From 97e6bf2d441e24ee6f7087146ab83be78bd4336f Mon Sep 17 00:00:00 2001 From: Rex Dieter Date: Mon, 7 Mar 2016 09:30:04 -0600 Subject: [PATCH] backport master/ branch fixes --- 0003-Disable-ptrace-on-kdesu.patch | 80 +++++++++ ...to-.config-rather-than-deprecated-.l.patch | 27 +++ ...d-properties-flag-so-the-default-out.patch | 158 ++++++++++++++++++ ...ean-out-any-kde-mimeapps.list-which-.patch | 74 ++++++++ ...ktraderclient5-s-output-So-revert-to.patch | 35 ++++ kde-cli-tools.spec | 14 +- 6 files changed, 386 insertions(+), 2 deletions(-) create mode 100644 0003-Disable-ptrace-on-kdesu.patch create mode 100644 0004-Save-settings-into-.config-rather-than-deprecated-.l.patch create mode 100644 0006-ktraderclient-add-properties-flag-so-the-default-out.patch create mode 100644 0007-keditfiletype-clean-out-any-kde-mimeapps.list-which-.patch create mode 100644 0010-xdg-mime-parses-ktraderclient5-s-output-So-revert-to.patch diff --git a/0003-Disable-ptrace-on-kdesu.patch b/0003-Disable-ptrace-on-kdesu.patch new file mode 100644 index 0000000..ffcc687 --- /dev/null +++ b/0003-Disable-ptrace-on-kdesu.patch @@ -0,0 +1,80 @@ +From 034b5c39e49ce946ca97f0d003a4b4f144b10d39 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Martin=20Gr=C3=A4=C3=9Flin?= +Date: Tue, 8 Dec 2015 12:56:03 +0100 +Subject: [PATCH 03/10] Disable ptrace on kdesu + +This change protects against other user processes attaching to the kdesu +process to gain the root password. + +REVIEW: 126276 +--- + CMakeLists.txt | 7 +++++++ + config-kde-cli-tools.h.cmake | 2 ++ + kdesu/kdesu.cpp | 8 ++++++++ + 3 files changed, 17 insertions(+) + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 31209e0..277ab15 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -12,7 +12,9 @@ include(ECMInstallIcons) + include(ECMMarkAsTest) + include(ECMMarkNonGuiExecutable) + include(FeatureSummary) ++include(CheckIncludeFile) + include(CheckIncludeFiles) ++include(CheckSymbolExists) + include(ECMOptionalAddSubdirectory) + + find_package(Qt5 ${QT_MIN_VERSION} CONFIG REQUIRED COMPONENTS +@@ -85,6 +87,11 @@ if(UNIX) + endif() + + check_include_files(sys/wait.h HAVE_SYS_WAIT_H) ++ ++check_include_file("sys/prctl.h" HAVE_SYS_PRCTL_H) ++check_symbol_exists(PR_SET_DUMPABLE "sys/prctl.h" HAVE_PR_SET_DUMPABLE) ++add_feature_info("prctl-dumpable" HAVE_PR_SET_DUMPABLE "Required for disallow ptrace on kdesu process") ++ + configure_file (config-kde-cli-tools.h.cmake ${CMAKE_CURRENT_BINARY_DIR}/config-kde-cli-tools.h ) + + feature_summary(WHAT ALL INCLUDE_QUIET_PACKAGES FATAL_ON_MISSING_REQUIRED_PACKAGES) +diff --git a/config-kde-cli-tools.h.cmake b/config-kde-cli-tools.h.cmake +index f7eb81e..d313dc9 100644 +--- a/config-kde-cli-tools.h.cmake ++++ b/config-kde-cli-tools.h.cmake +@@ -1,3 +1,5 @@ + /* Define to 1 if you have the header file. */ + #cmakedefine HAVE_SYS_WAIT_H 1 ++#cmakedefine01 HAVE_SYS_PRCTL_H ++#cmakedefine01 HAVE_PR_SET_DUMPABLE + #define HAVE_X11 ${X11_FOUND} +diff --git a/kdesu/kdesu.cpp b/kdesu/kdesu.cpp +index b82bdd4..040bfaa 100644 +--- a/kdesu/kdesu.cpp ++++ b/kdesu/kdesu.cpp +@@ -18,6 +18,9 @@ + #if defined(HAVE_SYS_WAIT_H) + #include + #endif ++#if HAVE_SYS_PRCTL_H ++#include ++#endif + + #include + #include +@@ -71,6 +74,11 @@ static int startApp(QCommandLineParser& p); + + int main(int