blob: 8d65989915e61e7558db828e2c0d7f769261cf26 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
|
# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=7
inherit meson pam pax-utils systemd xdg-utils
DESCRIPTION="Policy framework for controlling privileges for system-wide services"
HOMEPAGE="https://www.freedesktop.org/wiki/Software/polkit https://gitlab.freedesktop.org/polkit/polkit"
SRC_URI="https://www.freedesktop.org/software/${PN}/releases/${P}.tar.gz"
LICENSE="LGPL-2"
SLOT="0"
KEYWORDS="amd64 arm arm64 ~mips ppc64 ~riscv x86"
IUSE="examples gtk +introspection kde pam selinux systemd test"
#RESTRICT="!test? ( test )"
# Tests currently don't work with meson. See
# https://gitlab.freedesktop.org/polkit/polkit/-/issues/144
RESTRICT="test"
BDEPEND="
acct-user/polkitd
app-text/docbook-xml-dtd:4.1.2
app-text/docbook-xsl-stylesheets
dev-libs/glib
dev-libs/gobject-introspection-common
dev-libs/libxslt
dev-util/glib-utils
sys-devel/gettext
virtual/pkgconfig
introspection? ( dev-libs/gobject-introspection )
"
DEPEND="
dev-lang/spidermonkey:78[-debug]
dev-libs/glib:2
dev-libs/expat
pam? (
sys-auth/pambase
sys-libs/pam
)
!pam? ( virtual/libcrypt:= )
systemd? ( sys-apps/systemd:0=[policykit] )
!systemd? ( sys-auth/elogind )
"
RDEPEND="${DEPEND}
acct-user/polkitd
selinux? ( sec-policy/selinux-policykit )
"
PDEPEND="
gtk? ( || (
>=gnome-extra/polkit-gnome-0.105
>=lxde-base/lxsession-0.5.2
) )
kde? ( kde-plasma/polkit-kde-agent )
"
DOCS=( docs/TODO HACKING NEWS README )
QA_MULTILIB_PATHS="
usr/lib/polkit-1/polkit-agent-helper-1
usr/lib/polkit-1/polkitd"
src_prepare() {
local PATCHES=(
"${FILESDIR}/polkit-0.120-meson.patch"
"${FILESDIR}/polkit-0.120-CVE-2021-4034.patch"
"${FILESDIR}/polkit-0.120-CVE-2021-4115.patch"
)
default
sed -i -e 's|unix-group:wheel|unix-user:0|' src/polkitbackend/*-default.rules || die #401513
}
src_configure() {
xdg_environment_reset
local emesonargs=(
--localstatedir="${EPREFIX}"/var
-Dauthfw="$(usex pam pam shadow)"
-Dexamples=false
-Dgtk_doc=false
-Dman=true
-Dos_type=gentoo
-Dsession_tracking="$(usex systemd libsystemd-login libelogind)"
-Dsystemdsystemunitdir="$(systemd_get_systemunitdir)"
$(meson_use introspection)
$(meson_use test tests)
$(usex pam "-Dpam_module_dir=$(getpam_mod_dir)" '')
)
meson_src_configure
}
src_compile() {
meson_src_compile
# Required for polkitd on hardened/PaX due to spidermonkey's JIT
pax-mark mr src/polkitbackend/.libs/polkitd test/polkitbackend/.libs/polkitbackendjsauthoritytest
}
src_install() {
meson_src_install
if use examples ; then
docinto examples
dodoc src/examples/{*.c,*.policy*}
fi
diropts -m 0700 -o polkitd
keepdir /usr/share/polkit-1/rules.d
# meson does not install required files with SUID bit. See
# https://bugs.gentoo.org/816393
# Remove the following lines once this has been fixed by upstream
# (should be fixed in next release: https://gitlab.freedesktop.org/polkit/polkit/-/commit/4ff1abe4a4c1f8c8378b9eaddb0346ac6448abd8)
fperms u+s /usr/bin/pkexec
fperms u+s /usr/lib/polkit-1/polkit-agent-helper-1
}
pkg_postinst() {
chmod 0700 "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
chown polkitd "${EROOT}"/{etc,usr/share}/polkit-1/rules.d
}
|
GitWeb