pool/accountsservice
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 974124 from home:susnux:branches:GNOME:Factory

Browse Source 
Update to version 22.08.8

OBS-URL: https://build.opensuse.org/request/show/974124
OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/accountsservice?expand=0&rev=153
This commit is contained in:
Dominique Leuenberger 2022-05-02 09:12:35 +00:00 committed by Git OBS Bridge
parent a7992e03e6
commit c87824b06a
8 changed files with 137 additions and 175 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
accountsservice-22.04.62.tar.xz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:e8ee6b95aa073fcbd5007726676de16aba98373c20d44560df192c0a58cb7bb5
size 101740

BIN
accountsservice-22.08.8.tar.xz (Stored with Git LFS) Normal file
View File

Binary file not shown.

18
accountsservice-filter-suse-accounts.patch Normal file
View File

@ -0,0 +1,18 @@
diff -Nur accountsservice-22.08.8/src/user-classify.c new/src/user-classify.c
--- accountsservice-22.08.8/src/user-classify.c 2022-02-23 16:27:48.000000000 +0100
+++ new/src/user-classify.c 2022-04-30 22:33:44.148344188 +0200
@@ -52,7 +52,13 @@
"at",
"gdm",
"gnome-initial-setup",
- "git"
+ "git",
+ "beagleindex",
+ "fax",
+ "suse-ncc",
+ "mailman",
+ "ldap",
+ "cyrus"
};
static gboolean

39
accountsservice-sysconfig.patch
View File

@ -4,10 +4,10 @@ Date: Wed Jul 20 16:48:41 2011 +0200
Use autologin configuration from sysconfig (SUSE-ism)
Index: accountsservice-22.04.62/src/daemon.c
===================================================================
--- accountsservice-22.04.62.orig/src/daemon.c
+++ accountsservice-22.04.62/src/daemon.c
diff -Nur accountsservice-22.08.8/src/daemon.c new/src/daemon.c
--- accountsservice-22.08.8/src/daemon.c 2022-02-23 16:27:48.000000000 +0100
+++ new/src/daemon.c 2022-04-30 22:23:22.228315678 +0200
@@ -50,6 +50,7 @@
#include "util.h"
#include "user.h"
@ -16,7 +16,7 @@ Index: accountsservice-22.04.62/src/daemon.c
#define PATH_PASSWD "/etc/passwd"
#define PATH_SHADOW "/etc/shadow"
@@ -581,7 +582,7 @@ reload_autologin_timeout (Daemon *daemon
@@ -581,7 +582,7 @@
priv->autologin_id = 0;
if (!load_autologin (daemon, &name, &enabled, &error)) {
@ -25,7 +25,7 @@ Index: accountsservice-22.04.62/src/daemon.c
return FALSE;
}
@@ -1508,6 +1509,43 @@ daemon_local_check_auth (Daemon
@@ -1508,6 +1509,43 @@
g_object_unref (subject);
}
@ -69,7 +69,7 @@ Index: accountsservice-22.04.62/src/daemon.c
gboolean
load_autologin (Daemon *daemon,
gchar **name,
@@ -1518,6 +1556,8 @@ load_autologin (Daemon *daemon,
@@ -1518,6 +1556,8 @@
GError *local_error = NULL;
g_autofree gchar *string = NULL;
@ -78,7 +78,7 @@ Index: accountsservice-22.04.62/src/daemon.c
keyfile = g_key_file_new ();
if (!g_key_file_load_from_file (keyfile,
PATH_GDM_CUSTOM,
@@ -1558,6 +1598,8 @@ save_autologin (Daemon *daemon,
@@ -1558,6 +1598,8 @@
gboolean result;
g_autoptr(GError) local_error = NULL;
@ -87,10 +87,9 @@ Index: accountsservice-22.04.62/src/daemon.c
keyfile = g_key_file_new ();
if (!g_key_file_load_from_file (keyfile,
PATH_GDM_CUSTOM,
Index: accountsservice-22.04.62/src/gdm-sysconfig.c
===================================================================
--- /dev/null
+++ accountsservice-22.04.62/src/gdm-sysconfig.c
diff -Nur accountsservice-22.08.8/src/gdm-sysconfig.c new/src/gdm-sysconfig.c
--- accountsservice-22.08.8/src/gdm-sysconfig.c 1970-01-01 01:00:00.000000000 +0100
+++ new/src/gdm-sysconfig.c 2022-04-30 22:22:54.876314424 +0200
@@ -0,0 +1,484 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-
+ *
@ -576,10 +575,9 @@ Index: accountsservice-22.04.62/src/gdm-sysconfig.c
+ g_strfreev (lines);
+ return result;
+}
Index: accountsservice-22.04.62/src/gdm-sysconfig.h
===================================================================
--- /dev/null
+++ accountsservice-22.04.62/src/gdm-sysconfig.h
diff -Nur accountsservice-22.08.8/src/gdm-sysconfig.h new/src/gdm-sysconfig.h
--- accountsservice-22.08.8/src/gdm-sysconfig.h 1970-01-01 01:00:00.000000000 +0100
+++ new/src/gdm-sysconfig.h 2022-04-30 22:22:54.876314424 +0200
@@ -0,0 +1,43 @@
+/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-
+ *
@ -624,11 +622,10 @@ Index: accountsservice-22.04.62/src/gdm-sysconfig.h
+G_END_DECLS
+
+#endif /* __GDM_SYSCONFIG_H */
Index: accountsservice-22.04.62/src/meson.build
===================================================================
--- accountsservice-22.04.62.orig/src/meson.build
+++ accountsservice-22.04.62/src/meson.build
@@ -48,6 +48,8 @@ libaccounts_generated_dep = declare_depe
diff -Nur accountsservice-22.08.8/src/meson.build new/src/meson.build
--- accountsservice-22.08.8/src/meson.build 2022-02-23 16:27:48.000000000 +0100
+++ new/src/meson.build 2022-04-30 22:22:54.876314424 +0200
@@ -48,6 +48,8 @@
)
sources = files(

