Nick Cao
479329611e
polkit: fix build with meson 0.61
2 years ago
Martin Weinelt
08a80b7b00
polkit: Patch unauthenticated file descriptor leak
...
https://gitlab.freedesktop.org/polkit/polkit/-/issues/170
https://www.openwall.com/lists/oss-security/2022/02/18/1
Fixes: CVE-2021-4115
2 years ago
Martin Weinelt
bd3256cf4f
polkit: fix local priviledge escalation in pkexec
...
> We discovered a Local Privilege Escalation (from any user to root) in
> polkit's pkexec, a SUID-root program that is installed by default on
> every major Linux distribution
https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
Fixes: CVE-2021-4034
2 years ago
Joerie de Gram
649a7d75b4
polkit: disable gtkdoc when cross compiling
2 years ago
Jan Tojnar
3b916a6b78
polkit: fix hash
3 years ago
Jan Tojnar
595c25f105
polkit: Fix regression in paths in pkg-config file
...
resulting from discrepancy between Meson and Autotools build systems.
3 years ago
Jan Tojnar
527b98a125
polkit: port to Meson
...
Autotools build will be removed in the next release.
Examples are no longer installed.
Musl patch does not work.
3 years ago
Jan Tojnar
54417ca863
polkit: 0.119 → 0.120
...
https://lists.freedesktop.org/archives/polkit-devel/2021-October/000608.html
3 years ago
Jan Tojnar
e6b0796129
polkit: format the expression
...
Use lib.optionals instead of lib.optional, move phases to the bottom, have one input per line.
3 years ago
Yureka
d4c85edba9
polkit: fix musl build
...
Update patches and make them unconditional to prevent rot.
Also do not make systemd support dependent on musl.
3 years ago
Rahul Rameshbabu
5aecb4202d
polkit: 0.118 -> 0.119
...
The 0.119 release of polkit integrates the following changes, so the
patches implemented to incorporate these changes are no longer needed.
* 273357a395
* https://gitlab.freedesktop.org/polkit/polkit/-/blob/0.119/src/polkit/polkitsystembusname.c#L438-440
Fixes: CVE-2021-3560 without a patch
3 years ago
Martin Weinelt
26ac1d5db9
polkit: Fix local privilege escalation vulnerability
...
Fixes a local privilege escalation using polkit_system_bus_name_get_creds_sync()
Fixes: CVE-2021-3560
3 years ago
Jan Tojnar
0420282780
treewide maintainers: add teams.{freedesktop,gnome}
3 years ago
Vladimír Čunát
9f054b5e1a
treewide: remove worldofpeace from meta.maintainers
...
(It was requested by them.)
I left one case due to fetching from their personal repo:
pkgs/desktops/pantheon/desktop/extra-elementary-contracts/default.nix
3 years ago
Ben Siraphob
66e44425c6
pkgs/development/libraries: stdenv.lib -> lib
3 years ago
Jonathan Ringer
9bb3fccb5b
treewide: pkgs.pkgconfig -> pkgs.pkg-config, move pkgconfig to alias.nix
...
continuation of #109595
pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.
python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
3 years ago
Florian Klink
4f087a608e
polkit: don't build with gobject-introspection when cross-compiling
...
gobject-introspection doesn't currently cross-compile (see
https://github.com/NixOS/nixpkgs/pull/88222 ), but polkit is somewhat
essential for many system components.
By disabling gobject-introspection when cross-compiling, we get it to
build.
4 years ago
Arnout Engelen
025af7c4f5
polkit: 0.116 -> 0.118 ( #103998 )
4 years ago
Michael Reilly
84cf00f980
treewide: Per RFC45, remove all unquoted URLs
4 years ago
Jan Tojnar
4cb7f43d3a
polkit: rename misleading flag
...
gobject-introspection has nothing to do with graphical systems or GNOME, it is needed for language bindings like Python.
5 years ago
Niklas Hambüchen
504199e48a
polkit: Don't build elogind on non-Linux.
...
In #72057 I added support for elogind when systemd is not supported,
but it occurred to me that it probably doens't make sense to have
either of systemd or elogind on Darwin.
5 years ago
Niklas Hambüchen
1ca49b80cb
polkit: Disable systemd support on musl, it needs elogind there
5 years ago
Niklas Hambüchen
0e10ad926d
polkit: Fix unstable patch URL.
...
Unmerged upstream merge requests can change when iterated on!