argc, char *argv[]) + { ++ // disable ptrace ++#if HAVE_PR_SET_DUMPABLE ++ prctl(PR_SET_DUMPABLE, 0); ++#endif ++ + QApplication app(argc, argv); + + // FIXME: this can be considered a poor man's solution, as it's not +-- +2.5.0 + diff --git a/0004-Save-settings-into-.config-rather-than-deprecated-.l.patch b/0004-Save-settings-into-.config-rather-than-deprecated-.l.patch new file mode 100644 index 0000000..eb3395a --- /dev/null +++ b/0004-Save-settings-into-.config-rather-than-deprecated-.l.patch @@ -0,0 +1,27 @@ +From c4ebd9b537d749e5533ecaff5631debab4827760 Mon Sep 17 00:00:00 2001 +From: David Faure +Date: Tue, 29 Dec 2015 00:07:09 +0100 +Subject: [PATCH 04/10] Save settings into ~/.config rather than deprecated + ~/.local/share/apps/ + +BUG: 354179 +--- + keditfiletype/mimetypedata.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/keditfiletype/mimetypedata.cpp b/keditfiletype/mimetypedata.cpp +index 808760b..f706def 100644 +--- a/keditfiletype/mimetypedata.cpp ++++ b/keditfiletype/mimetypedata.cpp +@@ -365,7 +365,7 @@ void MimeTypeData::syncServices() + if (!m_bFullInit) + return; + +- KSharedConfig::Ptr profile = KSharedConfig::openConfig("mimeapps.list", KConfig::NoGlobals, QStandardPaths::ApplicationsLocation); ++ KSharedConfig::Ptr profile = KSharedConfig::openConfig("mimeapps.list", KConfig::NoGlobals, QStandardPaths::GenericConfigLocation); + + if (!profile->isConfigWritable(true)) // warn user if mimeapps.list is root-owned (#155126/#94504) + return; +-- +2.5.0 + diff --git a/0006-ktraderclient-add-properties-flag-so-the-default-out.patch b/0006-ktraderclient-add-properties-flag-so-the-default-out.patch new file mode 100644 index 0000000..e6d0206 --- /dev/null +++ b/0006-ktraderclient-add-properties-flag-so-the-default-out.patch @@ -0,0 +1,158 @@ +From d8de33cb9552d390494405e6922041122ae2e968 Mon Sep 17 00:00:00 2001 +From: David Faure +Date: Sun, 28 Feb 2016 14:23:13 +0100 +Subject: [PATCH 06/10] ktraderclient: add --properties flag, so the default + output is much shorter. + +More useful for debugging the list of services (especially remotely). +--- + ktraderclient/ktraderclient.cpp | 125 +++++++++++++++++++++------------------- + 1 file changed, 66 insertions(+), 59 deletions(-) + +diff --git a/ktraderclient/ktraderclient.cpp b/ktraderclient/ktraderclient.cpp +index 5a14cfe..31330c1 100644 +--- a/ktraderclient/ktraderclient.cpp ++++ b/ktraderclient/ktraderclient.cpp +@@ -46,73 +46,80 @@ int main( int argc, char **argv ) + parser.addOption(QCommandLineOption(QStringList() << QLatin1String("servicetype"), i18n("A servicetype, like KParts/ReadOnlyPart or KMyApp/Plugin"), QLatin1String("servicetype"))); + parser.addOption(QCommandLineOption(QStringList() << QLatin1String("constraint"), i18n("A constraint expressed in the trader query language"), QLatin1String("constraint"))); + ++ parser.addOption(QCommandLineOption(QStringList() << QLatin1String("properties"), i18n("Output all properties"))); ++ + parser.process(app); + aboutData.processCommandLine(&parser); + + const QString mimetype = parser.value("mimetype"); + QString servicetype = parser.value("servicetype"); + const QString constraint = parser.value("constraint"); ++ const bool outputProperties = parser.isSet("properties"); ++ ++ if ( mimetype.isEmpty() && servicetype.isEmpty() ) ++ parser.showHelp(); ++ ++ if ( !mimetype.isEmpty() ) ++ printf( "mimetype is : %s\n", qPrintable( mimetype ) ); ++ if ( !servicetype.isEmpty() ) ++ printf( "servicetype is : %s\n", qPrintable( servicetype ) ); ++ if ( !constraint.isEmpty() ) ++ printf( "constraint is : %s\n", qPrintable( constraint ) ); ++ ++ KService::List offers; ++ if ( !mimetype.isEmpty() ) { ++ if ( servicetype.isEmpty() ) ++ servicetype = "Application"; ++ offers = KMimeTypeTrader::self()->query( mimetype, servicetype, constraint ); ++ } ++ else ++ offers = KServiceTypeTrader::self()->query( servicetype, constraint ); ++ ++ printf("got %d offers.\n", offers.count()); + +- if ( mimetype.isEmpty() && servicetype.isEmpty() ) +- parser.showHelp(); +- +- if ( !mimetype.isEmpty() ) +- printf( "mimetype is : %s\n", qPrintable( mimetype ) ); +- if ( !servicetype.isEmpty() ) +- printf( "servicetype is : %s\n", qPrintable( servicetype ) ); +- if ( !constraint.isEmpty() ) +- printf( "constraint is : %s\n", qPrintable( constraint ) ); +- +- KService::List offers; +- if ( !mimetype.isEmpty() ) { +- if ( servicetype.isEmpty() ) +- servicetype = "Application"; +- offers = KMimeTypeTrader::self()->query( mimetype, servicetype, constraint ); +- } +- else +- offers = KServiceTypeTrader::self()->query( servicetype, constraint ); +- +- printf("got %d offers.\n", offers.count()); +- +- int i = 0; +- KService::List::ConstIterator it = offers.constBegin(); +- const KService::List::ConstIterator end = offers.constEnd(); +- for (; it != end; ++it, ++i ) +- { +- printf("---- Offer %d ----\n", i); +- QStringList props = (*it)->propertyNames(); +- QStringList::ConstIterator propIt = props.constBegin(); +- QStringList::ConstIterator propEnd = props.constEnd(); +- for (; propIt != propEnd; ++propIt ) ++ int i = 0; ++ KService::List::ConstIterator it = offers.constBegin(); ++ const KService::List::ConstIterator end = offers.constEnd(); ++ for (; it != end; ++it, ++i ) + { +- QVariant prop = (*it)->property( *propIt ); +- +- if ( !prop.isValid() ) +- { +- printf("Invalid property %s\n", (*propIt).toLocal8Bit().data()); +- continue; +- } +- +- QString outp = *propIt; +- outp += " : '"; +- +- switch ( prop.type() ) +- { +- case QVariant::StringList: +- outp += prop.toStringList().join(" - "); +- break; +- case QVariant::Bool: +- outp += prop.toBool() ? "TRUE" : "FALSE"; +- break; +- default: +- outp += prop.toString(); +- break; +- } +- +- if ( !outp.isEmpty() ) +- printf("%s'\n", outp.toLocal8Bit().data()); ++ if (outputProperties) { ++ printf("---- Offer %d ----\n", i); ++ QStringList props = (*it)->propertyNames(); ++ QStringList::ConstIterator propIt = props.constBegin(); ++ QStringList::ConstIterator propEnd = props.constEnd(); ++ for (; propIt != propEnd; ++propIt ) ++ { ++ QVariant prop = (*it)->property( *propIt ); ++ ++ if ( !prop.isValid() ) ++ { ++ printf("Invalid property %s\n", (*propIt).toLocal8Bit().data()); ++ continue; ++ } ++ ++ QString outp = *propIt; ++ outp += " : '"; ++ ++ switch ( prop.type() ) ++ { ++ case QVariant::StringList: ++ outp += prop.toStringList().join(" - "); ++ break; ++ case QVariant::Bool: ++ outp += prop.toBool() ? "TRUE" : "FALSE"; ++ break; ++ default: ++ outp += prop.toString(); ++ break; ++ } ++ ++ if ( !outp.isEmpty() ) ++ printf("%s'\n", outp.toLocal8Bit().constData()); ++ } ++ } else { ++ printf("%s\n", (*it)->entryPath().toLocal8Bit().constData()); ++ } + } +- } +- return 0; ++ return 0; + } + +-- +2.5.0 + diff --git a/0007-keditfiletype-clean-out-any-kde-mimeapps.list-which-.patch b/0007-keditfiletype-clean-out-any-kde-mimeapps.list-which-.patch new file mode 100644 index 0000000..fa3247c --- /dev/null +++ b/0007-keditfiletype-clean-out-any-kde-mimeapps.list-which-.patch @@ -0,0 +1,74 @@ +From 84e697f877e7cab2767b75448106b7e5abf27b10 Mon Sep 17 00:00:00 2001 +From: David Faure +Date: Sun, 28 Feb 2016 20:31:13 +0100 +Subject: [PATCH 07/10] keditfiletype: clean out any kde-mimeapps.list which + would take precedence any cancel our changes. + +CCBUG: 359850 +--- + keditfiletype/mimetypedata.cpp | 25 ++++++++++++++++++++++--- + 1 file changed, 22 insertions(+), 3 deletions(-) + +diff --git a/keditfiletype/mimetypedata.cpp b/keditfiletype/mimetypedata.cpp +index f706def..e024f94 100644 +--- a/keditfiletype/mimetypedata.cpp ++++ b/keditfiletype/mimetypedata.cpp +@@ -28,6 +28,7 @@ + #include + #include + #include ++#include + + MimeTypeData::MimeTypeData(const QString& major) + : m_askSave(AskSaveDefault), +@@ -360,6 +361,10 @@ bool MimeTypeData::sync() + return needUpdateMimeDb; + } + ++static const char s_DefaultApplications[] = "Default Applications"; ++static const char s_AddedAssociations[] = "Added Associations"; ++static const char s_RemovedAssociations[] = "Removed Associations"; ++ + void MimeTypeData::syncServices() + { + if (!m_bFullInit) +@@ -373,12 +378,12 @@ void MimeTypeData::syncServices() + const QStringList oldAppServices = getAppOffers(); + if (oldAppServices != m_appServices) { + // Save the default application according to mime-apps-spec 1.0 +- KConfigGroup defaultApp(profile, "Default Applications"); ++ KConfigGroup defaultApp(profile, s_DefaultApplications); + saveDefaultApplication(defaultApp, m_appServices); + // Save preferred services +- KConfigGroup addedApps(profile, "Added Associations"); ++ KConfigGroup addedApps(profile, s_AddedAssociations); + saveServices(addedApps, m_appServices); +- KConfigGroup removedApps(profile, "Removed Associations"); ++ KConfigGroup removedApps(profile, s_RemovedAssociations); + saveRemovedServices(removedApps, m_appServices, oldAppServices); + } + +@@ -391,6 +396,20 @@ void MimeTypeData::syncServices() + saveRemovedServices(removedParts, m_embedServices, oldPartServices); + } + ++ // Clean out any kde-mimeapps.list which would take precedence any cancel our changes. ++ const QString desktops = QString::fromLocal8Bit(qgetenv("XDG_CURRENT_DESKTOP")); ++ foreach (const QString &desktop, desktops.split(":", QString::SkipEmptyParts)) { ++ const QString file = QStandardPaths::writableLocation(QStandardPaths::GenericConfigLocation) ++ + QLatin1Char('/') + desktop.toLower() + QLatin1String("-mimeapps.list"); ++ if (QFileInfo::exists(file)) { ++ qDebug() << "Cleaning up" << file; ++ KConfig conf(file, KConfig::NoGlobals); ++ KConfigGroup(&conf, s_DefaultApplications).deleteEntry(name()); ++ KConfigGroup(&conf, s_AddedAssociations).deleteEntry(name()); ++ KConfigGroup(&conf, s_RemovedAssociations).deleteEntry(name()); ++ } ++ } ++ + m_appServicesModified = false; + m_embedServicesModified = false; + } +-- +2.5.0 + diff --git