diff --git a/polkit/.SRCINFO b/polkit/.SRCINFO index dd4592bfa0..3f5cac3cd7 100644 --- a/polkit/.SRCINFO +++ b/polkit/.SRCINFO @@ -1,10 +1,14 @@ pkgbase = polkit pkgdesc = Application development toolkit for controlling system-wide privileges - pkgver = 125 - pkgrel = 1 + pkgver = 126 + pkgrel = 2 url = https://github.com/polkit-org/polkit install = polkit.install arch = x86_64 + arch = powerpc64le + arch = powerpc64 + arch = powerpc + arch = riscv64 license = LGPL-2.0-or-later checkdepends = python-dbusmock makedepends = dbus @@ -22,10 +26,11 @@ pkgbase = polkit depends = systemd-libs provides = libpolkit-agent-1.so provides = libpolkit-gobject-1.so - backup = etc/pam.d/polkit-1 - source = git+https://github.com/polkit-org/polkit#tag=125 - source = 0001-meson-Pass-polkitd_uid-to-meson_post_install.py.patch - b2sums = 3a3d10173937bd7d869e1125878bec0b6f6ac565ffea7bbf61a05634cfbe85471dc62386825a201915c03c48cbcda277704011ec760a283e5b9663ad49cf0237 - b2sums = 14ba77b12255519008a045706d9c6a06b8f4a5a091b980030b3e216908ac7485c5c70b26a4008d15df7b2c374eaf9dde31c8ba480a6cb1601effbb4b6d6c023b + source = git+https://github.com/polkit-org/polkit#tag=126 + source = 0001-meson-Support-explicit-GID.patch + source = 0002-meson-Detect-Arch-Linux-and-set-the-UID-and-GID.patch + b2sums = 20659c1a622208e1db7d5f65c5ab75a6a35c55472b5abdadc5405fb83f678e7eb9fe4ac32b1947f6956cc1204f5caa2cad2f5db81de7ea49cdb13bd309c94fa4 + b2sums = a9d5b0cc874abfb5a26f1a70230dc681213703c5eb44f1cf8c59550f7120d077f33c6ef0a0a509b4b878067e38c8a4446e778a7c6d287d5ca28f52e107f73fc4 + b2sums = 21471078956d1646539d0b8eda4a74e14790e3d0141bb5412a9a0e8824dcb0025537cbbd528a90ead2cd736c8b59f13d3fc5f4f872e35cf1626baf2c13541b07 pkgname = polkit diff --git a/polkit/0001-meson-Pass-polkitd_uid-to-meson_post_install.py.patch b/polkit/0001-meson-Pass-polkitd_uid-to-meson_post_install.py.patch deleted file mode 100644 index 3827f59228..0000000000 --- a/polkit/0001-meson-Pass-polkitd_uid-to-meson_post_install.py.patch +++ /dev/null @@ -1,43 +0,0 @@ -From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 -From: "Jan Alexander Steffens (heftig)" -Date: Wed, 17 Jan 2024 20:57:44 +0100 -Subject: [PATCH] meson: Pass polkitd_uid to meson_post_install.py - -So it can change the rules.d GID without the group being defined. ---- - meson.build | 1 + - meson_post_install.py | 9 ++++++--- - 2 files changed, 7 insertions(+), 3 deletions(-) - -diff --git a/meson.build b/meson.build -index 302c18961e2d..2bd62bea4aa4 100644 ---- a/meson.build -+++ b/meson.build -@@ -385,6 +385,7 @@ if not libs_only - pk_libprivdir, - pk_pkgsysconfdir, - polkitd_user, -+ polkitd_uid, # Actually needs the GID, but we assume UID == GID - ) - endif - -diff --git a/meson_post_install.py b/meson_post_install.py -index efb75a1de69b..2367ef33fbc1 100644 ---- a/meson_post_install.py -+++ b/meson_post_install.py -@@ -22,9 +22,12 @@ pkgsysconfdir = destdir_path(sys.argv[3]) - polkitd_user = sys.argv[4] - - try: -- polkitd_gid = pwd.getpwnam(polkitd_user).pw_gid --except KeyError: -- polkitd_gid = None -+ polkitd_gid = int(sys.argv[5]) # Actually the UID, but we assume UID == GID -+except ValueError: -+ try: -+ polkitd_gid = pwd.getpwnam(polkitd_user).pw_gid -+ except KeyError: -+ polkitd_gid = None - - dst = os.path.join(bindir, 'pkexec') - diff --git a/polkit/0001-meson-Support-explicit-GID.patch b/polkit/0001-meson-Support-explicit-GID.patch new file mode 100644 index 0000000000..850db1ce79 --- /dev/null +++ b/polkit/0001-meson-Support-explicit-GID.patch @@ -0,0 +1,155 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: "Jan Alexander Steffens (heftig)" +Date: Mon, 13 Jan 2025 23:54:13 +0100 +Subject: [PATCH] meson: Support explicit GID + +On Arch Linux, the polkitd user is not available during packaging, and +files must be created with a numeric UID and GID. +--- + data/meson.build | 17 ++++++++++++++--- + data/polkit-tmpfiles.conf | 1 - + data/polkit-tmpfiles.conf.in | 1 + + data/polkit.conf.with-gid | 2 ++ + meson.build | 6 +++++- + meson_options.txt | 1 + + meson_post_install.py | 11 +++++++---- + 7 files changed, 30 insertions(+), 9 deletions(-) + delete mode 100644 data/polkit-tmpfiles.conf + create mode 100644 data/polkit-tmpfiles.conf.in + create mode 100644 data/polkit.conf.with-gid + +diff --git a/data/meson.build b/data/meson.build +index e3776fb8319e..90c10ef03237 100644 +--- a/data/meson.build ++++ b/data/meson.build +@@ -1,7 +1,9 @@ + service_conf = { + 'libprivdir': pk_prefix / pk_libprivdir, ++ 'pkgsysconfdir': pk_prefix / pk_pkgsysconfdir, + 'polkitd_user': polkitd_user, + 'polkitd_uid': polkitd_uid, ++ 'polkitd_gid': polkitd_gid, + } + + configure_file( +@@ -47,21 +49,30 @@ if not get_option('libs-only') + install_dir: systemdsystemunitdir, + ) + ++ if polkitd_gid != '-' ++ sysusers_template = 'polkit.conf.with-gid' ++ else ++ sysusers_template = 'polkit.conf.in' ++ endif ++ + configure_file( +- input: 'polkit.conf.in', ++ input: sysusers_template, + output: '@BASENAME@', + configuration: service_conf, + install: true, + install_dir: sysusers_dir, + ) + + install_data( + 'policyconfig-1.dtd', + install_dir: pk_datadir / 'polkit-1' + ) + +- install_data( +- 'polkit-tmpfiles.conf', ++ configure_file( ++ input: 'polkit-tmpfiles.conf.in', ++ output: '@BASENAME@', ++ configuration: service_conf, ++ install: true, + install_dir: tmpfiles_dir + ) + endif +diff --git a/data/polkit-tmpfiles.conf b/data/polkit-tmpfiles.conf +deleted file mode 100644 +index 936f514e4bfa..000000000000 +--- a/data/polkit-tmpfiles.conf ++++ /dev/null +@@ -1 +0,0 @@ +-d /etc/polkit-1/rules.d 0750 root polkitd - - +diff --git a/data/polkit-tmpfiles.conf.in b/data/polkit-tmpfiles.conf.in +new file mode 100644 +index 000000000000..601c96ec6b52 +--- /dev/null ++++ b/data/polkit-tmpfiles.conf.in +@@ -0,0 +1 @@ ++d @pkgsysconfdir@/rules.d 0750 root @polkitd_user@ - - +diff --git a/data/polkit.conf.with-gid b/data/polkit.conf.with-gid +new file mode 100644 +index 000000000000..bc98a6c664e7 +--- /dev/null ++++ b/data/polkit.conf.with-gid +@@ -0,0 +1,2 @@ ++g @polkitd_user@ @polkitd_gid@ ++u @polkitd_user@ @polkitd_uid@:@polkitd_gid@ "User for polkitd" +diff --git a/meson.build b/meson.build +index b150c98242ff..07a662f241b1 100644 +--- a/meson.build ++++ b/meson.build +@@ -232,7 +232,7 @@ polkitd_user = get_option('polkitd_user') + config_data.set_quoted('POLKITD_USER', polkitd_user) + + polkitd_uid = get_option('polkitd_uid') +-config_data.set('POLKITD_UID', polkitd_uid) ++polkitd_gid = get_option('polkitd_gid') + + # Select which authentication framework to use + auth_deps = [] +@@ -405,6 +405,7 @@ if not libs_only + pk_libprivdir, + pk_pkgsysconfdir, + polkitd_user, ++ polkitd_gid, + ) + endif + +@@ -433,6 +434,9 @@ output += ' polkitd user: ' + polkitd_user + ' \n' + if polkitd_uid != '-' + output += ' polkitd UID: ' + polkitd_uid + ' \n' + endif ++if polkitd_gid != '-' ++ output += ' polkitd GID: ' + polkitd_gid + ' \n' ++endif + output += ' PAM support: ' + enable_pam.to_string() + '\n\n' + if libs_only + output += ' !!! Only building polkit libraries, not polkitd !!!