5 years ago
worldofpeace
81220cff1e
polkit: add worldofpeace to maintainers
5 years ago
worldofpeace
e570377f52
polkit: drop obsolete comments, whitespace
5 years ago
worldofpeace
670c000eb9
polkit: drop -Wno-deprecated-declarations
...
appears to be uneeded.
5 years ago
worldofpeace
a61db21b36
polkit: propagate glib
...
polkit-gobject-1.pc has glib in Requires, and polkit-agent-1.pc
requires polkit-gobject-1.
5 years ago
worldofpeace
9d0e05233f
polkit: Move D-Bus conf file to share/dbus-1/system.d
...
Since D-Bus 1.9.18 configuration files installed by third-party should
go in share/dbus-1/system.d. The old location is for sysadmin overrides.
5 years ago
volth
f3282c8d1e
treewide: remove unused variables ( #63177 )
...
* treewide: remove unused variables
* making ofborg happy
5 years ago
Will Dietz
eeff4eda14
polkit: 0.115 -> 0.116
...
* now uses mozjs60
* drop CVE patches included in release
* pname-ify
* use flag arrays and placeholder
5 years ago
Michael Eden
d8d8a9cddb
polkit: optional introspection and cross compilation fixes
5 years ago
worldofpeace
7da64c9fbe
polkit: fix CVE-2019-6133
...
Jann Horn of Google found that Polkit doesn't properly check
if a process is already authenticated, which can lead to an
authentication reuse by a different user[0]. See also [1]
Closes #55391
[0]: https://bugs.chromium.org/p/project-zero/issues/detail?id=1692
[1]: https://gitlab.freedesktop.org/polkit/polkit/issues/75
5 years ago
Jörg Thalheim
1b146a8c6f
treewide: remove paxutils from stdenv
...
More then one year ago we removed grsecurity kernels from nixpkgs:
https://github.com/NixOS/nixpkgs/pull/25277
This removes now also paxutils from stdenv.
6 years ago
c0bw3b
a14af16cfc
polkit: add patch for CVE-2018-19788
...
unprivileged users with UID > INT_MAX can successfully execute any systemctl command
Original issue: https://gitlab.freedesktop.org/polkit/polkit/issues/74
6 years ago
Jan Tojnar
a51a99c690
gobject-introspection: rename package
...
camelCase package name was a huge inconsistency in GNOME package set.
6 years ago
Markus Kowalewski
0320769991
polkit: add license
6 years ago
Uli Baum
6840ae4aee
polkit: 0.114 -> 0.115
6 years ago
Symphorien Gibol
2a51780f2c
polkit: 0.113 -> 0.114
6 years ago
Silvan Mosberger
57bccb3cb8
treewide: http -> https sources ( #42676 )
...
* treewide: http -> https sources
This updates the source urls of all top-level packages from http to
https where possible.
* buildtorrent: fix url and tab -> spaces
6 years ago
Matthew Justin Bauer
bad3800307
polkit: fix paxmark script
6 years ago
Matthew Bauer
133cf0ce1b
polkit: supports darwin
...
- apply musl patch unconditionally
- add doCheck arg
- make paxmark linux0nly
6 years ago
Jan Tojnar
a31d98f312
tree-wide: autorename gnome packages to use dashes
6 years ago
Will Dietz
551f0702c2
polkit: patch to fix w/musl, POSIX
6 years ago
Dan Peebles
dfd300c81d
treewide: s/pkgs.fedoraproject.org/src.fedoraproject.org/
...
Upstream killed the pkgs server but src continues to serve up the exact
same content, so we can just point there and all hashes should be unchanged.
6 years ago
John Ericson
abec0e7645
polkit: Recategorize some dependencies
7 years ago
Nikolay Amiantov
e7fa6220d6
polkit: add patches from Fedora
...
This fixes few leaks and adds ITS description files which are needed for some
reverse dependencies.
7 years ago
Vladimír Čunát
96d41e393d
treewide: purge maintainers.urkud
...
It's sad, but he's been inactive for the last five years.
Keeping such people in meta.maintainers is counter-productive.
7 years ago
Parnell Springmeyer
4aa0923009
Getting rid of the var indirection and using a bin path instead
8 years ago
Parnell Springmeyer
e92b8402b0
Addressing PR feedback
8 years ago
Nikolay Amiantov
c2274cdfb5
spidermonkey: cleanup and rename versions
8 years ago