Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Mart Raudsepp <leio@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/gnome:master commit in: gnome-base/gdm/files/, gnome-base/gdm/
Date: Fri, 28 Sep 2018 17:59:12
Message-Id: 1538089090.7d8dc86e28c18d907412f3400e9172a868b76322.leio@gentoo
1 commit: 7d8dc86e28c18d907412f3400e9172a868b76322
2 Author: Mart Raudsepp <leio <AT> gentoo <DOT> org>
3 AuthorDate: Thu Sep 27 22:58:10 2018 +0000
4 Commit: Mart Raudsepp <leio <AT> gentoo <DOT> org>
5 CommitDate: Thu Sep 27 22:58:10 2018 +0000
6 URL: https://gitweb.gentoo.org/proj/gnome.git/commit/?id=7d8dc86e
7
8 gnome-base/gdm: remove old security vulnerable, use ::gentoo revbump
9
10 Main tree version has patches to fix CVE-2018-14424, which were missed
11 here during sync with main tree (presumably it was thought 3.26 already
12 had the patches, but it doesn't).
13
14 gnome-base/gdm/files/49-keychain-r1 | 9 -
15 gnome-base/gdm/files/50-ssh-agent-r1 | 10 --
16 .../gdm/files/gdm-2.32.0-xinitrc-ssh-agent.patch | 32 ----
17 .../gdm/files/gdm-3.8.4-fingerprint-auth.patch | 29 ---
18 gnome-base/gdm/files/gdm-3.8.4-logo.patch | 25 ---
19 gnome-base/gdm/gdm-3.26.2.1.ebuild | 198 ---------------------
20 gnome-base/gdm/metadata.xml | 14 --
21 7 files changed, 317 deletions(-)
22
23 diff --git a/gnome-base/gdm/files/49-keychain-r1 b/gnome-base/gdm/files/49-keychain-r1
24 deleted file mode 100644
25 index 51a1ca87..00000000
26 --- a/gnome-base/gdm/files/49-keychain-r1
27 +++ /dev/null
28 @@ -1,9 +0,0 @@
29 -#!/bin/bash
30 -
31 -# source keychain variables
32 -
33 -keychain="`which keychain 2>/dev/null`"
34 -if [ -n "$keychain" ] && [ -x "$keychain" ] && [ -f "$HOME/.bash_profile" ]
35 -then
36 - . "${HOME}/.bash_profile"
37 -fi
38
39 diff --git a/gnome-base/gdm/files/50-ssh-agent-r1 b/gnome-base/gdm/files/50-ssh-agent-r1
40 deleted file mode 100644
41 index 4d94fb04..00000000
42 --- a/gnome-base/gdm/files/50-ssh-agent-r1
43 +++ /dev/null
44 @@ -1,10 +0,0 @@
45 -#!/bin/sh
46 -
47 -# add ssh-agent if found
48 -
49 -sshagent="`which ssh-agent 2>/dev/null`"
50 -if [ -n "$sshagent" ] && [ -x "$sshagent" ] && [ -z "$SSH_AUTH_SOCK" ]; then
51 - command="$sshagent -- $command"
52 -elif [ -z "$sshagent" ] ; then
53 - echo "$0: ssh-agent not found!"
54 -fi
55
56 diff --git a/gnome-base/gdm/files/gdm-2.32.0-xinitrc-ssh-agent.patch b/gnome-base/gdm/files/gdm-2.32.0-xinitrc-ssh-agent.patch
57 deleted file mode 100644
58 index bfd8398a..00000000
59 --- a/gnome-base/gdm/files/gdm-2.32.0-xinitrc-ssh-agent.patch
60 +++ /dev/null
61 @@ -1,32 +0,0 @@
62 -From c0581264d5e2b412aa27dc30623512b461024e4f Mon Sep 17 00:00:00 2001
63 -From: Gilles Dartiguelongue <eva@g.o>
64 -Date: Tue, 2 Nov 2010 23:19:31 +0100
65 -Subject: [PATCH 2/4] ssh-agent handling must be done at xinitrc.d
66 -
67 -Gentoo bug: #220603
68 ----
69 - data/Xsession.in | 8 --------
70 - 1 file changed, 8 deletions(-)
71 -
72 -diff --git a/data/Xsession.in b/data/Xsession.in
73 -index 201be92..88f1fd9 100755
74 ---- a/data/Xsession.in
75 -+++ b/data/Xsession.in
76 -@@ -191,14 +191,6 @@ if [ -d /etc/X11/xinit/xinitrc.d ]; then
77 - done
78 - fi
79 -
80 --# add ssh-agent if found
81 --sshagent="`gdmwhich ssh-agent`"
82 --if [ -n "$sshagent" ] && [ -x "$sshagent" ] && [ -z "$SSH_AUTH_SOCK" ]; then
83 -- command="$sshagent -- $command"
84 --elif [ -z "$sshagent" ] ; then
85 -- echo "$0: ssh-agent not found!"