\n\n' +diff --git a/meson_options.txt b/meson_options.txt +index 31b7a2b0300d..916f365ddeab 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -4,6 +4,7 @@ option('systemdsystemunitdir', type: 'string', value: '', description: 'custom d + option('libs-only', type: 'boolean', value: false, description: 'Only build libraries (skips building polkitd)') + option('polkitd_user', type: 'string', value: 'polkitd', description: 'User for running polkitd (polkitd)') + option('polkitd_uid', type: 'string', value: '-', description: 'Fixed UID for user running polkitd (polkitd)') ++option('polkitd_gid', type: 'string', value: '-', description: 'Fixed GID for user running polkitd (polkitd)') + option('privileged_group', type: 'string', value: '', description: 'Group to use for default privileged access (default: wheel)') + + option('authfw', type: 'combo', choices: ['pam', 'shadow', 'bsdauth'], value: 'pam', description: 'Authentication framework (pam/shadow)') +diff --git a/meson_post_install.py b/meson_post_install.py +index efb75a1de69b..95a741ef70d0 100644 +--- a/meson_post_install.py ++++ b/meson_post_install.py +@@ -21,10 +21,13 @@ pkglibdir = destdir_path(sys.argv[2]) + pkgsysconfdir = destdir_path(sys.argv[3]) + polkitd_user = sys.argv[4] + +-try: +- polkitd_gid = pwd.getpwnam(polkitd_user).pw_gid +-except KeyError: +- polkitd_gid = None ++if sys.argv[5] != '-': ++ polkitd_gid = int(sys.argv[5]) ++else: ++ try: ++ polkitd_gid = pwd.getpwnam(polkitd_user).pw_gid ++ except KeyError: ++ polkitd_gid = None + + dst = os.path.join(bindir, 'pkexec') + diff --git a/polkit/0002-meson-Detect-Arch-Linux-and-set-the-UID-and-GID.patch b/polkit/0002-meson-Detect-Arch-Linux-and-set-the-UID-and-GID.patch new file mode 100644 index 0000000000..4664e73ba8 --- /dev/null +++ b/polkit/0002-meson-Detect-Arch-Linux-and-set-the-UID-and-GID.patch @@ -0,0 +1,91 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: "Jan Alexander Steffens (heftig)" +Date: Mon, 13 Jan 2025 23:55:38 +0100 +Subject: [PATCH] meson: Detect Arch Linux and set the UID and GID + +--- + meson.build | 26 ++++++++++++++++++++++---- + meson_options.txt | 4 ++-- + 2 files changed, 24 insertions(+), 6 deletions(-) + +diff --git a/meson.build b/meson.build +index 07a662f241b1..94b208cfc527 100644 +--- a/meson.build ++++ b/meson.build +@@ -231,9 +231,6 @@ endif + polkitd_user = get_option('polkitd_user') + config_data.set_quoted('POLKITD_USER', polkitd_user) + +-polkitd_uid = get_option('polkitd_uid') +-polkitd_gid = get_option('polkitd_gid') +- + # Select which authentication framework to use + auth_deps = [] + +@@ -299,21 +296,42 @@ if os_type == '' + ['debian', '/etc/debian_version'], + ['gentoo', '/etc/gentoo-release'], + ['pardus', '/etc/pardus-release'], ++ ['arch', '/etc/arch-release'], + ['lfs', '/etc/lfs-release'], + ] + + foreach os_path: os_paths + if run_command('test', '-e', os_path[1], check: false).returncode() == 0 + os_type = os_path[0] + break + endif + endforeach + + if os_type == '' + message('Linux distribution autodetection failed, specify the distribution to target using -Dos_type=') + endif + endif + ++# The default UID differs between distributions, set it accordingly if not specified ++polkitd_uid = get_option('polkitd_uid') ++if polkitd_uid == '' ++ if os_type == 'arch' ++ polkitd_uid = '102' ++ else ++ polkitd_uid = '-' ++ endif ++endif ++ ++# The default GID differs between distributions, set it accordingly if not specified ++polkitd_gid = get_option('polkitd_gid') ++if polkitd_gid == '' ++ if os_type == 'arch' ++ polkitd_gid = '102' ++ else ++ polkitd_gid = '-' ++ endif ++endif ++ + # The default