From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-847600-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id 0F9E21384B4
	for <garchives@archives.gentoo.org>; Thu, 19 Nov 2015 16:42:34 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 4D01EE07AE;
	Thu, 19 Nov 2015 16:42:31 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id DF3A4E07AE
	for <gentoo-commits@lists.gentoo.org>; Thu, 19 Nov 2015 16:42:30 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id C01E934090B
	for <gentoo-commits@lists.gentoo.org>; Thu, 19 Nov 2015 16:42:29 +0000 (UTC)
Received: from localhost.localdomain (localhost [127.0.0.1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id 24FDCA96
	for <gentoo-commits@lists.gentoo.org>; Thu, 19 Nov 2015 16:42:25 +0000 (UTC)
From: "Michael Palimaka" <kensington@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Michael Palimaka" <kensington@gentoo.org>
Message-ID: <1447951331.07a9384a8d8d17256904f67be3d039121dc3c799.kensington@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: kde-plasma/plasma-workspace/files/, kde-plasma/plasma-workspace/
X-VCS-Repository: repo/gentoo
X-VCS-Files: kde-plasma/plasma-workspace/files/plasma-workspace-5.4.3-no-SUID-no-GUID.patch kde-plasma/plasma-workspace/plasma-workspace-5.4.3-r1.ebuild
X-VCS-Directories: kde-plasma/plasma-workspace/ kde-plasma/plasma-workspace/files/
X-VCS-Committer: kensington
X-VCS-Committer-Name: Michael Palimaka
X-VCS-Revision: 07a9384a8d8d17256904f67be3d039121dc3c799
X-VCS-Branch: master
Date: Thu, 19 Nov 2015 16:42:25 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Archives-Salt: 42573f09-619c-4f71-9ac3-cfe77caca882
X-Archives-Hash: a8e7b5e0ae3147cffe2725b93f058362

commit:     07a9384a8d8d17256904f67be3d039121dc3c799
Author:     Andreas Sturmlechner <andreas.sturmlechner <AT> gmail <DOT> com>
AuthorDate: Thu Nov 12 23:54:29 2015 +0000
Commit:     Michael Palimaka <kensington <AT> gentoo <DOT> org>
CommitDate: Thu Nov 19 16:42:11 2015 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=07a9384a

kde-plasma/plasma-workspace: USE=pam, fix setuid, block kdebase-pam:4

SUID optional per kcheckpass/README, only required for shadow based login
setuid code in upstream cmake does not work, do it manually instead if USE=-pam
Block kdebase-pam which sneakily sabotaged plasma-workspace in /etc/pam.d,
leading to broken screenlocker bugs like #564618

Package-Manager: portage-2.2.24

 .../plasma-workspace-5.4.3-no-SUID-no-GUID.patch   |  16 ++
 .../plasma-workspace-5.4.3-r1.ebuild               | 207 +++++++++++++++++++++
 2 files changed, 223 insertions(+)

diff --git a/kde-plasma/plasma-workspace/files/plasma-workspace-5.4.3-no-SUID-no-GUID.patch b/kde-plasma/plasma-workspace/files/plasma-workspace-5.4.3-no-SUID-no-GUID.patch
new file mode 100644
index 0000000..a099b23
--- /dev/null
+++ b/kde-plasma/plasma-workspace/files/plasma-workspace-5.4.3-no-SUID-no-GUID.patch
@@ -0,0 +1,16 @@
+diff --git a/kcheckpass/CMakeLists.txt b/kcheckpass/CMakeLists.txt
+index a63fa1403e897e70989dc2e1ba7eed4bc69cbb51..12d1bfb3c690eca1acf344045a92eb942669da83 100644
+--- a/ksmserver/screenlocker/kcheckpass/CMakeLists.txt
++++ b/ksmserver/screenlocker/kcheckpass/CMakeLists.txt
+@@ -22,10 +22,6 @@ endif ()
+ 
+ set_property(TARGET kcheckpass APPEND_STRING PROPERTY COMPILE_FLAGS " -U_REENTRANT")
+ target_link_libraries(kcheckpass ${UNIXAUTH_LIBRARIES} ${SOCKET_LIBRARIES})
+-install(TARGETS kcheckpass DESTINATION ${KDE_INSTALL_LIBEXECDIR})
+-install(CODE "
+-    set(KCP_PATH \"\$ENV{DESTDIR}${KDE_INSTALL_LIBEXECDIR}/kcheckpass\")
+-    execute_process(COMMAND sh -c \"chown root '\${KCP_PATH}' && chmod +s '\${KCP_PATH}'\")
+-")
++install(TARGETS kcheckpass DESTINATION ${LIBEXEC_INSTALL_DIR})
+ 
+ #EXTRA_DIST = README

