Xsession file: +userresources=$HOME/.Xresources +usermodmap=$HOME/.Xmodmap +sysresources=/usr/lib/X11/xinit/.Xresources +sysmodmap=/usr/lib/X11/xinit/.Xmodmap +# merge in defaults and keymaps +if [ -r $sysresources ]; then + /usr/bin/xrdb -merge $sysresources +fi +if [ -r $sysmodmap ]; then + /usr/bin/xmodmap $sysmodmap +fi +if [ -r $userresources ]; then + /usr/bin/xrdb -merge $userresources +fi +if [ -r $usermodmap ]; then + /usr/bin/xmodmap $usermodmap +fi + +# Note that the respective logout scripts are not sourced. +case $SHELL in + */bash) + [ -z "$BASH" ] && exec $SHELL $0 "$@" + set +o posix + [ -f /etc/profile ] && . /etc/profile + if [ -f $HOME/.bash_profile ]; then + . $HOME/.bash_profile + elif [ -f $HOME/.bash_login ]; then + . $HOME/.bash_login + elif [ -f $HOME/.profile ]; then + . $HOME/.profile + fi + ;; + */zsh) + [ -z "$ZSH_NAME" ] && exec $SHELL $0 "$@" + emulate -R zsh + [ -d /etc/zsh ] && zdir=/etc/zsh || zdir=/etc + zhome=${ZDOTDIR:-$HOME} + # zshenv is always sourced automatically. + [ -f $zdir/zprofile ] && . $zdir/zprofile + [ -f $zhome/.zprofile ] && . $zhome/.zprofile + [ -f $zdir/zlogin ] && . $zdir/zlogin + [ -f $zhome/.zlogin ] && . $zhome/.zlogin + ;; + */csh|*/tcsh) + # [t]cshrc is always sourced automatically. + # Note that sourcing csh.login after .cshrc is non-standard. + xsess_tmp=`mktemp /tmp/xsess-env-XXXXXX` + $SHELL -c "if (-f /etc/csh.login) source /etc/csh.login; if (-f ~/.login) source ~/.login; /bin/sh -c export -p >! $xsess_tmp" + . $xsess_tmp + rm -f $xsess_tmp + ;; + *) # Plain sh, ksh, and anything we do not know. + [ -f /etc/profile ] && . /etc/profile + [ -f $HOME/.profile ] && . $HOME/.profile + ;; +esac + +[ -f /etc/xprofile ] && . /etc/xprofile +[ -f $HOME/.xprofile ] && . $HOME/.xprofile + +case $session in + "") + exec xmessage -center -buttons OK:0 -default OK "Sorry, $DESKTOP_SESSION is no valid session." + ;; + failsafe) + exec xterm -geometry 80x24-0-0 + ;; + custom) + exec $HOME/.xsession + ;; + default) + exec /usr/bin/startkde + ;; + *) + eval exec "$session" + ;; +esac +exec xmessage -center -buttons OK:0 -default OK "Sorry, cannot execute $session. Check $DESKTOP_SESSION.desktop." diff --git a/patches/source/kdebase-workspace/config/Xsession.orig b/patches/source/kdebase-workspace/config/Xsession.orig new file mode 100644 index 000000000..43d78b8d9 --- /dev/null +++ b/patches/source/kdebase-workspace/config/Xsession.orig @@ -0,0 +1,65 @@ +#! /bin/sh +# Xsession - run as user + +session=$1 + +# Note that the respective logout scripts are not sourced. +case $SHELL in + */bash) + [ -z "$BASH" ] && exec $SHELL $0 "$@" + set +o posix + [ -f /etc/profile ] && . /etc/profile + if [ -f $HOME/.bash_profile ]; then + . $HOME/.bash_profile + elif [ -f $HOME/.bash_login ]; then + . $HOME/.bash_login + elif [ -f $HOME/.profile ]; then + . $HOME/.profile + fi + ;; + */zsh) + [ -z "$ZSH_NAME" ] && exec $SHELL $0 "$@" + emulate -R zsh + [ -d /etc/zsh ] && zdir=/etc/zsh || zdir=/etc + zhome=${ZDOTDIR:-$HOME} + # zshenv is always sourced automatically. + [ -f $zdir/zprofile ] && . $zdir/zprofile + [ -f $zhome/.zprofile ] && . $zhome/.zprofile + [ -f $zdir/zlogin ] && . $zdir/zlogin + [ -f $zhome/.zlogin ] && . $zhome/.zlogin + ;; + */csh|*/tcsh) + # [t]cshrc is always sourced automatically. + # Note that sourcing csh.login after .cshrc is non-standard. + xsess_tmp=`mktemp /tmp/xsess-env-XXXXXX` + $SHELL -c "if (-f /etc/csh.login) source /etc/csh.login; if (-f ~/.login) source ~/.login; /bin/sh -c export -p >! $xsess_tmp" + . $xsess_tmp + rm -f $xsess_tmp + ;; + *) # Plain sh, ksh, and anything we do not know. + [ -f /etc/profile ] && . /etc/profile + [ -f $HOME/.profile ] && . $HOME/.profile + ;; +esac + +[ -f /etc/xprofile ] && . /etc/xprofile +[ -f $HOME/.xprofile ] && . $HOME/.xprofile + +case $session in + "") + exec xmessage -center -buttons OK:0 -default OK "Sorry, $DESKTOP_SESSION is no valid session." + ;; + failsafe) + exec xterm -geometry 80x24-0-0 + ;; + custom) + exec $HOME/.xsession + ;; + default) + exec /usr/bin/startkde + ;; + *) + eval exec "$session" + ;; +esac +exec xmessage -center -buttons OK:0 -default OK "Sorry, cannot execute $session. Check $DESKTOP_SESSION.desktop." diff --git a/patches/source/kdebase-workspace/doinst.sh b/patches/source/kdebase-workspace/doinst.sh new file mode 100644 index 000000000..793bae742 --- /dev/null +++ b/patches/source/kdebase-workspace/doinst.sh @@ -0,0 +1,26 @@ +#!/bin/sh + +config() { + NEW="$1" + OLD="$(dirname $NEW)/$(basename $NEW .new)" + # If there's no config file by that name, mv it over: + if [ ! -r $OLD ]; then + mv $NEW $OLD + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then + # toss the redundant copy + rm $NEW + fi + # Otherwise, we leave the .new copy for the admin to consider... +} + +config etc/kde/kdm/backgroundrc.new +config etc/kde/kdm/kdmrc.new + +if [ -x usr/bin/update-desktop-database ]; then + usr/bin/update-desktop-database usr/share/applications >/dev/null 2>&1 +fi + +if [ -x usr/bin/update-mime-database ]; then + usr/bin/update-mime-database usr/share/mime >/dev/null 2>&1 +fi + diff --git a/patches/source/kdebase-workspace/kdebase-workspace-4.3.5-CVE-2010-0436-really-for-4.3.5.diff b/patches/source/kdebase-workspace/kdebase-workspace-4.3.5-CVE-2010-0436-really-for-4.3.5.diff new file mode 100644 index 000000000..3ec7f6430 --- /dev/null +++ b/patches/source/kdebase-workspace/kdebase-workspace-4.3.5-CVE-2010-0436-really-for-4.3.5.diff @@ -0,0 +1,193 @@ +--- ./kdm/ConfigureChecks.cmake.orig 2009-05-27 14:53:40.000000000 -0500 ++++ ./kdm/ConfigureChecks.cmake 2010-04-19 15:37:35.000000000 -0500 +@@ -37,6 +37,35 @@ + } + " HAVE_SETLOGIN) + ++check_c_source_runs(" ++#include <sys/socket.h> ++#include <sys/un.h> ++#include <sys/stat.h> ++#include <sys/types.h> ++#include <string.h> ++#include <unistd.h> ++#include <errno.h> ++int main() ++{ ++ int fd, fd2; ++ struct sockaddr_un sa; ++ ++ if ((fd = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) ++ return 2; ++ sa.sun_family = AF_UNIX; ++ strcpy(sa.sun_path, \"testsock\"); ++ unlink(sa.sun_path); ++ if (bind(fd, (struct sockaddr *)&sa, sizeof(sa))) ++ return 2; ++ chmod(sa.sun_path, 0); ++ setuid(getuid() + 1000); ++ if ((fd2 = socket(PF_UNIX, SOCK_STREAM, 0)) < 0) ++ return 2; ++ connect(fd2, (struct sockaddr *)&sa, sizeof(sa)); ++ return errno != EACCES; ++} ++" HONORS_SOCKET_PERMS) ++ + # for config-kdm.h + check_function_exists(seteuid HAVE_SETEUID) + +--- ./kdm/config-kdm.h.cmake.orig 2009-05-27 14:53:40.000000000 -0500 ++++ ./kdm/config-kdm.h.cmake 2010-04-19 15:37:35.000000000 -0500 +@@ -129,6 +129,9 @@ + /* Define to 1 if the ck-connector library is found */ + #cmakedefine HAVE_CKCONNECTOR 1 + ++/* Define to 1 if OS honors permission bits on socket inodes */ ++#cmakedefine HONORS_SOCKET_PERMS 1 ++ + /* $PATH defaults set by KDM */ + #cmakedefine KDM_DEF_USER_PATH "${KDM_DEF_USER_PATH}" + #cmakedefine KDM_DEF_SYSTEM_PATH "${KDM_DEF_SYSTEM_PATH}" +--- ./kdm/backend/dm.h.orig 2008-11-19 04:18:06.000000000 -0600 ++++ ./kdm/backend/dm.h 2010-04-19 15:37:35.000000000 -0500 +@@ -232,6 +232,9 @@ + struct cmdsock *css; /* open connections */ + + char *path; /* filename of the socket */ ++#ifndef HONORS_SOCKET_PERMS ++ char *realdir; /* real dirname of the socket */ ++#endif + int fd; /* fd of the socket */ + int gid; /* owner group of the socket */ + } CtrlRec; +--- ./kdm/backend/ctrl.c.orig 2009-03-18 04:59:20.000000000 -0500 ++++ ./kdm/backend/ctrl.c 2010-04-19 15:42:55.000000000 -0500 +@@ -78,7 +78,25 @@ + } + + ++#ifdef HONORS_SOCKET_PERMS + static CtrlRec ctrl = { 0, 0, -1, 0 }; ++#else ++static CtrlRec ctrl = { 0, 0, 0, -1, 0 }; ++ ++static int mkTempDir( char *dir ) ++{ ++ int i, l = strlen( dir ) - 6; ++ ++ for (i = 0; i < 100; i++) { ++ randomStr( dir + l ); ++ if (!mkdir( dir, 0700 )) ++ return True; ++ if (errno != EEXIST) ++ break; ++ } ++ return False; ++} ++#endif + + void + openCtrl( struct display *d ) +@@ -112,22 +130,50 @@ + if (strlen( cr->path ) >= sizeof(sa.sun_path)) + logError( "path %\"s too long; no control sockets will be available\n", + cr->path ); +- else if (mkdir( sockdir, 0755 ) && errno != EEXIST) ++ #ifdef HONORS_SOCKET_PERMS ++ else if (mkdir( sockdir, 0700 ) && errno != EEXIST) + logError( "mkdir %\"s failed; no control sockets will be available\n", + sockdir ); ++ else if (unlink( cr->path ) && errno != ENOENT) ++ logError( "unlink %\"s failed: %m; control socket will not be available\n", ++ cr->path ); + else { +- if (!d) +- chown( sockdir, -1, fifoGroup ); ++ #else ++ else if (unlink( sockdir ) && errno != ENOENT) ++ logError( "unlink %\"s failed: %m; control socket will not be available\n", ++ sockdir ); ++ else if (!strApp( &cr->realdir, sockdir, "-XXXXXX", (char *)0)) ++ ; ++ else if (!mkTempDir( cr->realdir )) { ++ logError( "mkdir %\"s failed: %m; control socket will not be available\n", ++ cr->realdir ); ++ free( cr->realdir ); ++ cr->realdir = 0; ++ } else if (symlink( cr->realdir, sockdir )) { ++ logError( "symlink %\"s => %\"s failed: %m; control socket will not be available\n", ++ sockdir, cr->realdir ); ++ rmdir( cr->realdir ); ++ free( cr->realdir ); ++ cr->realdir = 0; ++ } else { ++ chown( sockdir, 0, d ? 