Accepting request 390629 from home:pluskalm:branches:Base:System
- Update to version 0.11+git.20130926: * Pass uid of caller to polkit * build-sys: since clock_gettime() moved to libc use mq_open to check for librt * systemd: update sd-daemon.[ch] - Drop upstreamed patches * rtkit-bnc836939.patch * rtkit-use-system-sd-daemon.patch - Add _service - Cleanup spec file with spec-cleaner - Drop support for pre systemd ditributions - Add rc symlink for service - Use more strict ldflags OBS-URL: https://build.opensuse.org/request/show/390629 OBS-URL: https://build.opensuse.org/package/show/Base:System/rtkit?expand=0&rev=30
This commit is contained in:
parent
a833c6b552
commit
16e1cbd57a
3
rtkit-0.11+git.20130926.tar.xz
Normal file
3
rtkit-0.11+git.20130926.tar.xz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:12f45e990e24aa643df6e30979fdbab19ad6c2a7563af2c9ead8821f6c93b024
|
||||||
|
size 42940
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:815116739ba385bf1827033c1218d1c41911fbf5739ef674d9a5ba6ed49dd418
|
|
||||||
size 42984
|
|
@ -1,43 +0,0 @@
|
|||||||
commit 88d4082ef6caf6b071d749dca1c50e7edde914cc
|
|
||||||
Author: Colin Walters <walters@verbum.org>
|
|
||||||
Date: Thu Aug 22 16:05:22 2013 -0400
|
|
||||||
|
|
||||||
Pass uid of caller to polkit
|
|
||||||
|
|
||||||
Otherwise, we force polkit to look up the uid itself in /proc, which
|
|
||||||
is racy if they execve() a setuid binary.
|
|
||||||
|
|
||||||
diff --git a/rtkit-daemon.c b/rtkit-daemon.c
|
|
||||||
index 2ebe673..3ecc1f7 100644
|
|
||||||
--- a/rtkit-daemon.c
|
|
||||||
+++ b/rtkit-daemon.c
|
|
||||||
@@ -1170,12 +1170,14 @@ static int verify_polkit(DBusConnection *c, struct rtkit_user *u, struct process
|
|
||||||
DBusMessage *m = NULL, *r = NULL;
|
|
||||||
const char *unix_process = "unix-process";
|
|
||||||
const char *pid = "pid";
|
|
||||||
+ const char *uid = "uid";
|
|
||||||
const char *start_time = "start-time";
|
|
||||||
const char *cancel_id = "";
|
|
||||||
uint32_t flags = 0;
|
|
||||||
uint32_t pid_u32 = p->pid;
|
|
||||||
- uint64_t start_time_u64 = p->starttime;
|
|
||||||
+ uint32_t uid_u32 = (uint32_t)u->uid;
|
|
||||||
DBusMessageIter iter_msg, iter_struct, iter_array, iter_dict, iter_variant;
|
|
||||||
+ uint64_t start_time_u64 = p->starttime;
|
|
||||||
int ret;
|
|
||||||
dbus_bool_t authorized = FALSE;
|
|
||||||
|
|
||||||
@@ -1206,6 +1208,13 @@ static int verify_polkit(DBusConnection *c, struct rtkit_user *u, struct process
|
|
||||||
assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant));
|
|
||||||
assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict));
|
|
||||||
|
|
||||||
+ assert_se(dbus_message_iter_open_container(&iter_array, DBUS_TYPE_DICT_ENTRY, NULL, &iter_dict));
|
|
||||||
+ assert_se(dbus_message_iter_append_basic(&iter_dict, DBUS_TYPE_STRING, &uid));
|
|
||||||