diff --git a/kde-plasma/plasma-workspace/plasma-workspace-5.4.3-r1.ebuild b/kde-plasma/plasma-workspace/plasma-workspace-5.4.3-r1.ebuild
new file mode 100644
index 0000000..a0c34fd
--- /dev/null
+++ b/kde-plasma/plasma-workspace/plasma-workspace-5.4.3-r1.ebuild
@@ -0,0 +1,207 @@
+# Copyright 1999-2015 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+KDE_HANDBOOK="true"
+KDE_PUNT_BOGUS_DEPS="true"
+KDE_TEST="true"
+VIRTUALX_REQUIRED="test"
+inherit kde5 multilib pam qmake-utils
+
+DESCRIPTION="KDE Plasma workspace"
+KEYWORDS=" ~amd64 ~x86"
+IUSE="dbus +drkonqi +geolocation gps pam prison qalculate +systemmonitor"
+
+COMMON_DEPEND="
+	$(add_frameworks_dep baloo)
+	$(add_frameworks_dep kactivities)
+	$(add_frameworks_dep kauth)
+	$(add_frameworks_dep kbookmarks)
+	$(add_frameworks_dep kcmutils)
+	$(add_frameworks_dep kcompletion)
+	$(add_frameworks_dep kconfig)
+	$(add_frameworks_dep kconfigwidgets)
+	$(add_frameworks_dep kcoreaddons)
+	$(add_frameworks_dep kcrash)
+	$(add_frameworks_dep kdbusaddons)
+	$(add_frameworks_dep kdeclarative)
+	$(add_frameworks_dep kdelibs4support)
+	$(add_frameworks_dep kdesu)
+	$(add_frameworks_dep kglobalaccel)
+	$(add_frameworks_dep kguiaddons)
+	$(add_frameworks_dep ki18n)
+	$(add_frameworks_dep kiconthemes)
+	$(add_frameworks_dep kidletime)
+	$(add_frameworks_dep kio)
+	$(add_frameworks_dep kitemviews)
+	$(add_frameworks_dep kjobwidgets)
+	$(add_frameworks_dep kjs)
+	$(add_frameworks_dep kjsembed)
+	$(add_frameworks_dep knewstuff)
+	$(add_frameworks_dep knotifications)
+	$(add_frameworks_dep knotifyconfig)
+	$(add_frameworks_dep kpackage)
+	$(add_frameworks_dep krunner)
+	$(add_frameworks_dep kservice)
+	$(add_frameworks_dep ktexteditor)
+	$(add_frameworks_dep ktextwidgets)
+	$(add_frameworks_dep kwallet)
+	$(add_frameworks_dep kwidgetsaddons)
+	$(add_frameworks_dep kwindowsystem)
+	$(add_frameworks_dep kxmlgui)
+	$(add_frameworks_dep kxmlrpcclient)
+	$(add_frameworks_dep plasma)
+	$(add_frameworks_dep solid)
+	$(add_plasma_dep kwayland)
+	$(add_plasma_dep kwin)
+	$(add_plasma_dep libkscreen)
+	$(add_plasma_dep libksysguard)
+	dev-libs/wayland
+	dev-qt/qtconcurrent:5
+	dev-qt/qtdbus:5
+	dev-qt/qtdeclarative:5[widgets]
+	dev-qt/qtgui:5[jpeg]
+	dev-qt/qtnetwork:5
+	dev-qt/qtscript:5
+	dev-qt/qtsql:5
+	dev-qt/qtwidgets:5
+	dev-qt/qtx11extras:5
+	dev-qt/qtxml:5
+	media-libs/phonon[qt5]
+	sys-libs/zlib
+	x11-libs/libICE
+	x11-libs/libSM
+	x11-libs/libX11
+	x11-libs/libXau
+	x11-libs/libxcb
+	x11-libs/libXfixes
+	x11-libs/libXi
+	x11-libs/libXrender
+	x11-libs/xcb-util-keysyms
+	dbus? ( dev-libs/libdbusmenu-qt[qt5] )
+	drkonqi? (
+		$(add_frameworks_dep kdewebkit)
+		dev-qt/qtwebkit:5
+	)
+	geolocation? ( $(add_frameworks_dep networkmanager-qt) )
+	gps? ( sci-geosciences/gpsd )
+	pam? ( virtual/pam )
+	prison? ( media-libs/prison:5 )
+	qalculate? ( sci-libs/libqalculate )
+	systemmonitor? (
