Accepting request 390629 from home:pluskalm:branches:Base:System
- Update to version 0.11+git.20130926: * Pass uid of caller to polkit * build-sys: since clock_gettime() moved to libc use mq_open to check for librt * systemd: update sd-daemon.[ch] - Drop upstreamed patches * rtkit-bnc836939.patch * rtkit-use-system-sd-daemon.patch - Add _service - Cleanup spec file with spec-cleaner - Drop support for pre systemd ditributions - Add rc symlink for service - Use more strict ldflags OBS-URL: https://build.opensuse.org/request/show/390629 OBS-URL: https://build.opensuse.org/package/show/Base:System/rtkit?expand=0&rev=30
This commit is contained in:
parent
a833c6b552
commit
16e1cbd57a
3
rtkit-0.11+git.20130926.tar.xz
Normal file
3
rtkit-0.11+git.20130926.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:12f45e990e24aa643df6e30979fdbab19ad6c2a7563af2c9ead8821f6c93b024
|
||||
size 42940
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:815116739ba385bf1827033c1218d1c41911fbf5739ef674d9a5ba6ed49dd418
|
||||
size 42984
|
@ -1,43 +0,0 @@
|
||||
commit 88d4082ef6caf6b071d749dca1c50e7edde914cc
|
||||
Author: Colin Walters <walters@verbum.org>
|
||||
Date: Thu Aug 22 16:05:22 2013 -0400
|
||||
|
||||
Pass uid of caller to polkit
|
||||
|
||||
Otherwise, we force polkit to look up the uid itself in /proc, which
|
||||
is racy if they execve() a setuid binary.
|
||||
|
||||
diff --git a/rtkit-daemon.c b/rtkit-daemon.c
|
||||
index 2ebe673..3ecc1f7 100644
|
||||
--- a/rtkit-daemon.c
|
||||
+++ b/rtkit-daemon.c
|
||||
@@ -1170,12 +1170,14 @@ static int verify_polkit(DBusConnection *c, struct rtkit_user *u, struct process
|
||||
DBusMessage *m = NULL, *r = NULL;
|
||||
const char *unix_process = "unix-process";
|
||||
const char *pid = "pid";
|
||||
+ const char *uid = "uid";
|
||||
const char *start_time = "start-time";
|
||||
const char *cancel_id = "";
|
||||
uint32_t flags = 0;
|
||||
uint32_t pid_u32 = p->pid;
|
||||
- uint64_t start_time_u64 = p->starttime;
|
||||
+ uint32_t uid_u32 = (uint32_t)u->uid;
|
||||
DBusMessageIter iter_msg, iter_struct, iter_array, iter_dict, iter_variant;
|
||||
+ uint64_t start_time_u64 = p->starttime;
|
||||
int ret;
|
||||
dbus_bool_t authorized = FALSE;
|
||||
|
||||
@@ -1206,6 +1208,13 @@ static int verify_polkit(DBusConnection *c, struct rtkit_user *u, struct process
|
||||
assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant));
|
||||
assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict));
|
||||
|
||||
+ assert_se(dbus_message_iter_open_container(&iter_array, DBUS_TYPE_DICT_ENTRY, NULL, &iter_dict));
|
||||
+ assert_se(dbus_message_iter_append_basic(&iter_dict, DBUS_TYPE_STRING, &uid));
|
||||
+ assert_se(dbus_message_iter_open_container(&iter_dict, DBUS_TYPE_VARIANT, "u", &iter_variant));
|
||||
+ assert_se(dbus_message_iter_append_basic(&iter_variant, DBUS_TYPE_UINT32, &uid_u32));
|
||||
+ assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant));
|
||||
+ assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict));
|
||||
+
|
||||
assert_se(dbus_message_iter_close_container(&iter_struct, &iter_array));
|
||||
assert_se(dbus_message_iter_close_container(&iter_msg, &iter_struct));
|
||||
|
@ -1,37 +0,0 @@
|
||||
diff --git a/Makefile.am b/Makefile.am
|
||||
index febc355..611cf14 100644
|
||||
--- a/Makefile.am
|
||||
+++ b/Makefile.am
|
||||
@@ -56,13 +56,16 @@ systemdsystemunit_DATA = \
|
||||
endif
|
||||
|
||||
rtkit_daemon_SOURCES = \
|
||||
- rtkit-daemon.c rtkit.h \
|
||||
- sd-daemon.c sd-daemon.h
|
||||
+ rtkit-daemon.c rtkit.h
|
||||
+
|
||||
rtkit_daemon_LDADD = \
|
||||
- $(DBUS_LIBS)
|
||||
