accountsservice: cleanup
* set admin_group to wheel * use a fix-paths.patch * patch to create StateDirectory Comes from upstream and should eliminate us creating the directories with a wrapper script.
This commit is contained in:
worldofpeace
parent
89f26a475d
commit
886e62f5b0
@ -1,9 +1,9 @@
|
||||
{ stdenv
|
||||
, fetchurl
|
||||
, fetchpatch
|
||||
, substituteAll
|
||||
, pkgconfig
|
||||
, glib
|
||||
, intltool
|
||||
, makeWrapper
|
||||
, shadow
|
||||
, gobject-introspection
|
||||
, polkit
|
||||
@ -13,19 +13,24 @@
|
||||
, dbus
|
||||
, ninja
|
||||
, python3
|
||||
, gettext
|
||||
}:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "accountsservice";
|
||||
version = "0.6.55";
|
||||
|
||||
outputs = [ "out" "dev" ];
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://www.freedesktop.org/software/${pname}/${pname}-${version}.tar.xz";
|
||||
sha256 = "16wwd633jak9ajyr1f1h047rmd09fhf3kzjz6g5xjsz0lwcj8azz";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
makeWrapper
|
||||
dbus
|
||||
gettext
|
||||
gobject-introspection
|
||||
meson
|
||||
ninja
|
||||
pkgconfig
|
||||
@ -33,42 +38,40 @@ stdenv.mkDerivation rec {
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
dbus
|
||||
glib
|
||||
gobject-introspection
|
||||
intltool
|
||||
polkit
|
||||
systemd
|
||||
];
|
||||
|
||||
mesonFlags = [
|
||||
"-Dsystemdsystemunitdir=etc/systemd/system"
|
||||
"-Dadmin_group=wheel"
|
||||
"-Dlocalstatedir=/var"
|
||||
"-Dsystemdsystemunitdir=${placeholder ''out''}/etc/systemd/system"
|
||||
];
|
||||
|
||||
prePatch = ''
|
||||
postPatch = ''
|
||||
chmod +x meson_post_install.py
|
||||
patchShebangs meson_post_install.py
|
||||
|
||||
substituteInPlace src/daemon.c --replace '"/usr/sbin/useradd"' '"${shadow}/bin/useradd"' \
|
||||
--replace '"/usr/sbin/userdel"' '"${shadow}/bin/userdel"'
|
||||
substituteInPlace src/user.c --replace '"/usr/sbin/usermod"' '"${shadow}/bin/usermod"' \
|
||||
--replace '"/usr/bin/chage"' '"${shadow}/bin/chage"' \
|
||||
--replace '"/usr/bin/passwd"' '"${shadow}/bin/passwd"' \
|
||||
--replace '"/bin/cat"' '"${coreutils}/bin/cat"'
|
||||
'';
|
||||
|
||||
patches = [
|
||||
(substituteAll {
|
||||
src = ./fix-paths.patch;
|
||||
inherit shadow coreutils;
|
||||
})
