From 56471498943c97a8bf7b81f4a5a2bfa5420c0f16 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Sat, 26 Feb 2022 13:42:38 +0100 Subject: [PATCH 1/3] =?UTF-8?q?accountsservice:=200.6.55=20=E2=86=92=2022.?= =?UTF-8?q?07.5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit New version scheme (${year}.${week}.${number_of_commits_since_last_release}). https://gitlab.freedesktop.org/accountsservice/accountsservice/-/compare/0.6.55...22.07.5 --- .../libraries/accountsservice/default.nix | 29 +++----------- .../libraries/accountsservice/fix-paths.patch | 40 +++++++++---------- .../accountsservice/no-create-dirs.patch | 10 +++-- 3 files changed, 31 insertions(+), 48 deletions(-) diff --git a/pkgs/development/libraries/accountsservice/default.nix b/pkgs/development/libraries/accountsservice/default.nix index bd6f2545b3b0..fa5ed7de4fb1 100644 --- a/pkgs/development/libraries/accountsservice/default.nix +++ b/pkgs/development/libraries/accountsservice/default.nix @@ -14,18 +14,19 @@ , dbus , ninja , python3 +, vala , gettext }: stdenv.mkDerivation rec { pname = "accountsservice"; - version = "0.6.55"; + version = "22.07.5"; outputs = [ "out" "dev" ]; src = fetchurl { - url = "https://www.freedesktop.org/software/${pname}/${pname}-${version}.tar.xz"; - sha256 = "16wwd633jak9ajyr1f1h047rmd09fhf3kzjz6g5xjsz0lwcj8azz"; + url = "https://www.freedesktop.org/software/accountsservice/accountsservice-${version}.tar.xz"; + sha256 = "IdRJwN6tilQ86o8R5x6wSWwDXXMOpIOTOXowKzpMfBo="; }; nativeBuildInputs = [ @@ -36,6 +37,7 @@ stdenv.mkDerivation rec { ninja pkg-config python3 + vala ]; buildInputs = [ @@ -48,7 +50,6 @@ stdenv.mkDerivation rec { "-Dadmin_group=wheel" "-Dlocalstatedir=/var" "-Dsystemdsystemunitdir=${placeholder "out"}/etc/systemd/system" - "-Dsystemd=true" ]; postPatch = '' @@ -57,11 +58,6 @@ stdenv.mkDerivation rec { ''; patches = [ - # https://gitlab.freedesktop.org/accountsservice/accountsservice/-/issues/55 - (fetchpatch { - url = "https://gitlab.freedesktop.org/accountsservice/accountsservice/-/merge_requests/58.patch"; - sha256 = "1pnwq4ycnryb2kkgvnz44qzm71240ybqj6507wynlkdsw8180fdw"; - }) (substituteAll { src = ./fix-paths.patch; inherit shadow coreutils; @@ -70,21 +66,6 @@ stdenv.mkDerivation rec { ./Disable-methods-that-change-files-in-etc.patch # Fixes https://github.com/NixOS/nixpkgs/issues/72396 ./drop-prefix-check-extensions.patch - # Systemd unit improvements. Notably using StateDirectory eliminating the - # need of an ad-hoc script. - (fetchpatch { - url = "https://gitlab.freedesktop.org/accountsservice/accountsservice/commit/152b845bbd3ca2a64516691493a160825f1a2046.patch"; - sha256 = "114wrf5mwj5bgc5v1g05md4ridcnwdrwppr3bjz96sknwh5hk8s5"; - }) - (fetchpatch { - url = "https://gitlab.freedesktop.org/accountsservice/accountsservice/commit/0e712e935abd26499ff5995ab363e5bfd9ee7c4c.patch"; - sha256 = "1y60a5fmgfqjzprwpizilrazqn3mggdlgc5sgcpsprsp62fv78rl"; - }) - # Don't use etc/dbus-1/system.d - (fetchpatch { - url = "https://gitlab.freedesktop.org/accountsservice/accountsservice/commit/ced73d0fcbd2a54085a660d260482fc70d79bd5c.patch"; - sha256 = "0s7fknfgxl8hnf6givmhfg4586fjb2n64i9arh1w7xnq7x9x8d4c"; - }) ]; meta = with lib; { diff --git a/pkgs/development/libraries/accountsservice/fix-paths.patch b/pkgs/development/libraries/accountsservice/fix-paths.patch