From c1d3da9ca87c414100b1cb969e36b8d7d05b9a74 Mon Sep 17 00:00:00 2001
From: davidovski <david@davidovski.xyz>
Date: Wed, 10 Aug 2022 09:16:34 +0100
Subject: added ovmf, lolcat, spice, and squashfstools

---
 repo/polkit/alpine-polkit.pam         |  7 ++++
 repo/polkit/polkit-common.pre-install |  6 ++++
 repo/polkit/polkit-common.pre-upgrade |  6 ++++
 repo/polkit/polkit.initd              | 12 +++++++
 repo/polkit/polkit.xibuild            | 68 +++++++++++++++++++----------------
 5 files changed, 69 insertions(+), 30 deletions(-)
 create mode 100644 repo/polkit/alpine-polkit.pam
 create mode 100644 repo/polkit/polkit-common.pre-install
 create mode 100644 repo/polkit/polkit-common.pre-upgrade
 create mode 100644 repo/polkit/polkit.initd

(limited to 'repo/polkit')

diff --git a/repo/polkit/alpine-polkit.pam b/repo/polkit/alpine-polkit.pam
new file mode 100644
index 0000000..e718f7e
--- /dev/null
+++ b/repo/polkit/alpine-polkit.pam
@@ -0,0 +1,7 @@
+auth            requisite       pam_nologin.so
+auth            required        pam_env.so
+auth            required        pam_unix.so
+account         required        pam_unix.so
+session         required        pam_unix.so
+session         required        pam_limits.so
+password        required        pam_unix.so
diff --git a/repo/polkit/polkit-common.pre-install b/repo/polkit/polkit-common.pre-install
new file mode 100644
index 0000000..7c4e3ef
--- /dev/null
+++ b/repo/polkit/polkit-common.pre-install
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+addgroup -S polkitd 2>/dev/null
+adduser -S -D -H -h /var/empty -s /sbin/nologin -G polkitd -g polkitd polkitd 2>/dev/null
+
+exit 0
diff --git a/repo/polkit/polkit-common.pre-upgrade b/repo/polkit/polkit-common.pre-upgrade
new file mode 100644
index 0000000..7c4e3ef
--- /dev/null
+++ b/repo/polkit/polkit-common.pre-upgrade
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+addgroup -S polkitd 2>/dev/null
+adduser -S -D -H -h /var/empty -s /sbin/nologin -G polkitd -g polkitd polkitd 2>/dev/null
+
+exit 0
diff --git a/repo/polkit/polkit.initd b/repo/polkit/polkit.initd
new file mode 100644
index 0000000..30d2387
--- /dev/null
+++ b/repo/polkit/polkit.initd
@@ -0,0 +1,12 @@
+#!/sbin/openrc-run
+supervisor=supervise-daemon
+
+name="Polkit System Daemon"
+description="Provide System authentication via PolicyKit1 D-Bus service"
+
+command=/usr/lib/polkit-1/polkitd
+command_args="${POLKIT_OPTS:---no-debug}"
+
+depend() {
+	need dbus
+}
diff --git a/repo/polkit/polkit.xibuild b/repo/polkit/polkit.xibuild
index eb236bc..e8286dd 100644
--- a/repo/polkit/polkit.xibuild
+++ b/repo/polkit/polkit.xibuild
@@ -1,30 +1,30 @@
 #!/bin/sh
 
-MAKEDEPS="git gobject-introspection meson libxslt patch elogind gtk-doc autoconf-archive"
-DEPS="expat glib js78 pam"
+NAME="polkit"
+DESC="Application development toolkit for controlling system-wide privileges"
 
-PKG_VER=0.120
-SOURCE=https://www.freedesktop.org/software/polkit/releases/polkit-$PKG_VER.tar.gz
+MAKEDEPS="autoconf automake bash dbus-glib elogind expat glib gobject-introspection gtk2 intltool libtool pam js78"
 
-DESC="Application development toolkit for controlling system-wide privileges"
+PKG_VER=0.120
+SOURCE="https://www.freedesktop.org/software/polkit/releases/polkit-$PKG_VER.tar.gz"
 
 ADDITIONAL="
-    files/polkit-1
-    patches/CVE-2021-4034.patch
-    patches/make-innetgr-optional.patch
+CVE-2021-4034.patch
+alpine-polkit.pam
+make-innetgr-optional.patch
+polkit-common.pre-install
+polkit-common.pre-upgrade
+polkit.initd
 "
 
-prepare () {
-    apply_patches
-
-    autoreconf -fi
+prepare() {
+	apply_patches
+	autoreconf -fi
 }
 
-build () {
-    mkdir build &&
-    cd    build &&
-
-    ../configure \
+build() {
+	./configure \
+        --disable-libsystemd-login \
 		--prefix=/usr \
 		--sysconfdir=/etc \
 		--mandir=/usr/share/man \
@@ -39,20 +39,28 @@ build () {
 		--disable-gtk-doc-html \
 		--disable-gtk-doc-pdf \
 		--disable-libelogind \
-		--disable-systemd \
-        --enable-libsystemd-login
-    make
+		--disable-systemd
+	make
 }
 
-package () {
-    make DESTDIR=$PKG_DEST install &&
-        cd .. &&
-        install -m644 polkit-1 $PKG_DEST/etc/pam.d/polkit-1 
-}
+package() {
+	provider_priority=100  # highest
+
+	make DESTDIR="$PKG_DEST" \
+		dbusconfdir=/usr/share/dbus-1/system.d \
+		rulesdir=/usr/share/polkit-1/rules.d \
+        install
+	cd "$PKG_DEST"
+
+	# Use our own polkit rules, upstream may change them
+	install -m644 "$BUILD_ROOT"/alpine-polkit.pam etc/pam.d/polkit-1
 
-postinstall() {
-    /usr/sbin/groupadd -fg 27 polkitd &&
-    /usr/sbin/useradd -c "PolicyKit Daemon Owner" -d /etc/polkit-1 -u 27 \
-            -g polkitd -s /bin/false polkitd
-    true
+	# See polkit's configure script which tells us what permissions to set
+	chown -R polkitd:polkitd etc/polkit-1/rules.d usr/share/polkit-1/rules.d
+	chmod -R 700 etc/polkit-1/rules.d usr/share/polkit-1/rules.d
+	chmod 4755 usr/lib/polkit-1/polkit-agent-helper-1
+	chmod 4755 usr/bin/pkexec
+
+	install -Dm755 "$BUILD_ROOT"/polkit.initd etc/init.d/polkit
 }
+
-- 
cgit v1.2.1