From db54f75ed907022c8e21389db42ec14c62b7a8fe Mon Sep 17 00:00:00 2001 From: Steve Wills Date: Wed, 13 Oct 2021 13:23:08 +0200 Subject: [PATCH 1/4] x11/xscreensaver: clean up port PR: 254178 --- x11/xscreensaver/Makefile | 92 +++++++++++++++++++++----------------- x11/xscreensaver/pkg-plist | 4 +- 2 files changed, 54 insertions(+), 42 deletions(-) diff --git a/x11/xscreensaver/Makefile b/x11/xscreensaver/Makefile index 9cd9cdd7afc8..2ce4b3384e8e 100644 --- a/x11/xscreensaver/Makefile +++ b/x11/xscreensaver/Makefile @@ -11,73 +11,85 @@ COMMENT= Save your screen while you entertain your cat LICENSE= MIT -RUN_DEPENDS= p5-libwww>0:www/p5-libwww \ - giftopnm:graphics/netpbm -LIB_DEPENDS= libgle.so:graphics/gle \ - libfontconfig.so:x11-fonts/fontconfig \ - libfreetype.so:print/freetype2 - -CONFLICTS= xscreensaver-gnome xscreensaver-gnome-hacks +RUN_DEPENDS= giftopnm:graphics/netpbm \ + p5-libwww>0:www/p5-libwww +LIB_DEPENDS= libfontconfig.so:x11-fonts/fontconfig \ + libfreetype.so:print/freetype2 \ + libgle.so:graphics/gle \ + libharfbuzz.so:print/harfbuzz USES= autoreconf cpe gettext gl gmake gnome jpeg localbase:ldflags perl5 \ pkgconfig xorg USE_GL= gl glu USE_GNOME= cairo gdkpixbuf2 gtk20 intltool libglade2 libxml2 USE_PERL5= run -USE_XORG= ice sm x11 xext xi xinerama xmu xrandr xrender xpm xt xxf86vm +USE_XORG= ice sm x11 xext xi xinerama xmu xpm xrandr xrender xt xxf86vm USE_CSTD= gnu99 CPE_VENDOR= xscreensaver_project +CONFLICTS= xscreensaver-gnome xscreensaver-gnome-hacks + GNU_CONFIGURE= yes CONFIGURE_ENV+= PERL="${PERL}" -CONFIGURE_ARGS= --with-gtk --with-gl --with-gle --with-pixbuf --with-xpm \ - --with-jpeg=${LOCALBASE} --with-xshm-ext --with-xdbe-ext \ - --with-hackdir=${PREFIX}/bin/xscreensaver-hacks/ \ +CONFIGURE_ARGS= --enable-locking \ --with-configdir=${PREFIX}/share/xscreensaver/config/ \ + --with-dpms-ext \ + --with-gl \ + --with-gle \ + --with-gtk \ + --with-hackdir=${PREFIX}/bin/xscreensaver-hacks/ \ + --with-jpeg=${LOCALBASE} \ + --with-pixbuf \ + --with-randr-ext \ --with-x-app-defaults=${PREFIX}/lib/X11/app-defaults/ \ - --with-dpms-ext --with-xinerama-ext --with-xf86vmode-ext \ - --with-xf86gamma-ext --with-randr-ext --without-kerberos \ - --without-setuid-hacks --enable-locking + --with-xdbe-ext \ + --with-xf86gamma-ext \ + --with-xf86vmode-ext \ + --with-xinerama-ext \ + --with-xpm \ + --with-xshm-ext \ + --without-kerberos \ + --without-setuid-hacks MAKE_ARGS+= install_prefix=${STAGEDIR} -MAKE_JOBS_UNSAFE=yes +MAKE_JOBS_UNSAFE= yes -OPTIONS_DEFINE= PAM SETUID_HACKS FIREF NLS NSFW XAOS1 XDALI XEARTH \ - XFT XMOUN XPLANET XSNOW -OPTIONS_DEFAULT=PAM XFT -OPTIONS_SUB= yes +OPTIONS_DEFINE= FIREF NLS NSFW PAM SETUID_HACKS XAOS1 XDALI XEARTH XFT \ + XMOUN XPLANET XSNOW +OPTIONS_DEFAULT= PAM XFT +OPTIONS_SUB= yes -PAM_CONFIGURE_WITH= pam +PAM_CONFIGURE_WITH= pam -SETUID_HACKS_DESC= Install sonar hack suid so it can ping +SETUID_HACKS_DESC= Install sonar hack suid so it can ping -FIREF_DESC= Add extra port x11/fireflies -FIREF_RUN_DEPENDS= ${LOCALBASE}/bin/xscreensaver-hacks/fireflies:x11/fireflies +FIREF_DESC= Add extra port x11/fireflies +FIREF_RUN_DEPENDS= ${LOCALBASE}/bin/xscreensaver-hacks/fireflies:x11/fireflies -NLS_USES= gettext-runtime -NLS_CONFIGURE_ENABLE= nls +NLS_USES= gettext-runtime +NLS_CONFIGURE_ENABLE= nls -NSFW_DESC= Include material that is Not Safe For Work +NSFW_DESC= Include material that is Not Safe For Work -XAOS1_DESC= Add extra port graphics/xaos -XAOS1_RUN_DEPENDS= xaos:graphics/xaos +XAOS1_DESC= Add extra port graphics/xaos +XAOS1_RUN_DEPENDS= xaos:graphics/xaos -XDALI_DESC= Add extra port x11-clocks/xdaliclock -XDALI_RUN_DEPENDS= xdaliclock:x11-clocks/xdaliclock +XDALI_DESC= Add extra port x11-clocks/xdaliclock +XDALI_RUN_DEPENDS= xdaliclock:x11-clocks/xdaliclock -XFT_CONFIGURE_WITH= xft -XFT_USE= XORG=xft +XFT_CONFIGURE_WITH= xft +XFT_USE= XORG=xft -XEARTH_DESC= Add extra port astro/xearth -XEARTH_RUN_DEPENDS= xearth:astro/xearth +XEARTH_DESC= Add extra port astro/xearth +XEARTH_RUN_DEPENDS= xearth:astro/xearth -XMOUN_DESC= Add extra port graphics/xmountains -XMOUN_RUN_DEPENDS= xmountains:graphics/xmountains +XMOUN_DESC= Add extra port graphics/xmountains +XMOUN_RUN_DEPENDS= xmountains:graphics/xmountains -XPLANET_DESC= Add extra port astro/xplanet -XPLANET_RUN_DEPENDS= xplanet:astro/xplanet +XPLANET_DESC= Add extra port astro/xplanet +XPLANET_RUN_DEPENDS= xplanet:astro/xplanet -XSNOW_DESC= Add extra port x11/xsnow -XSNOW_RUN_DEPENDS= xsnow:x11/xsnow +XSNOW_DESC= Add extra port x11/xsnow +XSNOW_RUN_DEPENDS= xsnow:x11/xsnow SUB_FILES= xscreensaver-blank.desktop xscreensaver-lock.desktop \ xscreensaver-start.desktop xscreensaver-stop.desktop diff --git a/x11/xscreensaver/pkg-plist b/x11/xscreensaver/pkg-plist index 73f6964b9286..fc71ba04645b 100644 --- a/x11/xscreensaver/pkg-plist +++ b/x11/xscreensaver/pkg-plist @@ -90,8 +90,8 @@ bin/xscreensaver-hacks/galaxy bin/xscreensaver-hacks/gears bin/xscreensaver-hacks/geodesic bin/xscreensaver-hacks/geodesicgears -bin/xscreensaver-hacks/gibson bin/xscreensaver-hacks/gflux +bin/xscreensaver-hacks/gibson bin/xscreensaver-hacks/glblur bin/xscreensaver-hacks/glcells bin/xscreensaver-hacks/gleidescope @@ -608,8 +608,8 @@ share/pixmaps/xscreensaver.xpm %%DATADIR%%/config/gears.xml %%DATADIR%%/config/geodesic.xml %%DATADIR%%/config/geodesicgears.xml -%%DATADIR%%/config/gibson.xml %%DATADIR%%/config/gflux.xml +%%DATADIR%%/config/gibson.xml %%DATADIR%%/config/glblur.xml %%DATADIR%%/config/glcells.xml %%DATADIR%%/config/gleidescope.xml -- 2.35.1 From 7cb6bf57e94c3bc49c6b034753a8fe0e160c19a3 Mon Sep 17 00:00:00 2001 From: Felix Palmen Date: Tue, 21 Sep 2021 12:04:17 +0200 Subject: [PATCH 2/4] x11/xscreensaver: update to 6.02 Only install xscreensaver suid root if option PAM is disabled. In this case, add an extra patch, so xscreensaver-gfx drops privileges (otherwise it doesn't show any screensaver). PR: 254178 --- x11/xscreensaver/Makefile | 8 +- x11/xscreensaver/distinfo | 6 +- .../files/extra-patch-drop-privileges | 35 +++++++++ x11/xscreensaver/files/patch-config.h.in | 10 +-- ...{patch-configure.in => patch-configure.ac} | 6 +- .../files/patch-driver_Makefile.in | 26 +++---- .../files/patch-driver_XScreenSaver.ad.in | 34 ++++----- x11/xscreensaver/pkg-plist | 73 +++++++++++++------ 8 files changed, 130 insertions(+), 68 deletions(-) create mode 100644 x11/xscreensaver/files/extra-patch-drop-privileges rename x11/xscreensaver/files/{patch-configure.in => patch-configure.ac} (77%) diff --git a/x11/xscreensaver/Makefile b/x11/xscreensaver/Makefile index 2ce4b3384e8e..8c441e6a25a9 100644 --- a/x11/xscreensaver/Makefile +++ b/x11/xscreensaver/Makefile @@ -1,8 +1,7 @@ # Created by: dom@myrddin.demon.co.uk PORTNAME= xscreensaver -PORTVERSION= 5.44 -PORTREVISION= 1 +PORTVERSION= 6.02 CATEGORIES= x11 MASTER_SITES= http://www.jwz.org/xscreensaver/ @@ -32,6 +31,7 @@ CONFLICTS= xscreensaver-gnome xscreensaver-gnome-hacks GNU_CONFIGURE= yes CONFIGURE_ENV+= PERL="${PERL}" CONFIGURE_ARGS= --enable-locking \ + --with-app-defaults=${PREFIX}/lib/X11/app-defaults/ \ --with-configdir=${PREFIX}/share/xscreensaver/config/ \ --with-dpms-ext \ --with-gl \ @@ -41,7 +41,6 @@ CONFIGURE_ARGS= --enable-locking \ --with-jpeg=${LOCALBASE} \ --with-pixbuf \ --with-randr-ext \ - --with-x-app-defaults=${PREFIX}/lib/X11/app-defaults/ \ --with-xdbe-ext \ --with-xf86gamma-ext \ --with-xf86vmode-ext \ @@ -59,6 +58,7 @@ OPTIONS_DEFAULT= PAM XFT OPTIONS_SUB= yes PAM_CONFIGURE_WITH= pam +PAM_EXTRA_PATCHES_OFF= ${PATCHDIR}/extra-patch-drop-privileges SETUID_HACKS_DESC= Install sonar hack suid so it can ping @@ -97,7 +97,7 @@ SUB_FILES= xscreensaver-blank.desktop xscreensaver-lock.desktop \ post-patch: ${REINPLACE_CMD} -e 's|/usr/X11R6|${LOCALBASE}|g' \ -e 's|pkg_config --list-all|pkg_config --help|' \ - ${WRKSRC}/configure.in + ${WRKSRC}/configure.ac ${REINPLACE_CMD} -e "s|/etc/pam.d|${PREFIX}/etc/pam.d|g" \ ${WRKSRC}/driver/passwd-pam.c \ ${WRKSRC}/driver/xscreensaver.man diff --git a/x11/xscreensaver/distinfo b/x11/xscreensaver/distinfo index 9f0a3eaf1c97..daa7cfc60c5b 100644 --- a/x11/xscreensaver/distinfo +++ b/x11/xscreensaver/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1585756235 -SHA256 (xscreensaver-5.44.tar.gz) = 73d8089cfc7d7363b5dac99b5b01dffb3429d0a855e6af16ce9a4b7777017b95 -SIZE (xscreensaver-5.44.tar.gz) = 27001826 +TIMESTAMP = 1635508283 +SHA256 (xscreensaver-6.02.tar.gz) = 5e6d6cb09033ad562cfe6d46bf9312e4451f7946bed8a4671aa9344df9193184 +SIZE (xscreensaver-6.02.tar.gz) = 22672643 diff --git a/x11/xscreensaver/files/extra-patch-drop-privileges b/x11/xscreensaver/files/extra-patch-drop-privileges new file mode 100644 index 000000000000..e4bb566d68b4 --- /dev/null +++ b/x11/xscreensaver/files/extra-patch-drop-privileges @@ -0,0 +1,35 @@ +--- driver/Makefile.in.orig 2021-06-09 15:47:14 UTC ++++ driver/Makefile.in +@@ -106,10 +106,10 @@ DAEMON_LIBS = $(LIBS_PRE) $(XINPUT_LIBS) -lX11 $(LIBS_ + + GFX_DEFS = -DLOCALEDIR=\"$(localedir)\" + GFX_SRCS = xscreensaver-gfx.c screens.c windows.c subprocs.c \ +- exec.c prefsw.c dpms.c fade.c exts.c atomswm.c ++ exec.c prefsw.c dpms.c fade.c exts.c atomswm.c setuid.c + GFX_OBJS = xscreensaver-gfx.o screens.o windows.o subprocs.o \ + exec.o prefsw.o dpms.o fade.o exts.o atomswm.o \ +- prefs.o blurb.o atoms.o clientmsg.o xinput.o \ ++ prefs.o blurb.o atoms.o clientmsg.o xinput.o setuid.o \ + $(UTILS_BIN)/xmu.o \ + $(UTILS_BIN)/yarandom.o \ + $(UTILS_BIN)/resources.o \ +--- driver/xscreensaver-gfx.c.orig 2021-09-21 12:25:20 UTC ++++ driver/xscreensaver-gfx.c +@@ -57,6 +57,8 @@ + #include "clientmsg.h" + #include "xmu.h" + ++extern void disavow_privileges (void); ++ + saver_info *global_si_kludge = 0; /* I hate C so much... */ + + char *progclass = 0; +@@ -559,6 +561,8 @@ main (int argc, char **argv) + goto HELP; + } + } ++ ++ disavow_privileges (); + + /* Copy the -dpy arg to $DISPLAY for subprocesses. */ + s = (char *) malloc (strlen(dpy_str) + 20); diff --git a/x11/xscreensaver/files/patch-config.h.in b/x11/xscreensaver/files/patch-config.h.in index 33809541adb1..d0198a01b3b9 100644 --- a/x11/xscreensaver/files/patch-config.h.in +++ b/x11/xscreensaver/files/patch-config.h.in @@ -1,12 +1,12 @@ ---- config.h.in.orig 2016-04-03 20:07:59 UTC +--- config.h.in.orig 2021-05-08 15:22:06 UTC +++ config.h.in -@@ -307,6 +307,9 @@ +@@ -315,6 +315,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_UTIL_H +/* Define to 1 if you have the header file. */ +#undef HAVE_LIBUTIL_H + - /* Define this if you have the XF86MiscSetGrabKeysState function (which allows - the Ctrl-Alt-KP_star and Ctrl-Alt-KP_slash key sequences to be temporarily - disabled. Sadly, it doesn't affect Ctrl-Alt-BS or Ctrl-Alt-F1.) */ + /* Define this if you have XF86VidModeGetViewPort, for virtual desktops. */ + #undef HAVE_XF86VMODE + diff --git a/x11/xscreensaver/files/patch-configure.in b/x11/xscreensaver/files/patch-configure.ac similarity index 77% rename from x11/xscreensaver/files/patch-configure.in rename to x11/xscreensaver/files/patch-configure.ac index 61093d526436..e1ae51fa36d4 100644 --- a/x11/xscreensaver/files/patch-configure.in +++ b/x11/xscreensaver/files/patch-configure.ac @@ -1,6 +1,6 @@ ---- configure.in.orig 2016-05-19 17:59:17 UTC -+++ configure.in -@@ -3538,7 +3538,7 @@ fi +--- configure.ac.orig 2021-05-20 16:46:35 UTC ++++ configure.ac +@@ -4010,7 +4010,7 @@ fi ############################################################################### PTY_LIBS= diff --git a/x11/xscreensaver/files/patch-driver_Makefile.in b/x11/xscreensaver/files/patch-driver_Makefile.in index dfa6c6bfe195..fdebb600355a 100644 --- a/x11/xscreensaver/files/patch-driver_Makefile.in +++ b/x11/xscreensaver/files/patch-driver_Makefile.in @@ -1,22 +1,20 @@ ---- driver/Makefile.in.orig 2016-05-24 18:02:30 UTC +--- driver/Makefile.in.orig 2021-06-09 15:47:14 UTC +++ driver/Makefile.in -@@ -51,7 +51,7 @@ DEPEND_DEFINES = @DEPEND_DEFINES@ +@@ -46,7 +46,7 @@ DEPEND_FLAGS = @DEPEND_FLAGS@ + DEPEND_DEFINES = @DEPEND_DEFINES@ - SHELL = /bin/sh INSTALL = @INSTALL@ -SUID_FLAGS = -o root -m 4755 +SUID_FLAGS = -m 755 INSTALL_PROGRAM = @INSTALL_PROGRAM@ - INSTALL_SCRIPT = @INSTALL_SCRIPT@ - INSTALL_SETUID = @INSTALL_SETUID@ -@@ -81,8 +81,8 @@ XPM_LIBS = @XPM_LIBS@ - - + INSTALL_SETUID = $(INSTALL_PROGRAM) $(SUID_FLAGS) + INSTALL_DATA = @INSTALL_DATA@ +@@ -76,7 +76,7 @@ INTL_LIBS = @INTLLIBS@ AD_DIR = @APPDEFAULTS@ --PAM_DIR = /etc/pam.d --PAM_CONF = /etc/pam.conf -+PAM_DIR = ${prefix}/etc/pam.d -+PAM_CONF = ${prefix}/etc/pam.conf - UTILS_SRC = $(srcdir)/../utils - UTILS_BIN = ../utils + # $(sysconfdir) is either /usr/local/etc or /usr/etc but this must be /etc. +-PAM_ROOT = /etc ++PAM_ROOT = ${prefix}/etc + PAM_DIR = $(PAM_ROOT)/pam.d + PAM_CONF = $(PAM_ROOT)/pam.conf + diff --git a/x11/xscreensaver/files/patch-driver_XScreenSaver.ad.in b/x11/xscreensaver/files/patch-driver_XScreenSaver.ad.in index 3266ab3e29ad..9a5f1ed4b211 100644 --- a/x11/xscreensaver/files/patch-driver_XScreenSaver.ad.in +++ b/x11/xscreensaver/files/patch-driver_XScreenSaver.ad.in @@ -1,6 +1,6 @@ ---- driver/XScreenSaver.ad.in.orig 2019-07-10 03:31:26 