commit: 105ba0f819e429f86c8b0ca1456ae704ffb4d527
Author: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
AuthorDate: Sun Jul 10 14:51:11 2022 +0000
Commit: Andreas Sturmlechner <asturm <AT> gentoo <DOT> org>
CommitDate: Sun Jul 10 14:51:11 2022 +0000
URL: https://gitweb.gentoo.org/proj/qt.git/commit/?id=105ba0f8
x11-misc/sddm: Sync Gentoo ebuild repo changes, drop broken patches
Package-Manager: Portage-3.0.30, Repoman-3.0.3
Signed-off-by: Andreas Sturmlechner <asturm <AT> gentoo.org>
x11-misc/sddm/files/pam-1.4-substack.patch | 31 ++++
...m-0.18.1-honor-PAM-supplemental-groups-v2.patch | 182 ---------------------
...18.1-revert-honor-PAM-supplemental-groups.patch | 87 ----------
x11-misc/sddm/sddm-9999.ebuild | 88 +++++-----
4 files changed, 82 insertions(+), 306 deletions(-)
diff --git a/x11-misc/sddm/files/pam-1.4-substack.patch
b/x11-misc/sddm/files/pam-1.4-substack.patch
new file mode 100644
index 00000000..b0467b26
--- /dev/null
+++ b/x11-misc/sddm/files/pam-1.4-substack.patch
@@ -0,0 +1,31 @@
+--- sddm-0.18.1/services/sddm-autologin.pam.bak 2020-06-19
22:27:57.305580696 +0200
++++ sddm-0.18.1/services/sddm-autologin.pam 2020-06-19 22:30:50.513583973
+0200
+@@ -1,6 +1,5 @@
+ #%PAM-1.0
+ auth required pam_env.so
+-auth required pam_tally.so file=/var/log/faillog onerr=succeed
+ auth required pam_shells.so
+ auth required pam_nologin.so
+ auth required pam_permit.so
+--- sddm-0.18.1/services/sddm.pam.bak 2020-06-19 22:27:26.721580117 +0200
++++ sddm-0.18.1/services/sddm.pam 2020-06-19 22:27:48.729580533 +0200
+@@ -1,15 +1,15 @@
+ #%PAM-1.0
+
+-auth include system-login
++auth substack system-login
+ -auth optional pam_gnome_keyring.so
+ -auth optional pam_kwallet5.so
+
+-account include system-login
++account substack system-login
+
+-password include system-login
++password substack system-login
+ -password optional pam_gnome_keyring.so use_authtok
+
+ session optional pam_keyinit.so force revoke
+-session include system-login
++session substack system-login
+ -session optional pam_gnome_keyring.so auto_start
+ -session optional pam_kwallet5.so auto_start
\ No newline at end of file
diff --git
a/x11-misc/sddm/files/sddm-0.18.1-honor-PAM-supplemental-groups-v2.patch
b/x11-misc/sddm/files/sddm-0.18.1-honor-PAM-supplemental-groups-v2.patch
deleted file mode 100644
index f4ce7ae7..00000000
--- a/x11-misc/sddm/files/sddm-0.18.1-honor-PAM-supplemental-groups-v2.patch
+++ /dev/null
@@ -1,182 +0,0 @@
-From 75e6e00d9e1ecf25e3a9c8332530a1e40d737cdb Mon Sep 17 00:00:00 2001
-From: "J. Konrad Tegtmeier-Rottach" <j...@0x16.de>
-Date: Thu, 9 May 2019 03:06:48 +0200
-Subject: [PATCH] Honor PAM's supplemental groups (v2) (#834, #1159)
-
-This moves the supplemental group initialization step from
-UserSession.cpp to the Backend system, so that the Pam Backend can
-inject additional supplemental groups via modules like pam_group.so.
-
-pam_setcred(3) assumes that it operates on an already initialized
-supplemental group list. However, PamBackend calls
-pam_setcred(PAM_ESTABLISH_CRED) earlier, at the start
-PamBackend::openSession, so a pam_setcred(PAM_REINITIALIZE_CRED) call
-must be issued to repeat the injection of PAM's supplemental groups.
