From 59bbf7e86c8b64850f7572d4af6a9587dfd3d7d0 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sat, 13 Aug 2022 18:14:34 +0200 Subject: gnu: scons: Update to 4.4.0. * gnu/packages/patches/scons-test-environment.patch: New file. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. * gnu/packages/build-tools.scm (scons): Update to 4.4.0. [source](patches): New field. [arguments]: Adjust bootstrap for the new version. Enable tests. [native-inputs]: Add PYTHON-WHEEL and PYTHON-PSUTIL. (scons-3): New variable. (scons-python2): Inherit from it. * gnu/packages/web.scm (serf)[arguments]: Stick with SCONS-3 to prevent rebuilds. --- gnu/packages/patches/scons-test-environment.patch | 57 +++++++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 gnu/packages/patches/scons-test-environment.patch (limited to 'gnu/packages/patches') diff --git a/gnu/packages/patches/scons-test-environment.patch b/gnu/packages/patches/scons-test-environment.patch new file mode 100644 index 0000000000..be5b61b2d4 --- /dev/null +++ b/gnu/packages/patches/scons-test-environment.patch @@ -0,0 +1,57 @@ +Inherit essential environment variables in tests. + +Note: it could be better to generalize this in SCons/Platform/posix.py +instead of just patching the tests. + +diff --git a/SCons/ActionTests.py b/SCons/ActionTests.py +--- a/SCons/ActionTests.py ++++ b/SCons/ActionTests.py +@@ -98,6 +98,7 @@ outfile2 = test.workpath('outfile2') + pipe_file = test.workpath('pipe.out') + + scons_env = SCons.Environment.Environment() ++scons_env['ENV']['PATH'] += os.environ['PATH'] + + # Capture all the stuff the Actions will print, + # so it doesn't clutter the output. +@@ -1090,6 +1091,8 @@ class CommandActionTestCase(unittest.TestCase): + except AttributeError: + env = Environment() + ++ env = Environment(ENV={'PATH': os.environ['PATH']}) ++ + cmd1 = r'%s %s %s xyzzy' % (_python_, act_py, outfile) + + act = SCons.Action.CommandAction(cmd1) +@@ -1884,7 +1887,7 @@ class ListActionTestCase(unittest.TestCase): + f.write("class2b\n") + + act = SCons.Action.ListAction([cmd2, function2, class2a(), class2b]) +- r = act([], [], Environment(out=outfile)) ++ r = act([], [], Environment(out=outfile, ENV={'PATH' : os.getenv('PATH')})) + assert isinstance(r.status, class2b), r.status + c = test.read(outfile, 'r') + assert c == "act.py: 'syzygy'\nfunction2\nclass2a\nclass2b\n", c +@@ -1948,7 +1951,7 @@ class LazyActionTestCase(unittest.TestCase): + a([], [], env=Environment(BAR=f, s=self)) + assert self.test == 1, self.test + cmd = r'%s %s %s lazy' % (_python_, act_py, outfile) +- a([], [], env=Environment(BAR=cmd, s=self)) ++ a([], [], env=Environment(BAR=cmd, s=self, ENV={'PATH' : os.getenv('PATH')})) + c = test.read(outfile, 'r') + assert c == "act.py: 'lazy'\n", c + +diff --git a/SCons/SConfTests.py b/SCons/SConfTests.py +--- a/SCons/SConfTests.py ++++ b/SCons/SConfTests.py +@@ -71,7 +71,9 @@ class SConfTestCase(unittest.TestCase): + # and we need a new environment, cause references may point to + # old modules (well, at least this is safe ...) + self.scons_env = self.Environment.Environment() +- self.scons_env.AppendENVPath('PATH', os.environ['PATH']) ++ # Inherit the OS environment to get essential variables. ++ inherited_env = os.environ.copy() ++ self.scons_env['ENV'] = inherited_env + + # we want to do some autodetection here + # this stuff works with -- cgit v1.2.3 From 57f8f69562e942557e3331bb81c7e4acd973d189 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Sun, 28 Aug 2022 15:39:54 +0200 Subject: gnu: gnome-shell: Adjust for polkit 121. * gnu/packages/patches/gnome-shell-polkit-autocleanup.patch: New file. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. * gnu/packages/gnome.scm (gnome-shell)[source](patches): New field. --- gnu/local.mk | 3 +- gnu/packages/gnome.scm | 1 + .../patches/gnome-shell-polkit-autocleanup.patch | 50 ++++++++++++++++++++++ 3 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/gnome-shell-polkit-autocleanup.