|
||||
./no-create-dirs.patch
|
||||
./Disable-methods-that-change-files-in-etc.patch
|
||||
# Systemd unit improvements. Notably using StateDirectory eliminating the
|
||||
# need of an ad-hoc script.
|
||||
(fetchpatch {
|
||||
url = "https://gitlab.freedesktop.org/accountsservice/accountsservice/commit/152b845bbd3ca2a64516691493a160825f1a2046.patch";
|
||||
sha256 = "114wrf5mwj5bgc5v1g05md4ridcnwdrwppr3bjz96sknwh5hk8s5";
|
||||
})
|
||||
(fetchpatch {
|
||||
url = "https://gitlab.freedesktop.org/accountsservice/accountsservice/commit/0e712e935abd26499ff5995ab363e5bfd9ee7c4c.patch";
|
||||
sha256 = "1y60a5fmgfqjzprwpizilrazqn3mggdlgc5sgcpsprsp62fv78rl";
|
||||
})
|
||||
];
|
||||
|
||||
preFixup = ''
|
||||
wrapProgram "$out/libexec/accounts-daemon" \
|
||||
--run "${coreutils}/bin/mkdir -p /var/lib/AccountsService/users" \
|
||||
--run "${coreutils}/bin/mkdir -p /var/lib/AccountsService/icons"
|
||||
'';
|
||||
|
||||
meta = with stdenv.lib; {
|
||||
description = "D-Bus interface for user account query and manipulation";
|
||||
homepage = https://www.freedesktop.org/wiki/Software/AccountsService;
|
||||
|
||||
125
pkgs/development/libraries/accountsservice/fix-paths.patch
Normal file
125
pkgs/development/libraries/accountsservice/fix-paths.patch
Normal file
@ -0,0 +1,125 @@
|
||||
diff --git a/src/daemon.c b/src/daemon.c
|
||||
index c52bda3..75d214e 100644
|
||||
--- a/src/daemon.c
|
||||
+++ b/src/daemon.c
|
||||
@@ -1106,7 +1106,7 @@ daemon_create_user_authorized_cb (Daemon *daemon,
|
||||
|
||||
sys_log (context, "create user '%s'", cd->user_name);
|
||||
|
||||
- argv[0] = "/usr/sbin/useradd";
|
||||
+ argv[0] = "@shadow@/bin/useradd";
|
||||
argv[1] = "-m";
|
||||
argv[2] = "-c";
|
||||
argv[3] = cd->real_name;
|
||||
@@ -1318,7 +1318,7 @@ daemon_delete_user_authorized_cb (Daemon *daemon,
|
||||
|
||||
user_set_saved (user, FALSE);
|
||||
|
||||
- argv[0] = "/usr/sbin/userdel";
|
||||
+ argv[0] = "@shadow@/bin/userdel";
|
||||
if (ud->remove_files) {
|
||||
argv[1] = "-f";
|
||||
argv[2] = "-r";
|
||||
diff --git a/src/user.c b/src/user.c
|
||||
index 9f57af5..e65289d 100644
|
||||
--- a/src/user.c
|
||||
+++ b/src/user.c
|
||||
@@ -844,7 +844,7 @@ user_change_real_name_authorized_cb (Daemon *daemon,
|
||||
accounts_user_get_uid (ACCOUNTS_USER (user)),
|
||||
name);
|
||||
|
||||
- argv[0] = "/usr/sbin/usermod";
|
||||
+ argv[0] = "@shadown@/bin/usermod";
|
||||
argv[1] = "-c";
|
||||
argv[2] = name;
|
||||
argv[3] = "--";
|
||||
@@ -913,7 +913,7 @@ user_change_user_name_authorized_cb (Daemon *daemon,
|
||||
accounts_user_get_uid (ACCOUNTS_USER (user)),
|
||||
name);
|
||||
|
||||
- argv[0] = "/usr/sbin/usermod";
|
||||
+ argv[0] = "@shadow@/bin/usermod";
|
||||
argv[1] = "-l";
|
||||
argv[2] = name;
|
||||
argv[3] = "--";
|
||||
@@ -1321,7 +1321,7 @@ user_change_home_dir_authorized_cb (Daemon *daemon,
|
||||
accounts_user_get_uid (ACCOUNTS_USER (user)),