----
- src/helper/Backend.cpp | 5 +++++
- src/helper/Backend.h | 3 +++
- src/helper/HelperApp.cpp | 4 ++++
- src/helper/HelperApp.h | 1 +
- src/helper/UserSession.cpp | 13 ++++++++-----
- src/helper/backend/PamBackend.cpp | 18 ++++++++++++++++++
- src/helper/backend/PamBackend.h | 2 ++
- 7 files changed, 41 insertions(+), 5 deletions(-)
-
-diff --git a/src/helper/Backend.cpp b/src/helper/Backend.cpp
-index d6bb4d0a..35ae2bdf 100644
---- a/src/helper/Backend.cpp
-+++ b/src/helper/Backend.cpp
-@@ -29,6 +29,7 @@
- #include <QtCore/QProcessEnvironment>
-
- #include <pwd.h>
-+#include <grp.h>
-
- namespace SDDM {
- Backend::Backend(HelperApp* parent)
-@@ -79,4 +80,8 @@ namespace SDDM {
- bool Backend::closeSession() {
- return true;
- }
-+
-+ bool Backend::setupSupplementalGroups(struct passwd *pw) {
-+ return !initgroups(pw->pw_name, pw->pw_gid);
-+ }
- }
-diff --git a/src/helper/Backend.h b/src/helper/Backend.h
-index b790e001..3caf1592 100644
---- a/src/helper/Backend.h
-+++ b/src/helper/Backend.h
-@@ -22,6 +22,7 @@
- #define BACKEND_H
-
- #include <QtCore/QObject>
-+#include <pwd.h>
-
- namespace SDDM {
- class HelperApp;
-@@ -38,6 +39,8 @@ namespace SDDM {
- void setAutologin(bool on = true);
- void setGreeter(bool on = true);
-
-+ virtual bool setupSupplementalGroups(struct passwd *pw);
-+
- public slots:
- virtual bool start(const QString &user = QString()) = 0;
- virtual bool authenticate() = 0;
-diff --git a/src/helper/HelperApp.cpp b/src/helper/HelperApp.cpp
-index cad93bd8..d0891d75 100644
---- a/src/helper/HelperApp.cpp
-+++ b/src/helper/HelperApp.cpp
-@@ -253,6 +253,10 @@ namespace SDDM {
- return m_session;
- }
-
-+ Backend *HelperApp::backend() {
-+ return m_backend;
-+ }
-+
- const QString& HelperApp::user() const {
- return m_user;
- }
-diff --git a/src/helper/HelperApp.h b/src/helper/HelperApp.h
-index 3742df12..cb5959a7 100644
---- a/src/helper/HelperApp.h
-+++ b/src/helper/HelperApp.h
-@@ -39,6 +39,7 @@ namespace SDDM {
- virtual ~HelperApp();
-
- UserSession *session();
-+ Backend *backend();
- const QString &user() const;
- const QString &cookie() const;
-
-diff --git a/src/helper/UserSession.cpp b/src/helper/UserSession.cpp
-index f71fd358..62fd4d70 100644
---- a/src/helper/UserSession.cpp
-+++ b/src/helper/UserSession.cpp
-@@ -19,6 +19,7 @@
- *
- */
-
-+#include "Backend.h"
- #include "Configuration.h"
- #include "UserSession.h"
- #include "HelperApp.h"
-@@ -129,7 +130,8 @@ namespace SDDM {
- #endif
-
- // switch user
-- const QByteArray username =
qobject_cast<HelperApp*>(parent())->user().toLocal8Bit();
-+ HelperApp* app = qobject_cast<HelperApp*>(parent());
-+ const QByteArray username = app->user().toLocal8Bit();
- struct passwd pw;
- struct passwd *rpw;
- long bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
-@@ -146,12 +148,13 @@ namespace SDDM {
- qCritical() << "getpwnam_r(" << username << ") failed with
error: " << strerror(err);
- exit(Auth::HELPER_OTHER_ERROR);
- }
-- if (setgid(pw.pw_gid) != 0) {
-- qCritical() << "setgid(" << pw.pw_gid << ") failed for user: " <<
username;
-+
-+ if (!app->backend()->setupSupplementalGroups(&pw)) {
-+ qCritical() << "failed to set up supplemental groups for user: "
<< username;
- exit(Auth::HELPER_OTHER_ERROR);
- }
-- if (initgroups(pw.pw_name, pw.pw_gid) != 0) {
-- qCritical() << "initgroups(" << pw.pw_name << ", " << pw.pw_gid
<< ") failed for user: " << username;
-+ if (setgid(pw.pw_gid) != 0) {
-+ qCritical() << "setgid(" << pw.pw_gid << ") failed for user: " <<
username;
- exit(Auth::HELPER_OTHER_ERROR);
- }
- if (setuid(pw.pw_uid) != 0) {
-diff --git a/src/helper/backend/PamBackend.cpp
b/src/helper/backend/PamBackend.cpp
-index f86d77d6..cccfa258 100644
---- a/src/helper/backend/PamBackend.cpp
-+++ b/src/helper/backend/PamBackend.cpp
-@@ -289,6 +289,24 @@ namespace SDDM {
- return QString::fromLocal8Bit((const char*) m_pam->getItem(PAM_USER));
- }
-
-+ bool PamBackend::setupSupplementalGroups(struct passwd *pw) {
-+ if (!Backend::setupSupplementalGroups(pw))
-+ return false;
-+
-+ // pam_setcred(3) may inject additional groups into the user's
-+ // list of supplemental groups, and assumes that the user's
-+ // supplemental groups have already been initialized before
-+ // its invocation. Since pam_setcred was already called at the
-+ // start of openSession, we need to repeat this step here as
-+ // the user's groups have only just now been initialized.
