app-crypt/tpm2-tss: Fix sandbox violation for systemd users

Closes: https://bugs.gentoo.org/722864
Package-Manager: Portage-2.3.99, Repoman-2.3.22
Signed-off-by: Salah Coronya <salah.coronya@gmail.com>
Signed-off-by: Jason A. Donenfeld <zx2c4@gentoo.org>

diff --git a/app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-Dont-run-systemd-sysusers-in-Makefile.patch b/app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-Dont-run-systemd-sysusers-in-Makefile.patch
new file mode 100644 (file)
index 0000000..c916bbf
--- /dev/null
+++ b/app-crypt/tpm2-tss/files/tpm2-tss-2.4.0-Dont-run-systemd-sysusers-in-Makefile.patch
@@ -0,0 +1,15 @@
+diff --git a/Makefile.am b/Makefile.am
+index c543a287..58187f7e 100644
+--- a/Makefile.am
++++ b/Makefile.am
+@@ -558,10 +558,6 @@ uninstall-local:
+       -rm $(DESTDIR)$(udevrulesdir)/$(udevrulesprefix)tpm-udev.rules
+ endif
+ 
+-# Create tss user and FAPI directories directly after installation (vs. after a reboot)
+-install-exec-hook:
+-      systemd-sysusers && systemd-tmpfiles --create || true
+-
+ uninstall-hook:
+       cd $(DESTDIR)$(man3dir) && \
+               [ -L Tss2_TctiLdr_Initialize_Ex.3 ] && \

diff --git a/app-crypt/tpm2-tss/tpm2-tss-2.4.0.ebuild b/app-crypt/tpm2-tss/tpm2-tss-2.4.0.ebuild
index f8986d88dc98edbc8096cc79f13e3d2f70935c18..76c8cc9bf6d0e16102bc21d808cfcf797acfab87 100644 (file)
--- a/app-crypt/tpm2-tss/tpm2-tss-2.4.0.ebuild
+++ b/app-crypt/tpm2-tss/tpm2-tss-2.4.0.ebuild
@@ -34,7 +34,8 @@ BDEPEND="virtual/pkgconfig
 
 PATCHES=(
        "${FILESDIR}/${PN}-2.4.0-fix-tmpfiles-path.patch"
-)
+       "${FILESDIR}/${PN}-2.4.0-Dont-run-systemd-sysusers-in-Makefile.patch"
+       )
 
 pkg_setup() {
        local CONFIG_CHECK=" \
@@ -57,7 +58,7 @@ src_configure() {
                --with-runstatedir=/run \
                --with-udevrulesdir="$(get_udevdir)/rules.d" \
                --with-udevrulesprefix=60- \
-               --with-sysusersdir="/usr/lib/sysusers.d"
+               --with-sysusersdir="/usr/lib/sysusers.d" \
                --with-tmpfilesdir="/usr/lib/tmpfiles.d"
 }