subject:"\[gentoo\-commits\] repo\/gentoo\:master commit in\: dev\-libs\/sway\/, dev\-libs\/sway\/files\/"

[gentoo-commits] repo/gentoo:master commit in: dev-libs/sway/, dev-libs/sway/files/

2017-12-27 Thread David Seifert

commit: 402056b57722e365689a733479e00e3d5ebd432a
Author: Mykyta Holubakha  gmail  com>
AuthorDate: Tue Dec 26 23:48:38 2017 +
Commit: David Seifert  gentoo  org>
CommitDate: Wed Dec 27 15:57:11 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=402056b5

dev-libs/sway: json-c-0.13.0 fixes

Closes: https://bugs.gentoo.org/641684
Closes: https://github.com/gentoo/gentoo/pull/6646

 dev-libs/sway/files/sway-0.15.0-json-c-fixes.patch | 370 +
 dev-libs/sway/sway-0.15.0.ebuild   |   2 +
 dev-libs/sway/sway-.ebuild |   2 +
 3 files changed, 374 insertions(+)

diff --git a/dev-libs/sway/files/sway-0.15.0-json-c-fixes.patch 
b/dev-libs/sway/files/sway-0.15.0-json-c-fixes.patch
new file mode 100644
index 000..1e43eda62e8
--- /dev/null
+++ b/dev-libs/sway/files/sway-0.15.0-json-c-fixes.patch
@@ -0,0 +1,370 @@
+From c6e12368a531dd4bbb0778c9a1dd5d3fb935c197 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= 
+Date: Thu, 14 Dec 2017 01:30:54 +0100
+Subject: [PATCH 1/3] Lift restriction on json-c <= 0.12.1
+
+---
+ CMakeLists.txt | 2 +-
+ README.de.md   | 2 +-
+ README.el.md   | 2 +-
+ README.fr.md   | 2 +-
+ README.it.md   | 2 +-
+ README.ja.md   | 2 +-
+ README.md  | 2 +-
+ README.pt.md   | 2 +-
+ README.ru.md   | 2 +-
+ README.uk.md   | 2 +-
+ 10 files changed, 10 insertions(+), 10 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index dc521570..bd12b191 100644
+--- a/CMakeLists.txt
 b/CMakeLists.txt
+@@ -59,7 +59,7 @@ if (LD_LIBRARY_PATH)
+   add_definitions(-D_LD_LIBRARY_PATH="${LD_LIBRARY_PATH}")
+ endif()
+ 
+-find_package(JsonC 0.12.1 REQUIRED)
++find_package(JsonC REQUIRED)
+ find_package(PCRE REQUIRED)
+ find_package(WLC REQUIRED)
+ find_package(Wayland REQUIRED)
+diff --git a/README.de.md b/README.de.md
+index 701cc34f..293ffe70 100644
+--- a/README.de.md
 b/README.de.md
+@@ -60,7 +60,7 @@ Abhängigkeiten:
+ * libcap
+ * asciidoc
+ * pcre
+-* json-c <= 0.12.1
++* json-c
+ * pango
+ * cairo
+ * gdk-pixbuf2 *
+diff --git a/README.el.md b/README.el.md
+index df39364f..eba97b9c 100644
+--- a/README.el.md
 b/README.el.md
+@@ -53,7 +53,7 @@ To username μου στο Freenode είναι kon14 και θα με βρείτ
+ * libcap
+ * asciidoc
+ * pcre
+-* json-c <= 0.12.1
++* json-c
+ * pango
+ * cairo
+ * gdk-pixbuf2 *
+diff --git a/README.fr.md b/README.fr.md
