diff options
Diffstat (limited to 'meta-oe/recipes-extended/polkit')
8 files changed, 100 insertions, 444 deletions
diff --git a/meta-oe/recipes-extended/polkit/files/50-org.freedesktop.udiskie.rules b/meta-oe/recipes-extended/polkit/files/50-org.freedesktop.udiskie.rules new file mode 100644 index 0000000000..2ffa4087a8 --- /dev/null +++ b/meta-oe/recipes-extended/polkit/files/50-org.freedesktop.udiskie.rules @@ -0,0 +1,24 @@ +polkit.addRule(function(action, subject) { + var YES = polkit.Result.YES; + var permission = { + // required for udisks1: + "org.freedesktop.udisks.filesystem-mount": YES, + "org.freedesktop.udisks.luks-unlock": YES, + "org.freedesktop.udisks.drive-eject": YES, + "org.freedesktop.udisks.drive-detach": YES, + // required for udisks2: + "org.freedesktop.udisks2.filesystem-mount": YES, + "org.freedesktop.udisks2.encrypted-unlock": YES, + "org.freedesktop.udisks2.eject-media": YES, + "org.freedesktop.udisks2.power-off-drive": YES, + // required for udisks2 if using udiskie from another seat (e.g. systemd): + "org.freedesktop.udisks2.filesystem-mount-other-seat": YES, + "org.freedesktop.udisks2.filesystem-unmount-others": YES, + "org.freedesktop.udisks2.encrypted-unlock-other-seat": YES, + "org.freedesktop.udisks2.eject-media-other-seat": YES, + "org.freedesktop.udisks2.power-off-drive-other-seat": YES + }; + if (subject.isInGroup("plugdev")) { + return permission[action.id]; + } +}); diff --git a/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb b/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb new file mode 100644 index 0000000000..db2ed015b4 --- /dev/null +++ b/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb @@ -0,0 +1,17 @@ +DESCRIPTION = "Polkit rule to allow non-priviledged users mount/umount block devices via udisks2" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +require polkit-group-rule.inc + +# The file originates from https://github.com/coldfix/udiskie/wiki/Permissions +SRC_URI = "file://50-org.freedesktop.udiskie.rules" + +RDEPENDS:${PN} += "udisks2" + +do_install() { + install -m 0755 ${WORKDIR}/50-org.freedesktop.udiskie.rules ${D}${sysconfdir}/polkit-1/rules.d +} + +USERADD_PACKAGES = "${PN}" +GROUPADD_PARAM:${PN} = "--system plugdev" diff --git a/meta-oe/recipes-extended/polkit/polkit/0002-jsauthority-port-to-mozjs-91.patch b/meta-oe/recipes-extended/polkit/polkit/0002-jsauthority-port-to-mozjs-91.patch deleted file mode 100644 index 5b3660da2f..0000000000 --- a/meta-oe/recipes-extended/polkit/polkit/0002-jsauthority-port-to-mozjs-91.patch +++ /dev/null @@ -1,38 +0,0 @@ -From 4ce27b66bb07b72cb96d3d43a75108a5a6e7e156 Mon Sep 17 00:00:00 2001 -From: Xi Ruoyao <xry111@mengyan1223.wang> -Date: Tue, 10 Aug 2021 19:09:42 +0800 -Subject: [PATCH] jsauthority: port to mozjs-91 - -Upstream-Status: Submitted [https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/92] -Signed-off-by: Alexander Kanavin <alex@linutronix.de> ---- - configure.ac | 2 +- - meson.build | 2 +- - 2 files changed, 2 insertions(+), 2 deletions(-) - -diff --git a/configure.ac b/configure.ac -index