movefasta/nixpkgs
0
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-07-13 21:50:33 +03:00
Code Activity

xscreensaver: add suid wrapper patch

Browse source 
This adds a patch for XScreenSaver that ensures that the suid wrapper
for xscreensaver-auth is run correctly.

The patch is a simple update to drivers/xscreensaver.c that inserts
/run/wrappers/bin before the DEFAULT_PATH_PREFIX, which is the directory
for xscreensaver hacks/demos, and should be preserved.

The wrapper directory can be modified in the derivation, or even
disabled.

Co-authored-by: Anderson Torres <torres.anderson.85@protonmail.com>
This commit is contained in:
Chris Marchesi 2023-11-23 12:29:34 -08:00 committed by Anderson Torres
parent 45c7026247
commit 2034ea01b9
2 changed files with 51 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

14
pkgs/by-name/xs/xscreensaver/package.nix
View file

@ -26,6 +26,9 @@
, systemd , systemd
, forceInstallAllHacks ? true , forceInstallAllHacks ? true
, withSystemd ? lib.meta.availableOn stdenv.hostPlatform systemd , withSystemd ? lib.meta.availableOn stdenv.hostPlatform systemd
, nixosTests
, substituteAll
, wrapperPrefix ? "/run/wrappers/bin"
}: }:
stdenv.mkDerivation (finalAttrs: { stdenv.mkDerivation (finalAttrs: {
@ -75,6 +78,13 @@ stdenv.mkDerivation (finalAttrs: {
popd popd
''; '';
patches = [
(substituteAll {
src = ./xscreensaver-wrapper-prefix.patch;
inherit wrapperPrefix;
})
];
preConfigure = '' preConfigure = ''
# Fix installation paths for GTK resources. # Fix installation paths for GTK resources.
sed -e 's%@GTK_DATADIR@%@datadir@% ; s%@PO_DATADIR@%@datadir@%' \ sed -e 's%@GTK_DATADIR@%@datadir@% ; s%@PO_DATADIR@%@datadir@%' \
@ -105,6 +115,10 @@ stdenv.mkDerivation (finalAttrs: {
cp -f $(find hacks -type f -perm -111 "!" -name "*.*" ) "$out/libexec/xscreensaver" cp -f $(find hacks -type f -perm -111 "!" -name "*.*" ) "$out/libexec/xscreensaver"
''; '';
passthru.tests = {
xscreensaver = nixosTests.xscreensaver;
};
meta = { meta = {
homepage = "https://www.jwz.org/xscreensaver/"; homepage = "https://www.jwz.org/xscreensaver/";
description = "A set of screensavers"; description = "A set of screensavers";

37
pkgs/by-name/xs/xscreensaver/xscreensaver-wrapper-prefix.patch Normal file
View file

@ -0,0 +1,37 @@
--- a/driver/xscreensaver.c
+++ b/driver/xscreensaver.c
@@ -253,6 +253,8 @@
#undef MAX
#define MAX(x,y)((x)>(y)?(x):(y))
+/* Define the default wrapper prefix here, for NixOS */
+#define NIXOS_WRAPPER_PREFIX "@wrapperPrefix@"
/* Globals used in this file.
*/
@@ -632,12 +634,24 @@ handle_sigchld (Display *dpy, Bool blanked_p)
static void
hack_environment (void)
{
+ static const char *wrapper_path = NIXOS_WRAPPER_PREFIX;
static const char *def_path = DEFAULT_PATH_PREFIX;
const char *opath = getenv("PATH");
char *npath;
if (! opath) opath = "/bin:/usr/bin"; /* WTF */
- npath = (char *) malloc(strlen(def_path) + strlen(opath) + 20);
+ /* NOTE: The NixOS patch adds extra margin than what would be expected for a
+ single extra ":" PATH separator to account for UTF-32 encoding. The
+ original 20 bytes would have only accounted for UTF-16 safely (the path
+ concatenation would have needed 28 bytes of margin at minimum for UTF-32).
+ */
+ npath = (char *) malloc(strlen(wrapper_path) + strlen(def_path) + strlen(opath) + 32);
strcpy (npath, "PATH=");
+ if (wrapper_path && *wrapper_path)
+ {
+ strcat (npath, wrapper_path);
+ strcat (npath, ":");
+ }
+
strcat (npath, def_path);
strcat (npath, ":");
strcat (npath, opath);