+		$(add_plasma_dep libksysguard processui)
+	)
+"
+RDEPEND="${COMMON_DEPEND}
+	$(add_frameworks_dep kded)
+	$(add_kdeapps_dep kio-extras)
+	$(add_plasma_dep kde-cli-tools)
+	$(add_plasma_dep milou)
+	dev-qt/qdbus:5
+	dev-qt/qtpaths:5
+	dev-qt/qtquickcontrols:5[widgets]
+	x11-apps/mkfontdir
+	x11-apps/xmessage
+	x11-apps/xprop
+	x11-apps/xrdb
+	x11-apps/xset
+	x11-apps/xsetroot
+	systemmonitor? ( $(add_plasma_dep ksysguard) )
+	!kde-base/freespacenotifier:4
+	!kde-base/libtaskmanager:4
+	!<kde-base/kcheckpass-4.11.22-r1:4
+	!kde-base/kcminit:4
+	!kde-base/kdebase-pam:4
+	!kde-base/kdebase-startkde:4
+	!kde-base/klipper:4
+	!kde-base/krunner:4
+	!kde-base/ksmserver:4
+	!kde-base/ksplash:4
+	!kde-base/plasma-workspace:4
+"
+DEPEND="${COMMON_DEPEND}
+	x11-proto/xproto
+"
+
+PATCHES=(
+	"${FILESDIR}/${PN}-5.4-startkde-script.patch"
+	"${FILESDIR}/${PN}-5.4-consolekit2.patch"
+	"${FILESDIR}/${PN}-5.4.3-fix-drkonqi.patch"	#Upstream bug 354110
+	"${FILESDIR}/${PN}-5.4.3-no-SUID-no-GUID.patch"
+)
+
+RESTRICT="test"
+
+src_prepare() {
+	# whole patch should be upstreamed, doesn't work in PATCHES
+	epatch "${FILESDIR}/${PN}-tests-optional.patch"
+
+	kde5_src_prepare
+
+	sed -e "s|\`qtpaths|\`$(qt5_get_bindir)/qtpaths|" \
+		-i startkde/startkde.cmake startkde/startplasmacompositor.cmake || die
+
+	if ! use drkonqi; then
+		comment_add_subdirectory drkonqi
+	fi
+
+	if ! use geolocation; then
+		punt_bogus_dep KF5 NetworkManagerQt
+		pushd dataengines > /dev/null || die
+			comment_add_subdirectory geolocation
+		popd > /dev/null || die
+	fi
+
+	if ! use systemmonitor; then
+		comment_add_subdirectory systemmonitor
+		pushd applets > /dev/null || die
+			comment_add_subdirectory systemmonitor
+		popd > /dev/null || die
+		pushd dataengines > /dev/null || die
+			comment_add_subdirectory systemmonitor
+		popd > /dev/null || die
+	fi
+}
+
+src_configure() {
+	local mycmakeargs=(
+		$(cmake-utils_use_find_package pam)
+		$(cmake-utils_use_find_package dbus dbusmenu-qt5)
+		$(cmake-utils_use_find_package gps libgps)
+		$(cmake-utils_use_find_package prison)
+		$(cmake-utils_use_find_package qalculate Qalculate)
+	)
+
+	kde5_src_configure
+}
+
+src_install() {
+	kde5_src_install
+
+	newpamd "${FILESDIR}/kde.pam" kde
+	newpamd "${FILESDIR}/kde-np.pam" kde-np
+
+	# startup and shutdown scripts
+	insinto /etc/plasma/startup
+	doins "${FILESDIR}/agent-startup.sh"
+
+	insinto /etc/plasma/shutdown
+	doins "${FILESDIR}/agent-shutdown.sh"
+
+	if ! use pam; then
+		chown root "${ED}"usr/$(get_libdir)/libexec/kcheckpass || die
+		chmod +s "${ED}"usr/$(get_libdir)/libexec/kcheckpass || die
+	fi
+}
+
+pkg_postinst () {
+	kde5_pkg_postinst
+
+	echo
+	elog "To enable gpg-agent and/or ssh-agent in Plasma sessions,"
+	elog "edit ${EPREFIX}/etc/plasma/startup/agent-startup.sh and"
+	elog "${EPREFIX}/etc/plasma/shutdown/agent-shutdown.sh"
+	echo
+}