diff --git a/x11/swaylock/Makefile b/x11/swaylock/Makefile index a92af32ae72b..1d6123ee5404 100644 --- a/x11/swaylock/Makefile +++ b/x11/swaylock/Makefile @@ -2,6 +2,7 @@ PORTNAME= swaylock DISTVERSION= 1.5 +PORTREVISION= 1 CATEGORIES= x11 MAINTAINER= jbeich@FreeBSD.org @@ -18,7 +19,7 @@ USES= compiler:c11 gnome meson pkgconfig USE_GITHUB= yes GH_ACCOUNT= swaywm USE_GNOME= cairo pango -PLIST_FILES= bin/${PORTNAME} \ +PLIST_FILES= "@(,,4755) bin/${PORTNAME}" \ etc/pam.d/${PORTNAME} \ share/bash-completion/completions/${PORTNAME} \ share/fish/vendor_completions.d/${PORTNAME}.fish \ diff --git a/x11/swaylock/files/patch-pam.c b/x11/swaylock/files/patch-pam.c new file mode 100644 index 000000000000..b00deca58e32 --- /dev/null +++ b/x11/swaylock/files/patch-pam.c @@ -0,0 +1,19 @@ +pam_unix(8) requires root priveleges to access master.passwd(5) + +--- pam.c.orig 2019-01-29 19:48:00 UTC ++++ pam.c +@@ -12,12 +12,14 @@ + static char *pw_buf = NULL; + + void initialize_pw_backend(int argc, char **argv) { ++#ifdef __linux__ + if (getuid() != geteuid() || getgid() != getegid()) { + swaylock_log(LOG_ERROR, + "swaylock is setuid, but was compiled with the PAM" + " backend. Run 'chmod a-s %s' to fix. Aborting.", argv[0]); + exit(EXIT_FAILURE); + } ++#endif + if (!spawn_comm_child()) { + exit(EXIT_FAILURE); + } diff --git a/x11/swaylock/files/patch-pam_swaylock b/x11/swaylock/files/patch-pam_swaylock new file mode 100644 index 000000000000..8388acd8a579 --- /dev/null +++ b/x11/swaylock/files/patch-pam_swaylock @@ -0,0 +1,15 @@ +"login" has "auth sufficient pam_self.so" but a screen locker is +supposed to ask for password regardless. + +--- pam/swaylock.orig 2019-01-29 19:48:00 UTC ++++ pam/swaylock +@@ -1,6 +1,6 @@ + # +-# PAM configuration file for the swaylock screen locker. By default, it includes +-# the 'login' configuration file (see /etc/pam.d/login) ++# PAM configuration for the "swaylock" service. swaylock(1) only uses ++# auth facilities. + # + +-auth include login ++auth include system