diff options
author | Alyssa Ross <hi@alyssa.is> | 2022-12-06 19:57:55 +0000 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2023-02-08 13:48:30 +0000 |
commit | bf3aadfdd39aa197e18bade671fab6726349ffa4 (patch) | |
tree | 698567af766ed441d757b57a7b21e68d4a342a2b /nixpkgs/pkgs/development/libraries/polkit | |
parent | f4afc5a01d9539ce09e47494e679c51f80723d07 (diff) | |
parent | 99665eb45f58d959d2cb9e49ddb960c79d596f33 (diff) | |
download | nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar.gz nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar.bz2 nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar.lz nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar.xz nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar.zst nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.zip |
Merge commit '99665eb45f58d959d2cb9e49ddb960c79d596f33'
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/polkit')
-rw-r--r-- | nixpkgs/pkgs/development/libraries/polkit/default.nix | 43 |
1 files changed, 17 insertions, 26 deletions
diff --git a/nixpkgs/pkgs/development/libraries/polkit/default.nix b/nixpkgs/pkgs/development/libraries/polkit/default.nix index 72907f7aedc8..163e3bb9965c 100644 --- a/nixpkgs/pkgs/development/libraries/polkit/default.nix +++ b/nixpkgs/pkgs/development/libraries/polkit/default.nix @@ -6,13 +6,14 @@ , expat , pam , meson +, mesonEmulatorHook , ninja , perl , rsync , python3 , fetchpatch , gettext -, spidermonkey_78 +, duktape , gobject-introspection , libxslt , docbook-xsl-nons @@ -21,12 +22,8 @@ , gtk-doc , coreutils , useSystemd ? stdenv.isLinux -, systemd +, systemdMinimal , elogind -# needed until gobject-introspection does cross-compile (https://github.com/NixOS/nixpkgs/pull/88222) -, withIntrospection ? (stdenv.buildPlatform == stdenv.hostPlatform) -# cross build fails on polkit-1-scan (https://github.com/NixOS/nixpkgs/pull/152704) -, withGtkDoc ? (stdenv.buildPlatform == stdenv.hostPlatform) # A few tests currently fail on musl (polkitunixusertest, polkitunixgrouptest, polkitidentitytest segfault). # Not yet investigated; it may be due to the "Make netgroup support optional" # patch not updating the tests correctly yet, or doing something wrong, @@ -40,7 +37,7 @@ let in stdenv.mkDerivation rec { pname = "polkit"; - version = "0.120"; + version = "121"; outputs = [ "bin" "dev" "out" ]; # small man pages in $bin @@ -50,7 +47,7 @@ stdenv.mkDerivation rec { owner = "polkit"; repo = "polkit"; rev = version; - sha256 = "oEaRf1g13zKMD+cP1iwIA6jaCDwvNfGy2i8xY8vuVSo="; + sha256 = "Lj7KSGILc6CBsNqPO0G0PNt6ClikbRG45E8FZbb46yY="; }; patches = [ @@ -60,17 +57,6 @@ stdenv.mkDerivation rec { url = "https://gitlab.freedesktop.org/polkit/polkit/-/commit/7ba07551dfcd4ef9a87b8f0d9eb8b91fabcb41b3.patch"; sha256 = "ebbLILncq1hAZTBMsLm+vDGw6j0iQ0crGyhzyLZQgKA="; }) - # pkexec: local privilege escalation (CVE-2021-4034) - (fetchpatch { - url = "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683.patch"; - sha256 = "162jkpg2myq0rb0s5k3nfr4pqwv9im13jf6vzj8p5l39nazg5i4s"; - }) - # File descriptor leak allows an unprivileged user to cause a crash (CVE-2021-4115) - (fetchpatch { - name = "CVE-2021-4115.patch"; - url = "https://src.fedoraproject.org/rpms/polkit/raw/0a203bd46a1e2ec8cc4b3626840e2ea9d0d13a9a/f/CVE-2021-4115.patch"; - sha256 = "sha256-BivHVVpYB4Ies1YbBDyKwUmNlqq2D1MpMipH9/dZM54="; - }) ] ++ lib.optionals stdenv.hostPlatform.isMusl [ # Make netgroup support optional (musl does not have it) # Upstream MR: https://gitlab.freedesktop.org/polkit/polkit/merge_requests/10 @@ -82,6 +68,10 @@ stdenv.mkDerivation rec { }) ]; + depsBuildBuild = [ + pkg-config + ]; + nativeBuildInputs = [ glib gtk-doc @@ -91,7 +81,8 @@ stdenv.mkDerivation rec { ninja perl rsync - (python3.withPackages (pp: with pp; [ + gobject-introspection + (python3.pythonForBuild.withPackages (pp: with pp; [ dbus-python (python-dbusmock.overridePythonAttrs (attrs: { # Avoid dependency cycle. @@ -103,17 +94,19 @@ stdenv.mkDerivation rec { libxslt docbook-xsl-nons docbook_xml_dtd_412 + ] ++ lib.optionals (!stdenv.buildPlatform.canExecute stdenv.hostPlatform) [ + mesonEmulatorHook ]; buildInputs = [ + gobject-introspection expat pam - spidermonkey_78 + dbus + duktape ] ++ lib.optionals stdenv.isLinux [ # On Linux, fall back to elogind when systemd support is off. - (if useSystemd then systemd else elogind) - ] ++ lib.optionals withIntrospection [ - gobject-introspection + (if useSystemd then systemdMinimal else elogind) ]; propagatedBuildInputs = [ @@ -130,9 +123,7 @@ stdenv.mkDerivation rec { "-Dsystemdsystemunitdir=${placeholder "out"}/etc/systemd/system" "-Dpolkitd_user=polkituser" #TODO? <nixos> config.ids.uids.polkituser "-Dos_type=redhat" # only affects PAM includes - "-Dintrospection=${lib.boolToString withIntrospection}" "-Dtests=${lib.boolToString doCheck}" - "-Dgtk_doc=${lib.boolToString withGtkDoc}" "-Dman=true" ] ++ lib.optionals stdenv.isLinux [ "-Dsession_tracking=${if useSystemd then "libsystemd-login" else "libelogind"}" |