120
accountsservice.changes
View File

@ -1,98 +1,38 @@
-------------------------------------------------------------------
Fri Feb 11 23:35:22 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>
Sat Apr 30 20:16:58 UTC 2022 - Ferdinand Thiessen <rpm@fthiessen.de>
- Update to version 22.04.62:
+ act-user-manager:
- Fix incorrect return types in some finish() functions
- Fix various refcounting bugs
- Make a private function static
- Remove ConsoleKit support
- Watch for the daemon going away and coming back
+ act-user:
- Use G_DECLARE_FINAL_TYPE to declare ActUser
- Use stronger hashing methods in make_crypted() if available.
+ Add .service file to POTFILES.skip
+ Add support to build vala bindings
+ build:
- Add missing pkg-config Requires.private dependencies
- Bump minimum version of meson required
- Expose chosen path_wtmp value as a variable
+ Check GDBusMessage for INTERACTIVE_AUTHORIZATION flag
+ ci:
- Add test stage, reusing the build one
- Cleanup the build stage so that we can define dependencies
just once
+ Conditionalize more use of shadow.h
+ daemon:
- Allow SystemAccount=false to be set in cache file
- Don't try to add admin users to non existing groups
- Ensure cache files for system users are processed
- Fix error check in save_autologin()
- Remove duplicate "changed" signal emission
- Write GDM custom.conf file if it doesn't exist
+ data:
- Don't send change updates for login-history
- Tighten up systemd sandboxing of accounts-daemon.service
+ Drop .service file from POTFILES.in
+ Fix build with meson 0.60
+ Fix g-i annotation of act_user_get_password_expiration_policy
+ libaccountsservice: Expand documentation of ActUser:language
+ main:
- Allow cache files to be marked immutable
- Dont print translation header with `--help`
+ meson: Determine project version from date
+ Move D-Bus conf file to $(datadir)/dbus-1/system.d
+ Never delete the root filesystem when removing users
+ NEWS: Drop NEWS file
+ po: delete obsolete po/accounts-service.pot
+ Remove user heuristics
+ Replace empty he.po with an actual translation
+ Stop ignoring autotools generated files
+ tests:
- Add unit tests for libaccountservice using dbusmock and gir
bindings
- Sync tests with upstream python-dbusmock
+ user-classify: Add git to username blacklist
+ user:
- Don't overwrite entire GECOS field when setting full name
- Fix double-unref of GDBusMethodInvocation throughout
- Fix indentation error
- Introduce user templates for setting default session etc
- Reject requests to change full name to something including a
comma
- Remove user from extra_admin_groups when demoting them from
admin
- Translate property x-session property name to match the proxy
one
- Update to version 22.08.8
+ Handle missing admin groups when changing account types
+ Set PrivateTmp to false in the systemd service
+ Add function to set user password expiration policy
- Update to version 22.04.62
+ Updated Swedish translation
+ Updated Indonesian translation
+ Updated German translation
+ Updated slovak translation
+ Update Ukrainian translation
+ Updated Brazilian Portuguese translation
+ act-user: Use stronger hashing methods in make_crypted() if available.
+ act-user-manager: Watch for the daemon going away and coming back
+ user-manager: Update users tables on username changes
+ Use timestamps instead of (expiration time and last change
time)days
+ util:
- Get uid when needed
- Split out helper method for getting admin group IDs
+ Updated translations.
- Drop patches fixed upstream:
+ accountsservice-read-root-user-cache.patch
+ accountsservice-wtmp-io-improvements.patch
+ accountsservice-fix-gdm-crash.patch
+ user: Translate property x-session property name to match the proxy one
+ Check GDBusMessage for INTERACTIVE_AUTHORIZATION flag
+ daemon: Fix error check in save_autologin()
+ Never delete the root filesystem when removing users
+ Remove user heuristics
+ user-classify: Add git to username blacklist
+ daemon: ensure cache files for system users are processed
+ daemon: Don't try to add admin users to non existing groups
+ Move D-Bus conf file to $(datadir)/dbus-1/system.d
- Rebased patches:
+ accountsservice-sysconfig.patch
+ accountsservice-filter-suse-accounts.patch
+ as-fate318433-prevent-same-account-multi-logins.patch
- Drop upstream fixed patches:
+ ac9b14f1c1bbca413987d0bbfeaad05804107e9a.patch
+ accountsservice-fix-gdm-crash.patch
- Note that accountsservice-fix-gdm-crash.patch was not applied
upstream, the issue was fixed in a different way. Upstream
encourages issue reports should the current fix prove to not be
good enough.
- Rebase accountsservice-sysconfig.patch and
harden_accounts-daemon.service.patch
- Drop accountsservice-filter-suse-accounts.patch: The system users
we were filtering are not present on any of today as far as I can
tell, so drop this patch filtering out "common system users" such
as beagleindex, fax and suse-ncc.
- Stop passing systemd=true to meson, no longer recognized, nor
needed.
- Add pkgconfig(vapigen) BuildRequires: New dependency.
- Add fdupes BuildRequires and macro, remove duplicates.
- Add python3-dbusmock and python3-gobject BuildRequires and add a
check section, run meson_test macro.
+ accountsservice-read-root-user-cache.patch
+ accountsservice-wtmp-io-improvements.patch
-------------------------------------------------------------------
Tue Feb 1 09:20:24 UTC 2022 - Bjørn Lie <bjorn.lie@gmail.com>

