From d31c50870d0bee042ce660e445c9294a59a3a65b Mon Sep 17 00:00:00 2001 From: Patrick J Volkerding Date: Thu, 30 Jun 2016 20:26:57 +0000 Subject: Slackware 14.2 Thu Jun 30 20:26:57 UTC 2016 Slackware 14.2 x86_64 stable is released! The long development cycle (the Linux community has lately been living in "interesting times", as they say) is finally behind us, and we're proud to announce the release of Slackware 14.2. The new release brings many updates and modern tools, has switched from udev to eudev (no systemd), and adds well over a hundred new packages to the system. Thanks to the team, the upstream developers, the dedicated Slackware community, and everyone else who pitched in to help make this release a reality. The ISOs are off to be replicated, a 6 CD-ROM 32-bit set and a dual-sided 32-bit/64-bit x86/x86_64 DVD. Please consider supporting the Slackware project by picking up a copy from store.slackware.com. We're taking pre-orders now, and offer a discount if you sign up for a subscription. Have fun! :-) --- ..._revert-admin-identities-unix-group-wheel.patch | 39 --------------------- .../polkit/10-org.freedesktop.NetworkManager.pkla | 6 ---- .../polkit/10-org.freedesktop.NetworkManager.rules | 7 ++++ .../l/polkit/20-plugdev-group-mount-override.pkla | 6 ---- .../l/polkit/20-plugdev-group-mount-override.rules | 16 +++++++++ source/l/polkit/doinst.sh | 25 +++++++++++--- source/l/polkit/dont-set-wheel-group-as-admin.diff | 10 ++++++ source/l/polkit/polkit.SlackBuild | 40 ++++++++++++---------- 8 files changed, 76 insertions(+), 73 deletions(-) delete mode 100644 source/l/polkit/05_revert-admin-identities-unix-group-wheel.patch delete mode 100644 source/l/polkit/10-org.freedesktop.NetworkManager.pkla create mode 100644 source/l/polkit/10-org.freedesktop.NetworkManager.rules delete mode 100644 source/l/polkit/20-plugdev-group-mount-override.pkla create mode 100644 source/l/polkit/20-plugdev-group-mount-override.rules create mode 100644 source/l/polkit/dont-set-wheel-group-as-admin.diff (limited to 'source/l/polkit') diff --git a/source/l/polkit/05_revert-admin-identities-unix-group-wheel.patch b/source/l/polkit/05_revert-admin-identities-unix-group-wheel.patch deleted file mode 100644 index 1562e69d..00000000 --- a/source/l/polkit/05_revert-admin-identities-unix-group-wheel.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 1892aeb9c13841335a4ac383e8a787a3c2728c45 Mon Sep 17 00:00:00 2001 -From: Michael Biebl -Date: Fri, 9 Dec 2011 00:31:21 +0100 -Subject: [PATCH] Revert "Default to AdminIdentities=unix-group:wheel for - local authority" - -This reverts commit 763faf434b445c20ae9529100d3ef5290976d0c9. ---- - docs/man/pklocalauthority.xml | 4 ++-- - src/polkitbackend/50-localauthority.conf | 2 +- - 2 files changed, 3 insertions(+), 3 deletions(-) - -Index: policykit/docs/man/pklocalauthority.xml -=================================================================== ---- policykit.orig/docs/man/pklocalauthority.xml 2012-01-06 10:34:01.830221577 +0100 -+++ policykit/docs/man/pklocalauthority.xml 2012-01-06 10:39:24.206237179 +0100 -@@ -385,10 +385,10 @@ - - - [Configuration] --AdminIdentities=unix-group:staff -+AdminIdentities=unix-group:desktop_admin_r - - -- specifies that any user in the staff UNIX -+ that any user in the desktop_admin_r UNIX - group can be used for authentication when administrator - authentication is needed. This file would typically be installed - in the /etc/polkit-1/localauthority.conf.d -Index: policykit/src/polkitbackend/50-localauthority.conf -=================================================================== ---- policykit.orig/src/polkitbackend/50-localauthority.conf 2012-01-06 10:33:58.254221404 +0100 -+++ policykit/src/polkitbackend/50-localauthority.conf 2012-01-06 10:39:24.210237180 +0100 -@@ -7,4 +7,4 @@ - # - - [Configuration] --AdminIdentities=unix-group:wheel -+AdminIdentities=unix-user:0 diff --git a/source/l/polkit/10-org.freedesktop.NetworkManager.pkla b/source/l/polkit/10-org.freedesktop.NetworkManager.pkla deleted file mode 100644 index b2491602..00000000 --- a/source/l/polkit/10-org.freedesktop.NetworkManager.pkla +++ /dev/null @@ -1,6 +0,0 @@ -[nm-applet] -Identity=unix-group:netdev -Action=org.freedesktop.NetworkManager.