+ assert_se(dbus_message_iter_open_container(&iter_dict, DBUS_TYPE_VARIANT, "u", &iter_variant));
|
|
||||||
+ assert_se(dbus_message_iter_append_basic(&iter_variant, DBUS_TYPE_UINT32, &uid_u32));
|
|
||||||
+ assert_se(dbus_message_iter_close_container(&iter_dict, &iter_variant));
|
|
||||||
+ assert_se(dbus_message_iter_close_container(&iter_array, &iter_dict));
|
|
||||||
+
|
|
||||||
assert_se(dbus_message_iter_close_container(&iter_struct, &iter_array));
|
|
||||||
assert_se(dbus_message_iter_close_container(&iter_msg, &iter_struct));
|
|
||||||
|
|
@ -1,37 +0,0 @@
|
|||||||
diff --git a/Makefile.am b/Makefile.am
|
|
||||||
index febc355..611cf14 100644
|
|
||||||
--- a/Makefile.am
|
|
||||||
+++ b/Makefile.am
|
|
||||||
@@ -56,13 +56,16 @@ systemdsystemunit_DATA = \
|
|
||||||
endif
|
|
||||||
|
|
||||||
rtkit_daemon_SOURCES = \
|
|
||||||
- rtkit-daemon.c rtkit.h \
|
|
||||||
- sd-daemon.c sd-daemon.h
|
|
||||||
+ rtkit-daemon.c rtkit.h
|
|
||||||
+
|
|
||||||
rtkit_daemon_LDADD = \
|
|
||||||
- $(DBUS_LIBS)
|
|
||||||
+ $(DBUS_LIBS) \
|
|
||||||
+ $(SD_DAEMON_LIBS)
|
|
||||||
+
|
|
||||||
rtkit_daemon_CFLAGS = \
|
|
||||||
$(AM_CFLAGS) \
|
|
||||||
- $(DBUS_CFLAGS)
|
|
||||||
+ $(DBUS_CFLAGS) \
|
|
||||||
+ $(SD_DAEMON_CFLAGS)
|
|
||||||
|
|
||||||
rtkitctl_SOURCES = \
|
|
||||||
rtkitctl.c rtkit.h
|
|
||||||
diff --git a/configure.ac b/configure.ac
|
|
||||||
index 5a77363..2806def 100644
|
|
||||||
--- a/configure.ac
|
|
||||||
+++ b/configure.ac
|
|
||||||
@@ -115,6 +115,7 @@ AC_SEARCH_LIBS([clock_gettime], [rt])
|
|
||||||
AC_SEARCH_LIBS([cap_init], [cap])
|
|
||||||
|
|
||||||
PKG_CHECK_MODULES(DBUS, dbus-1)
|
|
||||||
+PKG_CHECK_MODULES([SD_DAEMON], libsystemd-daemon)
|
|
||||||
|
|
||||||
AC_ARG_WITH([systemdsystemunitdir],
|
|
||||||
AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files]),
|
|
@ -1,3 +1,20 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Apr 18 19:58:57 UTC 2016 - mpluskal@suse.com
|
||||||
|
|
||||||
|
- Update to version 0.11+git.20130926:
|
||||||
|
* Pass uid of caller to polkit
|
||||||
|
* build-sys: since clock_gettime() moved to libc use mq_open to
|
||||||
|
check for librt
|
||||||
|
* systemd: update sd-daemon.[ch]
|
||||||
|
- Drop upstreamed patches
|
||||||
|
* rtkit-bnc836939.patch
|
||||||
|
* rtkit-use-system-sd-daemon.patch
|
||||||
|
- Add _service
|
||||||
|
- Cleanup spec file with spec-cleaner
|
||||||
|
- Drop support for pre systemd ditributions
|
||||||
|
- Add rc symlink for service
|
||||||
|
- Use more strict ldflags
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Jan 1 21:49:33 UTC 2015 - meissner@suse.com
|
Thu Jan 1 21:49:33 UTC 2015 - meissner@suse.com
|
||||||
|
|
||||||
|
82
rtkit.spec
82
rtkit.spec
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package rtkit
|
# spec file for package rtkit
|
||||||
#
|
#
|
||||||
# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
# remain the property of their copyright owners, unless otherwise agreed
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
@ -17,86 +17,71 @@
|
|||||||
|
|
||||||
|
|
||||||
Name: rtkit
|
Name: rtkit
|
||||||
|
Version: 0.11+git.20130926
|
||||||
|
Release: 0
|
||||||
Summary: Realtime Policy and Watchdog Daemon
|
Summary: Realtime Policy and Watchdog Daemon
|
||||||
License: GPL-3.0+ and BSD-3-Clause
|
License: GPL-3.0+ and BSD-3-Clause
|
||||||
Group: System/Base
|
Group: System/Base
|
||||||
Version: 0.11_git201205151338
|
# The daemon itself is GPL v3 or later, the reference implementation for
|
||||||
Release: 0
|
# the client BSD-3-Clause
|
||||||
# The daemon itself is GPL v3 or later, the reference implementation for the client BSD-3-Clause
|
|
||||||
Source: %{name}-%{version}.tar.xz
|
|
||||||
Url: http://git.0pointer.de/?p=rtkit.git
|
Url: http://git.0pointer.de/?p=rtkit.git
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
Source: %{name}-%{version}.tar.xz
|
||||||
BuildRequires: automake
|
|
||||||
BuildRequires: dbus-1-devel >= 1.2
|
|
||||||
BuildRequires: libcap-devel
|
|
||||||
BuildRequires: polkit-devel
|
|
||||||
BuildRequires: xz
|
|
||||||
Requires: polkit
|
|
||||||
PreReq: dbus-1
|
|
||||||
%if 0%{?suse_version} > 1140
|
|
||||||
BuildRequires: pkgconfig(libsystemd-daemon)
|
|
||||||
%{?systemd_requires}
|
|
||||||
%define has_systemd 1
|
|
||||||
%endif
|
|
||||||
Patch0: rtkit-use-system-sd-daemon.patch
|
|
||||||
# PATCH-FIX-UPSTREAM rtkit-bnc836939.patch sreeves@suse.com -- use of insecure polkit DBUS API
|
|
||||||
Patch1: rtkit-bnc836939.patch
|
|
||||||
Patch2: rtkit-no-cpu-controlgroup.patch
|
Patch2: rtkit-no-cpu-controlgroup.patch
|
||||||
|
BuildRequires: automake
|
||||||
|
BuildRequires: libcap-devel
|
||||||
|
BuildRequires: pkg-config
|
||||||
|
BuildRequires: xz
|
||||||
|
BuildRequires: pkgconfig(dbus-1) >= 1.2
|
||||||
|
BuildRequires: pkgconfig(libsystemd-daemon)
|
||||||
|
BuildRequires: pkgconfig(polkit-agent-1)
|
||||||
|
BuildRequires: pkgconfig(polkit-gobject-1)
|
||||||
|
Requires: polkit
|
||||||
|
Requires(pre): dbus-1
|
||||||
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
|
|
||||||
%description
|
%description
|
||||||
RealtimeKit is a D-Bus system service that changes the
|
RealtimeKit is a D-Bus system service that changes the scheduling policy of
|
||||||
scheduling policy of user processes/threads to SCHED_RR (i.e. realtime
|
user processes/threads to SCHED_RR (i.e. realtime scheduling mode) on
|
||||||
scheduling mode) on request. It is intended to be used as a secure
|
request. It is intended to be used as a secure mechanism to allow real-time
|
||||||
mechanism to allow real-time scheduling to be used by normal user
|
scheduling to be used by normal user processes.
|
||||||
processes.
