v2 fixes transaction test error because of wrong permissions of
/usr/share/polkit-1/rules.d
On Tue, May 28 2024 at 01:53:26 PM +02:00:00, Markus Volk
<f_...@t-online.de> wrote:
46.2
====
* Potential crasher fix
* Improved disconnection messages
* Broader client compatibility support
* Various security hardening improvements
* CVE-2024-5148 Limit login screen->user session handover access to
appropriate user
Contributors:
Pascal Nowack, Ray Strode
Translators:
Balázs Úr [hu], Efstathios Iosifidis [el], Fabio Tomat [fur],
Hugo Carvalho [pt], Jordi Mas i Hernandez [ca],
Juliano de Souza Camargo [pt_BR]
- add polkitd user and fix permissions to avoid:
Error: Transaction test error:
file /usr/share/polkit-1/rules.d conflicts between attempted
installs of gnome-remote-desktop-46.2-r0.corei7_64 and
gnome-control-center-46.2-r0.corei7_64
Signed-off-by: Markus Volk <f_...@t-online.de
<mailto:f_...@t-online.de>>
---
...ktop_46.1.bb => gnome-remote-desktop_46.2.bb} | 16
+++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
rename
meta-gnome/dynamic-layers/meta-security/recipes-gnome/gnome-remote-desktop/{gnome-remote-desktop_46.1.bb
=> gnome-remote-desktop_46.2.bb} (64%)
diff --git
a/meta-gnome/dynamic-layers/meta-security/recipes-gnome/gnome-remote-desktop/gnome-remote-desktop_46.1.bb
b/meta-gnome/dynamic-layers/meta-security/recipes-gnome/gnome-remote-desktop/gnome-remote-desktop_46.2.bb
similarity index 64%
rename from
meta-gnome/dynamic-layers/meta-security/recipes-gnome/gnome-remote-desktop/gnome-remote-desktop_46.1.bb
rename to
meta-gnome/dynamic-layers/meta-security/recipes-gnome/gnome-remote-desktop/gnome-remote-desktop_46.2.bb
index 634b37971..59ae9383d 100644
---
a/meta-gnome/dynamic-layers/meta-security/recipes-gnome/gnome-remote-desktop/gnome-remote-desktop_46.1.bb
+++
b/meta-gnome/dynamic-layers/meta-security/recipes-gnome/gnome-remote-desktop/gnome-remote-desktop_46.2.bb
@@ -4,11 +4,11 @@ LIC_FILES_CHKSUM =
"file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263"
GNOMEBASEBUILDCLASS = "meson"
-inherit gnomebase gettext gsettings features_check
+inherit gnomebase gettext gsettings features_check useradd
-REQUIRED_DISTRO_FEATURES = "opengl"
+REQUIRED_DISTRO_FEATURES = "opengl polkit"
-SRC_URI[archive.sha256sum] =
"7c62a4281fdfa9522110affbf75d09973035f2adc7fa4577511d733186beb68f"
+SRC_URI[archive.sha256sum] =
"97443eaffe4b1a69626886a41d25cbeb2c148d3fed43d92115c1b7d20d5238ab"
DEPENDS = " \
asciidoc-native \
@@ -36,5 +36,15 @@ PACKAGECONFIG[vnc] =
"-Dvnc=true,-Dvnc=false,libvncserver"
PACKAGECONFIG[rdp] = "-Drdp=true,-Drdp=false,freerdp3 fuse3
libxkbcommon"
PACKAGECONFIG[systemd] = "-Dsystemd=true,-Dsystemd=false,systemd"
+USERADD_PACKAGES = "${PN}"
+USERADD_PARAM:${PN} = "--system --no-create-home --user-group
--home-dir ${sysconfdir}/polkit-1 polkitd"
+
+do_install:append() {
+ if [ -d ${D}${datadir}/polkit-1/rules.d ]; then
+ chmod 700 ${D}${datadir}/polkit-1/rules.d
+ chown polkitd:root ${D}${datadir}/polkit-1/rules.d
+ fi
+}
+
PACKAGE_DEBUG_SPLIT_STYLE = "debug-without-src"
FILES:${PN} += "${systemd_user_unitdir} ${systemd_system_unitdir}
${datadir} ${libdir}/sysusers.d ${libdir}/tmpfiles.d"
--
2.45.1
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#110590):
https://lists.openembedded.org/g/openembedded-devel/message/110590
Mute This Topic: https://lists.openembedded.org/mt/106346808/21656
Group Owner: openembedded-devel+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-devel/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-