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index 2a26a3879b..027cb8e3cb 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1211,7 +1211,8 @@ dist_patch_DATA = \ %D%/packages/patches/gnome-online-miners-tracker-3.patch \ %D%/packages/patches/gnome-screenshot-meson-0.60.patch \ %D%/packages/patches/gnome-settings-daemon-gc.patch \ - %D%/packages/patches/gnome-session-support-elogind.patch \ + %D%/packages/patches/gnome-session-support-elogind.patch \ + %D%/packages/patches/gnome-shell-polkit-autocleanup.patch \ %D%/packages/patches/gnome-todo-libportal.patch \ %D%/packages/patches/gnome-tweaks-search-paths.patch \ %D%/packages/patches/gnupg-CVE-2022-34903.patch \ diff --git a/gnu/packages/gnome.scm b/gnu/packages/gnome.scm index f028eb7611..251d08ae01 100644 --- a/gnu/packages/gnome.scm +++ b/gnu/packages/gnome.scm @@ -8701,6 +8701,7 @@ (define-public gnome-shell (uri (string-append "mirror://gnome/sources/" name "/" (version-major version) "/" name "-" version ".tar.xz")) + (patches (search-patches "gnome-shell-polkit-autocleanup.patch")) (sha256 (base32 "0ragmcln210zvzhc2br33yprbkj9drjzd7inp5sdxra0a7l73yaj")))) diff --git a/gnu/packages/patches/gnome-shell-polkit-autocleanup.patch b/gnu/packages/patches/gnome-shell-polkit-autocleanup.patch new file mode 100644 index 0000000000..08968b83a1 --- /dev/null +++ b/gnu/packages/patches/gnome-shell-polkit-autocleanup.patch @@ -0,0 +1,50 @@ +Don't redefine G_DEFINE_AUTOPTR_CLEANUP_FUNC when available in polkit. + +Taken from upstream: + + https://gitlab.gnome.org/GNOME/gnome-shell/-/commit/1d0a08b5e25fea7b0e792ec9798e68a7c5606a75 + +diff --git a/config.h.meson b/config.h.meson +index b93fda8727..ff355d3062 100644 +--- a/config.h.meson ++++ b/config.h.meson +@@ -33,3 +33,6 @@ + + /* Define if fdwalk is available in libc */ + #mesondefine HAVE_FDWALK ++ ++/* Define if polkit defines autocleanup functions */ ++#mesondefine HAVE_POLKIT_AUTOCLEANUP +diff --git a/meson.build b/meson.build +index 42ec01c566..778a34c6ef 100644 +--- a/meson.build ++++ b/meson.build +@@ -169,6 +169,13 @@ cdata.set('HAVE_FDWALK', + cc.has_function('fdwalk') + ) + ++polkit_has_autocleanup = cc.compiles( ++ '#define POLKIT_AGENT_I_KNOW_API_IS_SUBJECT_TO_CHANGE ++ #include ++ void main(void) { g_autoptr(PolkitAgentListener) agent = NULL; }', ++ dependencies: polkit_dep) ++cdata.set('HAVE_POLKIT_AUTOCLEANUP', polkit_has_autocleanup) ++ + buildtype = get_option('buildtype') + if buildtype != 'plain' + all_warnings = [ +diff --git a/src/shell-polkit-authentication-agent.h b/src/shell-polkit-authentication-agent.h +index 55b46af110..4f14749563 100644 +--- a/src/shell-polkit-authentication-agent.h ++++ b/src/shell-polkit-authentication-agent.h +@@ -14,8 +14,10 @@ + + G_BEGIN_DECLS + ++#ifndef HAVE_POLKIT_AUTOCLEANUP + /* Polkit doesn't have g_autoptr support, thus we have to manually set the autoptr function here */ + G_DEFINE_AUTOPTR_CLEANUP_FUNC (PolkitAgentListener, g_object_unref) ++#endif + + #define SHELL_TYPE_POLKIT_AUTHENTICATION_AGENT (shell_polkit_authentication_agent_get_type()) + -- cgit v1.2.3 From 6da5eed4e7e5859d158b835aee6c337fdcdc58c2 Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Sun, 7 Aug 2022 23:54:05 -0400 Subject: gnu: accountsservice: Provide a means to locate extensions. * gnu/packages/patches/accountsservice-extensions.patch: New patch. * gnu/packages/freedesktop.scm (accountsservice)[source]: Apply it. [phases]{wrap-with-xdg-data-dirs}: New phase. --- gnu/local.mk | 1 + gnu/packages/freedesktop.scm | 12 +++++++++-- .../patches/accountsservice-extensions.patch | 25 ++++++++++++++++++++++ 3 files changed, 36 insertions(+), 2 deletions(-) create mode 100644 gnu/packages/patches/accountsservice-extensions.