[90583] trunk/dports/x11/xinit

jeremyhu at macports.org jeremyhu at macports.org
Fri Mar 9 02:44:25 PST 2012


Revision: 90583
          http://trac.macports.org/changeset/90583
Author:   jeremyhu at macports.org
Date:     2012-03-09 02:44:24 -0800 (Fri, 09 Mar 2012)
Log Message:
-----------
xinit: Bump to 1.3.2

Modified Paths:
--------------
    trunk/dports/x11/xinit/Portfile

Added Paths:
-----------
    trunk/dports/x11/xinit/files/0001-launchd-privileged_startx-Improved-error-resolution.patch

Removed Paths:
-------------
    trunk/dports/x11/xinit/files/0001-darwin-Buildfix-for-Tiger-which-doesn-t-have-posix_s.patch

Modified: trunk/dports/x11/xinit/Portfile
===================================================================
--- trunk/dports/x11/xinit/Portfile	2012-03-09 10:37:46 UTC (rev 90582)
+++ trunk/dports/x11/xinit/Portfile	2012-03-09 10:44:24 UTC (rev 90583)
@@ -3,7 +3,7 @@
 PortSystem          1.0
 
 name                xinit
-version             1.3.1
+version             1.3.2
 categories          x11
 platforms           darwin
 maintainers         jeremyhu openmaintainer
@@ -14,9 +14,9 @@
 homepage            http://www.x.org
 master_sites        xorg:individual/app/
 
-checksums           md5     ee234056d8a3dbf37b61b4bcb35b88e4 \
-                    sha1    6d3981c23ce49212a26912651d6d2473a5065766 \
-                    rmd160  aadb0729c65438819cfaae4733f512574fa39c2d
+checksums           sha1    1c287ac016d277f973652fa3707eef6db8353d5a \
+                    rmd160  097cd409e829255c328d1d87d69fb8206482f5d5 \
+                    sha256  a1867fdaa83f68750b12ba4305c3c62f5992d0f52cfeb98e96c27a8e690e0235
 
 use_bzip2	    yes
 use_parallel_build  yes
@@ -32,7 +32,7 @@
 depends_lib         port:xorg-libX11
 
 patchfiles \
-	0001-darwin-Buildfix-for-Tiger-which-doesn-t-have-posix_s.patch
+	0001-launchd-privileged_startx-Improved-error-resolution.patch
 patch.pre_args -p1
 
 configure.args --with-launchd-id-prefix=org.macports

Deleted: trunk/dports/x11/xinit/files/0001-darwin-Buildfix-for-Tiger-which-doesn-t-have-posix_s.patch
===================================================================
--- trunk/dports/x11/xinit/files/0001-darwin-Buildfix-for-Tiger-which-doesn-t-have-posix_s.patch	2012-03-09 10:37:46 UTC (rev 90582)
+++ trunk/dports/x11/xinit/files/0001-darwin-Buildfix-for-Tiger-which-doesn-t-have-posix_s.patch	2012-03-09 10:44:24 UTC (rev 90583)
@@ -1,58 +0,0 @@
-From 727706ffda344a1a752df296cd230ff3fb3940a5 Mon Sep 17 00:00:00 2001
-From: Jeremy Huddleston <jeremyhu at apple.com>
-Date: Sun, 31 Jul 2011 09:11:01 -0700
-Subject: [PATCH] darwin: Buildfix for Tiger which doesn't have posix_spawn
-
-Signed-off-by: Jeremy Huddleston <jeremyhu at apple.com>
----
- launchd/user_startx/launchd_startx.c |   22 +++++++++++++++++++++-
- 1 files changed, 21 insertions(+), 1 deletions(-)
-
-diff --git a/launchd/user_startx/launchd_startx.c b/launchd/user_startx/launchd_startx.c
-index e3fae76..f83cd61 100644
---- a/launchd/user_startx/launchd_startx.c
-+++ b/launchd/user_startx/launchd_startx.c
-@@ -34,11 +34,19 @@
- #include <unistd.h>
- #include <stdio.h>
- #include <assert.h>
--#include <spawn.h>
- #include <sys/wait.h>
- #include <string.h>
- #include <stdlib.h>
- 
-+/* Using MIN_REQUIRED instead of MAX_ALLOWED logic due to posix_spawn not
-+ * being marked with availability macros until 10.7
-+ */
-+#if MAC_OS_X_VERSION_MIN_REQUIRED >= 1050
-+#include <spawn.h>
-+#else
-+#include <errno.h>
-+#endif
-+
- #include "console_redirect.h"
- 
- int main(int argc, char **argv, char **envp) {
-@@ -56,7 +64,19 @@ int main(int argc, char **argv, char **envp) {
-     xi_asl_capture_fd(aslc, NULL, ASL_LEVEL_INFO, STDOUT_FILENO);
-     xi_asl_capture_fd(aslc, NULL, ASL_LEVEL_NOTICE, STDERR_FILENO);
- 
-+#if MAC_OS_X_VERSION_MIN_REQUIRED >= 1050
-     assert(posix_spawnp(&child, argv[1], NULL, NULL, &argv[1], envp) == 0);
-+#else
-+    switch(child = fork()) {
-+        case -1:
-+            perror("fork");
-+            return errno;
-+        case 0:
-+            return execvp(argv[1], &argv[1]);
-+        default:
-+            break;
-+    }
-+#endif
- 
-     wait4(child, &pstat, 0, (struct rusage *)0);
- 
--- 
-1.7.6
-