+index 47b6c410..a4ff7cb9 100644
+--- a/README.fr.md
 b/README.fr.md
+@@ -55,7 +55,7 @@ Installez les dépendances :
+ * libcap
+ * asciidoc
+ * pcre
+-* json-c <= 0.12.1
++* json-c
+ * pango
+ * cairo
+ * gdk-pixbuf2 *
+diff --git a/README.it.md b/README.it.md
+index f5e0d8e2..ded441c3 100644
+--- a/README.it.md
 b/README.it.md
+@@ -56,7 +56,7 @@ Installa queste dipendenze:
+ * libcap
+ * asciidoc
+ * pcre
+-* json-c <= 0.12.1
++* json-c
+ * pango
+ * cairo
+ * gdk-pixbuf2 *
+diff --git a/README.ja.md b/README.ja.md
+index 2e8f9bfb..94b4ce9d 100644
+--- a/README.ja.md
 b/README.ja.md
+@@ -46,7 +46,7 @@ Swayは沢山のディストリビューションで提供されています。"
+ * libcap
+ * asciidoc
+ * pcre
+-* json-c <= 0.12.1
++* json-c
+ * pango
+ * cairo
+ * gdk-pixbuf2 *
+diff --git a/README.md b/README.md
+index 29e8a674..eeca9f88 100644
+--- a/README.md
 b/README.md
+@@ -61,7 +61,7 @@ Install dependencies:
+ * libcap
+ * asciidoc
+ * pcre
+-* json-c <= 0.12.1
++* json-c
+ * pango
+ * cairo
+ * gdk-pixbuf2 *
+diff --git a/README.pt.md b/README.pt.md
+index b5ca132f..e35849ec 100644
+--- a/README.pt.md
 b/README.pt.md
+@@ -62,7 +62,7 @@ Antes de iniciar a compilação, instale as dependências:
+ * libcap
+ * asciidoc
+ * pcre
+-* json-c <= 0.12.1
++* json-c
+ * pango
+ * cairo
+ * gdk-pixbuf2 *
+diff --git a/README.ru.md b/README.ru.md
+index 4035b0fc..1551caa0 100644
+--- a/README.ru.md
 b/README.ru.md
+@@ -55,7 +55,7 @@ Sway доступен во многих дистрибутивах и наход
+ * libcap
+ * asciidoc
+ * pcre
+-* json-c <= 0.12.1
++* json-c
+ * pango
+ * cairo
+ * gdk-pixbuf2 *
+diff --git a/README.uk.md b/README.uk.md
+index 2e107afc..c8520e4b 100644
+--- a/README.uk.md
 b/README.uk.md
+@@ -62,7 +62,7 @@ Sway доступний у багатьох дистрибутивах Linux (а
+ * libcap
+ * asciidoc
+ * pcre
+-* json-c <= 0.12.1
++* json-c
+ * pango
+ * cairo
+ * gdk-pixbuf2 *
+
+From 8272a9bae0d288b479c517dde3e831ea3889dc7f Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= 
+Date: Thu, 14 Dec 2017 16:44:18 +0100
+Subject: [PATCH 2/3] ipc-server: Acquire ownership of referenced json_object
+ properly
+
+When adding a referenced json_object with an unknown lifetime to
+another json_object, it must be done with a wrapped call to
+json_object_get() to acquire the ownership of that json_object.
+---
+ sway/ipc-server.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/sway/ipc-server.c b/sway/ipc-server.c
+index b560b930..80f4e5d0 100644
+--- a/sway/ipc-server.c
 b/sway/ipc-server.c
+@@ -1126,7 +1126,8 @@ static void ipc_event_binding(json_

