i3lock - spec file
Mateusz Kocielski
shm at digitalsun.pl
Tue Jul 11 22:30:00 CEST 2023
Dnia Tue, Jul 11, 2023 at 03:59:41PM +0000, Mateusz Kocielski napisał(a):
> > That's peculiar -- what screen locker needs suid bit for? Why wheel
> > group?
>
> Wheel group is taken from my BSD heritage I guess, fixed it. :) It requires
> PAM for an authentication.
>
> > > %{_mandir}/man1/i3lock.1*
Hi,
those suid privileges were bothering me and I did my homework, it seems that
on Linux i3lock can work without them because of the unix_chkpwd(8) utility.
On the FreeBSD (which uses OpenPAM) however SUID is necessary [1]. The reason
why I couldn't get it work without root privileges was /etc/pam.d/login
file which is installed with u-r permission by default. I guess there's no
need to keep it that way since PAM configuration rather not contain any
secrets. I attached fixed version of the spec file and patch against
util-linux to set u+r permissions. Thanks for your suggestions!
[1] - https://cgit.freebsd.org/ports/tree/deskutils/i3lock/Makefile?id=924204922ac441410520f46695dd91a87c001ee9#n27
Regards,
Mateusz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Add-u-r-for-etc-pam.d-configuration-files.patch
Type: text/x-diff
Size: 1747 bytes
Desc: not available
URL: </mailman/pipermail/pld-devel-en/attachments/20230711/1dcec741/attachment.bin>
-------------- next part --------------
Summary: improved screen locker
Name: i3lock
Version: 2.14.1
Release: 1
License: BSD
Group: Applications
Source0: https://i3wm.org/i3lock/%{name}-%{version}.tar.xz
# Source0-md5: 33d4bc8256a1566fbac911e405e53fdd
URL: https://i3wm.org/i3lock/
BuildRequires: cairo-devel >= 1.14.4
BuildRequires: libev-devel
BuildRequires: libxcb-devel
BuildRequires: meson >= 0.45.0
BuildRequires: ninja
BuildRequires: pam-devel
BuildRequires: pkgconfig
BuildRequires: rpmbuild(macros) >= 1.726
BuildRequires: xcb-util-devel
BuildRequires: xcb-util-image-devel
BuildRequires: xcb-util-xrm-devel
BuildRequires: xorg-lib-libxkbcommon-x11-devel
Requires: cairo >= 1.14.4
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%description
Minimalist screen locker based on slock.
%prep
%setup -q
%build
%meson build
%ninja_build -C build
%install
rm -rf $RPM_BUILD_ROOT
%ninja_install -C build
%clean
rm -rf $RPM_BUILD_ROOT
%files
%defattr(644,root,root,755)
%doc LICENSE CHANGELOG
%config(noreplace) %verify(not md5 mtime size) /etc/pam.d/i3lock
%attr(755,root,root) %{_bindir}/i3lock
%{_mandir}/man1/i3lock.1*
More information about the pld-devel-en
mailing list