From 16e1cbd57a1a16185d01f8221bcb9a50bf8aae1ba5f82bd35754b74102999ed6 Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Sun, 24 Apr 2016 09:09:30 +0000 Subject: [PATCH] Accepting request 390629 from home:pluskalm:branches:Base:System - Update to version 0.11+git.20130926: * Pass uid of caller to polkit * build-sys: since clock_gettime() moved to libc use mq_open to check for librt * systemd: update sd-daemon.[ch] - Drop upstreamed patches * rtkit-bnc836939.patch * rtkit-use-system-sd-daemon.patch - Add _service - Cleanup spec file with spec-cleaner - Drop support for pre systemd ditributions - Add rc symlink for service - Use more strict ldflags OBS-URL: https://build.opensuse.org/request/show/390629 OBS-URL: https://build.opensuse.org/package/show/Base:System/rtkit?expand=0&rev=30 --- rtkit-0.11+git.20130926.tar.xz | 3 ++ rtkit-0.11_git201205151338.tar.xz | 3 -- rtkit-bnc836939.patch | 43 ---------------- rtkit-use-system-sd-daemon.patch | 37 -------------- rtkit.changes | 17 +++++++ rtkit.spec | 82 +++++++++++++------------------ 6 files changed, 53 insertions(+), 132 deletions(-) create mode 100644 rtkit-0.11+git.20130926.tar.xz delete mode 100644 rtkit-0.11_git201205151338.tar.xz delete mode 100644 rtkit-bnc836939.patch delete mode 100644 rtkit-use-system-sd-daemon.patch diff --git a/rtkit-0.11+git.20130926.tar.xz b/rtkit-0.11+git.20130926.tar.xz new file mode 100644 index 0000000..6e7afb3 --- /dev/null +++ b/rtkit-0.11+git.20130926.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:12f45e990e24aa643df6e30979fdbab19ad6c2a7563af2c9ead8821f6c93b024 +size 42940 diff --git a/rtkit-0.11_git201205151338.tar.xz b/rtkit-0.11_git201205151338.tar.xz deleted file mode 100644 index 3e44d85..0000000 --- a/rtkit-0.11_git201205151338.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:815116739ba385bf1827033c1218d1c41911fbf5739ef674d9a5ba6ed49dd418 -size 42984 diff --git a/rtkit-bnc836939.patch b/rtkit-bnc836939.patch deleted file mode 100644 index 205777f..0000000 --- a/rtkit-bnc836939.patch +++ /dev/null @@ -1,43 +0,0 @@ -commit 88d4082ef6caf6b071d749dca1c50e7edde914cc -Author: Colin Walters -Date: Thu Aug 22 16:05:22 2013 -0400 - - Pass uid of caller to polkit - - Otherwise, we force polkit to look up the uid itself in /proc, which - is racy if they execve() a setuid binary. - -diff --git a/rtkit-daemon.c b/rtkit-daemon.c -index 2ebe673..3ecc1f7 100644 ---- a/rtkit-daemon.c -+++ b/rtkit-daemon.c -@@ -1170,12 +1170,14 @@ static int verify_polkit(DBusConnection *c, struct rtkit_user *u, struct process - DBusMessage *m = NULL, *r = NULL; - const char *unix_process = "unix-process"; - const char *pid = "pid"; -+ const char *uid = "uid"; - const char *start_time = "start-time"; - const char *cancel_id = ""; - uint32_t flags = 0; - uint32_t pid_u32 = p->pid; -- uint64_t start_time_u64 = p->starttime; -+ uint32_t uid_u32 = (uint32_t)u->uid; - DBusMessageIter iter_msg, iter_struct, iter_array, iter_dict, iter_variant; -+ uint64_t start_time_u64 = p->starttime; - int ret; - dbus_bool_t authorized = FALSE; - -@@ -1206,6 +1208,13 @@ static int verify_polkit(DBusConnection *c, struct rtkit_user *u, struct process - assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant)); - assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict)); - -+ assert_se(dbus_message_iter_open_container(&iter_array, DBUS_TYPE_DICT_ENTRY, NULL, &iter_dict)); -+ assert_se(dbus_message_iter_append_basic(&iter_dict, DBUS_TYPE_STRING, &uid)); -+ assert_se(dbus_message_iter_open_container(&iter_dict, DBUS_TYPE_VARIANT, "u", &iter_variant)); -+ assert_se(dbus_message_iter_append_basic(&iter_variant, DBUS_TYPE_UINT32, &uid_u32)); -+ assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant)); -+ assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict)); -+ - assert_se(dbus_message_iter_close_container(&iter_struct, &iter_array)); - assert_se(dbus_message_iter_close_container(&iter_msg, &iter_struct)); - diff --git a/rtkit-use-system-sd-daemon.patch b/rtkit-use-system-sd-daemon.patch deleted file mode 100644 index aadfee5..0000000 --- a/rtkit-use-system-sd-daemon.patch +++ /dev/null @@ -1,37 +0,0 @@ -diff --git a/Makefile.am b/Makefile.am -index febc355..611cf14 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -56,13 +56,16 @@ systemdsystemunit_DATA = \ - endif - - rtkit_daemon_SOURCES = \ -- rtkit-daemon.c rtkit.h \ -- sd-daemon.c sd-daemon.h -+ rtkit-daemon.c rtkit.h -+ - rtkit_daemon_LDADD = \ -- $(DBUS_LIBS) -+ $(DBUS_LIBS) \ -+ $(SD_DAEMON_LIBS) -+ - rtkit_daemon_CFLAGS = \ - $(AM_CFLAGS) \ -- $(DBUS_CFLAGS) -+ $(DBUS_CFLAGS) \ -+ $(SD_DAEMON_CFLAGS) - - rtkitctl_SOURCES = \ - rtkitctl.c rtkit.h -diff --git a/configure.ac b/configure.ac -index 5a77363..2806def 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -115,6 +115,7 @@ AC_SEARCH_LIBS([clock_gettime], [rt]) - AC_SEARCH_LIBS([cap_init], [cap]) - - PKG_CHECK_MODULES(DBUS, dbus-1) -+PKG_CHECK_MODULES([SD_DAEMON], libsystemd-daemon) - - AC_ARG_WITH([systemdsystemunitdir], - AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]), diff --git a/rtkit.changes b/rtkit.changes index 2ecb06b..2c59488 100644 --- a/rtkit.changes +++ b/rtkit.changes @@ -1,3 +1,20 @@ +------------------------------------------------------------------- +Mon Apr 18 19:58:57 UTC 2016 - mpluskal@suse.com + +- Update to version 0.11+git.20130926: + * Pass uid of caller to polkit + * build-sys: since clock_gettime() moved to libc use mq_open to + check for librt + * systemd: update sd-daemon.[ch] +- Drop upstreamed patches + * rtkit-bnc836939.patch + * rtkit-use-system-sd-daemon.patch +- Add _service +- Cleanup spec file with spec-cleaner +- Drop support for pre systemd ditributions +- Add rc symlink for service +- Use more strict ldflags + ------------------------------------------------------------------- Thu Jan 1 21:49:33 UTC 2015 - meissner@suse.com diff --git a/rtkit.spec b/rtkit.spec index 86fabd4..a520cb4 100644 --- a/rtkit.spec +++ b/rtkit.spec @@ -1,7 +1,7 @@ # # spec file for package rtkit # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,86 +17,71 @@ Name: rtkit +Version: 0.11+git.20130926 +Release: 0 Summary: Realtime Policy and Watchdog Daemon License: GPL-3.0+ and BSD-3-Clause Group: System/Base -Version: 0.11_git201205151338 -Release: 0 -# The daemon itself is GPL v3 or later, the reference implementation for the client BSD-3-Clause -Source: %{name}-%{version}.tar.xz +# The daemon itself is GPL v3 or later, the reference implementation for +# the client BSD-3-Clause Url: http://git.0pointer.de/?p=rtkit.git -BuildRoot: %{_tmppath}/%{name}-%{version}-build -BuildRequires: automake -BuildRequires: dbus-1-devel >= 1.2 -BuildRequires: libcap-devel -BuildRequires: polkit-devel -BuildRequires: xz -Requires: polkit -PreReq: dbus-1 -%if 0%{?suse_version} > 1140 -BuildRequires: pkgconfig(libsystemd-daemon) -%{?systemd_requires} -%define has_systemd 1 -%endif -Patch0: rtkit-use-system-sd-daemon.patch -# PATCH-FIX-UPSTREAM rtkit-bnc836939.patch sreeves@suse.com -- use of insecure polkit DBUS API -Patch1: rtkit-bnc836939.patch +Source: %{name}-%{version}.tar.xz Patch2: rtkit-no-cpu-controlgroup.patch +BuildRequires: automake +BuildRequires: libcap-devel +BuildRequires: pkg-config +BuildRequires: xz +BuildRequires: pkgconfig(dbus-1) >= 1.2 +BuildRequires: pkgconfig(libsystemd-daemon) +BuildRequires: pkgconfig(polkit-agent-1) +BuildRequires: pkgconfig(polkit-gobject-1) +Requires: polkit +Requires(pre): dbus-1 +BuildRoot: %{_tmppath}/%{name}-%{version}-build %description -RealtimeKit is a D-Bus system service that changes the -scheduling policy of user processes/threads to SCHED_RR (i.e. realtime -scheduling mode) on request. It is intended to be used as a secure -mechanism to allow real-time scheduling to be used by normal user -processes. +RealtimeKit is a D-Bus system service that changes the scheduling policy of +user processes/threads to SCHED_RR (i.e. realtime scheduling mode) on +request. It is intended to be used as a secure mechanism to allow real-time +scheduling to be used by normal user processes. %prep %setup -q -%patch0 -p1 -%patch1 -p1 %patch2 -p1 %build autoreconf -fiv -export CFLAGS="$RPM_OPT_FLAGS -fPIE" -export LDFLAGS="-pie" -%configure --disable-silent-rules \ -%if 0%{?has_systemd} ---with-systemdsystemunitdir=%{_unitdir} \ -%endif ---libexecdir=%{_libexecdir}/rtkit +export CFLAGS="%{optflags} -fPIE" +export LDFLAGS="-Wl,-z,relro,-z,now -pie" +%configure \ + --disable-silent-rules \ + --with-systemdsystemunitdir=%{_unitdir} \ + --libexecdir=%{_libexecdir}/rtkit make %{?_smp_mflags} ./rtkit-daemon --introspect > org.freedesktop.RealtimeKit1.xml %install -%makeinstall -install -D org.freedesktop.RealtimeKit1.xml $RPM_BUILD_ROOT/%{_datadir}/dbus-1/interfaces/org.freedesktop.RealtimeKit1.xml +make %{?_smp_mflags} DESTDIR=%{buildroot} install +ln -sv %{_sbindir}/service %{buildroot}%{_sbindir}/rcrtkit-daemon +install -D -m 0644 org.freedesktop.RealtimeKit1.xml %{buildroot}/%{_datadir}/dbus-1/interfaces/org.freedesktop.RealtimeKit1.xml %preun -%if 0%{?has_systemd} %service_del_preun rtkit-daemon.service -%endif %pre groupadd -r rtkit >/dev/null 2>&1 || : -/usr/bin/id rtkit >/dev/null 2>&1 || \ +%{_bindir}/id rtkit >/dev/null 2>&1 || \ useradd -r -g rtkit -c 'RealtimeKit' -s /bin/false -d /proc rtkit -%if 0%{?has_systemd} %service_add_pre rtkit-daemon.service -%endif %post dbus-send --system --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig >/dev/null 2>&1 || : -%if 0%{?has_systemd} %service_add_post rtkit-daemon.service -%endif %postun -%if 0%{?has_systemd} %service_del_postun rtkit-daemon.service -%endif %files %defattr(0644,root,root,0755) @@ -108,9 +93,8 @@ dbus-send --system --type=method_call --dest=org.freedesktop.DBus / org.freedesk %{_datadir}/dbus-1/interfaces/org.freedesktop.RealtimeKit1.xml %{_datadir}/polkit-1/actions/org.freedesktop.RealtimeKit1.policy %{_sysconfdir}/dbus-1/system.d/org.freedesktop.RealtimeKit1.conf -%{_mandir}/man8/rtkitctl.* -%if 0%{?has_systemd} +%{_mandir}/man8/rtkitctl.8%{ext_man} +%{_sbindir}/rcrtkit-daemon %{_unitdir}/rtkit-daemon.service -%endif %changelog