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index fcbbdbd1fb..462aa7c731 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -843,6 +843,7 @@ dist_patch_DATA = \ %D%/packages/patches/abseil-cpp-fix-strerror_test.patch \ %D%/packages/patches/adb-add-libraries.patch \ %D%/packages/patches/adb-libssl_11-compatibility.patch \ + %D%/packages/patches/accountsservice-extensions.patch \ %D%/packages/patches/aegis-constness-error.patch \ %D%/packages/patches/aegis-perl-tempdir1.patch \ %D%/packages/patches/aegis-perl-tempdir2.patch \ diff --git a/gnu/packages/freedesktop.scm b/gnu/packages/freedesktop.scm index 8ebd0e5359..ab6fb480a7 100644 --- a/gnu/packages/freedesktop.scm +++ b/gnu/packages/freedesktop.scm @@ -1443,7 +1443,8 @@ (define-public accountsservice "accountsservice/accountsservice-" version ".tar.xz")) (sha256 - (base32 "14d3lwik048h62qrzg1djdd2sqmxf3m1r859730pvzhrd6krg6ch")))) + (base32 "14d3lwik048h62qrzg1djdd2sqmxf3m1r859730pvzhrd6krg6ch")) + (patches (search-patches "accountsservice-extensions.patch")))) (build-system meson-build-system) (arguments `(#:configure-flags @@ -1479,7 +1480,14 @@ (define-public accountsservice (("/usr/bin/passwd") (search-input-file inputs "bin/passwd")) (("/usr/bin/chage") - (search-input-file inputs "bin/chage")))))))) + (search-input-file inputs "bin/chage"))))) + (add-after 'install 'wrap-with-xdg-data-dirs + ;; This is to allow accountsservice finding extensions, which + ;; should be installed to the system profile. + (lambda* (#:key outputs #:allow-other-keys) + (wrap-program (search-input-file outputs "libexec/accounts-daemon") + '("XDG_DATA_DIRS" prefix + ("/run/current-system/profile/share")))))))) (native-inputs (list docbook-xml-4.1.2 docbook-xsl diff --git a/gnu/packages/patches/accountsservice-extensions.patch b/gnu/packages/patches/accountsservice-extensions.patch new file mode 100644 index 0000000000..2cfab580e3 --- /dev/null +++ b/gnu/packages/patches/accountsservice-extensions.patch @@ -0,0 +1,25 @@ +Patch from NixOS retrieved from +https://raw.githubusercontent.com/NixOS/nixpkgs/master/pkgs/development/libraries/accountsservice/drop-prefix-check-extensions.patch. + +diff --git a/src/extensions.c b/src/extensions.c +index 038dcb2..830465d 100644 +--- a/src/extensions.c ++++ b/src/extensions.c +@@ -121,16 +121,7 @@ daemon_read_extension_directory (GHashTable *ifaces, + continue; + } + +- /* Ensure it looks like "../../dbus-1/interfaces/${name}" */ +- const gchar * const prefix = "../../dbus-1/interfaces/"; +- if (g_str_has_prefix (symlink, prefix) && g_str_equal (symlink + strlen (prefix), name)) { +- daemon_read_extension_file (ifaces, filename); +- } +- else { +- g_warning ("Found accounts service vendor extension symlink %s, but it must be exactly " +- "equal to '../../dbus-1/interfaces/%s' for forwards-compatibility reasons.", +- filename, name); +- } ++ daemon_read_extension_file (ifaces, filename); + } + + g_dir_close (dir); -- cgit v1.2.3 From da3c784c68d9d3d0ec12eaaa98deaaf51ddb4c36 Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Tue, 9 Aug 2022 10:24:42 -0400 Subject: gnu: lightdm: Apply patch to fix a problem with VNC integration. * gnu/packages/patches/lightdm-vncserver-check.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/display-managers.scm (lightdm): Apply it. --- gnu/local.mk | 1 + gnu/packages/display-managers.scm | 7 ++- gnu/packages/patches/lightdm-vncserver-check.patch | 66 ++++++++++++++++++++++ 3 files changed, 71 insertions(+), 3 deletions(-) create mode 100644 gnu/packages/patches/lightdm-vncserver-check.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index 462aa7c731..6a55ecc8d8 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1360,6 +1360,7 @@ dist_patch_DATA = \ %D%/packages/patches/librime-fix-build-with-gcc10.patch \ %D%/packages/patches/libvirt-add-install-prefix.patch \ %D%/packages/patches/libziparchive-add-includes.patch \ + %D%/packages/patches/lightdm-vncserver-check.patch \ %D%/packages/patches/localed-xorg-keyboard.patch \ %D%/packages/patches/kdiagram-Fix-missing-link-libraries.patch \ %D%/packages/patches/kiki-level-selection-crash.patch \ diff --git a/gnu/packages/display-managers.scm b/gnu/packages/display-managers.scm index d6cf9445c6..022e0509aa 100644 --- a/gnu/packages/display-managers.scm +++ b/gnu/packages/display-managers.scm @@ -268,7 +268,8 @@ (define-public lightdm (file-name (git-file-name name version)) (sha256 (base32 - "1wr60c946p8jz9kb8zi4cd8d4mkcy7infbvlfzwajiglc22nblxn")))) + "1wr60c946p8jz9kb8zi4cd8d4mkcy7infbvlfzwajiglc22nblxn")) + (patches (search-patches "lightdm-vncserver-check.patch")))) (build-system gnu-build-system) (arguments '(#:parallel-tests? #f ; fails when run in parallel @@ -303,8 +304,8 @@ (define-public lightdm (unsetenv "LC_ALL")))))) (inputs (list audit - bash-minimal ;for cross-compilation - coreutils-minimal ;ditto + bash-minimal ;for cross-compilation + coreutils-minimal ;ditto linux-pam shadow ;for sbin/nologin libgcrypt diff --git a/gnu/packages/patches/lightdm-vncserver-check.patch b/gnu/packages/patches/lightdm-vncserver-check.patch new file mode 100644 index 0000000000..0e31ff3d68 --- /dev/null +++ b/gnu/packages/patches/lightdm-vncserver-check.patch @@ -0,0 +1,66 @@ +Honor the Xvnc command specified in the config instead of using a hard-coded +default. + +Submitted upstream at: https://github.com/canonical/lightdm/pull/265 + +diff --git a/src/lightdm.c b/src/lightdm.c +index 74f9ff2d..0ccfcd78 100644 +--- a/src/lightdm.c ++++ b/src/lightdm.c +@@ -349,27 +349,42 @@ start_display_manager (void) + /* Start the VNC server */ + if (config_get_boolean (config_get_instance (), "VNCServer", "enabled")) + { +- g_autofree gchar *path = g_find_program_in_path ("Xvnc"); +- if (path) ++ /* Validate that a the VNC command is available. */ ++ g_autofree gchar *command = config_get_string (config_get_instance (), "VNCServer", "command"); ++ if (command) + { +- vnc_server = vnc_server_new (); +- if (config_has_key (config_get_instance (), "VNCServer", "port")) ++ g_auto(GStrv) tokens = g_strsplit (command, " ", 2); ++ if (!g_find_program_in_path (tokens[0])) + { +- gint port = config_get_integer (config_get_instance (), "VNCServer", "port"); +- if (port > 0) +- vnc_server_set_port (vnc_server, port); ++ g_warning ("Can't start VNC server; command '%s' not found", tokens[0]); ++ return; + } +- g_autofree gchar *listen_address = config_get_string (config_get_instance (), "VNCServer", "listen-address"); +- vnc_server_set_listen_address (vnc_server, listen_address); +- g_signal_connect (vnc_server, VNC_SERVER_SIGNAL_NEW_CONNECTION, G_CALLBACK (vnc_connection_cb), NULL); +- +- g_debug ("Starting VNC server on TCP/IP port %d", vnc_server_get_port (vnc_server)); +- vnc_server_start (vnc_server); + } + else +- g_warning ("Can't start VNC server, Xvnc is not in the path"); ++ { ++ /* Fallback to 'Xvnc'. */ ++ if (!g_find_program_in_path ("Xvnc")) { ++ g_warning ("Can't start VNC server; 'Xvnc' command not found"); ++ return; ++ } ++ } ++ ++ vnc_server = vnc_server_new (); ++ if (config_has_key (config_get_instance (), "VNCServer", "port")) ++ { ++ gint port = config_get_integer (config_get_instance (), "VNCServer", "port"); ++ if (port > 0) ++ vnc_server_set_port (vnc_server, port); ++ } ++ g_autofree gchar *listen_address = config_get_string (config_get_instance (), "VNCServer", "listen-address"); ++ vnc_server_set_listen_address (vnc_server, listen_address); ++ g_signal_connect (vnc_server, VNC_SERVER_SIGNAL_NEW_CONNECTION, G_CALLBACK (vnc_connection_cb), NULL); ++ ++ g_debug ("Starting VNC server on TCP/IP port %d", vnc_server_get_port (vnc_server)); ++ vnc_server_start (vnc_server); + } + } ++ + static void + service_ready_cb (DisplayManagerService *service) + { -- cgit v1.2.3 From a4fd1840ab16086d6b9c4001b510d73ef5727222 Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Tue, 9 Aug 2022 15:47:21 -0400 Subject: gnu: lightdm: Apply patch to allow using VNC options. * gnu/packages/patches/lightdm-arguments-ordering.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/display-managers.scm (lightdm): Apply it. --- gnu/local.mk | 1 + gnu/packages/display-managers.scm | 3 +- .../patches/lightdm-arguments-ordering.patch | 54 ++++++++++++++++++++++ 3 files changed, 57 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/lightdm-arguments-ordering.