index 78d7a8081bfd..0ed8e04579f4 100644 --- a/pkgs/development/libraries/accountsservice/fix-paths.patch +++ b/pkgs/development/libraries/accountsservice/fix-paths.patch @@ -1,8 +1,8 @@ diff --git a/src/daemon.c b/src/daemon.c -index c52bda3..75d214e 100644 +index c8b6320..2b74949 100644 --- a/src/daemon.c +++ b/src/daemon.c -@@ -1106,7 +1106,7 @@ daemon_create_user_authorized_cb (Daemon *daemon, +@@ -1102,7 +1102,7 @@ daemon_create_user_authorized_cb (Daemon *daemon, sys_log (context, "create user '%s'", cd->user_name); @@ -11,9 +11,9 @@ index c52bda3..75d214e 100644 argv[1] = "-m"; argv[2] = "-c"; argv[3] = cd->real_name; -@@ -1318,7 +1318,7 @@ daemon_delete_user_authorized_cb (Daemon *daemon, - - user_set_saved (user, FALSE); +@@ -1335,7 +1335,7 @@ daemon_delete_user_authorized_cb (Daemon *daemon, + } + free (resolved_homedir); - argv[0] = "/usr/sbin/userdel"; + argv[0] = "@shadow@/bin/userdel"; @@ -21,19 +21,19 @@ index c52bda3..75d214e 100644 argv[1] = "-f"; argv[2] = "-r"; diff --git a/src/user.c b/src/user.c -index 9f57af5..e65289d 100644 +index 189b2c5..5358c02 100644 --- a/src/user.c +++ b/src/user.c -@@ -844,7 +844,7 @@ user_change_real_name_authorized_cb (Daemon *daemon, - accounts_user_get_uid (ACCOUNTS_USER (user)), - name); +@@ -1145,7 +1145,7 @@ user_change_real_name_authorized_cb (Daemon *daemon, + new_gecos = g_strdup (name); + } - argv[0] = "/usr/sbin/usermod"; + argv[0] = "@shadow@/bin/usermod"; argv[1] = "-c"; - argv[2] = name; + argv[2] = new_gecos; argv[3] = "--"; -@@ -913,7 +913,7 @@ user_change_user_name_authorized_cb (Daemon *daemon, +@@ -1218,7 +1218,7 @@ user_change_user_name_authorized_cb (Daemon *daemon, accounts_user_get_uid (ACCOUNTS_USER (user)), name); @@ -42,7 +42,7 @@ index 9f57af5..e65289d 100644 argv[1] = "-l"; argv[2] = name; argv[3] = "--"; -@@ -1321,7 +1321,7 @@ user_change_home_dir_authorized_cb (Daemon *daemon, +@@ -1627,7 +1627,7 @@ user_change_home_dir_authorized_cb (Daemon *daemon, accounts_user_get_uid (ACCOUNTS_USER (user)), home_dir); @@ -51,7 +51,7 @@ index 9f57af5..e65289d 100644 argv[1] = "-m"; argv[2] = "-d"; argv[3] = home_dir; -@@ -1378,7 +1378,7 @@ user_change_shell_authorized_cb (Daemon *daemon, +@@ -1683,7 +1683,7 @@ user_change_shell_authorized_cb (Daemon *daemon, accounts_user_get_uid (ACCOUNTS_USER (user)), shell); @@ -60,7 +60,7 @@ index 9f57af5..e65289d 100644 argv[1] = "-s"; argv[2] = shell; argv[3] = "--"; -@@ -1520,7 +1520,7 @@ user_change_icon_file_authorized_cb (Daemon *daemon, +@@ -1824,7 +1824,7 @@ user_change_icon_file_authorized_cb (Daemon *daemon, return; } @@ -69,7 +69,7 @@ index 9f57af5..e65289d 100644 argv[1] = filename; argv[2] = NULL; -@@ -1601,7 +1601,7 @@ user_change_locked_authorized_cb (Daemon *daemon, +@@ -1904,7 +1904,7 @@ user_change_locked_authorized_cb (Daemon *daemon, locked ? "locking" : "unlocking", accounts_user_get_user_name (ACCOUNTS_USER (user)), accounts_user_get_uid (ACCOUNTS_USER (user))); @@ -78,7 +78,7 @@ index 9f57af5..e65289d 100644 argv[1] = locked ? "-L" : "-U"; argv[2] = "--"; argv[3] = accounts_user_get_user_name (ACCOUNTS_USER (user)); -@@ -1726,7 +1726,7 @@ user_change_account_type_authorized_cb (Daemon *daemon, +@@ -2026,7 +2026,7 @@ user_change_account_type_authorized_cb (Daemon *daemon, g_free (groups); @@ -87,7 +87,7 @@ index 9f57af5..e65289d 100644 argv[1] = "-G"; argv[2] = str->str; argv[3] = "--"; -@@ -1794,7 +1794,7 @@ user_change_password_mode_authorized_cb (Daemon *daemon, +@@ -2093,7 +2093,7 @@ user_change_password_mode_authorized_cb (Daemon *daemon, if (mode == PASSWORD_MODE_SET_AT_LOGIN || mode == PASSWORD_MODE_NONE) { @@ -96,7 +96,7 @@ index 9f57af5..e65289d 100644 argv[1] = "-d"; argv[2] = "--"; argv[3] = accounts_user_get_user_name (ACCOUNTS_USER (user)); -@@ -1806,7 +1806,7 @@ user_change_password_mode_authorized_cb (Daemon *daemon, +@@ -2105,7 +2105,7 @@ user_change_password_mode_authorized_cb (Daemon *daemon, } if (mode == PASSWORD_MODE_SET_AT_LOGIN) { @@ -105,7 +105,7 @@ index 9f57af5..e65289d 100644 argv[1] = "-d"; argv[2] = "0"; argv[3] = "--"; -@@ -1827,7 +1827,7 @@ user_change_password_mode_authorized_cb (Daemon *daemon, +@@ -2126,7 +2126,7 @@ user_change_password_mode_authorized_cb (Daemon *daemon, accounts_user_set_locked (ACCOUNTS_USER (user), FALSE); } else if (accounts_user_get_locked (ACCOUNTS_USER (user))) { @@ -114,7 +114,7 @@ index 9f57af5..e65289d 100644 argv[1] = "-U"; argv[2] = "--"; argv[3] = accounts_user_get_user_name (ACCOUNTS_USER (user)); -@@ -1905,7 +1905,7 @@ user_change_password_authorized_cb (Daemon *daemon, +@@ -2203,7 +2203,7 @@ user_change_password_authorized_cb (Daemon *daemon, g_object_freeze_notify (G_OBJECT (user)); diff --git a/pkgs/development/libraries/accountsservice/no-create-dirs.patch b/pkgs/development/libraries/accountsservice/no-create-dirs.patch index 0333f925d267..5d137eb52a11 100644 --- a/pkgs/development/libraries/accountsservice/no-create-dirs.patch +++ b/pkgs/development/libraries/accountsservice/no-create-dirs.patch @@ -1,15 +1,17 @@ diff --git a/meson_post_install.py b/meson_post_install.py -index 5cc2dc4..dd27ad5 100644 +index d8c3dd1..620f714 100644 --- a/meson_post_install.py +++ b/meson_post_install.py -@@ -9,8 +9,8 @@ localstatedir = os.path.normpath(destdir + os.sep + sys.argv[1]) +@@ -9,9 +9,9 @@ localstatedir = os.path.normpath(destdir + os.sep + sys.argv[1]) # FIXME: meson will not track the creation of these directories # https://github.com/mesonbuild/meson/blob/master/mesonbuild/scripts/uninstall.py#L39 dst_dirs = [ +- (os.path.join(localstatedir, 'lib'), 0o755), - (os.path.join(localstatedir, 'lib', 'AccountsService', 'icons'), 0o775), - (os.path.join(localstatedir, 'lib', 'AccountsService', 'users'), 0o700), -+# (os.path.join(localstatedir, 'lib', 'AccountsService', 'icons'), 0o775), -+# (os.path.join(localstatedir, 'lib', 'AccountsService', 'users'), 0o700), ++ # (os.path.join(localstatedir, 'lib'), 0o755), ++ # (os.path.join(localstatedir, 'lib', 'AccountsService', 'icons'), 0o775), ++ # (os.path.join(localstatedir, 'lib', 'AccountsService', 'users'), 0o700), ] for (dst_dir, dst_dir_mode) in dst_dirs: From 7614caf32979bda5133735504c819bd58f244e7b Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Sat, 26 Feb 2022 13:55:52 +0100 Subject: [PATCH 2/3] accountsservice: clean up - Move patches to the customary location just below src. - Add brief explanation comment to each patch. - Correct license. - Add freedesktop team to maintainers. --- .../libraries/accountsservice/default.nix | 33 +++++++++++-------- 1 file changed, 20 insertions(+), 13 deletions(-) diff --git