about summary refs log tree commit diff
path: root/nixpkgs/pkgs/development/libraries/polkit
diff options
context:
space:
mode:
authorAlyssa Ross <hi@alyssa.is>2022-12-06 19:57:55 +0000
committerAlyssa Ross <hi@alyssa.is>2023-02-08 13:48:30 +0000
commitbf3aadfdd39aa197e18bade671fab6726349ffa4 (patch)
tree698567af766ed441d757b57a7b21e68d4a342a2b /nixpkgs/pkgs/development/libraries/polkit
parentf4afc5a01d9539ce09e47494e679c51f80723d07 (diff)
parent99665eb45f58d959d2cb9e49ddb960c79d596f33 (diff)
downloadnixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar
nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar.gz
nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar.bz2
nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar.lz
nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar.xz
nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.tar.zst
nixlib-bf3aadfdd39aa197e18bade671fab6726349ffa4.zip
Merge commit '99665eb45f58d959d2cb9e49ddb960c79d596f33'
Diffstat (limited to 'nixpkgs/pkgs/development/libraries/polkit')
-rw-r--r--nixpkgs/pkgs/development/libraries/polkit/default.nix43


1 files changed, 17 insertions, 26 deletions
diff --git a/nixpkgs/pkgs/development/libraries/polkit/default.nix b/nixpkgs/pkgs/development/libraries/polkit/default.nix
index 72907f7aedc8..163e3bb9965c 100644
--- a/nixpkgs/pkgs/development/libraries/polkit/default.nix
+++ b/nixpkgs/pkgs/development/libraries/polkit/default.nix
@@ -6,13 +6,14 @@
 , expat
 , pam
 , meson
+, mesonEmulatorHook
 , ninja
 , perl
 , rsync
 , python3
 , fetchpatch
 , gettext
-, spidermonkey_78
+, duktape
 , gobject-introspection
 , libxslt
 , docbook-xsl-nons
@@ -21,12 +22,8 @@
 , gtk-doc
 , coreutils
 , useSystemd ? stdenv.isLinux
-, systemd
+, systemdMinimal
 , elogind
-# needed until gobject-introspection does cross-compile (https://github.com/NixOS/nixpkgs/pull/88222)
-, withIntrospection ? (stdenv.buildPlatform == stdenv.hostPlatform)
-# cross build fails on polkit-1-scan (https://github.com/NixOS/nixpkgs/pull/152704)
-, withGtkDoc ? (stdenv.buildPlatform == stdenv.hostPlatform)
 # A few tests currently fail on musl (polkitunixusertest, polkitunixgrouptest, polkitidentitytest segfault).
 # Not yet investigated; it may be due to the "Make netgroup support optional"
 # patch not updating the tests correctly yet, or doing something wrong,
@@ -40,7 +37,7 @@ let
 in
 stdenv.mkDerivation rec {
   pname = "polkit";
-  version = "0.120";
+  version = "121";
 
   outputs = [ "bin" "dev" "out" ]; # small man pages in $bin
 
@@ -50,7 +47,7 @@ stdenv.mkDerivation rec {
     owner = "polkit";
     repo = "polkit";
     rev = version;
-    sha256 = "oEaRf1g13zKMD+cP1iwIA6jaCDwvNfGy2i8xY8vuVSo=";
+    sha256 = "Lj7KSGILc6CBsNqPO0G0PNt6ClikbRG45E8FZbb46yY=";
   };
 
   patches = [
@@ -60,17 +57,6 @@ stdenv.mkDerivation rec {
       url = "https://gitlab.freedesktop.org/polkit/polkit/-/commit/7ba07551dfcd4ef9a87b8f0d9eb8b91fabcb41b3.patch";
       sha256 = "ebbLILncq1hAZTBMsLm+vDGw6j0iQ0crGyhzyLZQgKA=";
     })
-    # pkexec: local privilege escalation (CVE-2021-4034)
-    (fetchpatch {
-      url = "https://gitlab.freedesktop.org/polkit/polkit/-/commit/a2bf5c9c83b6ae46cbd5c779d3055bff81ded683.patch";
-      sha256 = "162jkpg2myq0rb0s5k3nfr4pqwv9im13jf6vzj8p5l39nazg5i4s";
-    })
-    # File descriptor leak allows an unprivileged user to cause a crash (CVE-2021-4115)
-    (fetchpatch {
-      name = "CVE-2021-4115.patch";
-      url = "https://src.fedoraproject.org/rpms/polkit/raw/0a203bd46a1e2ec8cc4b3626840e2ea9d0d13a9a/f/CVE-2021-4115.patch";
-      sha256 = "sha256-BivHVVpYB4Ies1YbBDyKwUmNlqq2D1MpMipH9/dZM54=";
-    })
   ] ++ lib.optionals stdenv.hostPlatform.isMusl [
     # Make netgroup support optional (musl does not have it)
     # Upstream MR: https://gitlab.freedesktop.org/polkit/polkit/merge_requests/10
@@ -82,6 +68,10 @@ stdenv.mkDerivation rec {
     })
   ];
 
+  depsBuildBuild = [
+    pkg-config
+  ];
+
   nativeBuildInputs = [
     glib
     gtk-doc
@@ -91,7 +81,8 @@ stdenv.mkDerivation rec {
     ninja
     perl
     rsync
-    (python3.withPackages (pp: with pp; [
+    gobject-introspection
+    (python3.pythonForBuild.withPackages (pp: with pp; [
       dbus-python
       (python-dbusmock.overridePythonAttrs (attrs: {
         # Avoid dependency cycle.
@@ -103,17 +94,19 @@ stdenv.mkDerivation rec {
     libxslt
     docbook-xsl-nons
     docbook_xml_dtd_412
+  ] ++ lib.optionals (!stdenv.buildPlatform.canExecute stdenv.hostPlatform) [
+    mesonEmulatorHook
   ];
 
   buildInputs = [
+    gobject-introspection
     expat
     pam
-    spidermonkey_78
+    dbus
+    duktape
   ] ++ lib.optionals stdenv.isLinux [
     # On Linux, fall back to elogind when systemd support is off.
-    (if useSystemd then systemd else elogind)
-  ] ++ lib.optionals withIntrospection [
-    gobject-introspection
+    (if useSystemd then systemdMinimal else elogind)
   ];
 
   propagatedBuildInputs = [
@@ -130,9 +123,7 @@ stdenv.mkDerivation rec {
     "-Dsystemdsystemunitdir=${placeholder "out"}/etc/systemd/system"
     "-Dpolkitd_user=polkituser" #TODO? <nixos> config.ids.uids.polkituser
     "-Dos_type=redhat" # only affects PAM includes
-    "-Dintrospection=${lib.boolToString withIntrospection}"
     "-Dtests=${lib.boolToString doCheck}"
-    "-Dgtk_doc=${lib.boolToString withGtkDoc}"
     "-Dman=true"
   ] ++ lib.optionals stdenv.isLinux [
     "-Dsession_tracking=${if useSystemd then "libsystemd-login" else "libelogind"}"

 

generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-15 00:09:28 +0000