diff options
author | Chris Marchesi <chrism@vancluevertech.com> | 2023-11-23 12:29:34 -0800 |
---|---|---|
committer | Anderson Torres <torres.anderson.85@protonmail.com> | 2023-11-24 08:53:00 -0300 |
commit | 2034ea01b9edb411ed5f08acf8a2e4f8af763734 (patch) | |
tree | 3c47bb3bba26c0899ad2dbb385323c3df8fcf3ef /pkgs/by-name | |
parent | 45c702624754d2fa8d7367c181ed0f6cd9f1cf8e (diff) | |
download | nixlib-2034ea01b9edb411ed5f08acf8a2e4f8af763734.tar nixlib-2034ea01b9edb411ed5f08acf8a2e4f8af763734.tar.gz nixlib-2034ea01b9edb411ed5f08acf8a2e4f8af763734.tar.bz2 nixlib-2034ea01b9edb411ed5f08acf8a2e4f8af763734.tar.lz nixlib-2034ea01b9edb411ed5f08acf8a2e4f8af763734.tar.xz nixlib-2034ea01b9edb411ed5f08acf8a2e4f8af763734.tar.zst nixlib-2034ea01b9edb411ed5f08acf8a2e4f8af763734.zip |
xscreensaver: add suid wrapper patch
This adds a patch for XScreenSaver that ensures that the suid wrapper for xscreensaver-auth is run correctly. The patch is a simple update to drivers/xscreensaver.c that inserts /run/wrappers/bin before the DEFAULT_PATH_PREFIX, which is the directory for xscreensaver hacks/demos, and should be preserved. The wrapper directory can be modified in the derivation, or even disabled. Co-authored-by: Anderson Torres <torres.anderson.85@protonmail.com>
Diffstat (limited to 'pkgs/by-name')
-rw-r--r-- | pkgs/by-name/xs/xscreensaver/package.nix | 14 | ||||
-rw-r--r-- | pkgs/by-name/xs/xscreensaver/xscreensaver-wrapper-prefix.patch | 37 |
2 files changed, 51 insertions, 0 deletions
diff --git a/pkgs/by-name/xs/xscreensaver/package.nix b/pkgs/by-name/xs/xscreensaver/package.nix index 2f4af30ff304..ba946305425f 100644 --- a/pkgs/by-name/xs/xscreensaver/package.nix +++ b/pkgs/by-name/xs/xscreensaver/package.nix @@ -26,6 +26,9 @@ , systemd , forceInstallAllHacks ? true , withSystemd ? lib.meta.availableOn stdenv.hostPlatform systemd +, nixosTests +, substituteAll +, wrapperPrefix ? "/run/wrappers/bin" }: stdenv.mkDerivation (finalAttrs: { @@ -75,6 +78,13 @@ stdenv.mkDerivation (finalAttrs: { popd ''; + patches = [ + (substituteAll { + src = ./xscreensaver-wrapper-prefix.patch; + inherit wrapperPrefix; + }) + ]; + preConfigure = '' # Fix installation paths for GTK resources. sed -e 's%@GTK_DATADIR@%@datadir@% ; s%@PO_DATADIR@%@datadir@%' \ @@ -105,6 +115,10 @@ stdenv.mkDerivation (finalAttrs: { cp -f $(find hacks -type f -perm -111 "!" -name "*.*" ) "$out/libexec/xscreensaver" ''; + passthru.tests = { + xscreensaver = nixosTests.xscreensaver; + }; + meta = { homepage = "https://www.jwz.org/xscreensaver/"; description = "A set of screensavers"; diff --git a/pkgs/by-name/xs/xscreensaver/xscreensaver-wrapper-prefix.patch b/pkgs/by-name/xs/xscreensaver/xscreensaver-wrapper-prefix.patch new file mode 100644 index 000000000000..892924b560b7 --- /dev/null +++ b/pkgs/by-name/xs/xscreensaver/xscreensaver-wrapper-prefix.patch @@ -0,0 +1,37 @@ +--- a/driver/xscreensaver.c ++++ b/driver/xscreensaver.c +@@ -253,6 +253,8 @@ + #undef MAX + #define MAX(x,y)((x)>(y)?(x):(y)) + ++/* Define the default wrapper prefix here, for NixOS */ ++#define NIXOS_WRAPPER_PREFIX "@wrapperPrefix@" + + /* Globals used in this file. + */ +@@ -632,12 +634,24 @@ handle_sigchld (Display *dpy, Bool blanked_p) + static void + hack_environment (void) + { ++ static const char *wrapper_path = NIXOS_WRAPPER_PREFIX; + static const char *def_path = DEFAULT_PATH_PREFIX; + const char *opath = getenv("PATH"); + char *npath; + if (! opath) opath = "/bin:/usr/bin"; /* WTF */ +- npath = (char *) malloc(strlen(def_path) + strlen(opath) + 20); ++ /* NOTE: The NixOS patch adds extra margin than what would be expected for a ++ single extra ":" PATH separator to account for UTF-32 encoding. The ++ original 20 bytes would have only accounted for UTF-16 safely (the path ++ concatenation would have needed 28 bytes of margin at minimum for UTF-32). ++ */ ++ npath = (char *) malloc(strlen(wrapper_path) + strlen(def_path) + strlen(opath) + 32); + strcpy (npath, "PATH="); ++ if (wrapper_path && *wrapper_path) ++ { ++ strcat (npath, wrapper_path); ++ strcat (npath, ":"); ++ } ++ + strcat (npath, def_path); + strcat (npath, ":"); + strcat (npath, opath); |