0 : fifoGroup ); + chmod( sockdir, 0750 ); ++ #endif + if ((cr->fd = socket( PF_UNIX, SOCK_STREAM, 0 )) < 0) + logError( "Cannot create control socket\n" ); + else { +- unlink( cr->path ); + sa.sun_family = AF_UNIX; + strcpy( sa.sun_path, cr->path ); + if (!bind( cr->fd, (struct sockaddr *)&sa, sizeof(sa) )) { + if (!listen( cr->fd, 5 )) { ++ #ifdef HONORS_SOCKET_PERMS ++ chmod( cr->path, 0660 ); ++ if (!d) ++ chown( cr->path, -1, fifoGroup ); ++ chmod( sockdir, 0755 ); ++ #else + chmod( cr->path, 0666 ); ++ #endif + registerCloseOnFork( cr->fd ); + registerInput( cr->fd ); + free( sockdir ); +@@ -142,6 +188,14 @@ + close( cr->fd ); + cr->fd = -1; + } ++#ifdef HONORS_SOCKET_PERMS ++ rmdir( sockdir ); ++#else ++ unlink( sockdir ); ++ rmdir( cr->realdir ); ++ free( cr->realdir ); ++ cr->realdir = 0; ++#endif + } + free( cr->path ); + cr->path = 0; +@@ -162,7 +216,14 @@ + cr->fd = -1; + unlink( cr->path ); + *strrchr( cr->path, '/' ) = 0; ++#ifdef HONORS_SOCKET_PERMS + rmdir( cr->path ); ++#else ++ unlink( cr->path ); ++ rmdir( cr->realdir ); ++ free( cr->realdir ); ++ cr->realdir = 0; ++#endif + free( cr->path ); + cr->path = 0; + while (cr->css) { +@@ -176,12 +237,12 @@ + void + chownCtrl( CtrlRec *cr, int uid ) + { +- if (cr->path) { +- char *ptr = strrchr( cr->path, '/' ); +- *ptr = 0; ++ if (cr->path) ++#ifdef HONORS_SOCKET_PERMS + chown( cr->path, uid, -1 ); +- *ptr = '/'; +- } ++#else ++ chown( cr->realdir, uid, -1 ); ++#endif + } + + void diff --git a/patches/source/kdebase-workspace/kdebase-workspace.SlackBuild b/patches/source/kdebase-workspace/kdebase-workspace.SlackBuild new file mode 100755 index 000000000..7b05faa72 --- /dev/null +++ b/patches/source/kdebase-workspace/kdebase-workspace.SlackBuild @@ -0,0 +1,117 @@ +#!/bin/sh + +# Copyright 2009 Patrick J. Volkerding, Sebeka, MN, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-kdebase-workspace + +# Set the config option variables if they are not already set: +if [ -r ../KDE.options ]; then + . ../KDE.options +fi + +# The global options may be overridden here (if needed): +if [ -r ./local.options ]; then + . ./local.options +fi + +# Avoid a version number in .la files: +if [ -d /usr/lib${LIBDIRSUFFIX}/qt ]; then + QTDIR=/usr/lib${LIBDIRSUFFIX}/qt +fi + +rm -rf $PKG +mkdir -p $PKG/usr +cd $TMP +echo "Building kdebase-workspace-$VERSION..." +tar xvf $CWD/../src/kdebase-workspace-$VERSION.tar.?z* || exit 1 +cd kdebase-workspace-$VERSION + +cat $CWD/kdebase-workspace-4.3.5-CVE-2010-0436-really-for-4.3.5.diff | patch -p1 || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +mkdir -p build +cd build + cmake \ + -DCMAKE_C_FLAGS:STRING="$SLKCFLAGS" \ + -DCMAKE_CXX_FLAGS:STRING="$SLKCFLAGS" \ + -DCMAKE_BUILD_TYPE=Release \ + -DCMAKE_INSTALL_PREFIX=/usr \ + -DMAN_INSTALL_DIR=/usr/man \ + -DSYSCONF_INSTALL_DIR=/etc/kde \ + -DLIB_SUFFIX=${LIBDIRSUFFIX} \ + .. + make $NUMJOBS || exit 1 + make install DESTDIR=$PKG || exit 1 +cd - + +if [ -d $PKG/usr/man ]; then + gzip -9 $PKG/usr/man/man?