* -ResultAny=yes -ResultInactive=no -ResultActive=yes diff --git a/source/l/polkit/10-org.freedesktop.NetworkManager.rules b/source/l/polkit/10-org.freedesktop.NetworkManager.rules new file mode 100644 index 00000000..9d6557b3 --- /dev/null +++ b/source/l/polkit/10-org.freedesktop.NetworkManager.rules @@ -0,0 +1,7 @@ +polkit.addRule(function(action, subject) { + if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && + subject.isInGroup("netdev")) { + return polkit.Result.YES; + } +}); + diff --git a/source/l/polkit/20-plugdev-group-mount-override.pkla b/source/l/polkit/20-plugdev-group-mount-override.pkla deleted file mode 100644 index 8149de67..00000000 --- a/source/l/polkit/20-plugdev-group-mount-override.pkla +++ /dev/null @@ -1,6 +0,0 @@ -[plugdev group mount override] -Identity=unix-group:plugdev -Action=org.freedesktop.udisks2.filesystem-*;org.freedesktop.udisks2.eject-* -ResultAny=yes -ResultInactive=yes -ResultActive=yes diff --git a/source/l/polkit/20-plugdev-group-mount-override.rules b/source/l/polkit/20-plugdev-group-mount-override.rules new file mode 100644 index 00000000..c47a66cf --- /dev/null +++ b/source/l/polkit/20-plugdev-group-mount-override.rules @@ -0,0 +1,16 @@ +/* http://udisks.freedesktop.org/docs/latest/udisks-polkit-actions.html */ + +polkit.addRule(function(action, subject) { + if (action.id == "org.freedesktop.udisks2.filesystem-mount" && + subject.isInGroup("plugdev")) { + return polkit.Result.YES; + } +}); + +polkit.addRule(function(action, subject) { + if (action.id == "org.freedesktop.udisks2.eject-media" && + subject.isInGroup("plugdev")) { + return polkit.Result.YES; + } +}); + diff --git a/source/l/polkit/doinst.sh b/source/l/polkit/doinst.sh index bce9ca90..887bb792 100644 --- a/source/l/polkit/doinst.sh +++ b/source/l/polkit/doinst.sh @@ -1,13 +1,30 @@ config() { NEW="$1" - OLD="`dirname $NEW`/`basename $NEW .new`" + OLD="$(dirname $NEW)/$(basename $NEW .new)" # If there's no config file by that name, mv it over: if [ ! -r $OLD ]; then mv $NEW $OLD - elif [ "`cat $OLD | md5sum`" = "`cat $NEW | md5sum`" ]; then # toss the redundant copy + elif [ "$(cat $OLD | md5sum)" = "$(cat $NEW | md5sum)" ]; then # toss the redundant copy rm $NEW fi # Otherwise, we leave the .new copy for the admin to consider... } -config etc/polkit-1/localauthority/50-local.d/20-plugdev-group-mount-override.pkla.new -config etc/polkit-1/localauthority/50-local.d/10-org.freedesktop.NetworkManager.pkla.new +config etc/polkit-1/rules.d/20-plugdev-group-mount-override.rules.new +config etc/polkit-1/rules.d/10-org.freedesktop.NetworkManager.rules.new + +# Make sure the polkitd user and group exist: +if ! grep -q "^polkitd:" etc/passwd ; then + echo "polkitd:x:87:87:PolicyKit daemon owner:/var/lib/polkit:/bin/false" >> etc/passwd +fi +if ! grep -q "^polkitd:" etc/group ; then + echo "polkitd:x:87:" >> etc/group +fi + +# Remove obsolete rules: +rm -f etc/polkit-1/localauthority/50-local.d/*.pkla{,.new} +rm -f etc/polkit-1/rules.d/*.pkla{,.new} + +# Remove obsolete directory: +rmdir etc/polkit-1/localauthority/50-local.d 2> /dev/null +rmdir etc/polkit-1/localauthority 2> /dev/null + diff --git a/source/l/polkit/dont-set-wheel-group-as-admin.diff b/source/l/polkit/dont-set-wheel-group-as-admin.diff new file mode 100644 index 00000000..6a86ac28 --- /dev/null +++ b/source/l/polkit/dont-set-wheel-group-as-admin.diff @@ -0,0 +1,10 @@ +diff -Nur polkit-0.112.orig/src/polkitbackend/50-default.rules polkit-0.112/src/polkitbackend/50-default.rules +--- polkit-0.112.orig/src/polkitbackend/50-default.rules 2013-04-29 12:28:57.000000000 -0500 ++++ polkit-0.112/src/polkitbackend/50-default.rules 2015-01-01 23:32:40.154400050 -0600 +@@ -8,5 +8,5 @@ + // about configuring polkit. + + polkit.addAdminRule(function(action, subject) { +- return ["unix-group:wheel"]; ++ return ["unix-user:root"]; + }); diff --git a/source/l/polkit/polkit.SlackBuild b/source/l/polkit/polkit.SlackBuild index 9784bdb5..0d89e18b 100755 --- a/source/l/polkit/polkit.SlackBuild +++ b/source/l/polkit/polkit.SlackBuild @@ -1,6 +1,6 @@ #!