commit: 1f88f2840e6677ad4615be7f5b3c58f63e392990 Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> AuthorDate: Fri Jan 6 22:22:29 2017 +0000 Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org> CommitDate: Fri Jan 6 22:22:29 2017 +0000 URL: https://gitweb.gentoo.org/proj/kde.git/commit/?id=1f88f284
sys-auth/elogind: Add init script, kernel checks Gentoo-bug: 599474 Thanks-to: Sven Eden <yamakuzure <AT> gmx.net> Initial ebuild and init script by Sven Eden, simplified by me. Package-Manager: portage-2.3.0 sys-auth/elogind/elogind-219.12-r3.ebuild | 90 ++++++++++++++ .../files/elogind-219.12-login1-perms.patch | 129 +++++++++++++++++++++ sys-auth/elogind/files/elogind.conf | 7 ++ sys-auth/elogind/files/elogind.init | 32 +++++ 4 files changed, 258 insertions(+) diff --git a/sys-auth/elogind/elogind-219.12-r3.ebuild b/sys-auth/elogind/elogind-219.12-r3.ebuild new file mode 100644 index 0000000..6029bac --- /dev/null +++ b/sys-auth/elogind/elogind-219.12-r3.ebuild @@ -0,0 +1,90 @@ +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=6 + +inherit autotools linux-info pam udev + +DESCRIPTION="The systemd project's logind, extracted to a standalone package" +HOMEPAGE="https://github.com/wingo/elogind" +SRC_URI="https://github.com/wingo/elogind/archive/v${PV}.tar.gz -> ${P}.tar.gz" + +LICENSE="CC0-1.0 LGPL-2.1+ public-domain" +SLOT="0" +KEYWORDS="~amd64 ~arm ~x86" +IUSE="acl apparmor pam policykit selinux +seccomp" + +COMMON_DEPEND=" + sys-libs/libcap + sys-apps/util-linux + virtual/libudev:= + acl? ( sys-apps/acl ) + apparmor? ( sys-libs/libapparmor ) + pam? ( virtual/pam ) + seccomp? ( sys-libs/libseccomp ) + selinux? ( sys-libs/libselinux ) +" +RDEPEND="${COMMON_DEPEND} + sys-apps/dbus + policykit? ( sys-auth/polkit ) + !sys-auth/systemd +" +DEPEND="${COMMON_DEPEND} + dev-util/gperf + dev-util/intltool + sys-devel/libtool + virtual/pkgconfig +" + +PATCHES=( + "${FILESDIR}/${PN}-docs.patch" + "${FILESDIR}/${PN}-lrt.patch" + "${FILESDIR}/${P}-session.patch" + "${FILESDIR}/${P}-login1-perms.patch" +) + +pkg_setup() { + local CONFIG_CHECK="~CGROUPS ~EPOLL ~INOTIFY_USER ~SECURITY_SMACK + ~SIGNALFD ~TIMERFD" + + use seccomp && CONFIG_CHECK+=" ~SECCOMP" + + if use kernel_linux; then + linux-info_pkg_setup + fi +} + +src_prepare() { + default + eautoreconf # Makefile.am patched by "${FILESDIR}/${PN}-{docs,lrt}.patch" +} + +src_configure() { + econf \ + --with-pamlibdir=$(getpam_mod_dir) \ + --with-udevrulesdir="$(get_udevdir)"/rules.d \ + --libdir="${EPREFIX}"/usr/$(get_libdir) \ + --enable-smack + $(use_enable acl) \ + $(use_enable apparmor) \ + $(use_enable pam) \ + $(use_enable seccomp) \ + $(use_enable selinux) +} + +src_install() { + default + find "${D}" -name '*.la' -delete || die + + newinitd "${FILESDIR}"/${PN}.init ${PN} + newconfd "${FILESDIR}"/${PN}.conf ${PN} +} + +pkg_postinst() { + if [ "$(rc-config list default | grep elogind)" = "" ]; then + ewarn "To enable the elogind daemon, elogind must be" + ewarn "added to the default runlevel:" + ewarn "# rc-update add elogind default" + fi +} diff --git a/sys-auth/elogind/files/elogind-219.12-login1-perms.patch b/sys-auth/elogind/files/elogind-219.12-login1-perms.patch new file mode 100644 index 0000000..eecf38e --- /dev/null +++ b/sys-auth/elogind/files/elogind-219.12-login1-perms.patch @@ -0,0 +1,129 @@ +From 1ca40c077cd9a08f96a559ba51e8dba230298c4d Mon Sep 17 00:00:00 2001 +From: Michael Palimaka <kensing...@gentoo.org> +Date: Sun, 19 Jun 2016 01:56:56 +1000 +Subject: [PATCH] Update org.freedesktop.login1.conf + +This mirrors an upstream change opening up all of logind's bus calls to +unprivileged users via polkit. + +See systemd/systemd/issues/471. +Closes #3. +--- + src/login/org.freedesktop.login1.conf | 68 +++++++++++++++++++++++++++++++++++ + 1 file changed, 68 insertions(+) + +diff --git a/src/login/org.freedesktop.login1.conf b/src/login/org.freedesktop.login1.conf +index 1318328..2e67e3d 100644 +--- a/src/login/org.freedesktop.login1.conf ++++ b/src/login/org.freedesktop.login1.conf +@@ -90,6 +90,42 @@ + + <allow