[gentoo-commits] repo/gentoo:master commit in: dev-libs/sway/, dev-libs/sway/files/

2017-01-15 Thread David Seifert

commit: da0797f7528c80c800a2c39fe5828aa0ac43fe7e
Author: Mykyta Holubakha  gmail  com>
AuthorDate: Thu Jan 12 17:37:58 2017 +
Commit: David Seifert  gentoo  org>
CommitDate: Sun Jan 15 13:37:53 2017 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=da0797f7

dev-libs/sway: revbump to 0.11-r3

backport capability fixes (usptream #1043)

drop capabilities from binary

fix version info
Closes: https://github.com/gentoo/gentoo/pull/3446

 dev-libs/sway/files/sway-0.11-r3-keep-cap.patch| 84 ++
 .../{sway-0.11-r2.ebuild => sway-0.11-r3.ebuild}   | 14 ++--
 2 files changed, 94 insertions(+), 4 deletions(-)

diff --git a/dev-libs/sway/files/sway-0.11-r3-keep-cap.patch 
b/dev-libs/sway/files/sway-0.11-r3-keep-cap.patch
new file mode 100644
index ..da821e3
--- /dev/null
+++ b/dev-libs/sway/files/sway-0.11-r3-keep-cap.patch
@@ -0,0 +1,84 @@
+From ea1313d80d5ee1623b00c8cdf6e7ff8a7e14c2ae Mon Sep 17 00:00:00 2001
+From: Mykyta Holubakha 
+Date: Thu, 12 Jan 2017 04:25:03 +0200
+Subject: [PATCH 1/2] Keep CAP_SYS_PTRACE with suid binary
+
+---
+ sway/main.c | 28 
+ 1 file changed, 28 insertions(+)
+
+diff --git a/sway/main.c b/sway/main.c
+index e8a02e7..6c74aab 100644
+--- a/sway/main.c
 b/sway/main.c
+@@ -10,6 +10,9 @@
+ #include 
+ #include 
+ #include 
++#ifdef __linux__
++#include 
++#endif
+ #include "sway/extensions.h"
+ #include "sway/layout.h"
+ #include "sway/config.h"
+@@ -289,6 +292,18 @@ int main(int argc, char **argv) {
+   return 0;
+   }
+ 
++#ifdef __linux__
++  bool suid = false;
++  if (getuid() != geteuid() || getgid() != getegid()) {
++  // Retain capabilities after setuid()
++  if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0)) {
++  sway_log(L_ERROR, "Cannot keep caps after setuid()");
++  exit(EXIT_FAILURE);
++  }
++  suid = true;
++  }
++#endif
++
+   // we need to setup logging before wlc_init in case it fails.
+   if (debug) {
+   init_log(L_DEBUG);
+@@ -311,6 +326,19 @@ int main(int argc, char **argv) {
+   }
+   register_extensions();
+ 
++#ifdef __linux__
++  if (suid) {
++  // Drop every cap except CAP_SYS_PTRACE
++  cap_t caps = cap_init();
++  cap_value_t keep = CAP_SYS_PTRACE;
++  if (cap_set_flag(caps, CAP_PERMITTED, 1, &keep, CAP_SET) ||
++  cap_set_flag(caps, CAP_EFFECTIVE, 1, &keep, CAP_SET) ||
++  cap_set_proc(caps)) {
++  sway_log(L_ERROR, "Failed to drop extra capabilities");
++  exit(EXIT_FAILURE);
++  }
++  }
++#endif
+   // handle SIGTERM signals
+   signal(SIGTERM, sig_handler);
+ 
+
+From d9ba61d7e91c5aceef1a6a736dc65f0594b9be2a Mon Sep 17 00:00:00 2001
+From: Mykyta Holubakha 
+Date: Thu, 12 Jan 2017 04:35:09 +0200
+Subject: [PATCH 2/2] Log capability dropping
+
+---
+ sway/main.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/sway/main.c b/sway/main.c
+index 6c74aab..7bf71b5 100644
+--- a/sway/main.c
 b/sway/main.c
+@@ -331,6 +331,7 @@ int main(int argc, char **argv) {
+   // Drop every cap except CAP_SYS_PTRACE
+   cap_t caps = cap_init();
+   cap_value_t keep = CAP_SYS_PTRACE;
++  sway_log(L_INFO, "Dropping extra capabilities");
+   if (cap_set_flag(caps, CAP_PERMITTED, 1, &keep, CAP_SET) ||
+   cap_set_flag(caps, CAP_EFFECTIVE, 1, &keep, CAP_SET) ||
+   cap_set_proc(caps)) {

diff --git a/dev-libs/sway/sway-0.11-r2.ebuild 
b/dev-libs/sway/sway-0.11-r3.ebuild
similarity index 84%
rename from dev-libs/sway/sway-0.11-r2.ebuild
rename to dev-libs/sway/sway-0.11-r3.ebuild
index dbea8b2..fdd4feb 100644
--- a/dev-libs/sway/sway-0.11-r2.ebuild
+++ b/dev-libs/sway/sway-0.11-r3.ebuild
@@ -1,10 +1,10 @@
-# Copyright 1999-2016 Gentoo Foundation
+# Copyright 1999-2017 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 # $Id$
 
 EAPI=6
 
-inherit eutils cmake-utils fcaps
+inherit eutils cmake-utils
 
 DESCRIPTION="i3-compatible Wayland window manager"
 HOMEPAGE="http://swaywm.org/";
@@ -32,6 +32,8 @@ DEPEND="${RDEPEND}
virtual/pkgconfig
app-text/asciidoc"
 
+PATCHES=( "${FILESDIR}/sway-0.11-r3-keep-cap.patch" )
+
 src_prepare() {
cmake-utils_src_prepare
 
@@ -54,15 +56,19 @@ src_configure() {
 
-DCMAKE_INSTALL_SYSCONFDIR="/etc"
-DLD_LIBRARY_PATH="${EPREFIX}/usr/lib"
+   -DGIT_COMMIT_HASH="${PVR}" # specify version info, may change 
in future
)
 
cmake-utils_src_configure
 }
 
-FILECAPS=( -M 4711 cap_sys_ptrace,cap_sys_tty_config usr/bin/sway )
+src_install() {
+   cmake-utils_src_install
+
+   use !systemd && fperms u+s /usr/bin/sway
+}
 
 pkg_postinst() {
-   fca

[gentoo-commits] repo/gentoo:master commit in: dev-libs/sway/, dev-libs/sway/files/

[gentoo-commits] repo/gentoo:master commit in: dev-libs/sway/, dev-libs/sway/files/

2 matches

Site Navigation

Mail list logo

Footer information