-+
-+ if (!m_pam->setCred(PAM_REINITIALIZE_CRED)) {
-+ m_app->error(m_pam->errorString(), Auth::ERROR_AUTHENTICATION);
-+ return false;
-+ }
-+ return true;
-+ }
-+
- int PamBackend::converse(int n, const struct pam_message **msg, struct
pam_response **resp) {
- qDebug() << "[PAM] Conversation with" << n << "messages";
-
-diff --git a/src/helper/backend/PamBackend.h b/src/helper/backend/PamBackend.h
-index 4c8b4b35..5b079099 100644
---- a/src/helper/backend/PamBackend.h
-+++ b/src/helper/backend/PamBackend.h
-@@ -28,6 +28,7 @@
- #include <QtCore/QObject>
-
- #include <security/pam_appl.h>
-+#include <pwd.h>
-
- namespace SDDM {
- class PamHandle;
-@@ -61,6 +62,7 @@ namespace SDDM {
- explicit PamBackend(HelperApp *parent);
- virtual ~PamBackend();
- int converse(int n, const struct pam_message **msg, struct
pam_response **resp);
-+ virtual bool setupSupplementalGroups(struct passwd *pw);
-
- public slots:
- virtual bool start(const QString &user = QString());
diff --git
a/x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch
b/x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch
deleted file mode 100644
index f14ff767..00000000
--- a/x11-misc/sddm/files/sddm-0.18.1-revert-honor-PAM-supplemental-groups.patch
+++ /dev/null
@@ -1,87 +0,0 @@
-From d3953e88a94ec25a87d3c5136517b3d1009cb1fd Mon Sep 17 00:00:00 2001
-From: "J. Konrad Tegtmeier-Rottach" <j...@0x16.de>
-Date: Wed, 8 May 2019 18:58:53 +0200
-Subject: [PATCH] Revert "Honor PAM's ambient supplemental groups. (#834)"
-
-This reverts commit 1bc813d08b8130e458a6550ec47fb2bfbe6de080, which
-misuses PAM and leads to pulling in all of root's supplemental groups
-during session initialization instead of only adding PAM's extra
-groups. The problem was masked due to the root user not having any
-supplemental groups in some common contexts, like running sddm from a
-systemd unit.