86 --fi
87 --
88 - echo "$0: Setup done, will execute: $command"
89 -
90 - eval exec $command
91 ---
92 -1.8.5.1
93 -
94
95 diff --git a/gnome-base/gdm/files/gdm-3.8.4-fingerprint-auth.patch b/gnome-base/gdm/files/gdm-3.8.4-fingerprint-auth.patch
96 deleted file mode 100644
97 index cd19077a..00000000
98 --- a/gnome-base/gdm/files/gdm-3.8.4-fingerprint-auth.patch
99 +++ /dev/null
100 @@ -1,29 +0,0 @@
101 -From 75fe02c2b383b27b202940bdedd7d8d2c64169fb Mon Sep 17 00:00:00 2001
102 -From: Alexandre Rostovtsev <tetromino@g.o>
103 -Date: Tue, 30 Jul 2013 22:56:30 -0400
104 -Subject: [PATCH 3/4] Gentoo does not have a fingerprint-auth pam stack
105 -
106 ----
107 - data/pam-exherbo/gdm-fingerprint.pam | 7 ++++++-
108 - 1 file changed, 6 insertions(+), 1 deletion(-)
109 -
110 -diff --git a/data/pam-exherbo/gdm-fingerprint.pam b/data/pam-exherbo/gdm-fingerprint.pam
111 -index 41639ec..d9633fb 100644
112 ---- a/data/pam-exherbo/gdm-fingerprint.pam
113 -+++ b/data/pam-exherbo/gdm-fingerprint.pam
114 -@@ -1,6 +1,11 @@
115 - account include system-login
116 -
117 --auth substack fingerprint-auth
118 -+auth optional pam_env.so
119 -+auth required pam_tally2.so onerr=succeed
120 -+auth required pam_shells.so
121 -+auth required pam_nologin.so
122 -+auth required pam_fprintd.so
123 -+auth required pam_permit.so
124 - auth optional pam_gnome_keyring.so
125 -
126 - password required pam_deny.so
127 ---
128 -1.8.5.1
129 -
130
131 diff --git a/gnome-base/gdm/files/gdm-3.8.4-logo.patch b/gnome-base/gdm/files/gdm-3.8.4-logo.patch
132 deleted file mode 100644
133 index 151d4bc7..00000000
134 --- a/gnome-base/gdm/files/gdm-3.8.4-logo.patch
135 +++ /dev/null
136 @@ -1,25 +0,0 @@
137 -From bcc651df77a429a6bf9b13892f71fedb1b87a069 Mon Sep 17 00:00:00 2001
138 -From: Gilles Dartiguelongue <eva@g.o>
139 -Date: Wed, 11 Dec 2013 22:46:58 +0100
140 -Subject: [PATCH 4/4] Apply Gentoo branding
141 -
142 ----
143 - data/org.gnome.login-screen.gschema.xml.in | 2 +-
144 - 1 file changed, 1 insertion(+), 1 deletion(-)
145 -
146 -diff --git a/data/org.gnome.login-screen.gschema.xml.in b/data/org.gnome.login-screen.gschema.xml.in
147 -index 03da374..5e81bc0 100644
148 ---- a/data/org.gnome.login-screen.gschema.xml.in
149 -+++ b/data/org.gnome.login-screen.gschema.xml.in
150 -@@ -31,7 +31,7 @@
151 - </_description>
152 - </key>
153 - <key name="logo" type="s">
154 -- <default>''</default>
155 -+ <default>'/usr/share/pixmaps/gentoo-gdm.svg'</default>
156 - <_summary>
157 - Path to small image at top of user list
158 - </_summary>
159 ---
160 -1.8.5.1
161 -
162
163 diff --git a/gnome-base/gdm/gdm-3.26.2.1.ebuild b/gnome-base/gdm/gdm-3.26.2.1.ebuild
164 deleted file mode 100644
165 index 8f528e56..00000000
166 --- a/gnome-base/gdm/gdm-3.26.2.1.ebuild
167 +++ /dev/null
168 @@ -1,198 +0,0 @@
169 -# Copyright 1999-2018 Gentoo Foundation
170 -# Distributed under the terms of the GNU General Public License v2
171 -
172 -EAPI=6
173 -GNOME2_LA_PUNT="yes"
174 -
175 -inherit eutils gnome2 pam readme.gentoo-r1 systemd user
176 -
177 -DESCRIPTION="GNOME Display Manager for managing graphical display servers and user logins"
178 -HOMEPAGE="https://wiki.gnome.org/Projects/GDM"
179 -
180 -SRC_URI="${SRC_URI}