d807086..5a7fc11 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -80,7 +80,7 @@ PKG_CHECK_MODULES(GLIB, [gmodule-2.0 gio-unix-2.0 >= 2.30.0]) - AC_SUBST(GLIB_CFLAGS) - AC_SUBST(GLIB_LIBS) - --PKG_CHECK_MODULES(LIBJS, [mozjs-78]) -+PKG_CHECK_MODULES(LIBJS, [mozjs-91]) - - AC_SUBST(LIBJS_CFLAGS) - AC_SUBST(LIBJS_CXXFLAGS) -diff --git a/meson.build b/meson.build -index b3702be..733bbff 100644 ---- a/meson.build -+++ b/meson.build -@@ -126,7 +126,7 @@ expat_dep = dependency('expat') - assert(cc.has_header('expat.h', dependencies: expat_dep), 'Can\'t find expat.h. Please install expat.') - assert(cc.has_function('XML_ParserCreate', dependencies: expat_dep), 'Can\'t find expat library. Please install expat.') - --mozjs_dep = dependency('mozjs-78') -+mozjs_dep = dependency('mozjs-91') - - dbus_dep = dependency('dbus-1') - dbus_confdir = dbus_dep.get_pkgconfig_variable('datadir', define_variable: ['datadir', pk_prefix / pk_datadir]) #changed from sysconfdir with respect to commit#8eada3836465838 diff --git a/meta-oe/recipes-extended/polkit/polkit/0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch b/meta-oe/recipes-extended/polkit/polkit/0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch deleted file mode 100644 index 9e9755e44f..0000000000 --- a/meta-oe/recipes-extended/polkit/polkit/0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch +++ /dev/null @@ -1,63 +0,0 @@ -From 7799441b9aa55324160deefbc65f9d918b8c94c1 Mon Sep 17 00:00:00 2001 -From: Xi Ruoyao <xry111@mengyan1223.wang> -Date: Tue, 10 Aug 2021 18:52:56 +0800 -Subject: [PATCH] jsauthority: ensure to call JS_Init() and JS_ShutDown() - exactly once - -Before this commit, we were calling JS_Init() in -polkit_backend_js_authority_class_init and never called JS_ShutDown. -This is actually a misusage of SpiderMonkey API. Quote from a comment -in js/Initialization.h (both mozjs-78 and mozjs-91): - - It is currently not possible to initialize SpiderMonkey multiple - times (that is, calling JS_Init/JSAPI methods/JS_ShutDown in that - order, then doing so again). - -This misusage does not cause severe issues with mozjs-78. However, when -we eventually port jsauthority to use mozjs-91, bad thing will happen: -see the test failure mentioned in #150. - -This commit is tested with both mozjs-78 and mozjs-91, all tests pass -with it. - -Upstream-Status: Submitted [https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/91] -Signed-off-by: Alexander Kanavin <alex@linutronix.de> ---- - src/polkitbackend/polkitbackendjsauthority.cpp | 10 +++++++--- - 1 file changed, 7 insertions(+), 3 deletions(-) - -diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp -index 41d8d5c..38dc001 100644 ---- a/src/polkitbackend/polkitbackendjsauthority.cpp -+++ b/src/polkitbackend/polkitbackendjsauthority.cpp -@@ -75,6 +75,13 @@ - - /* ---------------------------------------------------------------------------------------------------- */ - -+static class JsInitHelperType -+{ -+public: -+ JsInitHelperType() { JS_Init(); } -+ ~JsInitHelperType() { JS_ShutDown(); } -+} JsInitHelper; -+ - struct _PolkitBackendJsAuthorityPrivate - { - gchar **rules_dirs; -@@ -589,7 +596,6 @@ polkit_backend_js_authority_finalize (GObject *object) - delete authority->priv->js_polkit; - - JS_DestroyContext (authority->priv->cx); -- /* JS_ShutDown (); */ - - G_OBJECT_CLASS (polkit_backend_js_authority_parent_class)->finalize (object); - } -@@ -665,8 +671,6 @@ polkit_backend_js_authority_class_init (PolkitBackendJsAuthorityClass *klass) - - - g_type_class_add_private (klass, sizeof (PolkitBackendJsAuthorityPrivate)); -- -- JS_Init (); - } - - /* ---------------------------------------------------------------------------------------------------- */ diff --git a/meta-oe/recipes-extended/polkit/polkit/0003-make-netgroup-support-optional.patch b/meta-oe/recipes-extended/polkit/polkit/0003-make-netgroup-support-optional.patch deleted file mode 100644 index 1a268f2d0d..0000000000 --- a/meta-oe/recipes-extended/polkit/polkit/0003-make-netgroup-support-optional.patch +++ /dev/null @@ -1,250 +0,0 @@ -From 0c1debb380fee7f5b2bc62406e45856dc9c9e1a1 Mon Sep 17 00:00:00 2001 -From: Khem Raj <raj.khem@gmail.com> -Date: Wed, 22 May 2019 13:18:55 -0700 -Subject: [PATCH] make netgroup support optional - -On at least Linux/musl and Linux/uclibc, netgroup -support is not available. PolKit fails to compile on these systems -for that reason. - -This change makes netgroup support conditional on the presence of the -setnetgrent(3) function which is required for the support to work. If -that function is not available on the system, an error will be returned -to the administrator if unix-netgroup: is specified in configuration. - -Fixes bug 50145. - -Closes polkit/polkit#14. -Signed-off-by: A. Wilcox <AWilcox@Wilcox-Tech.com> -Signed-off-by: Khem Raj <raj.khem@gmail.com> - ---- - configure.ac | 2 +- - src/polkit/polkitidentity.c | 16 ++++++++++++++++ - src/polkit/polkitunixnetgroup.c | 3 +++ - .../polkitbackendinteractiveauthority.c | 14 ++++++++------ - src/polkitbackend/polkitbackendjsauthority.cpp | 3 +++ - test/polkit/polkitidentitytest.c | 9 ++++++++- - test/polkit/polkitunixnetgrouptest.c | 3 +++ - .../test-polkitbackendjsauthority.c | 2 ++ - 8 files changed, 44 insertions(+), 8 deletions(-) - -diff --git a/configure.ac b/configure.ac -index b625743..d807086 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -100,7 +100,7 @@ AC_CHECK_LIB(expat,XML_ParserCreate,[EXPAT_LIBS="-lexpat"], - [AC_MSG_ERROR([Can't find expat library. Please install expat.])]) - AC_SUBST(EXPAT_LIBS) - --AC_CHECK_FUNCS(clearenv fdatasync) -+AC_CHECK_FUNCS(clearenv fdatasync setnetgrent) - - if test "x$GCC" = "xyes"; then - LDFLAGS="-Wl,--as-needed $LDFLAGS" -diff --git a/src/polkit/polkitidentity.c b/src/polkit/polkitidentity.c -index 3aa1f7f..10e9c17 100644 ---- a/src/polkit/polkitidentity.c -+++ b/src/polkit/polkitidentity.c -@@ -182,7 +182,15 @@ polkit_identity_from_string (const gchar *str, - } - else if (g_str_has_prefix (str, "unix-netgroup:")) - { -+#ifndef HAVE_SETNETGRENT -+ g_set_error (error, -+ POLKIT_ERROR, -+ POLKIT_ERROR_FAILED, -+ "Netgroups are not available on this machine ('%s')", -+ str); -+#else - identity = polkit_unix_netgroup_new (str + sizeof "unix-netgroup:" - 1); -+#endif - } - - if (identity == NULL && (error != NULL && *error == NULL)) -@@ -344,6 +352,13 @@ polkit_identity_new_for_gvariant (GVariant *variant, - GVariant *v; - const char *name; - -+#ifndef HAVE_SETNETGRENT -+ g_set_error (error, -+ POLKIT_ERROR, -+ POLKIT_ERROR_FAILED, -+ "Netgroups are not available on this machine"); -+ goto out; -+#else - v = lookup_asv (details_gvariant, "name", G_VARIANT_TYPE_STRING, error); - if (v == NULL) - { -@@ -353,6 +368,7 @@ polkit_identity_new_for_gvariant (GVariant *variant, - name = g_variant_get_string (v, NULL); - ret = polkit_unix_netgroup_new (name); - g_variant_unref (v); -+#endif - } - else - { -diff --git a/src/polkit/polkitunixnetgroup.c b/src/polkit/polkitunixnetgroup.c -index 8a2b369..83f8d4a 100644 ---- a/src/polkit/polkitunixnetgroup.c -+++ b/src/polkit/polkitunixnetgroup.c -@@ -194,6 +194,9 @@ polkit_unix_netgroup_set_name (PolkitUnixNetgroup *group, - PolkitIdentity * - polkit_unix_netgroup_new (const gchar *name) - { -+#ifndef HAVE_SETNETGRENT -+ g_assert_not_reached(); -+#endif - g_return_val_if_fail (name != NULL, NULL); - return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_NETGROUP, - "name", name, -diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c -index 056d9a8..36c2f3d 100644 ---- a/src/polkitbackend/polkitbackendinteractiveauthority.c -+++ b/src/polkitbackend/polkitbackendinteractiveauthority.c -@@ -2233,25 +2233,26 @@ get_users_in_net_group (PolkitIdentity *group, - GList *ret; - - ret = NULL; -+#ifdef HAVE_SETNETGRENT - name = polkit_unix_netgroup_get_name (POLKIT_UNIX_NETGROUP (group)); - --#ifdef HAVE_SETNETGRENT_RETURN -+# ifdef HAVE_SETNETGRENT_RETURN - if (setnetgrent (name) == 0) - { - g_warning ("Error looking up net group with name %s: %s", name, g_strerror (errno)); - goto out; - } --#else -+# else - setnetgrent (name); --#endif -+# endif /* HAVE_SETNETGRENT_RETURN */ - - for (;;) - { --#if defined(HAVE_NETBSD) || defined(HAVE_OPENBSD) -+# if defined(HAVE_NETBSD) || defined(HAVE_OPENBSD) - const char *hostname, *username, *domainname; --#else -+# else - char *hostname, *username, *domainname; --#endif -+# endif /* defined(HAVE_NETBSD) || defined(HAVE_OPENBSD) */ - PolkitIdentity *user; - GError *error = NULL; - -@@ -2282,6 +2283,7 @@ get_users_in_net_group (PolkitIdentity *group, - - out: - endnetgrent (); -+#endif /* HAVE_SETNETGRENT */ - return ret; - } - -diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp -index ca17108..41d8d5c 100644 ---- a/src/polkitbackend/polkitbackendjsauthority.cpp -+++ b/src/polkitbackend/polkitbackendjsauthority.cpp -@@ -1520,6 +1520,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, - - JS::CallArgs args = JS::CallArgsFromVp (argc, vp); - -+#ifdef HAVE_SETNETGRENT - JS::RootedString usrstr (authority->priv->cx); - usrstr = args[0].toString(); - user = JS_EncodeStringToUTF8 (cx, usrstr); -@@ -1535,6 +1536,8 @@ js_polkit_user_is_in_netgroup (JSContext *cx, - is_in_netgroup = true; - } - -+#endif -+ - ret = true; - - args.rval ().setBoolean (is_in_netgroup); -diff --git a/test/polkit/polkitidentitytest.c b/test/polkit/polkitidentitytest.c -index e91967b..e829aaa 100644 ---- a/test/polkit/polkitidentitytest.c -+++ b/test/polkit/polkitidentitytest.c -@@ -19,6 +19,7 @@ - * Author: Nikki VonHollen <vonhollen@google.com> - */ - -+#include "config.h" - #include "glib.h" - #include <polkit/polkit.h> - #include <polkit/polkitprivate.h> -@@ -145,11 +146,15 @@ struct ComparisonTestData comparison_test_data [] = { - {"unix-group:root", "unix-group:jane", FALSE}, - {"unix-group:jane", "unix-group:jane", TRUE}, - -+#ifdef HAVE_SETNETGRENT - {"unix-netgroup:foo", "unix-netgroup:foo", TRUE}, - {"unix-netgroup:foo", "unix-netgroup:bar", FALSE}, -+#endif - - {"unix-user:root", "unix-group:root", FALSE}, -+#ifdef HAVE_SETNETGRENT - {"unix-user:jane", "unix-netgroup:foo", FALSE}, -+#endif - - {NULL}, - }; -@@ -181,11 +186,13 @@ main (int argc, char *argv[]) - g_test_add_data_func ("/PolkitIdentity/group_string_2", "unix-group:jane", test_string); - g_test_add_data_func ("/PolkitIdentity/group_string_3", "unix-group:users", test_string); - -+#ifdef HAVE_SETNETGRENT - g_test_add_data_func ("/PolkitIdentity/netgroup_string", "unix-netgroup:foo", test_string); -+ g_test_add_data_func ("/PolkitIdentity/netgroup_gvariant", "unix-netgroup:foo", test_gvariant); -+#endif - - g_test_add_data_func ("/PolkitIdentity/user_gvariant", "unix-user:root", test_gvariant); - g_test_add_data_func ("/PolkitIdentity/group_gvariant", "unix-group:root", test_gvariant); -- g_test_add_data_func ("/PolkitIdentity/netgroup_gvariant", "unix-netgroup:foo", test_gvariant); - - add_comparison_tests (); - -diff --git a/test/polkit/polkitunixnetgrouptest.c b/test/polkit/polkitunixnetgrouptest.c -index 3701ba1..e3352eb 100644 ---- a/test/polkit/polkitunixnetgrouptest.c -+++ b/test/polkit/polkitunixnetgrouptest.c -@@ -19,6 +19,7 @@ - * Author: Nikki VonHollen <vonhollen@google.com> - */ - -+#include "config.h" - #include "glib.h" - #include <polkit/polkit.h> - #include <string.h> -@@ -69,7 +70,9 @@ int - main (int argc, char *argv[]) - { - g_test_init (&argc, &argv, NULL); -+#ifdef HAVE_SETNETGRENT - g_test_add_func ("/PolkitUnixNetgroup/new", test_new); - g_test_add_func ("/PolkitUnixNetgroup/set_name", test_set_name); -+#endif - return g_test_run (); - } -diff --git a/test/polkitbackend/test-polkitbackendjsauthority.c b/test/polkitbackend/test-polkitbackendjsauthority.c -index f97e0e0..fc52149 100644 ---- a/test/polkitbackend/test-polkitbackendjsauthority.c -+++ b/test/polkitbackend/test-polkitbackendjsauthority.c -@@ -137,12 +137,14 @@ test_get_admin_identities (void) - "unix-group:users" - } - }, -+#ifdef HAVE_SETNETGRENT - { - "net.company.action3", - { - "unix-netgroup:foo" - } - }, -+#endif - }; - guint n; - diff --git a/meta-oe/recipes-extended/polkit/polkit/polkit-1_pam.patch b/meta-oe/recipes-extended/polkit/polkit/polkit-1_pam.patch deleted file mode 100644 index c491abf4ac..0000000000 --- a/meta-oe/recipes-extended/polkit/polkit/polkit-1_pam.patch +++ /dev/null @@ -1,35 +0,0 @@ -polkit: No system-auth in OE-Core, we can use common-* in place of it. - -Upstream-Status:Inappropriate [configuration] - -Signed-off-by: Xiaofeng Yan <xiaofeng.yan@windriver.com> - -Upstream-Status: Inappropriate [oe specific] -Rebase to 0.115 -Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> ---- - configure.ac | 8 ++++---- - 1 file changed, 4 insertions(+), 4 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 36df239..8b3e1b1 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -471,10 +471,10 @@ elif test x$with_os_type = xfreebsd -o x$with_os_type = xnetbsd; then - PAM_FILE_INCLUDE_PASSWORD=system - PAM_FILE_INCLUDE_SESSION=system - else -- PAM_FILE_INCLUDE_AUTH=system-auth -- PAM_FILE_INCLUDE_ACCOUNT=system-auth -- PAM_FILE_INCLUDE_PASSWORD=system-auth -- PAM_FILE_INCLUDE_SESSION=system-auth -+ PAM_FILE_INCLUDE_AUTH=common-auth -+ PAM_FILE_INCLUDE_ACCOUNT=common-account -+ PAM_FILE_INCLUDE_PASSWORD=common-password -+ PAM_FILE_INCLUDE_SESSION=common-session - fi - - AC_SUBST(PAM_FILE_INCLUDE_AUTH) --- -2.7.4 - diff --git a/meta-oe/recipes-extended/polkit/polkit_0.119.bb b/meta-oe/recipes-extended/polkit/polkit_0.119.bb deleted file mode 100644 index d76361732a..0000000000 --- a/meta-oe/recipes-extended/polkit/polkit_0.119.bb +++ /dev/null @@ -1,58 +0,0 @@ -SUMMARY = "PolicyKit Authorization Framework" -DESCRIPTION = "The polkit package is an application-level toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes." -HOMEPAGE = "http://www.freedesktop.org/wiki/Software/polkit" -LICENSE = "LGPLv2+" -LIC_FILES_CHKSUM = "file://COPYING;md5=155db86cdbafa7532b41f390409283eb \ - file://src/polkit/polkit.h;beginline=1;endline=20;md5=0a8630b0133176d0504c87a0ded39db4" - -DEPENDS = "expat glib-2.0 intltool-native mozjs-91" - -inherit autotools gtk-doc pkgconfig useradd systemd gobject-introspection features_check - -REQUIRED_DISTRO_FEATURES = "polkit" - -PACKAGECONFIG = "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \ - ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', \ - bb.utils.contains('DISTRO_FEATURES', 'x11', 'consolekit', '', d), d)} \ - " - -PACKAGECONFIG[pam] = "--with-authfw=pam,--with-authfw=shadow,libpam,libpam" -PACKAGECONFIG[systemd] = "--enable-libsystemd-login=yes --with-systemdsystemunitdir=${systemd_unitdir}/system/,--enable-libsystemd-login=no --with-systemdsystemunitdir=,systemd" -# there is no --enable/--disable option for consolekit and it's not picked by shlibs, so add it to RDEPENDS -PACKAGECONFIG[consolekit] = ",,,consolekit" - -PAM_SRC_URI = "file://polkit-1_pam.patch" -SRC_URI = "http://www.freedesktop.org/software/polkit/releases/polkit-${PV}.tar.gz \ - ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ - file://0003-make-netgroup-support-optional.patch \ - file://0002-jsauthority-port-to-mozjs-91.patch \ - file://0003-jsauthority-ensure-to-call-JS_Init-and-JS_ShutDown-e.patch \ - " -SRC_URI[sha256sum] = "c8579fdb86e94295404211285fee0722ad04893f0213e571bd75c00972fd1f5c" - -EXTRA_OECONF = "--with-os-type=moblin \ - --disable-man-pages \ - --disable-libelogind \ - " - -do_compile:prepend () { - export GIR_EXTRA_LIBS_PATH="${B}/src/polkit/.libs" -} - -PACKAGES =+ "${PN}-examples" - -FILES:${PN}:append = " \ - ${libdir}/${BPN}-1 \ - ${nonarch_libdir}/${BPN}-1 \ - ${datadir}/dbus-1 \ - ${datadir}/${BPN}-1 \ - ${datadir}/gettext \ -" - -FILES:${PN}-examples = "${bindir}/*example*" - -USERADD_PACKAGES = "${PN}" -USERADD_PARAM:${PN} = "--system --no-create-home --user-group --home-dir ${sysconfdir}/${BPN}-1 polkitd" - -SYSTEMD_SERVICE:${PN} = "${BPN}.service" -SYSTEMD_AUTO_ENABLE = "disable" diff --git a/meta-oe/recipes-extended/polkit/polkit_124.bb b/meta-oe/recipes-extended/polkit/polkit_124.bb new file mode 100644 index 0000000000..9e2eb05c62 --- /dev/null +++ b/meta-oe/recipes-extended/polkit/polkit_124.bb @@ -0,0 +1,59 @@ +SUMMARY = "PolicyKit Authorization Framework" +DESCRIPTION = "The polkit package is an application-level toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes." +HOMEPAGE = "http://www.freedesktop.org/wiki/Software/polkit" +LICENSE = "LGPL-2.0-or-later" +LIC_FILES_CHKSUM = "file://COPYING;md5=155db86cdbafa7532b41f390409283eb" + +SRC_URI = "git://gitlab.freedesktop.org/polkit/polkit.git;protocol=https;branch=master" + +S = "${WORKDIR}/git" +SRCREV = "82f0924dc0eb23b9df68e88dbaf9e07c81940a5a" + +DEPENDS = "expat glib-2.0" + +inherit meson pkgconfig useradd systemd gettext gobject-introspection features_check + +REQUIRED_DISTRO_FEATURES = "polkit" + +PACKAGECONFIG = " \ + ${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)} \ + ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'systemd', 'consolekit', d)} \ + dbus \ + mozjs \ +" +PACKAGECONFIG[dbus] = ",,dbus" +PACKAGECONFIG[gtk-doc] = "-Dgtk_doc=true,-Dgtk_doc=false,gtk-doc-native" +PACKAGECONFIG[pam] = "-Dauthfw=pam,-Dauthfw=shadow,libpam,libpam" +PACKAGECONFIG[systemd] = "-Dsession_tracking=libsystemd-login,-Dsession_tracking=ConsoleKit,systemd" +PACKAGECONFIG[consolekit] = ",,,consolekit" + +# Default to mozjs javascript library +PACKAGECONFIG[mozjs] = "-Djs_engine=mozjs,,mozjs-115,,,duktape" +# duktape javascript engine is much smaller and faster but is not compatible with +# same javascript standards as mozjs. For example array.includes() function is not +# supported. Test rule compatibility when switching to duktape. +PACKAGECONFIG[duktape] = "-Djs_engine=duktape,,duktape,,,mozjs" + +USERADD_PACKAGES = "${PN}" +USERADD_PARAM:${PN} = "--system --no-create-home --user-group --home-dir ${sysconfdir}/${BPN}-1 --shell /bin/nologin polkitd" + +SYSTEMD_SERVICE:${PN} = "${BPN}.service" +SYSTEMD_AUTO_ENABLE = "disable" + +do_install:append() { + #Fix up permissions on polkit rules.d to work with rpm4 constraints + chmod 700 ${D}/${datadir}/polkit-1/rules.d + chmod 700 ${D}/${sysconfdir}/polkit-1/rules.d + chown polkitd:root ${D}/${datadir}/polkit-1/rules.d + chown polkitd:root ${D}/${sysconfdir}/polkit-1/rules.d +} + +FILES:${PN} += " \ + ${libdir}/pam.d/polkit-1 \ + ${libdir}/sysusers.d \ + ${libdir}/polkit-1 \ + ${nonarch_libdir}/pam.d/polkit-1 \ + ${nonarch_libdir}/sysusers.d \ + ${nonarch_libdir}/polkit-1 \ + ${datadir} \ +" |