Added: trunk/dports/x11/xinit/files/0001-launchd-privileged_startx-Improved-error-resolution.patch
===================================================================
--- trunk/dports/x11/xinit/files/0001-launchd-privileged_startx-Improved-error-resolution.patch	                        (rev 0)
+++ trunk/dports/x11/xinit/files/0001-launchd-privileged_startx-Improved-error-resolution.patch	2012-03-09 10:44:24 UTC (rev 90583)
@@ -0,0 +1,66 @@
+From 49dd0d562ce95e8467830eedbd25ffa97ec88f0e Mon Sep 17 00:00:00 2001
+From: Jeremy Huddleston <jeremyhu at apple.com>
+Date: Fri, 17 Feb 2012 17:35:26 -0800
+Subject: [PATCH] launchd/privileged_startx: Improved error resolution
+
+Rather than just failing to do anything when directories aren't what we
+want them to be, we now try our best to fix the situation.
+
+Signed-off-by: Jeremy Huddleston <jeremyhu at apple.com>
+---
+ launchd/privileged_startx/10-tmpdirs.cpp |   36 +++++++++++++++++++++++++----
+ 1 files changed, 31 insertions(+), 5 deletions(-)
+ mode change 100755 => 100644 launchd/privileged_startx/10-tmpdirs.cpp
+
+diff --git a/launchd/privileged_startx/10-tmpdirs.cpp b/launchd/privileged_startx/10-tmpdirs.cpp
+old mode 100755
+new mode 100644
+index 8012597..7f2c139
+--- xinit-1.3.2/launchd/privileged_startx/10-tmpdirs.cpp
++++ xinit-1.3.2/launchd/privileged_startx/10-tmpdirs.cpp
+@@ -36,11 +36,37 @@ else
+     MKTEMP=mktemp
+ fi
+ 
++STAT=/usr/bin/stat
++
+ for dir in /tmp/.ICE-unix /tmp/.X11-unix /tmp/.font-unix ; do
+-	XCOMM Use mktemp rather than mkdir to avoid possible security issue
+-	XCOMM if $dir exists and is a symlink
+-	if ${MKTEMP} -d ${dir} >& /dev/null ; then
+-		chmod 1777 $dir
+-		chown root:wheel $dir
++	success=0
++	for attempt in 1 2 3 4 5 ; do
++		if [ -h ${dir} ] ; then
++			echo "Possible man in the middle attack (symlink) detected on ${dir}, removing." >&2
++			rm ${dir}
++		fi
++
++		check=`${STAT} -f '%#p %u %g' ${dir}`
++		if [ "${check}" = "041777 0 0" ] ; then
++			success=1
++			break
++		else
++			echo "Invalid permissions (${check}) found on ${dir}, moving to ${dir}.$$" >&2
++			mv ${dir} ${dir}.$$
++		fi
++
++		# Use mktemp rather than mkdir to avoid possible security issue
++		# if $dir exists and is a symlink (ie protect against a race
++		# against the above check)
++		if ${MKTEMP} -d ${dir} >& /dev/null ; then
++			chmod 1777 $dir
++			chown 0:0 $dir
++			success=1
++			break
++		fi
++	done
++
++	if [ "${success}" -eq 0 ] ; then
++		echo "Could not successfully create ${dir}" >&2
+ 	fi
+ done
+-- 
+1.7.9
+
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-changes/attachments/20120309/3de18eca/attachment.html>


More information about the macports-changes mailing list