+ $(DBUS_LIBS) \
|
||||
+ $(SD_DAEMON_LIBS)
|
||||
+
|
||||
rtkit_daemon_CFLAGS = \
|
||||
$(AM_CFLAGS) \
|
||||
- $(DBUS_CFLAGS)
|
||||
+ $(DBUS_CFLAGS) \
|
||||
+ $(SD_DAEMON_CFLAGS)
|
||||
|
||||
rtkitctl_SOURCES = \
|
||||
rtkitctl.c rtkit.h
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index 5a77363..2806def 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -115,6 +115,7 @@ AC_SEARCH_LIBS([clock_gettime], [rt])
|
||||
AC_SEARCH_LIBS([cap_init], [cap])
|
||||
|
||||
PKG_CHECK_MODULES(DBUS, dbus-1)
|
||||
+PKG_CHECK_MODULES([SD_DAEMON], libsystemd-daemon)
|
||||
|
||||
AC_ARG_WITH([systemdsystemunitdir],
|
||||
AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]),
|
@ -1,3 +1,20 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Apr 18 19:58:57 UTC 2016 - mpluskal@suse.com
|
||||
|
||||
- Update to version 0.11+git.20130926:
|
||||
* Pass uid of caller to polkit
|
||||
* build-sys: since clock_gettime() moved to libc use mq_open to
|
||||
check for librt
|
||||
* systemd: update sd-daemon.[ch]
|
||||
- Drop upstreamed patches
|
||||
* rtkit-bnc836939.patch
|
||||
* rtkit-use-system-sd-daemon.patch
|
||||
- Add _service
|
||||
- Cleanup spec file with spec-cleaner
|
||||
- Drop support for pre systemd ditributions
|
||||
- Add rc symlink for service
|
||||
- Use more strict ldflags
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 1 21:49:33 UTC 2015 - meissner@suse.com
|
||||
|
||||
|
82
rtkit.spec
82
rtkit.spec
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package rtkit
|
||||
#
|
||||
# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -17,86 +17,71 @@
|
||||
|
||||
|
||||
Name: rtkit
|
||||
Version: 0.11+git.20130926
|
||||
Release: 0
|
||||
Summary: Realtime Policy and Watchdog Daemon
|
||||
License: GPL-3.0+ and BSD-3-Clause
|
||||
Group: System/Base
|
||||
Version: 0.11_git201205151338
|
||||
Release: 0
|
||||
# The daemon itself is GPL v3 or later, the reference implementation for the client BSD-3-Clause
|
||||
Source: %{name}-%{version}.tar.xz
|
||||
# The daemon itself is GPL v3 or later, the reference implementation for
|
||||
# the client BSD-3-Clause
|
||||
Url: http://git.0pointer.de/?p=rtkit.git
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
BuildRequires: automake
|
||||
BuildRequires: dbus-1-devel >= 1.2
|
||||
BuildRequires: libcap-devel
|
||||
BuildRequires: polkit-devel
|
||||
BuildRequires: xz
|
||||
Requires: polkit
|
||||
PreReq: dbus-1
|
||||
%if 0%{?suse_version} > 1140
|
||||
BuildRequires: pkgconfig(libsystemd-daemon)
|
||||
%{?systemd_requires}
|
||||
%define has_systemd 1
|
||||
%endif
|
||||
Patch0: rtkit-use-system-sd-daemon.patch
|
||||
# PATCH-FIX-UPSTREAM rtkit-bnc836939.patch sreeves@suse.com -- use of insecure polkit DBUS API
|
||||
Patch1: rtkit-bnc836939.patch
|
||||
Source: %{name}-%{version}.tar.xz
|
||||
Patch2: rtkit-no-cpu-controlgroup.patch
|
||||
BuildRequires: automake
|
||||
BuildRequires: libcap-devel
|
||||
BuildRequires: pkg-config
|
||||
BuildRequires: xz
|
||||
BuildRequires: pkgconfig(dbus-1) >= 1.2
|
||||
BuildRequires: pkgconfig(libsystemd-daemon)
|
||||
BuildRequires: pkgconfig(polkit-agent-1)
|
||||
BuildRequires: pkgconfig(polkit-gobject-1)
|
||||
Requires: polkit
|
||||
Requires(pre): dbus-1
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
|
||||
%description
|
||||
RealtimeKit is a D-Bus system service that changes the
|
||||
scheduling policy of user processes/threads to SCHED_RR (i.e. realtime
|
||||
scheduling mode) on request. It is intended to be used as a secure
|
||||
mechanism to allow real-time scheduling to be used by normal user
|
||||
processes.