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index 6a55ecc8d8..396f227188 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1360,6 +1360,7 @@ dist_patch_DATA = \ %D%/packages/patches/librime-fix-build-with-gcc10.patch \ %D%/packages/patches/libvirt-add-install-prefix.patch \ %D%/packages/patches/libziparchive-add-includes.patch \ + %D%/packages/patches/lightdm-arguments-ordering.patch \ %D%/packages/patches/lightdm-vncserver-check.patch \ %D%/packages/patches/localed-xorg-keyboard.patch \ %D%/packages/patches/kdiagram-Fix-missing-link-libraries.patch \ diff --git a/gnu/packages/display-managers.scm b/gnu/packages/display-managers.scm index 022e0509aa..2a0a72d145 100644 --- a/gnu/packages/display-managers.scm +++ b/gnu/packages/display-managers.scm @@ -269,7 +269,8 @@ (define-public lightdm (sha256 (base32 "1wr60c946p8jz9kb8zi4cd8d4mkcy7infbvlfzwajiglc22nblxn")) - (patches (search-patches "lightdm-vncserver-check.patch")))) + (patches (search-patches "lightdm-arguments-ordering.patch" + "lightdm-vncserver-check.patch")))) (build-system gnu-build-system) (arguments '(#:parallel-tests? #f ; fails when run in parallel diff --git a/gnu/packages/patches/lightdm-arguments-ordering.patch b/gnu/packages/patches/lightdm-arguments-ordering.patch new file mode 100644 index 0000000000..c3b513a19a --- /dev/null +++ b/gnu/packages/patches/lightdm-arguments-ordering.patch @@ -0,0 +1,54 @@ +When providing the VNCServer command as 'Xvnc -SecurityTypes None', +the formatted command line used would look like: + + Xvnc -SecurityTypes None :1 -auth /var/run/lightdm/root/:1 + +which is invalid (the display number must appear first). + +Submitted upstream at: https://github.com/canonical/lightdm/pull/265 + + src/x-server-local.c | 14 +++++++++++++- + 1 file changed, 13 insertions(+), 1 deletion(-) + +diff --git a/src/x-server-local.c b/src/x-server-local.c +index 7c4ab870..6c540d18 100644 +--- a/src/x-server-local.c ++++ b/src/x-server-local.c +@@ -463,14 +463,20 @@ x_server_local_start (DisplayServer *display_server) + l_debug (display_server, "Logging to %s", log_file); + + g_autofree gchar *absolute_command = get_absolute_command (priv->command); ++ g_auto(GStrv) tokens = g_strsplit (absolute_command, " ", 2); ++ const gchar* binary = tokens[0]; ++ const gchar *extra_options = tokens[1]; ++ + if (!absolute_command) + { + l_debug (display_server, "Can't launch X server %s, not found in path", priv->command); + stopped_cb (priv->x_server_process, X_SERVER_LOCAL (server)); + return FALSE; + } +- g_autoptr(GString) command = g_string_new (absolute_command); ++ g_autoptr(GString) command = g_string_new (binary); + ++ /* The display argument must be given first when the X server used ++ * is Xvnc. */ + g_string_append_printf (command, " :%d", priv->display_number); + + if (priv->config_file) +@@ -513,6 +519,12 @@ x_server_local_start (DisplayServer *display_server) + if (X_SERVER_LOCAL_GET_CLASS (server)->add_args) + X_SERVER_LOCAL_GET_CLASS (server)->add_args (server, command); + ++ /* Any extra user options provided via the VNCServer 'command' ++ * config option are appended last, so the user can override any ++ * of the above. */ ++ if (extra_options) ++ g_string_append_printf (command, " %s", extra_options); ++ + process_set_command (priv->x_server_process, command->str); + + l_debug (display_server, "Launching X Server"); +-- +2.36.1 + -- cgit v1.2.3 From b096b939f74913cfed5ed3efb5701a9132854760 Mon Sep 17 00:00:00 2001 From: Maxim Cournoyer Date: Tue, 9 Aug 2022 16:17:45 -0400 Subject: gnu: lightdm: Apply patch to fix color depth issue with VNC. * gnu/packages/patches/lightdm-vnc-color-depth.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/display-managers.scm (lightdm): Apply it. --- gnu/local.mk | 1 + gnu/packages/display-managers.scm | 3 +- gnu/packages/patches/lightdm-vnc-color-depth.patch | 81 ++++++++++++++++++++++ 3 files changed, 84 insertions(+), 1 deletion(-) create mode 100644 gnu/packages/patches/lightdm-vnc-color-depth.