|
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
%patch0 -p1
|
|
||||||
%patch1 -p1
|
|
||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
autoreconf -fiv
|
autoreconf -fiv
|
||||||
export CFLAGS="$RPM_OPT_FLAGS -fPIE"
|
export CFLAGS="%{optflags} -fPIE"
|
||||||
export LDFLAGS="-pie"
|
export LDFLAGS="-Wl,-z,relro,-z,now -pie"
|
||||||
%configure --disable-silent-rules \
|
%configure \
|
||||||
%if 0%{?has_systemd}
|
--disable-silent-rules \
|
||||||
--with-systemdsystemunitdir=%{_unitdir} \
|
--with-systemdsystemunitdir=%{_unitdir} \
|
||||||
%endif
|
--libexecdir=%{_libexecdir}/rtkit
|
||||||
--libexecdir=%{_libexecdir}/rtkit
|
|
||||||
|
|
||||||
make %{?_smp_mflags}
|
make %{?_smp_mflags}
|
||||||
./rtkit-daemon --introspect > org.freedesktop.RealtimeKit1.xml
|
./rtkit-daemon --introspect > org.freedesktop.RealtimeKit1.xml
|
||||||
|
|
||||||
%install
|
%install
|
||||||
%makeinstall
|
make %{?_smp_mflags} DESTDIR=%{buildroot} install
|
||||||
install -D org.freedesktop.RealtimeKit1.xml $RPM_BUILD_ROOT/%{_datadir}/dbus-1/interfaces/org.freedesktop.RealtimeKit1.xml
|
ln -sv %{_sbindir}/service %{buildroot}%{_sbindir}/rcrtkit-daemon
|
||||||
|
install -D -m 0644 org.freedesktop.RealtimeKit1.xml %{buildroot}/%{_datadir}/dbus-1/interfaces/org.freedesktop.RealtimeKit1.xml
|
||||||
|
|
||||||
%preun
|
%preun
|
||||||
%if 0%{?has_systemd}
|
|
||||||
%service_del_preun rtkit-daemon.service
|
%service_del_preun rtkit-daemon.service
|
||||||
%endif
|
|
||||||
|
|
||||||
%pre
|
%pre
|
||||||
groupadd -r rtkit >/dev/null 2>&1 || :
|
groupadd -r rtkit >/dev/null 2>&1 || :
|
||||||
/usr/bin/id rtkit >/dev/null 2>&1 || \
|
%{_bindir}/id rtkit >/dev/null 2>&1 || \
|
||||||
useradd -r -g rtkit -c 'RealtimeKit' -s /bin/false -d /proc rtkit
|
useradd -r -g rtkit -c 'RealtimeKit' -s /bin/false -d /proc rtkit
|
||||||
|
|
||||||
%if 0%{?has_systemd}
|
|
||||||
%service_add_pre rtkit-daemon.service
|
%service_add_pre rtkit-daemon.service
|
||||||
%endif
|
|
||||||
|
|
||||||
%post
|
%post
|
||||||
dbus-send --system --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig >/dev/null 2>&1 || :
|
dbus-send --system --type=method_call --dest=org.freedesktop.DBus / org.freedesktop.DBus.ReloadConfig >/dev/null 2>&1 || :
|
||||||
%if 0%{?has_systemd}
|
|
||||||
%service_add_post rtkit-daemon.service
|
%service_add_post rtkit-daemon.service
|
||||||
%endif
|
|
||||||
|
|
||||||
%postun
|
%postun
|
||||||
%if 0%{?has_systemd}
|
|
||||||
%service_del_postun rtkit-daemon.service
|
%service_del_postun rtkit-daemon.service
|
||||||
%endif
|
|
||||||
|
|
||||||
%files
|
%files
|
||||||
%defattr(0644,root,root,0755)
|
%defattr(0644,root,root,0755)
|
||||||
@ -108,9 +93,8 @@ dbus-send --system --type=method_call --dest=org.freedesktop.DBus / org.freedesk
|
|||||||
%{_datadir}/dbus-1/interfaces/org.freedesktop.RealtimeKit1.xml
|
%{_datadir}/dbus-1/interfaces/org.freedesktop.RealtimeKit1.xml
|
||||||
%{_datadir}/polkit-1/actions/org.freedesktop.RealtimeKit1.policy
|
%{_datadir}/polkit-1/actions/org.freedesktop.RealtimeKit1.policy
|
||||||
%{_sysconfdir}/dbus-1/system.d/org.freedesktop.RealtimeKit1.conf
|
%{_sysconfdir}/dbus-1/system.d/org.freedesktop.RealtimeKit1.conf
|
||||||
%{_mandir}/man8/rtkitctl.*
|
%{_mandir}/man8/rtkitctl.8%{ext_man}
|
||||||
%if 0%{?has_systemd}
|
%{_sbindir}/rcrtkit-daemon
|
||||||
%{_unitdir}/rtkit-daemon.service
|
%{_unitdir}/rtkit-daemon.service
|
||||||
%endif
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
Loading…
Reference in New Issue
Block a user