|
||||
RealtimeKit is a D-Bus system service that changes the scheduling policy of
|
||||
user processes/threads to SCHED_RR (i.e. realtime scheduling mode) on
|
||||
request. It is intended to be used as a secure mechanism to allow real-time
|
||||
scheduling to be used by normal user processes.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
|
||||
%build
|
||||
autoreconf -fiv
|
||||
export CFLAGS="$RPM_OPT_FLAGS -fPIE"
|
||||
export LDFLAGS="-pie"
|
||||
%configure --disable-silent-rules \
|
||||
%if 0%{?has_systemd}
|
||||
--with-systemdsystemunitdir=%{_unitdir} \
|
||||
%endif
|
||||
--libexecdir=%{_libexecdir}/rtkit
|
||||
export CFLAGS="%{optflags} -fPIE"
|
||||
export LDFLAGS="-Wl,-z,relro,-z,now -pie"
|
||||
%configure \
|
||||
--disable-silent-rules \
|
||||
--with-systemdsystemunitdir=%{_unitdir} \
|
||||
--libexecdir=%{_libexecdir}/rtkit
|
||||
|
||||
make %{?_smp_mflags}
|
||||
./rtkit-daemon --introspect > org.freedesktop.RealtimeKit1.xml
|
||||
|
||||
%install
|
||||
%makeinstall
|
||||
install -D org.freedesktop.RealtimeKit1.xml $RPM_BUILD_ROOT/%{_datadir}/dbus-1/interfaces/org.freedesktop.RealtimeKit1.xml
|
||||
make %{?_smp_mflags} DESTDIR=%{buildroot} install
|
||||
ln -sv %{_sbindir}/service %{buildroot}%{_sbindir}/rcrtkit-daemon
|
||||
install -D -m 0644 org.freedesktop.RealtimeKit1.xml %{buildroot}/%{_datadir}/dbus-1/interfaces/org.freedesktop.RealtimeKit1.xml
|
||||
|
||||
%preun
|
||||
%if 0%{?has_systemd}
|
||||
%service_del_preun rtkit-daemon.service
|
||||
%endif
|
||||
|
||||
%pre
|
||||
groupadd -r rtkit >/dev/null 2>&1 || :
|
||||
/usr/bin/id rtkit >/dev/null 2>&1 || \
|
||||
%{_bindir}/id rtkit >/dev/null 2>&1 || \
|
||||
useradd -r -g rtkit -c 'RealtimeKit' -s /bin/false -d /proc rtkit
|
||||
|
||||
%if 0%{?has_systemd}
|
||||
%service_add_pre rtkit-daemon.service
|
||||
%endif
|
||||
|
||||
%post
|
||||
dbus-send --system --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig >/dev/null 2>&1 || :
|
||||
%if 0%{?has_systemd}
|
||||
%service_add_post rtkit-daemon.service
|
||||
%endif
|
||||
|
||||
%postun
|
||||
%if 0%{?has_systemd}
|
||||
%service_del_postun rtkit-daemon.service
|
||||
%endif
|
||||
|
||||
%files
|
||||
%defattr(0644,root,root,0755)
|
||||
@ -108,9 +93,8 @@ dbus-send --system --type=method_call --dest=org.freedesktop.DBus / org.freedesk
|
||||
%{_datadir}/dbus-1/interfaces/org.freedesktop.RealtimeKit1.xml
|
||||
%{_datadir}/polkit-1/actions/org.freedesktop.RealtimeKit1.policy
|
||||
%{_sysconfdir}/dbus-1/system.d/org.freedesktop.RealtimeKit1.conf
|
||||
%{_mandir}/man8/rtkitctl.*
|
||||
%if 0%{?has_systemd}
|
||||
%{_mandir}/man8/rtkitctl.8%{ext_man}
|
||||
%{_sbindir}/rcrtkit-daemon
|
||||
%{_unitdir}/rtkit-daemon.service
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
|
Loading…
Reference in New Issue
Block a user