48
accountsservice.spec
View File

@ -16,8 +16,9 @@
#
#!BuildIgnore: rpmlint-mini
Name: accountsservice
Version: 22.04.62
Version: 22.08.8
Release: 0
Summary: D-Bus Service to Manipulate User Account Information
License: GPL-3.0-or-later
@ -26,8 +27,10 @@ URL: https://www.freedesktop.org/wiki/Software/AccountsService/
Source0: https://www.freedesktop.org/software/accountsservice/%{name}-%{version}.tar.xz
# WARNING: do not remove/significantly change patch0 without updating the relevant patch in gdm too
# PATCH-FIX-OPENSUSE accountsservice-sysconfig.patch bnc#688071 vuntz@opensuse.org -- Read/write autologin configuration from sysconfig, like gdm (see gdm-sysconfig-settings.patch)
Patch1: accountsservice-sysconfig.patch
# PATCH-FIX-OPENSUSE accountsservice-sysconfig.patch bnc#688071 vuntz@opensuse.org -- Read/write autologin configuration from sysconfig, like gdm (see gdm-sysconfig-settings.patch) WAS PATCH-FIX-OPENSUSE
Patch0: accountsservice-sysconfig.patch
# PATCH-FIX-OPENSUSE accountsservice-filter-suse-accounts.patch vuntz@opensuse.org -- Filter out some system users that are specific to openSUSE
Patch1: accountsservice-filter-suse-accounts.patch
# PATCH-FIX-OPENSUSE harden_accounts-daemon.service.patch jsegitz@suse.com -- For details please see https://en.opensuse.org/openSUSE:Security_Features#Systemd_hardening_effort
Patch2: harden_accounts-daemon.service.patch
@ -35,21 +38,18 @@ Patch2: harden_accounts-daemon.service.patch
# PATCH-FEATURE-SLE as-fate318433-prevent-same-account-multi-logins.patch fate#318433 cxiong@suse.com -- prevent multiple simultaneous login.
Patch1000: as-fate318433-prevent-same-account-multi-logins.patch
BuildRequires: fdupes
BuildRequires: gtk-doc
BuildRequires: meson
BuildRequires: pkgconfig
BuildRequires: python3-dbusmock
BuildRequires: python3-gobject
BuildRequires: vala
BuildRequires: pkgconfig(dbus-1)
BuildRequires: pkgconfig(gio-2.0) >= 2.37.3
BuildRequires: pkgconfig(gio-2.0) >= 2.63.5
BuildRequires: pkgconfig(gio-unix-2.0)
BuildRequires: pkgconfig(glib-2.0) >= 2.44
BuildRequires: pkgconfig(glib-2.0) >= 2.63.5
BuildRequires: pkgconfig(gobject-introspection-1.0)
BuildRequires: pkgconfig(libsystemd) >= 186
BuildRequires: pkgconfig(polkit-gobject-1)
BuildRequires: pkgconfig(systemd)
BuildRequires: pkgconfig(vapigen)
%{?systemd_ordering}
%description
@ -92,10 +92,23 @@ Requires: typelib-1_0-AccountsService-1_0 = %{version}
The accountsservice server provides a set of D-Bus interfaces for
querying and manipulating user account information.
%package vala
Summary: Vala bindings for accountsservice
Group: Development/Libraries/C and C++
Requires: libaccountsservice0 = %{version}
Requires: typelib-1_0-AccountsService-1_0 = %{version}
%description vala
The accountsservice server provides a set of D-Bus interfaces for
querying and manipulating user account information.
This package contains the Vala bindings for accountservice.
%lang_package
%prep
%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
@ -106,18 +119,14 @@ querying and manipulating user account information.
%build
%meson \
-D introspection=true \
-D gtk_doc=true \
-Dintrospection=true \
-Dgtk_doc=true \
%{nil}
%meson_build
%install
%meson_install
%find_lang accounts-service
%fdupes %{buildroot}%{_datadir}/accountsservice/user-templates
%check
%meson_test
%pre
%service_add_pre accounts-daemon.service
@ -144,14 +153,13 @@ querying and manipulating user account information.
%{_datadir}/dbus-1/interfaces/org.freedesktop.Accounts.User.xml
%{_datadir}/dbus-1/system-services/org.freedesktop.Accounts.service
%{_datadir}/polkit-1/actions/org.freedesktop.accounts.policy
# User templates
%dir %{_datadir}/accountsservice
%{_datadir}/accountsservice/user-templates
# Directories where the server stores user data
%dir %{_localstatedir}/lib/AccountsService
%dir %{_localstatedir}/lib/AccountsService/users
%dir %{_localstatedir}/lib/AccountsService/icons
%dir %{_datadir}/accountsservice
%dir %{_datadir}/accountsservice/user-templates
%{_datadir}/accountsservice/user-templates/administrator
%{_datadir}/accountsservice/user-templates/standard
%files -n libaccountsservice0
%{_libdir}/*.so.0*
@ -166,6 +174,8 @@ querying and manipulating user account information.
%{_libdir}/pkgconfig/accountsservice.pc
%{_includedir}/accountsservice-1.0/
%{_datadir}/gir-1.0/AccountsService-1.0.gir
%files vala
%dir %{_datadir}/vala/vapi
%{_datadir}/vala/vapi/accountsservice.deps
%{_datadir}/vala/vapi/accountsservice.vapi