a/pkgs/development/libraries/accountsservice/default.nix b/pkgs/development/libraries/accountsservice/default.nix index fa5ed7de4fb1..a019a25d1860 100644 --- a/pkgs/development/libraries/accountsservice/default.nix +++ b/pkgs/development/libraries/accountsservice/default.nix @@ -29,6 +29,24 @@ stdenv.mkDerivation rec { sha256 = "IdRJwN6tilQ86o8R5x6wSWwDXXMOpIOTOXowKzpMfBo="; }; + patches = [ + # Hardcode dependency paths. + (substituteAll { + src = ./fix-paths.patch; + inherit shadow coreutils; + }) + + # Do not try to create directories in /var, that will not work in Nix sandbox. + ./no-create-dirs.patch + + # Disable mutating D-Bus methods with immutable /etc. + ./Disable-methods-that-change-files-in-etc.patch + + # Do not ignore third-party (e.g Pantheon) extensions not matching FHS path scheme. + # Fixes https://github.com/NixOS/nixpkgs/issues/72396 + ./drop-prefix-check-extensions.patch + ]; + nativeBuildInputs = [ dbus gettext @@ -57,22 +75,11 @@ stdenv.mkDerivation rec { patchShebangs meson_post_install.py ''; - patches = [ - (substituteAll { - src = ./fix-paths.patch; - inherit shadow coreutils; - }) - ./no-create-dirs.patch - ./Disable-methods-that-change-files-in-etc.patch - # Fixes https://github.com/NixOS/nixpkgs/issues/72396 - ./drop-prefix-check-extensions.patch - ]; - meta = with lib; { description = "D-Bus interface for user account query and manipulation"; homepage = "https://www.freedesktop.org/wiki/Software/AccountsService"; - license = licenses.gpl3; - maintainers = with maintainers; [ pSub ]; + license = licenses.gpl3Plus; + maintainers = teams.freedesktop.members ++ (with maintainers; [ pSub ]); platforms = platforms.linux; }; } From 9adfe4a6ac8173d3e08348e96733f8dc6d096713 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Sat, 26 Feb 2022 13:35:43 +0100 Subject: [PATCH 3/3] accountsservice: Fix setting profile picture in GNOME Settings MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit GNOME Settings places the picture to /tmp for AccountsService to use. But accounts-daemon.service has PrivateTmp enabled so it cannot access it. Let’s apply upstream patch to remove this hardening until a proper solution is implemented. --- pkgs/development/libraries/accountsservice/default.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/pkgs/development/libraries/accountsservice/default.nix b/pkgs/development/libraries/accountsservice/default.nix index a019a25d1860..1887060aadb3 100644 --- a/pkgs/development/libraries/accountsservice/default.nix +++ b/pkgs/development/libraries/accountsservice/default.nix @@ -45,6 +45,15 @@ stdenv.mkDerivation rec { # Do not ignore third-party (e.g Pantheon) extensions not matching FHS path scheme. # Fixes https://github.com/NixOS/nixpkgs/issues/72396 ./drop-prefix-check-extensions.patch + + # Work around not being able to set profile picture in GNOME Settings. + # https://github.com/NixOS/nixpkgs/issues/85357 + # https://gitlab.freedesktop.org/accountsservice/accountsservice/-/issues/98 + # https://gitlab.gnome.org/GNOME/gnome-control-center/-/issues/1629 + (fetchpatch { + url = "https://gitlab.freedesktop.org/accountsservice/accountsservice/-/commit/1ef3add46983af875adfed5d29954cbfb184f688.patch"; + sha256 = "N4siK4SWkwYBnFa0JJUFgahi9XBkB/nS5yc+PyH3/iM="; + }) ]; nativeBuildInputs = [