privileged group differs between distributions, set it accordingly if not specified + privileged_group = get_option('privileged_group') + if privileged_group == '' +@@ -347,7 +365,7 @@ if pam_include == '' + 'PAM_FILE_INCLUDE_PASSWORD': 'system-password', + 'PAM_FILE_INCLUDE_SESSION': 'system-session', + } +- #if ['redhat', 'gentoo', 'pardus'].contains(os_type) ++ #if ['redhat', 'gentoo', 'pardus', 'arch'].contains(os_type) + else + pam_conf = { + 'PAM_FILE_INCLUDE_AUTH': 'system-auth', +diff --git a/meson_options.txt b/meson_options.txt +index 916f365ddeab..a889406ed515 100644 +--- a/meson_options.txt ++++ b/meson_options.txt +@@ -3,8 +3,8 @@ option('systemdsystemunitdir', type: 'string', value: '', description: 'custom d + + option('libs-only', type: 'boolean', value: false, description: 'Only build libraries (skips building polkitd)') + option('polkitd_user', type: 'string', value: 'polkitd', description: 'User for running polkitd (polkitd)') +-option('polkitd_uid', type: 'string', value: '-', description: 'Fixed UID for user running polkitd (polkitd)') +-option('polkitd_gid', type: 'string', value: '-', description: 'Fixed GID for user running polkitd (polkitd)') ++option('polkitd_uid', type: 'string', value: '', description: 'Fixed UID for user running polkitd (polkitd)') ++option('polkitd_gid', type: 'string', value: '', description: 'Fixed GID for user running polkitd (polkitd)') + option('privileged_group', type: 'string', value: '', description: 'Group to use for default privileged access (default: wheel)') + + option('authfw', type: 'combo', choices: ['pam', 'shadow', 'bsdauth'], value: 'pam', description: 'Authentication framework (pam/shadow)') diff --git a/polkit/PKGBUILD b/polkit/PKGBUILD index 80112943fa..c8ce438881 100644 --- a/polkit/PKGBUILD +++ b/polkit/PKGBUILD @@ -3,8 +3,8 @@ # Contributor: Jan de Groot pkgname=polkit -pkgver=125 -pkgrel=1.1 +pkgver=126 +pkgrel=2 pkgdesc="Application development toolkit for controlling system-wide privileges" url="https://github.com/polkit-org/polkit" arch=(x86_64 powerpc64le powerpc64 powerpc riscv64) @@ -28,29 +28,28 @@ makedepends=( ) checkdepends=(python-dbusmock) provides=(libpolkit-{agent,gobject}-1.so) -backup=(etc/pam.d/polkit-1) install=polkit.install source=( "git+$url#tag=$pkgver" - 0001-meson-Pass-polkitd_uid-to-meson_post_install.py.patch + 0001-meson-Support-explicit-GID.patch + 0002-meson-Detect-Arch-Linux-and-set-the-UID-and-GID.patch ) -b2sums=('3a3d10173937bd7d869e1125878bec0b6f6ac565ffea7bbf61a05634cfbe85471dc62386825a201915c03c48cbcda277704011ec760a283e5b9663ad49cf0237' - '14ba77b12255519008a045706d9c6a06b8f4a5a091b980030b3e216908ac7485c5c70b26a4008d15df7b2c374eaf9dde31c8ba480a6cb1601effbb4b6d6c023b') +b2sums=('20659c1a622208e1db7d5f65c5ab75a6a35c55472b5abdadc5405fb83f678e7eb9fe4ac32b1947f6956cc1204f5caa2cad2f5db81de7ea49cdb13bd309c94fa4' + 'a9d5b0cc874abfb5a26f1a70230dc681213703c5eb44f1cf8c59550f7120d077f33c6ef0a0a509b4b878067e38c8a4446e778a7c6d287d5ca28f52e107f73fc4' + '21471078956d1646539d0b8eda4a74e14790e3d0141bb5412a9a0e8824dcb0025537cbbd528a90ead2cd736c8b59f13d3fc5f4f872e35cf1626baf2c13541b07') prepare() { cd polkit - git apply -3 ../0001-meson-Pass-polkitd_uid-to-meson_post_install.py.patch + git apply -3 ../0001-meson-Support-explicit-GID.patch + git apply -3 ../0002-meson-Detect-Arch-Linux-and-set-the-UID-and-GID.patch } build() { local meson_options=( -D examples=true + -D gettext=true -D gtk_doc=true -D man=true - -D os_type=redhat - -D polkitd_uid=102 - -D polkitd_user=polkitd - -D session_tracking=logind -D tests=true )