UTC +--- driver/XScreenSaver.ad.in.orig 2021-06-09 15:47:14 UTC +++ driver/XScreenSaver.ad.in -@@ -56,7 +56,7 @@ +@@ -55,7 +55,7 @@ *splashDuration: 0:00:05 *visualID: default *installColormap: True @@ -9,16 +9,16 @@ *authWarningSlack: 20 *textMode: file -@@ -124,7 +124,7 @@ +@@ -103,7 +103,7 @@ - ! The format used for printing the date and time in the password dialog box - ! (see the strftime(3) manual page for details.) --*dateFormat: %d-%b-%y (%a); %I:%M %p + + ! The strftime(3) format string for printing the time on the password dialog. +-*dateFormat: %I:%M %p, %a %b %e +*dateFormat: %Y-%m-%d %H:%M:%S - ! For day month date: - ! *dateFormat: %a %b %d, %I:%M %p - ! To show the time only: -@@ -343,6 +343,18 @@ XScreenSaver.bourneShell: /bin/sh + ! DD MMM: + ! *dateFormat: %I:%M %p, %e %b (%a) + ! 12 hour time only: +@@ -324,6 +324,18 @@ XScreenSaver.bourneShell: /bin/sh !============================================================================= *programs: \ @@ -37,11 +37,11 @@ maze -root \n\ @GL_KLUDGE@ GL: superquadrics -root \n\ attraction -root \n\ -@@ -610,7 +622,6 @@ XScreenSaver.bourneShell: /bin/sh - *hacks.dangerball.name: DangerBall - *hacks.decayscreen.name: DecayScreen - *hacks.deepstars.name: DeepStars +@@ -602,7 +614,6 @@ XScreenSaver.bourneShell: /bin/sh + *hacks.dangerball.name: Danger Ball + *hacks.decayscreen.name: Decay Screen + *hacks.deepstars.name: Deep Stars -*hacks.dnalogo.name: DNA Logo - *hacks.dymaxionmap.name: DymaxionMap - *hacks.energystream.name: EnergyStream - *hacks.euler2d.name: Euler2D + *hacks.dymaxionmap.name: Dymaxion Map + *hacks.energystream.name: Energy Stream + *hacks.etruscanvenus.name: Etruscan Venus diff --git a/x11/xscreensaver/pkg-plist b/x11/xscreensaver/pkg-plist index fc71ba04645b..d3f49deecc36 100644 --- a/x11/xscreensaver/pkg-plist +++ b/x11/xscreensaver/pkg-plist @@ -1,10 +1,8 @@ -@(,,4755) bin/xscreensaver +%%NO_PAM%%@mode 4555 +bin/xscreensaver +%%NO_PAM%%@mode bin/xscreensaver-command bin/xscreensaver-demo -bin/xscreensaver-getimage -bin/xscreensaver-getimage-file -bin/xscreensaver-getimage-video -bin/xscreensaver-gl-helper bin/xscreensaver-hacks/abstractile bin/xscreensaver-hacks/anemone bin/xscreensaver-hacks/anemotaxis @@ -17,6 +15,8 @@ bin/xscreensaver-hacks/atlantis bin/xscreensaver-hacks/attraction bin/xscreensaver-hacks/atunnel bin/xscreensaver-hacks/barcode +bin/xscreensaver-hacks/beats +bin/xscreensaver-hacks/binaryhorizon bin/xscreensaver-hacks/binaryring bin/xscreensaver-hacks/blaster bin/xscreensaver-hacks/blinkbox @@ -41,6 +41,7 @@ bin/xscreensaver-hacks/cloudlife bin/xscreensaver-hacks/companioncube bin/xscreensaver-hacks/compass bin/xscreensaver-hacks/coral +bin/xscreensaver-hacks/covid19 bin/xscreensaver-hacks/crackberg bin/xscreensaver-hacks/crumbler bin/xscreensaver-hacks/crystal @@ -111,6 +112,7 @@ bin/xscreensaver-hacks/greynetic bin/xscreensaver-hacks/halftone bin/xscreensaver-hacks/halo bin/xscreensaver-hacks/handsy +bin/xscreensaver-hacks/headroom bin/xscreensaver-hacks/helix bin/xscreensaver-hacks/hexadrop bin/xscreensaver-hacks/hexstrut @@ -135,10 +137,10 @@ bin/xscreensaver-hacks/kumppa bin/xscreensaver-hacks/lament bin/xscreensaver-hacks/lavalite bin/xscreensaver-hacks/lcdscrub -bin/xscreensaver-hacks/ljlatest bin/xscreensaver-hacks/lockward bin/xscreensaver-hacks/loop bin/xscreensaver-hacks/m6502 +bin/xscreensaver-hacks/marbling bin/xscreensaver-hacks/maze bin/xscreensaver-hacks/maze3d bin/xscreensaver-hacks/memscroller @@ -197,10 +199,18 @@ bin/xscreensaver-hacks/sierpinski3d bin/xscreensaver-hacks/skytentacles bin/xscreensaver-hacks/slidescreen bin/xscreensaver-hacks/slip -%%SETUID_HACKS%%@mode 4755 +bin/xscreensaver-hacks/xscreensaver-auth +bin/xscreensaver-hacks/xscreensaver-getimage +bin/xscreensaver-hacks/xscreensaver-getimage-file +bin/xscreensaver-hacks/xscreensaver-getimage-video +bin/xscreensaver-hacks/xscreensaver-gfx +bin/xscreensaver-hacks/xscreensaver-gl-visual +bin/xscreensaver-hacks/xscreensaver-text +%%SETUID_HACKS%%@mode 4555 bin/xscreensaver-hacks/sonar %%SETUID_HACKS%%@mode bin/xscreensaver-hacks/speedmine +bin/xscreensaver-hacks/sphereeversion bin/xscreensaver-hacks/spheremonics bin/xscreensaver-hacks/splitflap bin/xscreensaver-hacks/splodesic @@ -246,16 +256,11 @@ bin/xscreensaver-hacks/xmatrix bin/xscreensaver-hacks/xrayswarm bin/xscreensaver-hacks/xspirograph