----
- src/helper/UserSession.cpp | 57 --------------------------------------
- 1 file changed, 57 deletions(-)
-
-diff --git a/src/helper/UserSession.cpp b/src/helper/UserSession.cpp
-index b3aec356..f71fd358 100644
---- a/src/helper/UserSession.cpp
-+++ b/src/helper/UserSession.cpp
-@@ -150,67 +150,10 @@ namespace SDDM {
- qCritical() << "setgid(" << pw.pw_gid << ") failed for user: " <<
username;
- exit(Auth::HELPER_OTHER_ERROR);
- }
--
--#ifdef USE_PAM
--
-- // fetch ambient groups from PAM's environment;
-- // these are set by modules such as pam_groups.so
-- int n_pam_groups = getgroups(0, NULL);
-- gid_t *pam_groups = NULL;
-- if (n_pam_groups > 0) {
-- pam_groups = new gid_t[n_pam_groups];
-- if ((n_pam_groups = getgroups(n_pam_groups, pam_groups)) == -1) {
-- qCritical() << "getgroups() failed to fetch supplemental"
-- << "PAM groups for user:" << username;
-- exit(Auth::HELPER_OTHER_ERROR);
-- }
-- } else {
-- n_pam_groups = 0;
-- }
--
-- // fetch session's user's groups
-- int n_user_groups = 0;
-- gid_t *user_groups = NULL;
-- if (-1 == getgrouplist(username.constData(), pw.pw_gid,
-- NULL, &n_user_groups)) {
-- user_groups = new gid_t[n_user_groups];
-- if ((n_user_groups = getgrouplist(username.constData(),
-- pw.pw_gid, user_groups,
-- &n_user_groups)) == -1 ) {
-- qCritical() << "getgrouplist(" << username << ", " <<
pw.pw_gid
-- << ") failed";
-- exit(Auth::HELPER_OTHER_ERROR);
-- }
-- }
--
-- // set groups to concatenation of PAM's ambient
-- // groups and the session's user's groups
-- int n_groups = n_pam_groups + n_user_groups;
-- if (n_groups > 0) {
-- gid_t *groups = new gid_t[n_groups];
-- memcpy(groups, pam_groups, (n_pam_groups * sizeof(gid_t)));
-- memcpy((groups + n_pam_groups), user_groups,
-- (n_user_groups * sizeof(gid_t)));
--
-- // setgroups(2) handles duplicate groups
-- if (setgroups(n_groups, groups) != 0) {
-- qCritical() << "setgroups() failed for user: " << username;
-- exit (Auth::HELPER_OTHER_ERROR);
-- }
-- delete[] groups;
-- }
-- delete[] pam_groups;
-- delete[] user_groups;
--
--#else
--
- if (initgroups(pw.pw_name, pw.pw_gid) != 0) {
- qCritical() << "initgroups(" << pw.pw_name << ", " << pw.pw_gid
<< ") failed for user: " << username;
- exit(Auth::HELPER_OTHER_ERROR);
- }
--
--#endif /* USE_PAM */
--
- if (setuid(pw.pw_uid) != 0) {
- qCritical() << "setuid(" << pw.pw_uid << ") failed for user: " <<
username;
- exit(Auth::HELPER_OTHER_ERROR);
diff --git a/x11-misc/sddm/sddm-9999.ebuild b/x11-misc/sddm/sddm-9999.ebuild
index f9b3950f..fd6d2f6b 100644
--- a/x11-misc/sddm/sddm-9999.ebuild
+++ b/x11-misc/sddm/sddm-9999.ebuild
@@ -1,72 +1,71 @@
-# Copyright 1999-2021 Gentoo Authors
+# Copyright 1999-2022 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
-EAPI=7
+EAPI=8
if [[ ${PV} == *9999* ]]; then
inherit git-r3
EGIT_REPO_URI="https://github.com/${PN}/${PN}.git";
else
SRC_URI="https://github.com/${PN}/${PN}/releases/download/v${PV}/${P}.tar.gz";
- KEYWORDS="~amd64 ~arm ~arm64 ~ppc64 ~riscv ~x86"
+ KEYWORDS="~amd64 ~arm ~arm64 ~loong ~ppc64 ~riscv ~x86"
fi
-PLOCALES="ar bn ca cs da de es et fi fr hi_IN hu ie is it ja kk ko lt lv nb nl
nn pl pt_BR pt_PT ro ru sk sr sr@ijekavian sr@ijekavianlatin sr@latin sv tr uk
zh_CN zh_TW"
-inherit cmake plocale systemd user
+inherit cmake linux-info systemd tmpfiles
DESCRIPTION="Simple Desktop Display Manager"
HOMEPAGE="https://github.com/sddm/sddm";
