diff options
| author |   Lars Wendler <polynomial-c@gentoo.org> | 2019-05-10 11:59:27 +0200 |
|---|---|---|
| committer | Lars Wendler <polynomial-c@gentoo.org> | 2019-05-10 12:01:14 +0200 |
| commit | bf12cbcf32c902e9825583425340be3cb404dc09 (patch) | |
| tree | bafa5e19a7645b9353e69f2b61a7da7af32b7562 | |
| parent | sys-devel/gettext: Fixed installation with USE="doc java" (diff) | |
| download | gentoo-bf12cbcf32c902e9825583425340be3cb404dc09.tar.gz gentoo-bf12cbcf32c902e9825583425340be3cb404dc09.tar.bz2 gentoo-bf12cbcf32c902e9825583425340be3cb404dc09.zip | |
x11-apps/radeon-profile-daemon: Secured socket permissions.
Package-Manager: Portage-2.3.66, Repoman-2.3.12
Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>
4 files changed, 102 insertions, 1 deletions
diff --git a/x11-apps/radeon-profile-daemon/files/radeon-profile-daemon-20190309-secure_socket.patch b/x11-apps/radeon-profile-daemon/files/radeon-profile-daemon-20190309-secure_socket.patch new file mode 100644 index 000000000000..5d7132b90b75 --- /dev/null +++ b/x11-apps/radeon-profile-daemon/files/radeon-profile-daemon-20190309-secure_socket.patch @@ -0,0 +1,26 @@ +From 8e75c8678b874c6813e590634943166daa98124b Mon Sep 17 00:00:00 2001 +From: Lars Wendler <polynomial-c@gentoo.org> +Date: Fri, 10 May 2019 11:01:21 +0200 +Subject: [PATCH] Don't make the socket world writable + +Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> +--- + radeon-profile-daemon/rpdthread.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/radeon-profile-daemon/rpdthread.cpp b/radeon-profile-daemon/rpdthread.cpp +index 4cf0ac0..137d5b2 100644 +--- a/radeon-profile-daemon/rpdthread.cpp ++++ b/radeon-profile-daemon/rpdthread.cpp +@@ -47,7 +47,7 @@ void rpdThread::createServer() + + QLocalServer::removeServer(serverName); + daemonServer.listen(serverName); +- QFile::setPermissions("/tmp/" + serverName, QFile("/tmp/" + serverName).permissions() | QFile::WriteOther | QFile::ReadOther); ++ QFile::setPermissions("/tmp/" + serverName, QFile("/tmp/" + serverName).permissions() | QFile::WriteGroup | QFile::ReadGroup); + } + + void rpdThread::closeConnection() +-- +2.21.0 + diff --git a/x11-apps/radeon-profile-daemon/files/radeon-profile-daemon.initd b/x11-apps/radeon-profile-daemon/files/radeon-profile-daemon.initd index e4e7afb04c5c..f8ec51796704 100644 --- a/x11-apps/radeon-profile-daemon/files/radeon-profile-daemon.initd +++ b/x11-apps/radeon-profile-daemon/files/radeon-profile-daemon.initd @@ -7,3 +7,7 @@ description="Daemon for radeon-profile GUI" command="/usr/sbin/radeon-profile-daemon" command_background="true" pidfile="/run/${SVCNAME}.pid" + +start_post() { + chgrp video /tmp/radeon-profile-daemon-server +} diff --git a/x11-apps/radeon-profile-daemon/radeon-profile-daemon-20190309-r2.ebuild b/x11-apps/radeon-profile-daemon/radeon-profile-daemon-20190309-r2.ebuild new file mode 100644 index 000000000000..924760fc9099 --- /dev/null +++ b/x11-apps/radeon-profile-daemon/radeon-profile-daemon-20190309-r2.ebuild @@ -0,0 +1,60 @@ +# Copyright 1999-2019 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=7 + +inherit qmake-utils systemd + +DESCRIPTION="Daemon for radeon-profile GUI" +HOMEPAGE="https://github.com/marazmista/radeon-profile-daemon" +if [[ "${PV}" == 99999999 ]] ; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/marazmista/radeon-profile-daemon.git" +else + SRC_URI="https://github.com/marazmista/${PN}/archive/${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~x86" +fi +LICENSE="GPL-2" +SLOT="0" + +IUSE="" + +RDEPEND=" + dev-qt/qtcore:5 + dev-qt/qtnetwork:5 +" +DEPEND="${RDEPEND}" + +S="${WORKDIR}/${P}/${PN}" + +PATCHES=( + "${FILESDIR}/${P}-secure_socket.patch" +) + +src_prepare() { + eapply -p2 "${PATCHES[@]}" + eapply_user + + sed \ + -e '/^bin\.path/s@/bin@/sbin@' \ + -e "/^service\.path/s@=.*\$@= $(systemd_get_systemunitdir)@" \ + -i radeon-profile-daemon.pro || die + sed \ + -e '/^ExecStart/s@/bin/@/sbin/@' \ + -i extra/${PN}.service || die +} + +src_configure() { + eqmake5 +} + +src_install() { + emake INSTALL_ROOT="${D}" install + + newinitd "${FILESDIR}"/${PN}.initd ${PN} +} + +pkg_postinst() { + elog "Users need to be in the \"video\" group if they want to change" + elog "video card settings via ${PN}" +} diff --git a/x11-apps/radeon-profile-daemon/radeon-profile-daemon-99999999.ebuild b/x11-apps/radeon-profile-daemon/radeon-profile-daemon-99999999.ebuild index ca74330cfd3c..924760fc9099 100644 --- a/x11-apps/radeon-profile-daemon/radeon-profile-daemon-99999999.ebuild +++ b/x11-apps/radeon-profile-daemon/radeon-profile-daemon-99999999.ebuild @@ -27,8 +27,14 @@ DEPEND="${RDEPEND}" S="${WORKDIR}/${P}/${PN}" +PATCHES=( + "${FILESDIR}/${P}-secure_socket.patch" +) + src_prepare() { - default + eapply -p2 "${PATCHES[@]}" + eapply_user + sed \ -e '/^bin\.path/s@/bin@/sbin@' \ -e "/^service\.path/s@=.*\$@= $(systemd_get_systemunitdir)@" \ @@ -47,3 +53,8 @@ src_install() { newinitd "${FILESDIR}"/${PN}.initd ${PN} } + +pkg_postinst() { + elog "Users need to be in the \"video\" group if they want to change" + elog "video card settings via ${PN}" +} |