75
as-fate318433-prevent-same-account-multi-logins.patch
View File

@ -1,36 +1,7 @@
Index: b/src/libaccountsservice/act-user-manager.c
===================================================================
--- a/src/libaccountsservice/act-user-manager.c 2019-09-11 17:40:53.726949739 +0800
+++ b/src/libaccountsservice/act-user-manager.c 2019-09-11 17:41:00.547007450 +0800
@@ -1752,12 +1752,22 @@ maybe_add_new_session (ActUserManagerNew
if (new_session->x11_display == NULL) {
g_debug ("AcUserManager: (mostly) ignoring session '%s' since it's not graphical",
new_session->id);
- is_ours = FALSE;
+ /* SLE: ignore non-graphical session completely */
+ /* see `act_user_is_logged_in_anywhere` */
+ unload_new_session (new_session);
+ return;
} else if (session_is_login_window (manager, new_session->id)) {
new_session->state = ACT_USER_MANAGER_NEW_SESSION_STATE_LOADED;
unload_new_session (new_session);
return;
} else if (!session_is_on_our_seat (manager, new_session->id)) {
+ /**
+ * NOTE: if `manager->priv->seat.id` or `new_session->id` is
+ * either NULL, it's not on our seat: this is reasonable, as
+ * non-seat session is not switchable and thus no need to be
+ * ours. However, this nondiscrimination for all non-seated
+ * sessions is possibly a source for bugs.
+ */
is_ours = FALSE;
}
Index: b/src/libaccountsservice/act-user.c
===================================================================
--- a/src/libaccountsservice/act-user.c 2019-09-11 17:40:53.726949739 +0800
+++ b/src/libaccountsservice/act-user.c 2019-09-11 17:41:00.547007450 +0800
@@ -868,6 +868,8 @@ act_user_is_logged_in (ActUser *user)
diff -Nur accountsservice-22.08.8/src/libaccountsservice/act-user.c new/src/libaccountsservice/act-user.c
--- accountsservice-22.08.8/src/libaccountsservice/act-user.c 2022-02-23 16:27:48.000000000 +0100
+++ new/src/libaccountsservice/act-user.c 2022-04-30 22:34:42.160346848 +0200
@@ -878,6 +878,8 @@
* (Currently, this function is only implemented for systemd-logind.
* For ConsoleKit, it is equivalent to act_user_is_logged_in.)
*
@ -39,7 +10,7 @@ Index: b/src/libaccountsservice/act-user.c
* Returns: %TRUE or %FALSE
*/
gboolean
@@ -896,6 +898,24 @@ act_user_get_saved (ActUser *user)
@@ -906,6 +908,24 @@
}
/**
@ -64,11 +35,10 @@ Index: b/src/libaccountsservice/act-user.c
* act_user_get_locked:
* @user: a #ActUser
*
Index: b/src/libaccountsservice/act-user.h
===================================================================
--- a/src/libaccountsservice/act-user.h 2019-09-11 17:40:53.726949739 +0800