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index 396f227188..a9aebe5193 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1362,6 +1362,7 @@ dist_patch_DATA = \ %D%/packages/patches/libziparchive-add-includes.patch \ %D%/packages/patches/lightdm-arguments-ordering.patch \ %D%/packages/patches/lightdm-vncserver-check.patch \ + %D%/packages/patches/lightdm-vnc-color-depth.patch \ %D%/packages/patches/localed-xorg-keyboard.patch \ %D%/packages/patches/kdiagram-Fix-missing-link-libraries.patch \ %D%/packages/patches/kiki-level-selection-crash.patch \ diff --git a/gnu/packages/display-managers.scm b/gnu/packages/display-managers.scm index 2a0a72d145..137bd2739e 100644 --- a/gnu/packages/display-managers.scm +++ b/gnu/packages/display-managers.scm @@ -270,7 +270,8 @@ (define-public lightdm (base32 "1wr60c946p8jz9kb8zi4cd8d4mkcy7infbvlfzwajiglc22nblxn")) (patches (search-patches "lightdm-arguments-ordering.patch" - "lightdm-vncserver-check.patch")))) + "lightdm-vncserver-check.patch" + "lightdm-vnc-color-depth.patch")))) (build-system gnu-build-system) (arguments '(#:parallel-tests? #f ; fails when run in parallel diff --git a/gnu/packages/patches/lightdm-vnc-color-depth.patch b/gnu/packages/patches/lightdm-vnc-color-depth.patch new file mode 100644 index 0000000000..cd69977d6a --- /dev/null +++ b/gnu/packages/patches/lightdm-vnc-color-depth.patch @@ -0,0 +1,81 @@ +There is no longer support for 8 bit color depth in TigerVNC (see: +https://github.com/TigerVNC/tigervnc/commit/e86d8720ba1e79b486ca29a5c2b27fa25811e6a2); +using it causes a fatal error. + +Submitted upstream at: https://github.com/canonical/lightdm/pull/265. + +diff --git a/data/lightdm.conf b/data/lightdm.conf +index 0df38429..60e3e8b4 100644 +--- a/data/lightdm.conf ++++ b/data/lightdm.conf +@@ -160,4 +160,4 @@ + #listen-address= + #width=1024 + #height=768 +-#depth=8 ++#depth=24 +diff --git a/src/x-server-xvnc.c b/src/x-server-xvnc.c +index 68340d53..27ca4454 100644 +--- a/src/x-server-xvnc.c ++++ b/src/x-server-xvnc.c +@@ -127,7 +127,7 @@ x_server_xvnc_init (XServerXVNC *server) + XServerXVNCPrivate *priv = x_server_xvnc_get_instance_private (server); + priv->width = 1024; + priv->height = 768; +- priv->depth = 8; ++ priv->depth = 24; + } + + static void +diff --git a/tests/scripts/vnc-command.conf b/tests/scripts/vnc-command.conf +index 0f1e25fd..335956d9 100644 +--- a/tests/scripts/vnc-command.conf ++++ b/tests/scripts/vnc-command.conf +@@ -19,7 +19,7 @@ command=Xvnc -option + #?VNC-CLIENT CONNECT + + # Xvnc server starts +-#?XVNC-0 START GEOMETRY=1024x768 DEPTH=8 OPTION=TRUE ++#?XVNC-0 START GEOMETRY=1024x768 DEPTH=24 OPTION=TRUE + + # Daemon connects when X server is ready + #?*XVNC-0 INDICATE-READY +diff --git a/tests/scripts/vnc-guest.conf b/tests/scripts/vnc-guest.conf +index 431bb244..ce2b97db 100644 +--- a/tests/scripts/vnc-guest.conf ++++ b/tests/scripts/vnc-guest.conf +@@ -21,7 +21,7 @@ user-session=default + #?VNC-CLIENT CONNECT + + # Xvnc server starts +-#?XVNC-0 START GEOMETRY=1024x768 DEPTH=8 OPTION=FALSE ++#?XVNC-0 START GEOMETRY=1024x768 DEPTH=24 OPTION=FALSE + + # Daemon connects when X server is ready + #?*XVNC-0 INDICATE-READY +diff --git a/tests/scripts/vnc-login.conf b/tests/scripts/vnc-login.conf +index cdfe17b8..f0d65b7f 100644 +--- a/tests/scripts/vnc-login.conf ++++ b/tests/scripts/vnc-login.conf +@@ -21,7 +21,7 @@ user-session=default + #?VNC-CLIENT CONNECT + + # Xvnc server starts +-#?XVNC-0 START GEOMETRY=1024x768 DEPTH=8 OPTION=FALSE ++#?XVNC-0 START GEOMETRY=1024x768 DEPTH=24 OPTION=FALSE + + # Daemon connects when X server is ready + #?*XVNC-0 INDICATE-READY +diff --git a/tests/scripts/vnc-open-file-descriptors.conf b/tests/scripts/vnc-open-file-descriptors.conf +index 753c84dd..e5d35730 100644 +--- a/tests/scripts/vnc-open-file-descriptors.conf ++++ b/tests/scripts/vnc-open-file-descriptors.conf +@@ -21,7 +21,7 @@ user-session=default + #?VNC-CLIENT CONNECT + + # Xvnc server starts +-#?XVNC-0 START GEOMETRY=1024x768 DEPTH=8 OPTION=FALSE ++#?XVNC-0 START GEOMETRY=1024x768 DEPTH=24 OPTION=FALSE + + # Daemon connects when X server is ready + #?