Nick Cao
479329611e
polkit: fix build with meson 0.61
2022-03-13 12:16:17 +08:00
Martin Weinelt
08a80b7b00
polkit: Patch unauthenticated file descriptor leak
...
https://gitlab.freedesktop.org/polkit/polkit/-/issues/170
https://www.openwall.com/lists/oss-security/2022/02/18/1
Fixes: CVE-2021-4115
2022-02-18 19:49:52 +01:00
Martin Weinelt
bd3256cf4f
polkit: fix local priviledge escalation in pkexec
...
> We discovered a Local Privilege Escalation (from any user to root) in
> polkit's pkexec, a SUID-root program that is installed by default on
> every major Linux distribution
https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
Fixes: CVE-2021-4034
2022-01-25 11:55:05 -08:00
Joerie de Gram
649a7d75b4
polkit: disable gtkdoc when cross compiling
2022-01-16 23:57:01 +01:00
Jan Tojnar
3b916a6b78
polkit: fix hash
2021-11-01 14:53:13 +01:00
Jan Tojnar
595c25f105
polkit: Fix regression in paths in pkg-config file
...
resulting from discrepancy between Meson and Autotools build systems.
2021-11-01 14:51:57 +01:00
Jan Tojnar
527b98a125
polkit: port to Meson
...
Autotools build will be removed in the next release.
Examples are no longer installed.
Musl patch does not work.
2021-10-31 05:05:16 +01:00
Jan Tojnar
54417ca863
polkit: 0.119 → 0.120
...
https://lists.freedesktop.org/archives/polkit-devel/2021-October/000608.html
2021-10-31 03:45:42 +01:00
Jan Tojnar
e6b0796129
polkit: format the expression
...
Use lib.optionals instead of lib.optional, move phases to the bottom, have one input per line.
2021-10-31 03:45:42 +01:00
Yureka
d4c85edba9
polkit: fix musl build
...
Update patches and make them unconditional to prevent rot.
Also do not make systemd support dependent on musl.
2021-10-20 12:57:34 +02:00
Rahul Rameshbabu
5aecb4202d
polkit: 0.118 -> 0.119
...
The 0.119 release of polkit integrates the following changes, so the
patches implemented to incorporate these changes are no longer needed.
* 273357a395
* https://gitlab.freedesktop.org/polkit/polkit/-/blob/0.119/src/polkit/polkitsystembusname.c#L438-440
Fixes: CVE-2021-3560 without a patch
2021-06-28 07:46:34 -07:00
Martin Weinelt
26ac1d5db9
polkit: Fix local privilege escalation vulnerability
...
Fixes a local privilege escalation using polkit_system_bus_name_get_creds_sync()
Fixes: CVE-2021-3560
2021-06-03 21:31:57 +02:00
Jan Tojnar
0420282780
treewide maintainers: add teams.{freedesktop,gnome}
2021-05-07 15:36:40 +02:00
Vladimír Čunát
9f054b5e1a
treewide: remove worldofpeace from meta.maintainers
...
(It was requested by them.)
I left one case due to fetching from their personal repo:
pkgs/desktops/pantheon/desktop/extra-elementary-contracts/default.nix
2021-05-07 15:36:40 +02:00
Ben Siraphob
66e44425c6
pkgs/development/libraries: stdenv.lib -> lib
2021-01-21 19:11:02 -08:00
Jonathan Ringer
9bb3fccb5b
treewide: pkgs.pkgconfig -> pkgs.pkg-config, move pkgconfig to alias.nix
...
continuation of #109595
pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.
python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
2021-01-19 01:16:25 -08:00
Florian Klink
4f087a608e
polkit: don't build with gobject-introspection when cross-compiling
...
gobject-introspection doesn't currently cross-compile (see
https://github.com/NixOS/nixpkgs/pull/88222 ), but polkit is somewhat
essential for many system components.
By disabling gobject-introspection when cross-compiling, we get it to
build.
2021-01-01 23:11:53 +01:00
Arnout Engelen
025af7c4f5
polkit: 0.116 -> 0.118 ( #103998 )
2020-11-17 11:15:30 +01:00
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs
2020-04-10 17:54:53 +01:00
Jan Tojnar
4cb7f43d3a
polkit: rename misleading flag
...
gobject-introspection has nothing to do with graphical systems or GNOME, it is needed for language bindings like Python.
2019-12-01 02:18:00 +01:00
Niklas Hambüchen
504199e48a
polkit: Don't build elogind on non-Linux.
...
In #72057 I added support for elogind when systemd is not supported,
but it occurred to me that it probably doens't make sense to have
either of systemd or elogind on Darwin.
2019-11-20 23:23:46 +01:00
Jan Tojnar
70c0c48970
Merge branch 'staging-next' into staging
2019-11-01 02:58:40 +01:00
Niklas Hambüchen
62fbcea807
Merge pull request #72057 from nh2/polkit-musl-elogind
...
musl support for polkit, add elogind
2019-10-31 17:05:42 +01:00
Niklas Hambüchen
1ca49b80cb
polkit: Disable systemd support on musl, it needs elogind there
2019-10-31 16:47:00 +01:00
Niklas Hambüchen
6b7f343121
Merge pull request #72301 from nh2/polkit-stable-patch-url
...
polkit: Fix unstable patch URL
2019-10-30 16:27:10 +01:00
Niklas Hambüchen
0e10ad926d
polkit: Fix unstable patch URL.