bin/xscreensaver-hacks/zoom -bin/xscreensaver-text +bin/xscreensaver-settings %%PAM%%etc/pam.d/xscreensaver lib/X11/app-defaults/XScreenSaver man/man1/xscreensaver-command.1.gz man/man1/xscreensaver-demo.1.gz -man/man1/xscreensaver-getimage-file.1.gz -man/man1/xscreensaver-getimage-video.1.gz -man/man1/xscreensaver-getimage.1.gz -man/man1/xscreensaver-systemd.1.gz -man/man1/xscreensaver-text.1.gz man/man1/xscreensaver.1.gz man/man6/abstractile.6.gz man/man6/anemone.6.gz @@ -265,10 +270,21 @@ man/man6/antmaze.6.gz man/man6/antspotlight.6.gz man/man6/apollonian.6.gz man/man6/apple2.6.gz +man/man1/xscreensaver-settings.1.gz +man/man6/xscreensaver-auth.6.gz +man/man6/xscreensaver-getimage-file.6.gz +man/man6/xscreensaver-getimage-video.6.gz +man/man6/xscreensaver-getimage.6.gz +man/man6/xscreensaver-gfx.6.gz +man/man6/xscreensaver-gl-visual.6.gz +man/man6/xscreensaver-systemd.6.gz +man/man6/xscreensaver-text.6.gz man/man6/atlantis.6.gz man/man6/attraction.6.gz man/man6/atunnel.6.gz man/man6/barcode.6.gz +man/man6/beats.6.gz +man/man6/binaryhorizon.6.gz man/man6/binaryring.6.gz man/man6/blaster.6.gz man/man6/blinkbox.6.gz @@ -293,6 +309,7 @@ man/man6/cloudlife.6.gz man/man6/companioncube.6.gz man/man6/compass.6.gz man/man6/coral.6.gz +man/man6/covid19.6.gz man/man6/crackberg.6.gz man/man6/crumbler.6.gz man/man6/crystal.6.gz @@ -363,6 +380,7 @@ man/man6/greynetic.6.gz man/man6/halftone.6.gz man/man6/halo.6.gz man/man6/handsy.6.gz +man/man6/headroom.6.gz man/man6/helix.6.gz man/man6/hexadrop.6.gz man/man6/hexstrut.6.gz @@ -387,9 +405,9 @@ man/man6/kumppa.6.gz man/man6/lament.6.gz man/man6/lavalite.6.gz man/man6/lcdscrub.6.gz -man/man6/ljlatest.6.gz man/man6/lockward.6.gz man/man6/loop.6.gz +man/man6/marbling.6.gz man/man6/maze.6.gz man/man6/maze3d.6.gz man/man6/memscroller.6.gz @@ -449,6 +467,7 @@ man/man6/slidescreen.6.gz man/man6/slip.6.gz man/man6/sonar.6.gz man/man6/speedmine.6.gz +man/man6/sphereeversion.6.gz man/man6/spheremonics.6.gz man/man6/splitflap.6.gz man/man6/splodesic.6.gz @@ -491,7 +510,6 @@ man/man6/xjack.6.gz man/man6/xlyap.6.gz man/man6/xmatrix.6.gz man/man6/xrayswarm.6.gz -man/man6/xscreensaver-gl-helper.6.gz man/man6/xspirograph.6.gz man/man6/zoom.6.gz share/applications/xscreensaver-blank.desktop @@ -499,6 +517,11 @@ share/applications/xscreensaver-lock.desktop share/applications/xscreensaver-properties.desktop share/applications/xscreensaver-start.desktop share/applications/xscreensaver-stop.desktop +share/fonts/xscreensaver/OCRAStd.otf +share/fonts/xscreensaver/SpecialElite.ttf +share/fonts/xscreensaver/clacon.ttf +share/fonts/xscreensaver/gallant12x22.ttf +share/fonts/xscreensaver/luximr.ttf %%NLS%%share/locale/da/LC_MESSAGES/xscreensaver.mo %%NLS%%share/locale/de/LC_MESSAGES/xscreensaver.mo %%NLS%%share/locale/es/LC_MESSAGES/xscreensaver.mo @@ -523,6 +546,7 @@ share/applications/xscreensaver-stop.desktop %%NLS%%share/locale/zh_TW/LC_MESSAGES/xscreensaver.mo share/pixmaps/xscreensaver.xpm %%DATADIR%%/config/README +%%DATADIR%%/ui/xscreensaver.ui %%DATADIR%%/config/abstractile.xml %%DATADIR%%/config/anemone.xml %%DATADIR%%/config/anemotaxis.xml @@ -535,6 +559,8 @@ share/pixmaps/xscreensaver.xpm %%DATADIR%%/config/attraction.xml %%DATADIR%%/config/atunnel.xml %%DATADIR%%/config/barcode.xml +%%DATADIR%%/config/beats.xml +%%DATADIR%%/config/binaryhorizon.xml %%DATADIR%%/config/binaryring.xml %%DATADIR%%/config/blaster.xml %%DATADIR%%/config/blinkbox.xml @@ -559,6 +585,7 @@ share/pixmaps/xscreensaver.xpm %%DATADIR%%/config/companioncube.xml %%DATADIR%%/config/compass.xml %%DATADIR%%/config/coral.xml +%%DATADIR%%/config/covid19.xml %%DATADIR%%/config/crackberg.xml %%DATADIR%%/config/crumbler.xml %%DATADIR%%/config/crystal.xml @@ -629,6 +656,7 @@ share/pixmaps/xscreensaver.xpm %%DATADIR%%/config/halftone.xml %%DATADIR%%/config/halo.xml %%DATADIR%%/config/handsy.xml +%%DATADIR%%/config/headroom.xml %%DATADIR%%/config/helix.xml %%DATADIR%%/config/hexadrop.xml %%DATADIR%%/config/hexstrut.xml @@ -656,6 +684,7 @@ share/pixmaps/xscreensaver.xpm %%DATADIR%%/config/lockward.xml %%DATADIR%%/config/loop.xml %%DATADIR%%/config/m6502.xml +%%DATADIR%%/config/marbling.xml %%DATADIR%%/config/maze.xml %%DATADIR%%/config/maze3d.xml %%DATADIR%%/config/memscroller.xml @@ -716,6 +745,7 @@ share/pixmaps/xscreensaver.xpm %%DATADIR%%/config/slip.xml %%DATADIR%%/config/sonar.xml %%DATADIR%%/config/speedmine.xml +%%DATADIR%%/config/sphereeversion.xml %%DATADIR%%/config/spheremonics.xml %%DATADIR%%/config/splitflap.xml %%DATADIR%%/config/splodesic.xml @@ -766,10 +796,9 @@ share/pixmaps/xscreensaver.xpm %%DATADIR%%/config/xsnow.xml %%DATADIR%%/config/xspirograph.xml %%DATADIR%%/config/zoom.xml -%%DATADIR%%/glade/screensaver-cmndln.png -%%DATADIR%%/glade/screensaver-colorselector.png -%%DATADIR%%/glade/screensaver-diagnostic.png -%%DATADIR%%/glade/screensaver-locking.png -%%DATADIR%%/glade/screensaver-power.png -%%DATADIR%%/glade/screensaver-snap.png -%%DATADIR%%/glade/xscreensaver-demo.glade2 +%%DATADIR%%/ui/screensaver-cmndln.png +%%DATADIR%%/ui/screensaver-colorselector.png +%%DATADIR%%/ui/screensaver-diagnostic.png +%%DATADIR%%/ui/screensaver-locking.png +%%DATADIR%%/ui/screensaver-power.png +%%DATADIR%%/ui/screensaver-snap.png -- 2.35.1 From 2956e6f67b7fa163fe5b0dc16c034578ce498259 Mon Sep 17 00:00:00 2001 From: Charlie Li Date: Sun, 13 Feb 2022 21:10:55 -0500 Subject: [PATCH 3/4] x11/xscreensaver: mark PAM BROKEN and other fixes From jwz: Also note that FreeBSD's implementation of PAM requires the calling process to be running as root during the entire interactive PAM conversation: it can't ever disavow privileges. Linux's PAM implementation uses a setuid helper so that a non-root process can still authenticate, as is right and proper. Consequently, XScreenSaver does not support PAM on FreeBSD. Dear FreeBSD, get your shit together. While here, fix setuid installs in the Makefile and remove extra patch. Respect upstream's USE_CSTD=gnu89. Remove now-unknown configure option and associated dependency. PR: 254178 --- x11/xscreensaver/Makefile | 13 ++++--- .../files/extra-patch-drop-privileges | 35 ------------------- .../files/patch-driver_Makefile.in | 4 +-- .../files/patch-hacks_glx_Makefile.in | 11 ++++++ x11/xscreensaver/pkg-plist | 4 --- 5 files changed, 19 insertions(+), 48 deletions(-) delete mode 100644 x11/xscreensaver/files/extra-patch-drop-privileges create mode 100644 x11/xscreensaver/files/patch-hacks_glx_Makefile.in diff --git a/x11/xscreensaver/Makefile b/x11/xscreensaver/Makefile index 8c441e6a25a9..947decae0f1c 100644 --- a/x11/xscreensaver/Makefile +++ b/x11/xscreensaver/Makefile @@ -22,8 +22,7 @@ USES= autoreconf cpe gettext gl gmake gnome jpeg localbase:ldflags perl5 \ USE_GL= gl glu USE_GNOME= cairo gdkpixbuf2 gtk20 intltool libglade2 libxml2 USE_PERL5= run -USE_XORG= ice sm x11 xext xi xinerama xmu xpm xrandr xrender xt xxf86vm -USE_CSTD= gnu99 +USE_XORG= ice sm x11 xext xi xinerama xmu xrandr xrender xt xxf86vm CPE_VENDOR= xscreensaver_project CONFLICTS= xscreensaver-gnome xscreensaver-gnome-hacks @@ -45,22 +44,22 @@ CONFIGURE_ARGS= --enable-locking \ --with-xf86gamma-ext \ --with-xf86vmode-ext \ --with-xinerama-ext \ - --with-xpm \ --with-xshm-ext \ - --without-kerberos \ - --without-setuid-hacks + --without-kerberos MAKE_ARGS+= install_prefix=${STAGEDIR} MAKE_JOBS_UNSAFE= yes OPTIONS_DEFINE= FIREF NLS NSFW PAM SETUID_HACKS XAOS1 XDALI XEARTH XFT \ XMOUN XPLANET XSNOW -OPTIONS_DEFAULT= PAM XFT +OPTIONS_DEFAULT= XFT OPTIONS_SUB= yes PAM_CONFIGURE_WITH= pam -PAM_EXTRA_PATCHES_OFF= ${PATCHDIR}/extra-patch-drop-privileges +PAM_BROKEN= "Consequently, XScreenSaver does not support PAM on FreeBSD." \ + Would otherwise need interfacing with pam_helper SETUID_HACKS_DESC= Install sonar hack suid so it can ping +SETUID_HACKS_CONFIGURE_WITH= setuid-hacks FIREF_DESC= Add extra port x11/fireflies FIREF_RUN_DEPENDS= ${LOCALBASE}/bin/xscreensaver-hacks/fireflies:x11/fireflies diff --git a/x11/xscreensaver/files/extra-patch-drop-privileges b/x11/xscreensaver/files/extra-patch-drop-privileges deleted file mode 100644 index e4bb566d68b4..000000000000 --- a/x11/xscreensaver/files/extra-patch-drop-privileges +++ /dev/null @@ -1,35 +0,0 @@ ---- driver/Makefile.in.orig 2021-06-09 15:47:14 UTC -+++ driver/Makefile.in -@@ -106,10 +106,10 @@ DAEMON_LIBS = $(LIBS_PRE) $(XINPUT_LIBS) -lX11 $(LIBS_ - - GFX_DEFS = -DLOCALEDIR=\"$(localedir)\" - GFX_SRCS = xscreensaver-gfx.c screens.c windows.c subprocs.c \ -- exec.c prefsw.c dpms.c fade.c exts.c atomswm.c -+ exec.c prefsw.c dpms.c fade.c exts.c atomswm.c setuid.c - GFX_OBJS = xscreensaver-gfx.o screens.o windows.o subprocs.o \ - exec.o prefsw.o dpms.o fade.o exts.o atomswm.o \ -- prefs.o blurb.o atoms.o clientmsg.o xinput.o \ -+ prefs.o blurb.o