+++ b/src/libaccountsservice/act-user.h 2019-09-11 17:41:00.547007450 +0800
@@ -67,6 +67,7 @@ guint act_user_get_num_sessions
diff -Nur accountsservice-22.08.8/src/libaccountsservice/act-user.h new/src/libaccountsservice/act-user.h
--- accountsservice-22.08.8/src/libaccountsservice/act-user.h 2022-02-23 16:27:48.000000000 +0100
+++ new/src/libaccountsservice/act-user.h 2022-04-30 22:34:42.164346848 +0200
@@ -61,6 +61,7 @@
guint act_user_get_num_sessions_anywhere (ActUser *user);
gboolean act_user_is_logged_in (ActUser *user);
gboolean act_user_is_logged_in_anywhere (ActUser *user);
@ -76,3 +46,30 @@ Index: b/src/libaccountsservice/act-user.h
int act_user_get_login_frequency (ActUser *user);
gint64 act_user_get_login_time (ActUser *user);
const GVariant*act_user_get_login_history (ActUser *user);
diff -Nur accountsservice-22.08.8/src/libaccountsservice/act-user-manager.c new/src/libaccountsservice/act-user-manager.c
--- accountsservice-22.08.8/src/libaccountsservice/act-user-manager.c 2022-02-23 16:27:48.000000000 +0100
+++ new/src/libaccountsservice/act-user-manager.c 2022-04-30 22:34:42.160346848 +0200
@@ -1366,12 +1366,22 @@
if (new_session->x11_display == NULL) {
g_debug ("AcUserManager: (mostly) ignoring session '%s' since it's not graphical",
new_session->id);
- is_ours = FALSE;
+ /* SLE: ignore non-graphical session completely */
+ /* see `act_user_is_logged_in_anywhere` */
+ unload_new_session (new_session);
+ return;
} else if (session_is_login_window (manager, new_session->id)) {
new_session->state = ACT_USER_MANAGER_NEW_SESSION_STATE_LOADED;
unload_new_session (new_session);
return;
} else if (!session_is_on_our_seat (manager, new_session->id)) {
+ /**
+ * NOTE: if `manager->priv->seat.id` or `new_session->id` is
+ * either NULL, it's not on our seat: this is reasonable, as
+ * non-seat session is not switchable and thus no need to be
+ * ours. However, this nondiscrimination for all non-seated
+ * sessions is possibly a source for bugs.
+ */
is_ours = FALSE;
}

6
harden_accounts-daemon.service.patch
View File

@ -1,7 +1,7 @@
Index: accountsservice-22.04.62/data/accounts-daemon.service.in
Index: accountsservice-0.6.55/data/accounts-daemon.service.in
===================================================================
--- accountsservice-22.04.62.orig/data/accounts-daemon.service.in
+++ accountsservice-22.04.62/data/accounts-daemon.service.in
--- accountsservice-0.6.55.orig/data/accounts-daemon.service.in
+++ accountsservice-0.6.55/data/accounts-daemon.service.in
@@ -8,6 +8,15 @@ After=nss-user-lookup.target
Wants=nss-user-lookup.target