send_destination="org.freedesktop.login1" + send_interface="org.freedesktop.login1.Manager" ++ send_member="LockSession"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.Manager" ++ send_member="UnlockSession"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.Manager" ++ send_member="LockSessions"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.Manager" ++ send_member="UnlockSessions"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.Manager" ++ send_member="KillSession"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.Manager" ++ send_member="KillUser"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.Manager" ++ send_member="TerminateSession"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.Manager" ++ send_member="TerminateUser"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.Manager" ++ send_member="TerminateSeat"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.Manager" + send_member="PowerOff"/> + + <allow send_destination="org.freedesktop.login1" +@@ -130,6 +166,10 @@ + + <allow send_destination="org.freedesktop.login1" + send_interface="org.freedesktop.login1.Manager" ++ send_member="SetWallMessage"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.Manager" + send_member="AttachDevice"/> + + <allow send_destination="org.freedesktop.login1" +@@ -138,6 +178,10 @@ + + <allow send_destination="org.freedesktop.login1" + send_interface="org.freedesktop.login1.Seat" ++ send_member="Terminate"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.Seat" + send_member="ActivateSession"/> + + <allow send_destination="org.freedesktop.login1" +@@ -154,14 +198,30 @@ + + <allow send_destination="org.freedesktop.login1" + send_interface="org.freedesktop.login1.Session" ++ send_member="Terminate"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.Session" + send_member="Activate"/> + + <allow send_destination="org.freedesktop.login1" + send_interface="org.freedesktop.login1.Session" ++ send_member="Lock"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.Session" ++ send_member="Unlock"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.Session" + send_member="SetIdleHint"/> + + <allow send_destination="org.freedesktop.login1" + send_interface="org.freedesktop.login1.Session" ++ send_member="Kill"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.Session" + send_member="TakeControl"/> + + <allow send_destination="org.freedesktop.login1" +@@ -180,6 +240,14 @@ + send_interface="org.freedesktop.login1.Session" + send_member="PauseDeviceComplete"/> + ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.User" ++ send_member="Terminate"/> ++ ++ <allow send_destination="org.freedesktop.login1" ++ send_interface="org.freedesktop.login1.User" ++ send_member="Kill"/> ++ + <allow receive_sender="org.freedesktop.login1"/> + </policy> + diff --git a/sys-auth/elogind/files/elogind.conf b/sys-auth/elogind/files/elogind.conf new file mode 100644 index 0000000..fafc1ae --- /dev/null +++ b/sys-auth/elogind/files/elogind.conf @@ -0,0 +1,7 @@ +# /etc/conf.d/elogind: config file for /etc/init.d/elogind + +# this is the elogind executable +ELOGIND_EXEC="/usr/libexec/elogind/elogind" + +# this is where elogind will store its pid file +ELOGIND_PIDFILE="/var/run/elogind.pid" diff --git a/sys-auth/elogind/files/elogind.init b/sys-auth/elogind/files/elogind.init new file mode 100644 index 0000000..af7c82e --- /dev/null +++ b/sys-auth/elogind/files/elogind.init @@ -0,0 +1,32 @@ +#!/sbin/openrc-run +# Copyright 1999-2017 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +depend() { + need dbus + + # Make sure elogind is up before xdm starts any dm + before xdm +} + +start() { + ebegin "Starting elogind" + + # elogind needs a /run/systemd directory + if [[ ! -e /run/systemd ]]; then + mkdir -p /run/systemd + chmod 644 /run/systemd + fi + + start-stop-daemon --start --quiet --background \ + --make-pidfile --pidfile "${ELOGIND_PIDFILE}" \ + --exec "${ELOGIND_EXEC}" + eend $? +} + +stop() { + ebegin "Stopping elogind" + start-stop-daemon --stop --quiet --pidfile "${ELOGIND_PIDFILE}" + eend $? +}