/* +fi + +mkdir -p $PKG/etc/X11/xinit +cat $CWD/xinit/xinitrc.kde > $PKG/etc/X11/xinit/xinitrc.kde +chmod 0755 $PKG/etc/X11/xinit/xinitrc.kde + +# Setup config files for KDM: +$PKG/usr/bin/genkdmconf --no-old --no-old-scripts --no-backup --in $PKG/usr/share/config/kdm + +# Not allowing root to login at the console is just plain silly. If they +# have physical access to the machine, what's the point of trying to stop +# this? Even the kdmrc file says this is supposed to be the default. +sed -i 's/AllowRootLogin=false/AllowRootLogin=true/' \ + $PKG/usr/share/config/kdm/kdmrc +mv $PKG/usr/share/config/kdm/kdmrc $PKG/usr/share/config/kdm/kdmrc.new + +cp -a $PKG/usr/share/config/kdm/Xsession $PKG/usr/share/config/kdm/Xsession.orig +cat $CWD/config/Xsession | sed -e "s#/lib#/lib${LIBDIRSUFFIX}#" \ + > $PKG/usr/share/config/kdm/Xsession +mv $PKG/usr/share/config/kdm/backgroundrc $PKG/usr/share/config/kdm/backgroundrc.new + +# Move the KDM files someplace FHS compliant: +mkdir -p $PKG/etc/kde +mv $PKG/usr/share/config/kdm $PKG/etc/kde +( cd $PKG/usr/share/config ; ln -sf ../../../etc/kde/kdm . ) + +# This is fubar: +rm -f $PKG/usr/share/icons/hicolor/index.theme + +mkdir -p $PKG/usr/doc/kdebase-workspace-$VERSION +cp -a COPYING* README $PKG/usr/doc/kdebase-workspace-$VERSION + +find $PKG | xargs file | grep -e "executable" -e "shared object" \ + | grep ELF | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null + +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc +zcat $CWD/doinst.sh.gz > $PKG/install/doinst.sh + +cd $PKG +/sbin/makepkg -l y -c n $TMP/kdebase-workspace-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/kdebase-workspace/local.options b/patches/source/kdebase-workspace/local.options new file mode 100644 index 000000000..e7ebaaed2 --- /dev/null +++ b/patches/source/kdebase-workspace/local.options @@ -0,0 +1 @@ +BUILD=2_slack13.0 diff --git a/patches/source/kdebase-workspace/slack-desc b/patches/source/kdebase-workspace/slack-desc new file mode 100644 index 000000000..e828d208f --- /dev/null +++ b/patches/source/kdebase-workspace/slack-desc @@ -0,0 +1,12 @@ + |-----handy-ruler------------------------------------------------------| +kdebase-workspace: kdebase-workspace - the KDE Workspace +kdebase-workspace: +kdebase-workspace: The KDE Workspace (kdebase-workspace) package consists of what is +kdebase-workspace: essentially the KDE workspace presented to the user. +kdebase-workspace: +kdebase-workspace: +kdebase-workspace: +kdebase-workspace: +kdebase-workspace: +kdebase-workspace: +kdebase-workspace: diff --git a/patches/source/kdebase-workspace/xinit/xinitrc.kde b/patches/source/kdebase-workspace/xinit/xinitrc.kde new file mode 100755 index 000000000..2fda1fab2 --- /dev/null +++ b/patches/source/kdebase-workspace/xinit/xinitrc.kde @@ -0,0 +1,28 @@ +#!/bin/sh +# $XConsortium: xinitrc.cpp,v 1.4 91/08/22 11:41:34 rws Exp $ + +userresources=$HOME/.Xresources +usermodmap=$HOME/.Xmodmap +sysresources=/etc/X11/xinit/.Xresources +sysmodmap=/etc/X11/xinit/.Xmodmap + +# merge in defaults and keymaps + +if [ -f $sysresources ]; then + xrdb -merge $sysresources +fi + +if [ -f $sysmodmap ]; then + xmodmap $sysmodmap +fi + +if [ -f $userresources ]; then + xrdb -merge $userresources +fi + +if [ -f $usermodmap ]; then + xmodmap $usermodmap +fi + +# Start the window manager: +startkde |