[gentoo-commits] repo/gentoo:master commit in: x11-apps/radeon-profile-daemon/, x11-apps/radeon-profile-daemon/files/

Lars Wendler Fri, 10 May 2019 03:02:23 -0700

commit:     bf12cbcf32c902e9825583425340be3cb404dc09
Author:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
AuthorDate: Fri May 10 09:59:27 2019 +0000
Commit:     Lars Wendler <polynomial-c <AT> gentoo <DOT> org>
CommitDate: Fri May 10 10:01:14 2019 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bf12cbcf


x11-apps/radeon-profile-daemon: Secured socket permissions.

Package-Manager: Portage-2.3.66, Repoman-2.3.12
Signed-off-by: Lars Wendler <polynomial-c <AT> gentoo.org>

 ...eon-profile-daemon-20190309-secure_socket.patch | 26 ++++++++++++++++++++++
 .../files/radeon-profile-daemon.initd              |  4 ++++
 ...ld => radeon-profile-daemon-20190309-r2.ebuild} | 13 ++++++++++-
 .../radeon-profile-daemon-99999999.ebuild          | 13 ++++++++++-
 4 files changed, 54 insertions(+), 2 deletions(-)

diff --git 
a/x11-apps/radeon-profile-daemon/files/radeon-profile-daemon-20190309-secure_socket.patch
 
b/x11-apps/radeon-profile-daemon/files/radeon-profile-daemon-20190309-secure_socket.patch
new file mode 100644
index 00000000000..5d7132b90b7
--- /dev/null
+++ 
b/x11-apps/radeon-profile-daemon/files/radeon-profile-daemon-20190309-secure_socket.patch
@@ -0,0 +1,26 @@
+From 8e75c8678b874c6813e590634943166daa98124b Mon Sep 17 00:00:00 2001
+From: Lars Wendler <polynomia...@gentoo.org>
+Date: Fri, 10 May 2019 11:01:21 +0200
+Subject: [PATCH] Don't make the socket world writable
+
+Signed-off-by: Lars Wendler <polynomia...@gentoo.org>
+---
+ radeon-profile-daemon/rpdthread.cpp | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/radeon-profile-daemon/rpdthread.cpp 
b/radeon-profile-daemon/rpdthread.cpp
+index 4cf0ac0..137d5b2 100644
+--- a/radeon-profile-daemon/rpdthread.cpp
++++ b/radeon-profile-daemon/rpdthread.cpp
+@@ -47,7 +47,7 @@ void rpdThread::createServer()
+ 
+     QLocalServer::removeServer(serverName);
+     daemonServer.listen(serverName);
+-    QFile::setPermissions("/tmp/" + serverName, QFile("/tmp/" + 
serverName).permissions() | QFile::WriteOther | QFile::ReadOther);
++    QFile::setPermissions("/tmp/" + serverName, QFile("/tmp/" + 
serverName).permissions() | QFile::WriteGroup | QFile::ReadGroup);
+ }
+ 
+ void rpdThread::closeConnection()
+-- 
+2.21.0
+

diff --git a/x11-apps/radeon-profile-daemon/files/radeon-profile-daemon.initd 
b/x11-apps/radeon-profile-daemon/files/radeon-profile-daemon.initd
index e4e7afb04c5..f8ec5179670 100644
--- a/x11-apps/radeon-profile-daemon/files/radeon-profile-daemon.initd
+++ b/x11-apps/radeon-profile-daemon/files/radeon-profile-daemon.initd
@@ -7,3 +7,7 @@ description="Daemon for radeon-profile GUI"
 command="/usr/sbin/radeon-profile-daemon"
 command_background="true"
 pidfile="/run/${SVCNAME}.pid"
+
+start_post() {
+       chgrp video /tmp/radeon-profile-daemon-server
+}

diff --git 
a/x11-apps/radeon-profile-daemon/radeon-profile-daemon-99999999.ebuild 
b/x11-apps/radeon-profile-daemon/radeon-profile-daemon-20190309-r2.ebuild
similarity index 81%
copy from x11-apps/radeon-profile-daemon/radeon-profile-daemon-99999999.ebuild
copy to x11-apps/radeon-profile-daemon/radeon-profile-daemon-20190309-r2.ebuild
index ca74330cfd3..924760fc909 100644
--- a/x11-apps/radeon-profile-daemon/radeon-profile-daemon-99999999.ebuild
+++ b/x11-apps/radeon-profile-daemon/radeon-profile-daemon-20190309-r2.ebuild
@@ -27,8 +27,14 @@ DEPEND="${RDEPEND}"
 
 S="${WORKDIR}/${P}/${PN}"
 
+PATCHES=(
+       "${FILESDIR}/${P}-secure_socket.patch"
+)
+
 src_prepare() {
-       default
+       eapply -p2 "${PATCHES[@]}"
+       eapply_user
+
        sed \
                -e '/^bin\.path/s@/bin@/sbin@' \
                -e "/^service\.path/s@=.*\$@= $(systemd_get_systemunitdir)@" \
@@ -47,3 +53,8 @@ src_install() {
 
        newinitd "${FILESDIR}"/${PN}.initd ${PN}
 }
+
+pkg_postinst() {
+       elog "Users need to be in the \"video\" group if they want to change"
+       elog "video card settings via ${PN}"
+}

diff --git 
a/x11-apps/radeon-profile-daemon/radeon-profile-daemon-99999999.ebuild 
b/x11-apps/radeon-profile-daemon/radeon-profile-daemon-99999999.ebuild
index ca74330cfd3..924760fc909 100644
--- a/x11-apps/radeon-profile-daemon/radeon-profile-daemon-99999999.ebuild
+++ b/x11-apps/radeon-profile-daemon/radeon-profile-daemon-99999999.ebuild
@@ -27,8 +27,14 @@ DEPEND="${RDEPEND}"
 
 S="${WORKDIR}/${P}/${PN}"
 
+PATCHES=(
+       "${FILESDIR}/${P}-secure_socket.patch"
+)
+
 src_prepare() {
-       default
+       eapply -p2 "${PATCHES[@]}"
+       eapply_user
+
        sed \
                -e '/^bin\.path/s@/bin@/sbin@' \
                -e "/^service\.path/s@=.*\$@= $(systemd_get_systemunitdir)@" \
@@ -47,3 +53,8 @@ src_install() {
 
        newinitd "${FILESDIR}"/${PN}.initd ${PN}
 }
+
+pkg_postinst() {
+       elog "Users need to be in the \"video\" group if they want to change"
+       elog "video card settings via ${PN}"
+}

[gentoo-commits] repo/gentoo:master commit in: x11-apps/radeon-profile-daemon/, x11-apps/radeon-profile-daemon/files/

Reply via email to