...
Unmerged upstream merge requests can change when iterated on!
2019-10-30 14:53:09 +01:00
worldofpeace
81220cff1e
polkit: add worldofpeace to maintainers
2019-10-28 20:41:36 -04:00
worldofpeace
e570377f52
polkit: drop obsolete comments, whitespace
2019-10-05 07:10:11 -04:00
worldofpeace
670c000eb9
polkit: drop -Wno-deprecated-declarations
...
appears to be uneeded.
2019-10-05 07:09:36 -04:00
worldofpeace
a61db21b36
polkit: propagate glib
...
polkit-gobject-1.pc has glib in Requires, and polkit-agent-1.pc
requires polkit-gobject-1.
2019-10-05 07:08:51 -04:00
worldofpeace
9d0e05233f
polkit: Move D-Bus conf file to share/dbus-1/system.d
...
Since D-Bus 1.9.18 configuration files installed by third-party should
go in share/dbus-1/system.d. The old location is for sysadmin overrides.
2019-09-16 13:59:09 -04:00
volth
f3282c8d1e
treewide: remove unused variables ( #63177 )
...
* treewide: remove unused variables
* making ofborg happy
2019-06-16 19:59:05 +00:00
Will Dietz
eeff4eda14
polkit: 0.115 -> 0.116
...
* now uses mozjs60
* drop CVE patches included in release
* pname-ify
* use flag arrays and placeholder
2019-04-27 07:02:36 +02:00
Michael Eden
d8d8a9cddb
polkit: optional introspection and cross compilation fixes
2019-04-16 19:03:22 +02:00
worldofpeace
7da64c9fbe
polkit: fix CVE-2019-6133
...
Jann Horn of Google found that Polkit doesn't properly check
if a process is already authenticated, which can lead to an
authentication reuse by a different user[0]. See also [1]
Closes #55391
[0]: https://bugs.chromium.org/p/project-zero/issues/detail?id=1692
[1]: https://gitlab.freedesktop.org/polkit/polkit/issues/75
2019-02-07 18:07:08 -05:00
Jörg Thalheim
1b146a8c6f
treewide: remove paxutils from stdenv
...
More then one year ago we removed grsecurity kernels from nixpkgs:
https://github.com/NixOS/nixpkgs/pull/25277
This removes now also paxutils from stdenv.
2018-12-22 12:55:05 +01:00
c0bw3b
a14af16cfc
polkit: add patch for CVE-2018-19788
...
unprivileged users with UID > INT_MAX can successfully execute any systemctl command
Original issue: https://gitlab.freedesktop.org/polkit/polkit/issues/74
2018-12-07 19:35:43 +01:00
Jan Tojnar
a51a99c690
gobject-introspection: rename package
...
camelCase package name was a huge inconsistency in GNOME package set.
2018-12-02 12:42:29 +01:00
Markus Kowalewski
0320769991
polkit: add license
2018-08-18 00:12:55 +02:00
Uli Baum
6840ae4aee
polkit: 0.114 -> 0.115
2018-08-02 21:33:35 +02:00
Symphorien Gibol
2a51780f2c
polkit: 0.113 -> 0.114
2018-07-08 22:33:29 +02:00
Silvan Mosberger
57bccb3cb8
treewide: http -> https sources ( #42676 )
...
* treewide: http -> https sources
This updates the source urls of all top-level packages from http to
https where possible.
* buildtorrent: fix url and tab -> spaces
2018-06-28 20:43:35 +02:00
Matthew Justin Bauer
bad3800307
polkit: fix paxmark script
2018-06-16 21:24:27 -04:00
Matthew Bauer
133cf0ce1b
polkit: supports darwin
...
- apply musl patch unconditionally
- add doCheck arg
- make paxmark linux0nly
2018-06-15 22:57:44 -04:00
Jan Tojnar
a31d98f312
tree-wide: autorename gnome packages to use dashes
2018-02-25 17:41:16 +01:00
Will Dietz
551f0702c2
polkit: patch to fix w/musl, POSIX
2018-02-13 09:44:56 -06:00
Dan Peebles
dfd300c81d
treewide: s/pkgs.fedoraproject.org/src.fedoraproject.org/
...
Upstream killed the pkgs server but src continues to serve up the exact
same content, so we can just point there and all hashes should be unchanged.
2018-02-08 16:38:08 -05:00
John Ericson
abec0e7645
polkit: Recategorize some dependencies
2017-09-21 15:49:54 -04:00
Nikolay Amiantov
e7fa6220d6
polkit: add patches from Fedora
...
This fixes few leaks and adds ITS description files which are needed for some
reverse dependencies.
2017-05-25 19:07:21 +03:00
Vladimír Čunát
96d41e393d
treewide: purge maintainers.urkud
...
It's sad, but he's been inactive for the last five years.
Keeping such people in meta.maintainers is counter-productive.
2017-03-27 19:52:29 +02:00