181 - branding? ( https://www.mail-archive.com/tango-artists@×××××××××××××××××.org/msg00043/tango-gentoo-v1.1.tar.gz )
182 -"
183 -
184 -LICENSE="
185 - GPL-2+
186 - branding? ( CC-BY-SA-4.0 )
187 -"
188 -
189 -SLOT="0"
190 -
191 -IUSE="accessibility audit branding fprint +introspection ipv6 plymouth selinux smartcard tcpd test wayland xinerama"
192 -
193 -KEYWORDS="~alpha ~amd64 ~arm ~ia64 ~ppc ~ppc64 ~sh ~x86"
194 -
195 -# NOTE: x11-base/xorg-server dep is for X_SERVER_PATH etc, bug #295686
196 -# nspr used by smartcard extension
197 -# dconf, dbus and g-s-d are needed at install time for dconf update
198 -# We need either systemd or >=openrc-0.12 to restart gdm properly, bug #463784
199 -COMMON_DEPEND="
200 - app-text/iso-codes
201 - >=dev-libs/glib-2.36:2[dbus]
202 - >=x11-libs/gtk+-2.91.1:3
203 - >=gnome-base/dconf-0.20
204 - >=gnome-base/gnome-settings-daemon-3.1.4
205 - gnome-base/gsettings-desktop-schemas
206 - >=media-libs/fontconfig-2.5.0:1.0
207 - >=media-libs/libcanberra-0.4[gtk3]
208 - sys-apps/dbus
209 - >=sys-apps/accountsservice-0.6.35
210 -
211 - x11-apps/sessreg
212 - x11-base/xorg-server
213 - x11-libs/libXi
214 - x11-libs/libXau
215 - x11-libs/libX11
216 - x11-libs/libXdmcp
217 - x11-libs/libXext
218 - x11-libs/libXft
219 - x11-libs/libxcb
220 - >=x11-misc/xdg-utils-1.0.2-r3
221 -
222 - virtual/pam
223 - >=sys-apps/systemd-186:0=[pam]
224 -
225 - sys-auth/pambase[systemd]
226 -
227 - audit? ( sys-process/audit )
228 - introspection? ( >=dev-libs/gobject-introspection-0.9.12:= )
229 - plymouth? ( sys-boot/plymouth )
230 - selinux? ( sys-libs/libselinux )
231 - tcpd? ( >=sys-apps/tcp-wrappers-7.6 )
232 - xinerama? ( x11-libs/libXinerama )
233 -"
234 -# XXX: These deps are from session and desktop files in data/ directory
235 -# fprintd is used via dbus by gdm-fingerprint-extension
236 -# gnome-session-3.6 needed to avoid freezing with orca
237 -RDEPEND="${COMMON_DEPEND}
238 - >=gnome-base/gnome-session-3.6
239 - >=gnome-base/gnome-shell-3.1.90
240 - x11-apps/xhost
241 -
242 - accessibility? (
243 - >=app-accessibility/orca-3.10
244 - gnome-extra/mousetweaks )
245 - fprint? (
246 - sys-auth/fprintd
247 - sys-auth/pam_fprint )
248 -
249 - !gnome-extra/fast-user-switch-applet
250 -"
251 -DEPEND="${COMMON_DEPEND}
252 - app-text/docbook-xml-dtd:4.1.2
253 - dev-util/gdbus-codegen
254 - >=dev-util/intltool-0.40.0
255 - dev-util/itstool
256 - virtual/pkgconfig
257 - x11-base/xorg-proto
258 - test? ( >=dev-libs/check-0.9.4 )
259 -"
260 -
261 -DOC_CONTENTS="
262 - To make GDM start at boot, run:\n
263 - # systemctl enable gdm.service\n
264 - \n
265 - For passwordless login to unlock your keyring, you need to install
266 - sys-auth/pambase with USE=gnome-keyring and set an empty password
267 - on your keyring. Use app-crypt/seahorse for that.\n
268 - \n
269 - You may need to install app-crypt/coolkey and sys-auth/pam_pkcs11
270 - for smartcard support
271 -"
272 -
273 -pkg_setup() {
274 - enewgroup gdm
275 - enewgroup video # Just in case it hasn't been created yet
276 - enewuser gdm -1 -1 /var/lib/gdm gdm,video
277 -
278 - # For compatibility with certain versions of nvidia-drivers, etc., need to
279 - # ensure that gdm user is in the video group
280 - if ! egetent group video | grep -q gdm; then
281 - # FIXME XXX: is this at all portable, ldap-safe, etc.?