atoms.o clientmsg.o xinput.o setuid.o \ - $(UTILS_BIN)/xmu.o \ - $(UTILS_BIN)/yarandom.o \ - $(UTILS_BIN)/resources.o \ ---- driver/xscreensaver-gfx.c.orig 2021-09-21 12:25:20 UTC -+++ driver/xscreensaver-gfx.c -@@ -57,6 +57,8 @@ - #include "clientmsg.h" - #include "xmu.h" - -+extern void disavow_privileges (void); -+ - saver_info *global_si_kludge = 0; /* I hate C so much... */ - - char *progclass = 0; -@@ -559,6 +561,8 @@ main (int argc, char **argv) - goto HELP; - } - } -+ -+ disavow_privileges (); - - /* Copy the -dpy arg to $DISPLAY for subprocesses. */ - s = (char *) malloc (strlen(dpy_str) + 20); diff --git a/x11/xscreensaver/files/patch-driver_Makefile.in b/x11/xscreensaver/files/patch-driver_Makefile.in index fdebb600355a..828a4f48818a 100644 --- a/x11/xscreensaver/files/patch-driver_Makefile.in +++ b/x11/xscreensaver/files/patch-driver_Makefile.in @@ -1,11 +1,11 @@ ---- driver/Makefile.in.orig 2021-06-09 15:47:14 UTC +--- driver/Makefile.in.orig 2021-10-12 01:04:31 UTC +++ driver/Makefile.in @@ -46,7 +46,7 @@ DEPEND_FLAGS = @DEPEND_FLAGS@ DEPEND_DEFINES = @DEPEND_DEFINES@ INSTALL = @INSTALL@ -SUID_FLAGS = -o root -m 4755 -+SUID_FLAGS = -m 755 ++SUID_FLAGS = -m 4555 INSTALL_PROGRAM = @INSTALL_PROGRAM@ INSTALL_SETUID = $(INSTALL_PROGRAM) $(SUID_FLAGS) INSTALL_DATA = @INSTALL_DATA@ diff --git a/x11/xscreensaver/files/patch-hacks_glx_Makefile.in b/x11/xscreensaver/files/patch-hacks_glx_Makefile.in new file mode 100644 index 000000000000..20cd80fae6cb --- /dev/null +++ b/x11/xscreensaver/files/patch-hacks_glx_Makefile.in @@ -0,0 +1,11 @@ +--- hacks/glx/Makefile.in.orig 2021-10-12 01:04:30 UTC ++++ hacks/glx/Makefile.in +@@ -40,7 +40,7 @@ DEPEND_DEFINES = @DEPEND_DEFINES@ + + SHELL = /bin/sh + INSTALL = @INSTALL@ +-SUID_FLAGS = -o root -m 4755 ++SUID_FLAGS = -m 4555 + INSTALL_PROGRAM = @INSTALL_PROGRAM@ + INSTALL_SETUID = $(INSTALL_PROGRAM) $(SUID_FLAGS) + INSTALL_DATA = @INSTALL_DATA@ diff --git a/x11/xscreensaver/pkg-plist b/x11/xscreensaver/pkg-plist index d3f49deecc36..f0239b7d2518 100644 --- a/x11/xscreensaver/pkg-plist +++ b/x11/xscreensaver/pkg-plist @@ -1,6 +1,4 @@ -%%NO_PAM%%@mode 4555 bin/xscreensaver -%%NO_PAM%%@mode bin/xscreensaver-command bin/xscreensaver-demo bin/xscreensaver-hacks/abstractile @@ -206,9 +204,7 @@ bin/xscreensaver-hacks/xscreensaver-getimage-video bin/xscreensaver-hacks/xscreensaver-gfx bin/xscreensaver-hacks/xscreensaver-gl-visual bin/xscreensaver-hacks/xscreensaver-text -%%SETUID_HACKS%%@mode 4555 bin/xscreensaver-hacks/sonar -%%SETUID_HACKS%%@mode bin/xscreensaver-hacks/speedmine bin/xscreensaver-hacks/sphereeversion bin/xscreensaver-hacks/spheremonics -- 2.35.1 From fc7455cde42985833c96df642a377c7c93f07db1 Mon Sep 17 00:00:00 2001 From: Charlie Li Date: Tue, 15 Feb 2022 21:14:32 -0500 Subject: [PATCH 4/4] x11/xscreensaver: use security/pam_helper for PAM support Set PAM back as a DEFAULT_OPTION. While here, remove old CONFLICTS. PR: 254178 --- x11/xscreensaver/Makefile | 14 ++-- x11/xscreensaver/files/patch-configure.ac | 84 ++++++++++++++++++- .../files/patch-driver_passwd-helper.c | 11 +++ 3 files changed, 99 insertions(+), 10 deletions(-) create mode 100644 x11/xscreensaver/files/patch-driver_passwd-helper.c diff --git a/x11/xscreensaver/Makefile b/x11/xscreensaver/Makefile index 947decae0f1c..a0a1745993f1 100644 --- a/x11/xscreensaver/Makefile +++ b/x11/xscreensaver/Makefile @@ -25,8 +25,6 @@ USE_PERL5= run USE_XORG= ice sm x11 xext xi xinerama xmu xrandr xrender xt xxf86vm CPE_VENDOR= xscreensaver_project -CONFLICTS= xscreensaver-gnome xscreensaver-gnome-hacks - GNU_CONFIGURE= yes CONFIGURE_ENV+= PERL="${PERL}" CONFIGURE_ARGS= --enable-locking \ @@ -51,12 +49,11 @@ MAKE_JOBS_UNSAFE= yes OPTIONS_DEFINE= FIREF NLS NSFW PAM SETUID_HACKS XAOS1 XDALI XEARTH XFT \ XMOUN XPLANET XSNOW -OPTIONS_DEFAULT= XFT +OPTIONS_DEFAULT= PAM XFT OPTIONS_SUB= yes -PAM_CONFIGURE_WITH= pam -PAM_BROKEN= "Consequently, XScreenSaver does not support PAM on FreeBSD." \ - Would otherwise need interfacing with pam_helper +PAM_CONFIGURE_WITH= passwd-helper=${PREFIX}/bin/pam_helper +PAM_RUN_DEPENDS= pam_helper:security/pam_helper SETUID_HACKS_DESC= Install sonar hack suid so it can ping SETUID_HACKS_CONFIGURE_WITH= setuid-hacks @@ -100,8 +97,6 @@ post-patch: ${REINPLACE_CMD} -e "s|/etc/pam.d|${PREFIX}/etc/pam.d|g" \ ${WRKSRC}/driver/passwd-pam.c \ ${WRKSRC}/driver/xscreensaver.man - ${CP} ${FILESDIR}/xscreensaver.pam \ - ${WRKSRC}/driver/xscreensaver.pam.in post-patch-NSFW-off: ${REINPLACE_CMD} -e 's|Dick Pix|Stuff|' ${WRKSRC}/hacks/bsod.c @@ -112,4 +107,7 @@ post-install: ${INSTALL_DATA} ${WRKDIR}/*.desktop ${STAGEDIR}${PREFIX}/share/applications/ ${RM} ${STAGEDIR}${PREFIX}/etc/pam.d/xscreensaver.pam +post-install-PAM-on: + ${INSTALL_DATA} ${FILESDIR}/xscreensaver.pam ${STAGEDIR}${PREFIX}/etc/pam.d/xscreensaver + .include diff --git a/x11/xscreensaver/files/patch-configure.ac b/x11/xscreensaver/files/patch-configure.ac index e1ae51fa36d4..ab62b27def40 100644 --- a/x11/xscreensaver/files/patch-configure.ac +++ b/x11/xscreensaver/files/patch-configure.ac @@ -1,6 +1,71 @@ ---- configure.ac.orig 2021-05-20 16:46:35 UTC +--- configure.ac.orig 2021-10-04 22:18:28 UTC +++ configure.ac -@@ -4010,7 +4010,7 @@ fi +@@ -274,8 +274,8 @@ AH_TEMPLATE([HAVE_ADJUNCT_PASSWD], + AH_TEMPLATE([HAVE_HPUX_PASSWD], + [Define this for HPUX so-called "Secure Passwords".]) + +-#AH_TEMPLATE([PASSWD_HELPER_PROGRAM], +-# [Define this to use a third-party password helper program.]) ++AH_TEMPLATE([PASSWD_HELPER_PROGRAM], ++ [Define this to use a third-party password helper program.]) + + AH_TEMPLATE([HAVE_SYSLOG], + [Define this if you have openlog/syslog/closelog.]) +@@ -2725,31 +2725,31 @@ fi + # + ############################################################################### + +-#have_passwd_helper=no +-#with_passwd_helper_req=unspecified +-# +-#AC_ARG_WITH(passwd-helper, +-#[ --with-passwd-helper Include support for external password verification.], +-# [with_passwd_helper="$withval"; with_passwd_helper_req="$withval"],[with_passwd_helper=no]) +-## no HANDLE_X_PATH_ARG for this one +-# +-#if test "$enable_locking" = no ; then +-# with_passwd_helper_req=no +-# with_passwd_helper=no +-#fi +-# +-#case "$with_passwd_helper" in +-# ""|no) : ;; +-# /*) +-# AC_DEFINE_UNQUOTED(PASSWD_HELPER_PROGRAM, "$with_passwd_helper") +-# have_passwd_helper=yes;; +-# *) +-# echo "error: --with-passwd-helper needs full pathname of helper (not '$with_passwd_helper')." >&2 +-# exit 1 +-#esac ++have_passwd_helper=no ++with_passwd_helper_req=unspecified + ++AC_ARG_WITH(passwd-helper, ++[ --with-passwd-helper Include support for external password verification.], ++ [with_passwd_helper="$withval"; with_passwd_helper_req="$withval"],[with_passwd_helper=no]) ++# no HANDLE_X_PATH_ARG for this one + ++if test "$enable_locking" = no ; then ++ with_passwd_helper_req=no ++ with_passwd_helper=no ++fi + ++case "$with_passwd_helper" in ++ ""|no) : ;; ++ /*) ++ AC_DEFINE_UNQUOTED(PASSWD_HELPER_PROGRAM, "$with_passwd_helper") ++ have_passwd_helper=yes;; ++ *) ++ echo "error: --with-passwd-helper needs full pathname of helper (not '$with_passwd_helper')." >&2 ++ exit 1 ++esac ++ ++ ++ + # Most of the above shadow mechanisms will have set setuid_auth to yes, + # if they were found. But, on some systems, we need setuid even when + # using plain old vanilla passwords. +@@ -4011,7 +4011,7 @@ fi ############################################################################### PTY_LIBS= @@ -9,3 +74,18 @@ AC_CHECK_X_LIB(util, forkpty, [PTY_LIBS="-lutil" ac_have_forkpty=yes +@@ -4174,10 +4174,10 @@ if test "$enable_pam_check_account_type" = yes; then + else + COMMENT_PAM_CHECK_ACCOUNT="#" + fi +-#if test "$have_passwd_helper" = yes; then +-# PASSWD_SRCS="$PASSWD_SRCS \$(PWHELPER_SRCS)" +-# PASSWD_OBJS="$PASSWD_OBJS \$(PWHELPER_OBJS)" +-#fi ++if test "$have_passwd_helper" = yes; then ++ PASSWD_SRCS="$PASSWD_SRCS \$(PWHELPER_SRCS)" ++ PASSWD_OBJS="$PASSWD_OBJS \$(PWHELPER_OBJS)" ++fi + PASSWD_SRCS="$PASSWD_SRCS \$(PWENT_SRCS)" + PASSWD_OBJS="$PASSWD_OBJS \$(PWENT_OBJS)" + diff --git a/x11/xscreensaver/files/patch-driver_passwd-helper.c b/x11/xscreensaver/files/patch-driver_passwd-helper.c new file mode 100644 index 000000000000..69524d4195ac --- /dev/null +++ b/x11/xscreensaver/files/patch-driver_passwd-helper.c @@ -0,0 +1,11 @@ +--- driver/passwd-helper.c.orig 2021-10-04 22:18:28 UTC ++++ driver/passwd-helper.c +@@ -20,8 +20,6 @@ + + *****************************************************************************/ + +-#error "email jwz@jwz.org about passwd-helper.c" +- + + /* The idea here is to be able to run xscreensaver without any setuid bits. + * Password verification happens through an external program that you feed -- 2.35.1