LICENSE="GPL-2+ MIT CC-BY-3.0 CC-BY-SA-3.0 public-domain"
SLOT="0"
-IUSE="elogind +pam systemd test"
+IUSE="+elogind +pam systemd test"
REQUIRED_USE="?? ( elogind systemd )"
-
RESTRICT="!test? ( test )"
-BDEPEND="
- dev-python/docutils
- >=dev-qt/linguist-tools-5.9.4:5
- kde-frameworks/extra-cmake-modules:5
- virtual/pkgconfig
-"
-RDEPEND="
- >=dev-qt/qtcore-5.9.4:5
- >=dev-qt/qtdbus-5.9.4:5
- >=dev-qt/qtdeclarative-5.9.4:5
- >=dev-qt/qtgui-5.9.4:5
- >=dev-qt/qtnetwork-5.9.4:5
- >=x11-base/xorg-server-1.15.1
+COMMON_DEPEND="
+ acct-group/sddm
+ acct-user/sddm
+ dev-qt/qtcore:5
+ dev-qt/qtdbus:5
+ dev-qt/qtdeclarative:5
+ dev-qt/qtgui:5
+ dev-qt/qtnetwork:5
+ x11-base/xorg-server
x11-libs/libxcb[xkb]
elogind? ( sys-auth/elogind )
pam? ( sys-libs/pam )
+ !pam? ( virtual/libcrypt:= )
systemd? ( sys-apps/systemd:= )
!systemd? ( sys-power/upower )
"
-DEPEND="${RDEPEND}
- test? ( >=dev-qt/qttest-5.9.4:5 )
+DEPEND="${COMMON_DEPEND}
+ test? ( dev-qt/qttest:5 )
+"
+RDEPEND="${COMMON_DEPEND}
+ !systemd? ( gui-libs/display-manager-init )
+"
+BDEPEND="
+ dev-python/docutils
+ dev-qt/linguist-tools:5
+ kde-frameworks/extra-cmake-modules:5
+ virtual/pkgconfig
"
PATCHES=(
- # Pending upstream
- # fix for groups: https://github.com/sddm/sddm/issues/1159
- "${FILESDIR}"/${PN}-0.18.1-revert-honor-PAM-supplemental-groups.patch
- "${FILESDIR}"/${PN}-0.18.1-honor-PAM-supplemental-groups-v2.patch
# Downstream patches
- "${FILESDIR}"/${PN}-0.18.1-respect-user-flags.patch # bug 563108
- "${FILESDIR}"/${PN}-0.19.0-Xsession.patch # bug 611210
+ "${FILESDIR}/${PN}-0.18.1-respect-user-flags.patch" # bug 563108
+ "${FILESDIR}/${PN}-0.19.0-Xsession.patch" # bug 611210
)
+pkg_setup() {
+ local CONFIG_CHECK="~DRM"
+ use kernel_linux && linux-info_pkg_setup
+}
+
src_prepare() {
cmake_src_prepare
- disable_locale() {
- sed -e "/${1}\.ts/d" -i data/translations/CMakeLists.txt || die
- }
- plocale_find_changes "data/translations" "" ".ts"
- plocale_for_each_disabled_locale disable_locale
-
if ! use test; then
sed -e "/^find_package/s/ Test//" -i CMakeLists.txt || die
cmake_comment_add_subdirectory test
@@ -87,6 +86,8 @@ src_configure() {
src_install() {
cmake_src_install
+ newtmpfiles "${FILESDIR}/${PN}.tmpfiles" "${PN}.conf"
+
# Create a default.conf as upstream dropped /etc/sddm.conf w/o
replacement
local confd="/usr/lib/sddm/sddm.conf.d"
dodir ${confd}
@@ -100,12 +101,25 @@ src_install() {
}
pkg_postinst() {
+ tmpfiles_process "${PN}.conf"
+
elog "Starting with 0.18.0, SDDM no longer installs /etc/sddm.conf"
elog "Use it to override specific options. SDDM defaults are now"
elog "found in: /usr/lib/sddm/sddm.conf.d/00default.conf"
-
- enewgroup ${PN}
- enewuser ${PN} -1 -1 /var/lib/${PN} ${PN},video
+ elog
+ elog "NOTE: If SDDM startup appears to hang then entropy pool is too
low."
+ elog "This can be fixed by configuring one of the following:"
+ elog " - Enable CONFIG_RANDOM_TRUST_CPU in linux kernel"
+ elog " - # emerge sys-apps/haveged && rc-update add haveged boot"
+ elog " - # emerge sys-apps/rng-tools && rc-update add rngd boot"
+ elog
+ elog "For more information on how to configure SDDM, please visit the
wiki:"
+ elog " https://wiki.gentoo.org/wiki/SDDM";
+ if has_version x11-drivers/nvidia-drivers; then
+ elog
+ elog " Nvidia GPU owners in particular should pay attention"
+ elog " to the troubleshooting section."
+ fi
systemd_reenable sddm.service
}
