summaryrefslogtreecommitdiff
path: root/community/polkit/APKBUILD
blob: 3970d572e7ddccc5a98d1da063e1bdbffa671815 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187

# Contributor: Carlo Landmeter
# Contributor: Rasmus Thomsen <oss@cogitri.dev>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=polkit
pkgver=121
pkgrel=0
pkgdesc="Application development toolkit for controlling system-wide privileges"
url="https://www.freedesktop.org/wiki/Software/polkit/"
arch="all"
license="GPL-2.0-or-later"
options="suid !check"  # Needs a functioning dbus daemon
depends="$pkgname-common=$pkgver-r$pkgrel $pkgname-libs=$pkgver-r$pkgrel"
makedepends="
	bash
	dbus-glib-dev
	duktape-dev
	elogind-dev
	expat-dev
	glib-dev
	gobject-introspection-dev
	gtk-doc
	intltool
	linux-pam-dev
	meson
	"
pkgusers="polkitd"
pkggroups="polkitd"
install="$pkgname-common.pre-install $pkgname-common.pre-upgrade"
subpackages="
	$pkgname-dev
	$pkgname-libs
	$pkgname-doc
	$pkgname-lang
	$pkgname-openrc
	$pkgname-common
	$pkgname-elogind
	$pkgname-elogind-dev:_elogind_dev
	$pkgname-elogind-libs:_elogind_libs
	"
source="https://www.freedesktop.org/software/polkit/releases/polkit-$pkgver.tar.gz
	make-innetgr-optional.patch
	alpine-polkit.pam
	polkit.initd
	"
builddir="$srcdir/$pkgname-v.$pkgver"

# secfixes:
#   0.120-r2:
#     - CVE-2021-4034
#   0.119-r0:
#     - CVE-2021-3560

build() {
	msg 'Building without elogind'
	_build no-elogind -Dsession_tracking="ConsoleKit"

	msg 'Building with elogind'
	_build elogind -Dsession_tracking="libelogind"
}

_build() {
	local outdir="$1"
	shift
	abuild-meson \
		-Dtests="$(want_check && echo true || echo false)" \
		-Dman=true \
		-Dsystemdsystemunitdir=/trash \
		"$@" \
		. "$outdir"
	meson compile -C "$outdir"
}

check() {
	meson test -v --no-rebuild -C elogind
}

package() {
	provider_priority=100  # highest

	DESTDIR="$pkgdir" meson install --no-rebuild -C no-elogind
	DESTDIR="$builddir/elogind/dest" meson install --no-rebuild -C elogind

	cd "$pkgdir"

	# systemd files
	rm -rf ./trash

	# Use our own polkit rules, upstream may change them
	install -m644 "$srcdir"/alpine-polkit.pam etc/pam.d/polkit-1

	# See polkit's configure script which tells us what permissions to set
	chown -R polkitd:polkitd etc/polkit-1/rules.d usr/share/polkit-1/rules.d
	chmod -R 700 etc/polkit-1/rules.d usr/share/polkit-1/rules.d
	chmod 4755 usr/lib/polkit-1/polkit-agent-helper-1
	chmod 4755 usr/bin/pkexec

	install -Dm755 "$srcdir"/polkit.initd etc/init.d/polkit
}

libs() {
	provider_priority=100  # highest
	depends=""

	default_libs
}

dev() {
	default_dev

	# XXX: We have to disable tracedeps to avoid abuild adding both
	# polkit-libs and polkit-elogind-libs to depends - they are autodetected
	# via symlinks in /usr/lib.
	options="!tracedeps"
	# XXX: Since we disabled tracedeps, all depends and provides must be
	# specified. This sucks, but I don't know of a better solution (@jirutka).
	depends="$depends_dev
		$pkgname-common=$pkgver-r$pkgrel
		$pkgname-libs=$pkgver-r$pkgrel
		dbus-glib-dev
		pc:gio-2.0>=2.18
		pc:glib-2.0>=2.18
		pkgconfig
		"
	provides="pc:polkit-agent-1=$pkgver pc:polkit-gobject-1=$pkgver"
}

elogind() {
	pkgdesc="Polkit with elogind session tracking"
	depends="$pkgname-elogind-libs=$pkgver-r$pkgrel $pkgname-common=$pkgver-r$pkgrel"
	provides="$pkgname=$pkgver-r$pkgrel"
	provider_priority=10  # lowest
	replaces="$pkgname"  # for backward compatibility

	cd "$builddir"/elogind/dest

	mkdir -p "$subpkgdir"/usr/lib/polkit-1
	mv usr/lib/polkit-1/polkitd "$subpkgdir"/usr/lib/polkit-1/
}

_elogind_dev() {
	pkgdesc="Polkit with elogind session tracking (development files)"
	depends="$pkgname-dev=$pkgver-r$pkgrel $pkgname-elogind-libs=$pkgver-r$pkgrel"
	replaces="$pkgname-dev"

	cd "$builddir"/elogind/dest

	# *.gir files for the default and the elogind variant differ, the rest
	# is the same.
	mkdir -p "$subpkgdir"/usr/share
	mv usr/share/gir-1.0 "$subpkgdir"/usr/share/
}

_elogind_libs() {
	pkgdesc="Polkit with elogind session tracking (libraries)"
	depends=""
	provides="$pkgname-libs=$pkgver-r$pkgrel"
	provider_priority=10  # lowest
	replaces="$pkgname-libs $pkgname-elogind<=0.118"  # for backward compatibility

	cd "$builddir"/elogind/dest

	mkdir -p "$subpkgdir"/usr/lib
	mv usr/lib/lib*.so.* "$subpkgdir"/usr/lib/
}

common() {
	pkgdesc="Common files for polkit and polkit-elogind"
	depends=""
	replaces="$pkgname $pkgname-elogind"  # for backward compatibility

	# Move all that left to subpackage.
	amove etc/*
	amove usr/*

	# Move polkitd back to the base package (that's the only file from the
	# polkit package that differs between default and elogind variant).
	mkdir -p "$pkgdir"/usr/lib/polkit-1
	mv "$subpkgdir"/usr/lib/polkit-1/polkitd "$pkgdir"/usr/lib/polkit-1/
}

sha512sums="
f565027b80f32833c558900b612e089ab25027da5bf9a90c421a292467d4db9a291f6dc9850c4bca8f9ee890d476fd064a643a5f7e28497661ba1e31d4227624  polkit-121.tar.gz
95fd0e4d546929bfbdbfd3e169a9169fb16f9ce005d75dd420c15ce091bf8c871a44e6aaf24906c41f0eeb80d5b2a93ffd09202ddccea2c372df533ef2550112  make-innetgr-optional.patch
f5102dc00d390b3a3c957b62e1712db778c7ffb7378f3d8e816c0757c11a308c5d5303e42595b0d6add9839247c773880cd34e56afacc89eb6efaadf9aae7826  alpine-polkit.pam
f6e5ac0ed41feb392dfd104979ec577c5936f3db2bd252b12b7b9b2609a0901dae38bebec1ea65ccf4f427860b520383ae4d2c66fb74ab986c715f6b0ad50473  polkit.initd
"
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-19 05:19:42 +0000