/bin/sh -# Copyright 2009, 2011 Robby Workman, Northport, Alabama, USA +# Copyright 2009, 2011, 2015 Robby Workman, Northport, Alabama, USA # Copyright 2010 Eric Hameleers, Eindhoven, NL # Copyright 2009, 2010, 2011, 2012, 2013 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. @@ -24,13 +24,13 @@ PKGNAM=polkit -VERSION=${VERSION:-$(echo $PKGNAM-*.tar.?z* | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} -BUILD=${BUILD:-4} +VERSION=${VERSION:-$(echo $PKGNAM-*.tar.gz | rev | cut -f 3- -d . | cut -f 1 -d - | rev)} +BUILD=${BUILD:-2} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in - i?86) export ARCH=i486 ;; + i?86) export ARCH=i586 ;; arm*) export ARCH=arm ;; # Unless $ARCH is already set, use uname -m for all other archs: *) export ARCH=$( uname -m ) ;; @@ -43,8 +43,8 @@ CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-$PKGNAM -if [ "$ARCH" = "i486" ]; then - SLKCFLAGS="-O2 -march=i486 -mtune=i686" +if [ "$ARCH" = "i586" ]; then + SLKCFLAGS="-O2 -march=i586 -mtune=i686" LIBDIRSUFFIX="" elif [ "$ARCH" = "s390" ]; then SLKCFLAGS="-O2" @@ -72,7 +72,14 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -zcat $CWD/05_revert-admin-identities-unix-group-wheel.patch.gz | patch -p1 --verbose || exit 1 +zcat $CWD/dont-set-wheel-group-as-admin.diff.gz | patch -p1 || exit 1 + +# If we get here and don't have a polkitd user/group, add one. +# Otherwise a few directories in the package will have wrong permissions. +if ! grep -q "^polkitd:" /etc/passwd ; then + groupadd -fg 87 polkitd + useradd -c "PolicyKit daemon owner" -d /var/lib/polkit -u 87 -g polkitd -s /bin/false polkitd +fi CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ @@ -86,28 +93,25 @@ CXXFLAGS="$SLKCFLAGS" \ --enable-gtk-doc \ --mandir=/usr/man \ --disable-static \ + --disable-examples \ --enable-introspection \ + --enable-libsystemd-login=no \ --with-authfw=shadow \ --enable-verbose-mode \ --with-os-type=Slackware \ --build=$ARCH-slackware-linux -#NOTE: The directory /etc/polkit-1/localauthority must be owned -# by root and have mode 700 -#NOTE: The directory /var/lib/polkit-1 must be owned -# by root and have mode 700 -#NOTE: The file ${exec_prefix}/libexec/polkit-agent-helper-1 must be owned -# by root and have mode 4755 (setuid root binary) -#NOTE: The file ${exec_prefix}/bin/pkexec must be owned by root and -# have mode 4755 (setuid root binary) - # Build and install: make $NUMJOBS || make || exit 1 make install DESTDIR=$PKG || exit 1 +# Create homedir for polkit. This is mentioned in /etc/passwd, but isn't +# actually used for anything later. Perms don't matter. +mkdir -p $PKG/var/lib/polkit + # Add default policy files for udisks2 and NetworkManager events: -cat $CWD/20-plugdev-group-mount-override.pkla > $PKG/etc/polkit-1/localauthority/50-local.d/20-plugdev-group-mount-override.pkla.new -cat $CWD/10-org.freedesktop.NetworkManager.pkla > $PKG/etc/polkit-1/localauthority/50-local.d/10-org.freedesktop.NetworkManager.pkla.new +cat $CWD/10-org.freedesktop.NetworkManager.rules > $PKG/etc/polkit-1/rules.d/10-org.freedesktop.NetworkManager.rules.new +cat $CWD/20-plugdev-group-mount-override.rules > $PKG/etc/polkit-1/rules.d/20-plugdev-group-mount-override.rules.new # Strip binaries: find $PKG | xargs file | grep -e "executable" -e "shared object" \ -- cgit v1.2.3