*XVNC-0 INDICATE-READY -- cgit v1.2.3 From 997a51bee8bcc894a057c21f24d34a7125c2e85f Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Tue, 30 Aug 2022 14:13:32 +0200 Subject: gnu: mercurial: Update to 6.2.1. * gnu/packages/version-control.scm (mercurial): Update to 6.2.1. [source](patches): Add patch for compatibility with OpenSSL 3.0. [arguments]: Patch /usr/bin/env and /bin/sh unconditionally in all tests. Disable four more tests. [inputs]: Change from PYTHON to PYTHON-WRAPPER. * gnu/packages/patches/mercurial-openssl-compat.patch: New file. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. --- gnu/local.mk | 3 +- .../patches/mercurial-openssl-compat.patch | 89 ++++++++++++++++++++++ gnu/packages/version-control.scm | 34 ++++++--- 3 files changed, 115 insertions(+), 11 deletions(-) create mode 100644 gnu/packages/patches/mercurial-openssl-compat.patch (limited to 'gnu/packages/patches') diff --git a/gnu/local.mk b/gnu/local.mk index b67dfac4e7..4e872e7cb0 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1510,7 +1510,8 @@ dist_patch_DATA = \ %D%/packages/patches/libmemcached-build-with-gcc7.patch \ %D%/packages/patches/libmhash-hmac-fix-uaf.patch \ %D%/packages/patches/libsigrokdecode-python3.9-fix.patch \ - %D%/packages/patches/mercurial-hg-extension-path.patch \ + %D%/packages/patches/mercurial-hg-extension-path.patch \ + %D%/packages/patches/mercurial-openssl-compat.patch \ %D%/packages/patches/mesa-opencl-all-targets.patch \ %D%/packages/patches/mesa-skip-tests.patch \ %D%/packages/patches/meson-allow-dirs-outside-of-prefix.patch \ diff --git a/gnu/packages/patches/mercurial-openssl-compat.patch b/gnu/packages/patches/mercurial-openssl-compat.patch new file mode 100644 index 0000000000..139356f285 --- /dev/null +++ b/gnu/packages/patches/mercurial-openssl-compat.patch @@ -0,0 +1,89 @@ +Tweak cipher selection to make TLS < 1.2 work with OpenSSL 3. + +Taken from Debian: + + https://salsa.debian.org/python-team/packages/mercurial/-/blob/debian/master/debian/patches/openssl_3_cipher_tlsv1.patch + +--- a/mercurial/sslutil.py ++++ b/mercurial/sslutil.py +@@ -117,17 +117,17 @@ def _hostsettings(ui, hostname): + ciphers = ui.config(b'hostsecurity', b'%s:ciphers' % bhostname, ciphers) + + # If --insecure is used, we allow the use of TLS 1.0 despite config options. + # We always print a "connection security to %s is disabled..." message when + # --insecure is used. So no need to print anything more here. + if ui.insecureconnections: + minimumprotocol = b'tls1.0' + if not ciphers: +- ciphers = b'DEFAULT' ++ ciphers = b'DEFAULT:@SECLEVEL=0' + + s[b'minimumprotocol'] = minimumprotocol + s[b'ciphers'] = ciphers + + # Look for fingerprints in [hostsecurity] section. Value is a list + # of : strings. + fingerprints = ui.configlist( + b'hostsecurity', b'%s:fingerprints' % bhostname +@@ -621,17 +621,17 @@ def wrapserversocket( + + # Improve forward secrecy. + sslcontext.options |= getattr(ssl, 'OP_SINGLE_DH_USE', 0) + sslcontext.options |= getattr(ssl, 'OP_SINGLE_ECDH_USE', 0) + + # In tests, allow insecure ciphers + # Otherwise, use the list of more secure ciphers if found in the ssl module. + if exactprotocol: +- sslcontext.set_ciphers('DEFAULT') ++ sslcontext.set_ciphers('DEFAULT:@SECLEVEL=0') + elif util.safehasattr(ssl, b'_RESTRICTED_SERVER_CIPHERS'): + sslcontext.options |= getattr(ssl, 'OP_CIPHER_SERVER_PREFERENCE', 0) + # pytype: disable=module-attr + sslcontext.set_ciphers(ssl._RESTRICTED_SERVER_CIPHERS) + # pytype: enable=module-attr + + if requireclientcert: + sslcontext.verify_mode = ssl.CERT_REQUIRED +--- a/tests/test-https.t ++++ b/tests/test-https.t +@@ -356,19 +356,19 @@ Start servers running supported TLS vers + $ cat ../hg1.pid >> $DAEMON_PIDS + $ hg serve -p $HGPORT2 -d --pid-file=../hg2.pid --certificate=$PRIV \ + > --config devel.serverexactprotocol=tls1.2 + $ cat ../hg2.pid >> $DAEMON_PIDS + $ cd .. + + Clients talking same TLS versions work + +- $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.0 --config hostsecurity.ciphers=DEFAULT id https://localhost:$HGPORT/ ++ $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.0 --config hostsecurity.ciphers=DEFAULT:@SECLEVEL=0 id