a/0010-xdg-mime-parses-ktraderclient5-s-output-So-revert-to.patch b/0010-xdg-mime-parses-ktraderclient5-s-output-So-revert-to.patch new file mode 100644 index 0000000..8a5d90c --- /dev/null +++ b/0010-xdg-mime-parses-ktraderclient5-s-output-So-revert-to.patch @@ -0,0 +1,35 @@ +From 80e0d16e248aad690c14dbfff88881fab6d79415 Mon Sep 17 00:00:00 2001 +From: David Faure +Date: Sun, 6 Mar 2016 19:09:50 +0100 +Subject: [PATCH 10/10] xdg-mime parses ktraderclient5's output! So revert to + outputting all props by default, and make --short output just paths. + +--- + ktraderclient/ktraderclient.cpp | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/ktraderclient/ktraderclient.cpp b/ktraderclient/ktraderclient.cpp +index 31330c1..fc233ca 100644 +--- a/ktraderclient/ktraderclient.cpp ++++ b/ktraderclient/ktraderclient.cpp +@@ -46,7 +46,7 @@ int main( int argc, char **argv ) + parser.addOption(QCommandLineOption(QStringList() << QLatin1String("servicetype"), i18n("A servicetype, like KParts/ReadOnlyPart or KMyApp/Plugin"), QLatin1String("servicetype"))); + parser.addOption(QCommandLineOption(QStringList() << QLatin1String("constraint"), i18n("A constraint expressed in the trader query language"), QLatin1String("constraint"))); + +- parser.addOption(QCommandLineOption(QStringList() << QLatin1String("properties"), i18n("Output all properties"))); ++ parser.addOption(QCommandLineOption(QStringList() << QLatin1String("short"), i18n("Output only paths to desktop files"))); + + parser.process(app); + aboutData.processCommandLine(&parser); +@@ -54,7 +54,7 @@ int main( int argc, char **argv ) + const QString mimetype = parser.value("mimetype"); + QString servicetype = parser.value("servicetype"); + const QString constraint = parser.value("constraint"); +- const bool outputProperties = parser.isSet("properties"); ++ const bool outputProperties = !parser.isSet("short"); + + if ( mimetype.isEmpty() && servicetype.isEmpty() ) + parser.showHelp(); +-- +2.5.0 + diff --git a/kde-cli-tools.spec b/kde-cli-tools.spec index fd40d4f..6eca0b4 100644 --- a/kde-cli-tools.spec +++ b/kde-cli-tools.spec @@ -1,6 +1,6 @@ Name: kde-cli-tools Version: 5.5.5 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Tools based on KDE Frameworks 5 to better interact with the system License: GPLv2+ @@ -14,6 +14,13 @@ URL: https://projects.kde.org/projects/kde/workspace/kde-cli-tools %endif Source0: http://download.kde.org/%{stable}/plasma/%{version}/%{name}-%{version}.tar.xz +## master branch backports +Patch3: 0003-Disable-ptrace-on-kdesu.patch +Patch4: 0004-Save-settings-into-.config-rather-than-deprecated-.l.patch +Patch6: 0006-ktraderclient-add-properties-flag-so-the-default-out.patch +Patch7: 0007-keditfiletype-clean-out-any-kde-mimeapps.list-which-.patch +Patch10: 0010-xdg-mime-parses-ktraderclient5-s-output-So-revert-to.patch + BuildRequires: qt5-qtbase-devel BuildRequires: qt5-qtsvg-devel BuildRequires: qt5-qtx11extras-devel @@ -56,7 +63,7 @@ Conflicts: kde-runtime-docs < 14.12.3-2 %prep -%setup -q -n %{name}-%{version} +%autosetup -p1 %build mkdir %{_target_platform} @@ -96,6 +103,9 @@ ln -s %{_kf5_libexecdir}/kdesu %{buildroot}%{_bindir}/kdesu %changelog +* Mon Mar 07 2016 Rex Dieter 5.5.5-2 +- backport master/ branch fixes + * Tue Mar 01 2016 Daniel Vrátil - 5.5.5-1 - Plasma 5.5.5