282 - # XXX: egetent does not have a 1-argument form, so we can't use it to
283 - # get the list of gdm's groups
284 - local g=$(groups gdm)
285 - elog "Adding user gdm to video group"
286 - usermod -G video,${g// /,} gdm || die "Adding user gdm to video group failed"
287 - fi
288 -}
289 -
290 -src_prepare() {
291 - # ssh-agent handling must be done at xinitrc.d, bug #220603
292 - eapply "${FILESDIR}/${PN}-2.32.0-xinitrc-ssh-agent.patch"
293 -
294 - # Gentoo does not have a fingerprint-auth pam stack
295 - eapply "${FILESDIR}/${PN}-3.8.4-fingerprint-auth.patch"
296 -
297 - # Show logo when branding is enabled
298 - use branding && eapply "${FILESDIR}/${PN}-3.8.4-logo.patch"
299 -
300 - gnome2_src_prepare
301 -}
302 -
303 -src_configure() {
304 - local myconf
305 - # PAM is the only auth scheme supported
306 - # even though configure lists shadow and crypt
307 - # they don't have any corresponding code.
308 - # --with-at-spi-registryd-directory= needs to be passed explicitly because
309 - # of https://bugzilla.gnome.org/show_bug.cgi?id=607643#c4
310 - # Xevie is obsolete, bug #482304
311 - # --with-initial-vt=7 conflicts with plymouth, bug #453392
312 - ! use plymouth && myconf="${myconf} --with-initial-vt=7"
313 -
314 - gnome2_src_configure \
315 - --enable-gdm-xsession \
316 - --enable-user-display-server \
317 - --with-run-dir=/run/gdm \
318 - --localstatedir="${EPREFIX}"/var \
319 - --disable-static \
320 - --with-xdmcp=yes \
321 - --enable-authentication-scheme=pam \
322 - --with-default-pam-config=exherbo \
323 - --with-pam-mod-dir=$(getpam_mod_dir) \
324 - --with-at-spi-registryd-directory="${EPREFIX}"/usr/libexec \
325 - --without-xevie \
326 - --enable-systemd-journal \
327 - --with-systemdsystemunitdir="$(systemd_get_systemunitdir)" \
328 - $(use_with audit libaudit) \
329 - $(use_enable ipv6) \
330 - $(use_with plymouth) \
331 - $(use_with selinux) \
332 - $(use_with tcpd tcp-wrappers) \
333 - $(use_enable wayland wayland-support) \
334 - $(use_with xinerama) \
335 - ${myconf}
336 -}
337 -
338 -src_install() {
339 - gnome2_src_install
340 -
341 - if ! use accessibility ; then
342 - rm "${ED}"/usr/share/gdm/greeter/autostart/orca-autostart.desktop || die
343 - fi
344 -
345 - exeinto /etc/X11/xinit/xinitrc.d
346 - newexe "${FILESDIR}/49-keychain-r1" 49-keychain
347 - newexe "${FILESDIR}/50-ssh-agent-r1" 50-ssh-agent
348 -
349 - # gdm user's home directory
350 - keepdir /var/lib/gdm
351 - fowners gdm:gdm /var/lib/gdm
352 -
353 - # install XDG_DATA_DIRS gdm changes
354 - echo 'XDG_DATA_DIRS="/usr/share/gdm"' > 99xdg-gdm
355 - doenvd 99xdg-gdm
356 -
357 - use branding && newicon "${WORKDIR}/tango-gentoo-v1.1/scalable/gentoo.svg" gentoo-gdm.svg
358 -
359 - readme.gentoo_create_doc
360 -}
361 -
362 -pkg_postinst() {
363 - gnome2_pkg_postinst
364 - systemd_reenable gdm.service
365 - readme.gentoo_print_elog
366 -}
367
368 diff --git a/gnome-base/gdm/metadata.xml b/gnome-base/gdm/metadata.xml
369 deleted file mode 100644
370 index 747420ed..00000000
371 --- a/gnome-base/gdm/metadata.xml
372 +++ /dev/null
373 @@ -1,14 +0,0 @@
374 -<?xml version="1.0" encoding="UTF-8"?>
375 -<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
376 -<pkgmetadata>
377 -<maintainer type="project">
378 - <email>gnome@g.o</email>
379 - <name>Gentoo GNOME Desktop</name>
380 -</maintainer>
381 -<use>
382 - <flag name="fprint">Enables experimental fingerprint authentication using
383 - <pkg>sys-auth/fprintd</pkg></flag>
384 - <flag name="plymouth">Enable support for smooth transition from
385 - <pkg>sys-boot/plymouth</pkg></flag>
386 -</use>
387 -</pkgmetadata>
Report Message
Find on MARC Find on Google Groups