https://localhost:$HGPORT/ + 5fed3813f7f5 +- $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.1 --config hostsecurity.ciphers=DEFAULT id https://localhost:$HGPORT1/ ++ $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.1 --config hostsecurity.ciphers=DEFAULT:@SECLEVEL=0 id https://localhost:$HGPORT1/ + 5fed3813f7f5 + $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.2 id https://localhost:$HGPORT2/ + 5fed3813f7f5 + + Clients requiring newer TLS version than what server supports fail + + $ P="$CERTSDIR" hg id https://localhost:$HGPORT/ + (could not negotiate a common security protocol (tls1.1+) with localhost; the likely cause is Mercurial is configured to be more secure than the server can support) +@@ -400,17 +400,17 @@ Clients requiring newer TLS version than + + $ hg --config hostsecurity.minimumprotocol=tls1.2 id --insecure https://localhost:$HGPORT1/ + warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering + 5fed3813f7f5 + + The per-host config option overrides the default + + $ P="$CERTSDIR" hg id https://localhost:$HGPORT/ \ +- > --config hostsecurity.ciphers=DEFAULT \ ++ > --config hostsecurity.ciphers=DEFAULT:@SECLEVEL=0 \ + > --config hostsecurity.minimumprotocol=tls1.2 \ + > --config hostsecurity.localhost:minimumprotocol=tls1.0 + 5fed3813f7f5 + + The per-host config option by itself works + + $ P="$CERTSDIR" hg id https://localhost:$HGPORT/ \ + > --config hostsecurity.localhost:minimumprotocol=tls1.2 diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm index 277ea2835b..cd84dfd0cc 100644 --- a/gnu/packages/version-control.scm +++ b/gnu/packages/version-control.scm @@ -1735,15 +1735,16 @@ (define-public pre-commit (define-public mercurial (package (name "mercurial") - (version "5.8.1") + (version "6.2.1") (source (origin (method url-fetch) (uri (string-append "https://www.mercurial-scm.org/" "release/mercurial-" version ".tar.gz")) - (patches (search-patches "mercurial-hg-extension-path.patch")) + (patches (search-patches "mercurial-hg-extension-path.patch" + "mercurial-openssl-compat.patch")) (sha256 (base32 - "16xi4bmjqzi7ig8sfa5mnypfpbbbiyafmmqrs4nxmgc743za7fl1")))) + "1nl2726szaxyrxlyssrsir5c6vb4ci0i6g969i6xaahw1nidgica")))) (build-system gnu-build-system) (arguments `(#:make-flags @@ -1753,13 +1754,11 @@ (define-public mercurial (delete 'configure) (add-after 'unpack 'patch-tests (lambda _ - (substitute* '("tests/test-extdiff.t" - "tests/test-logtoprocess.t" - "tests/test-patchbomb.t" - "tests/test-run-tests.t" - "tests/test-transplant.t") + (substitute* (find-files "tests" "\\.(t|py)$") (("/bin/sh") - (which "sh"))))) + (which "sh")) + (("/usr/bin/env") + (which "env"))))) (replace 'check (lambda* (#:key tests? #:allow-other-keys) (with-directory-excursion "tests" @@ -1770,6 +1769,12 @@ (define-public mercurial ;; PATH from before (that's why we are building it!)? "test-hghave.t" + ;; This test creates a shebang spanning multiple + ;; lines which is difficult to substitute. It + ;; only tests the test runner itself, which gets + ;; thoroughly tested during the check phase anyway. + "test-run-tests.t" + ;; These tests fail because the program is not ;; connected to a TTY in the build container. "test-nointerrupt.t" @@ -1778,6 +1783,15 @@ (define-public mercurial ;; FIXME: This gets killed but does not receive an interrupt. "test-commandserver.t" + ;; These tests get unexpected warnings about using + ;; deprecated functionality in Python, but otherwise + ;; succeed; try enabling for later Mercurial versions. + "test-demandimport.py" + "test-patchbomb-tls.t" + ;; Similarly, this gets a more informative error + ;; message from Python 3.10 than it expects. + "test-http-bad-server.t" + ;; Only works when run in a hg-repo, not in an ;; extracted tarball "test-doctest.py" @@ -1808,7 +1822,7 @@ (define-public mercurial ;; The following inputs are only needed to run the tests. python-nose unzip which)) (inputs - (list python)) + (list python-wrapper)) ;; Find third-party extensions. (native-search-paths (list (search-path-specification -- cgit v1.2.3