|
||||
home_dir);
|
||||
|
||||
- argv[0] = "/usr/sbin/usermod";
|
||||
+ argv[0] = "@shadow@/bin/usermod";
|
||||
argv[1] = "-m";
|
||||
argv[2] = "-d";
|
||||
argv[3] = home_dir;
|
||||
@@ -1378,7 +1378,7 @@ user_change_shell_authorized_cb (Daemon *daemon,
|
||||
accounts_user_get_uid (ACCOUNTS_USER (user)),
|
||||
shell);
|
||||
|
||||
- argv[0] = "/usr/sbin/usermod";
|
||||
+ argv[0] = "@shadow@/bin/usermod";
|
||||
argv[1] = "-s";
|
||||
argv[2] = shell;
|
||||
argv[3] = "--";
|
||||
@@ -1520,7 +1520,7 @@ user_change_icon_file_authorized_cb (Daemon *daemon,
|
||||
return;
|
||||
}
|
||||
|
||||
- argv[0] = "/bin/cat";
|
||||
+ argv[0] = "@coreutils@/bin/cat";
|
||||
argv[1] = filename;
|
||||
argv[2] = NULL;
|
||||
|
||||
@@ -1601,7 +1601,7 @@ user_change_locked_authorized_cb (Daemon *daemon,
|
||||
locked ? "locking" : "unlocking",
|
||||
accounts_user_get_user_name (ACCOUNTS_USER (user)),
|
||||
accounts_user_get_uid (ACCOUNTS_USER (user)));
|
||||
- argv[0] = "/usr/sbin/usermod";
|
||||
+ argv[0] = "@shadow@/bin/usermod";
|
||||
argv[1] = locked ? "-L" : "-U";
|
||||
argv[2] = "--";
|
||||
argv[3] = accounts_user_get_user_name (ACCOUNTS_USER (user));
|
||||
@@ -1726,7 +1726,7 @@ user_change_account_type_authorized_cb (Daemon *daemon,
|
||||
|
||||
g_free (groups);
|
||||
|
||||
- argv[0] = "/usr/sbin/usermod";
|
||||
+ argv[0] = "@shadow@/bin/usermod";
|
||||
argv[1] = "-G";
|
||||
argv[2] = str->str;
|
||||
argv[3] = "--";
|
||||
@@ -1794,7 +1794,7 @@ user_change_password_mode_authorized_cb (Daemon *daemon,
|
||||
if (mode == PASSWORD_MODE_SET_AT_LOGIN ||
|
||||
mode == PASSWORD_MODE_NONE) {
|
||||
|
||||
- argv[0] = "/usr/bin/passwd";
|
||||
+ argv[0] = "/run/wrappers/bin/passwd";
|
||||
argv[1] = "-d";
|
||||
argv[2] = "--";
|
||||
argv[3] = accounts_user_get_user_name (ACCOUNTS_USER (user));
|
||||
@@ -1806,7 +1806,7 @@ user_change_password_mode_authorized_cb (Daemon *daemon,
|
||||
}
|
||||
|
||||
if (mode == PASSWORD_MODE_SET_AT_LOGIN) {
|
||||
- argv[0] = "/usr/bin/chage";
|
||||
+ argv[0] = "@shadow@/bin/chage";
|
||||
argv[1] = "-d";
|
||||
argv[2] = "0";
|
||||
argv[3] = "--";
|
||||
@@ -1827,7 +1827,7 @@ user_change_password_mode_authorized_cb (Daemon *daemon,
|
||||
accounts_user_set_locked (ACCOUNTS_USER (user), FALSE);
|
||||
}
|
||||
else if (accounts_user_get_locked (ACCOUNTS_USER (user))) {
|
||||
- argv[0] = "/usr/sbin/usermod";
|
||||
+ argv[0] = "@shadow@/bin/usermod";
|
||||
argv[1] = "-U";
|
||||
argv[2] = "--";
|
||||
argv[3] = accounts_user_get_user_name (ACCOUNTS_USER (user));
|
||||
@@ -1905,7 +1905,7 @@ user_change_password_authorized_cb (Daemon *daemon,
|
||||
|
||||
g_object_freeze_notify (G_OBJECT (user));
|
||||
|
||||
- argv[0] = "/usr/sbin/usermod";
|
||||
+ argv[0] = "@shadow@/bin/usermod";
|
||||
argv[1] = "-p";
|
||||
argv[2] = strings[0];
|
||||
argv[3] = "--";
|
||||
Loading…
Reference in New Issue
Block a user