aboutsummaryrefslogtreecommitdiffstats
path: root/community/polkit/APKBUILD
blob: 50dbf21804209bf9bfe24fcc5ab34db83742a7ea (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
# Contributor: Carlo Landmeter
# Contributor: Rasmus Thomsen <oss@cogitri.dev>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=polkit
pkgver=0.119
pkgrel=5
pkgdesc="Application development toolkit for controlling system-wide privileges"
url="https://www.freedesktop.org/wiki/Software/polkit/"
arch="all !mips !mips64 !s390x !riscv64" # Rust
license="GPL-2.0-or-later"
options="suid !check"  # Needs a functioning dbus daemon
depends="$pkgname-common=$pkgver-r$pkgrel $pkgname-libs=$pkgver-r$pkgrel"
makedepends="
	autoconf
	automake
	bash
	dbus-glib-dev
	elogind-dev
	expat-dev
	glib-dev
	gobject-introspection-dev
	gtk-doc
	intltool
	libtool
	linux-pam-dev
	mozjs78-dev
	"
pkgusers="polkitd"
pkggroups="polkitd"
install="$pkgname.pre-install $pkgname.pre-upgrade $pkgname-elogind.pre-install"
subpackages="
	$pkgname-dev
	$pkgname-libs
	$pkgname-doc
	$pkgname-lang
	$pkgname-openrc
	$pkgname-common
	$pkgname-elogind
	$pkgname-elogind-dev:_elogind_dev
	$pkgname-elogind-libs:_elogind_libs
	"
source="https://www.freedesktop.org/software/polkit/releases/polkit-$pkgver.tar.gz
	make-innetgr-optional.patch
	alpine-polkit.pam
	polkit.initd
	"

# secfixes:
#   0.119-r0:
#     - CVE-2021-3560

prepare() {
	default_prepare
	autoreconf -fi

	cp -r "$builddir" "$builddir-elogind"
}

build() {
	msg 'Building without elogind'
	_build --disable-libsystemd-login

	msg 'Building with elogind'
	cd "$builddir-elogind"
	_build --enable-libsystemd-login
}

_build() {
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--sysconfdir=/etc \
		--mandir=/usr/share/man \
		--infodir=/usr/share/info \
		--libexecdir=/usr/lib/polkit-1 \
		--localstatedir=/var \
		--disable-static \
		--enable-introspection \
		--with-authfw=pam \
		--with-os-type=alpine \
		--disable-gtk-doc \
		--disable-gtk-doc-html \
		--disable-gtk-doc-pdf \
		--disable-libelogind \
		--disable-systemd \
		"$@"
	make
}

check() {
	make check
}

package() {
	provider_priority=100  # highest

	_make_install "$builddir" "$pkgdir"
	_make_install "$builddir-elogind" "$builddir-elogind/dest"

	cd "$pkgdir"

	# Use our own polkit rules, upstream may change them
	install -m644 "$srcdir"/alpine-polkit.pam etc/pam.d/polkit-1

	# See polkit's configure script which tells us what permissions to set
	chown -R polkitd:polkitd etc/polkit-1/rules.d usr/share/polkit-1/rules.d
	chmod -R 700 etc/polkit-1/rules.d usr/share/polkit-1/rules.d
	chmod 4755 usr/lib/polkit-1/polkit-agent-helper-1
	chmod 4755 usr/bin/pkexec

	install -Dm755 "$srcdir"/polkit.initd etc/init.d/polkit
}

_make_install() {
	# Set SHELL as a workaround for #10081
	make -C "$1" install \
		SHELL=/bin/bash \
		DESTDIR="$2" \
		dbusconfdir=/usr/share/dbus-1/system.d \
		rulesdir=/usr/share/polkit-1/rules.d
}

libs() {
	provider_priority=100  # highest
	depends=""

	default_libs
}

dev() {
	default_dev

	# XXX: We have to disable tracedeps to avoid abuild adding both
	# polkit-libs and polkit-elogind-libs to depends - they are autodetected
	# via symlinks in /usr/lib.
	options="!tracedeps"
	# XXX: Since we disabled tracedeps, all depends and provides must be
	# specified. This sucks, but I don't know of a better solution (@jirutka).
	depends="$depends_dev
		$pkgname-common=$pkgver-r$pkgrel
		$pkgname-libs=$pkgver-r$pkgrel
		dbus-glib-dev
		pc:gio-2.0>=2.18
		pc:glib-2.0>=2.18
		pkgconfig
		"
	provides="pc:polkit-agent-1=$pkgver pc:polkit-gobject-1=$pkgver"
}

elogind() {
	pkgdesc="Polkit with elogind session tracking"
	depends="$pkgname-elogind-libs=$pkgver-r$pkgrel $pkgname-common=$pkgver-r$pkgrel"
	provides="$pkgname=$pkgver-r$pkgrel"
	provider_priority=10  # lowest
	replaces="$pkgname"  # for backward compatibility

	cd "$builddir-elogind/dest"

	mkdir -p "$subpkgdir"/usr/lib/polkit-1
	mv usr/lib/polkit-1/polkitd "$subpkgdir"/usr/lib/polkit-1/
}

_elogind_dev() {
	pkgdesc="Polkit with elogind session tracking (development files)"
	depends="$pkgname-dev=$pkgver-r$pkgrel $pkgname-elogind-libs=$pkgver-r$pkgrel"
	replaces="$pkgname-dev"

	cd "$builddir-elogind/dest"

	# *.gir files for the default and the elogind variant differ, the rest
	# is the same.
	mkdir -p "$subpkgdir"/usr/share
	mv usr/share/gir-1.0 "$subpkgdir"/usr/share/
}

_elogind_libs() {
	pkgdesc="Polkit with elogind session tracking (libraries)"
	depends=""
	provides="$pkgname-libs=$pkgver-r$pkgrel"
	provider_priority=10  # lowest
	replaces="$pkgname-libs"  # for backward compatibility

	cd "$builddir-elogind/dest"

	mkdir -p "$subpkgdir"/usr/lib
	mv usr/lib/lib*.so.* "$subpkgdir"/usr/lib/
}

common() {
	pkgdesc="Common files for polkit and polkit-elogind"
	depends=""
	replaces="$pkgname $pkgname-elogind"  # for backward compatibility

	# Move all that left to subpackage.
	amove etc/*
	amove usr/*

	# Move polkitd back to the base package (that's the only file from the
	# polkit package that differs between default and elogind variant).
	mkdir -p "$pkgdir"/usr/lib/polkit-1
	mv "$subpkgdir"/usr/lib/polkit-1/polkitd "$pkgdir"/usr/lib/polkit-1/
}

sha512sums="
0260fb15da1c4c1f429e8223260981e64e297f1be8ced42f6910f09ea6581b8205aca06c9c601eb4a128acba2f468de0223118f96862ba769f95721894cf1578  polkit-0.119.tar.gz
0c47751e928a91ce3a477a330ef38b8f6f003b515c94e7fb9842e6f2043be43d749ab7390cc1dbcf1fa6128b62cf0eab353d4f8855d68e595bc53777512f4562  make-innetgr-optional.patch
f5102dc00d390b3a3c957b62e1712db778c7ffb7378f3d8e816c0757c11a308c5d5303e42595b0d6add9839247c773880cd34e56afacc89eb6efaadf9aae7826  alpine-polkit.pam
f6e5ac0ed41feb392dfd104979ec577c5936f3db2bd252b12b7b9b2609a0901dae38bebec1ea65ccf4f427860b520383ae4d2c66fb74ab986c715f6b0ad50473  polkit.initd
"