diff options
| author | Marius Bakke <mbakke@fastmail.com> | 2019-06-05 19:46:16 +0200 |
|---|---|---|
| committer | Marius Bakke <mbakke@fastmail.com> | 2019-06-05 19:46:16 +0200 |
| commit | d4721ff1017b64e5242b09fd7b430665ec580524 (patch) | |
| tree | 1bd9ce1a339f5b348e780e4bb7f53a4333bfce01 /gnu/packages/patches | |
| parent | 30e12b9664d774aca3948b1fa2e0aee6af09ca40 (diff) | |
| parent | c0f6eebb6d9f6ca9b62344f32ce5f82dab601d53 (diff) | |
| download | guix-patches-d4721ff1017b64e5242b09fd7b430665ec580524.tar guix-patches-d4721ff1017b64e5242b09fd7b430665ec580524.tar.gz | |
Merge branch 'master' into staging
Diffstat (limited to 'gnu/packages/patches')
8 files changed, 6 insertions, 579 deletions
diff --git a/gnu/packages/patches/borg-fix-hard-link-preloading.patch b/gnu/packages/patches/borg-fix-hard-link-preloading.patch deleted file mode 100644 index 92a4e22674..0000000000 --- a/gnu/packages/patches/borg-fix-hard-link-preloading.patch +++ /dev/null @@ -1,157 +0,0 @@ -Fix a bug that would cause the test suite to hang: - -https://github.com/borgbackup/borg/issues/4350 - -Patch copied from upstream source repository: - -https://github.com/borgbackup/borg/commit/18242ab9e2f26c450b8507aa1d5eceadab8ad027 - -From 18242ab9e2f26c450b8507aa1d5eceadab8ad027 Mon Sep 17 00:00:00 2001 -From: Thomas Waldmann <tw@waldmann-edv.de> -Date: Thu, 2 May 2019 21:02:26 +0200 -Subject: [PATCH] preload chunks for hardlink slaves w/o preloaded master, - fixes #4350 - -also split the hardlink extraction test into 2 tests. - -(cherry picked from commit f33f318d816505161d1449a02ddfdeb97d6fe80a) ---- - src/borg/archive.py | 42 +++++++++++++++++++++++++++++----- - src/borg/archiver.py | 5 ++-- - src/borg/testsuite/archiver.py | 20 +++++++++------- - 3 files changed, 51 insertions(+), 16 deletions(-) - -diff --git a/src/borg/archive.py b/src/borg/archive.py -index adc1f42c..0793672a 100644 ---- a/src/borg/archive.py -+++ b/src/borg/archive.py -@@ -192,7 +192,7 @@ def __init__(self, repository, key): - self.repository = repository - self.key = key - -- def unpack_many(self, ids, filter=None, preload=False): -+ def unpack_many(self, ids, filter=None, partial_extract=False, preload=False, hardlink_masters=None): - """ - Return iterator of items. - -@@ -209,12 +209,40 @@ def unpack_many(self, ids, filter=None, preload=False): - for item in items: - if 'chunks' in item: - item.chunks = [ChunkListEntry(*e) for e in item.chunks] -+ -+ def preload(chunks): -+ self.repository.preload([c.id for c in chunks]) -+ - if filter: - items = [item for item in items if filter(item)] -+ - if preload: -- for item in items: -- if 'chunks' in item: -- self.repository.preload([c.id for c in item.chunks]) -+ if filter and partial_extract: -+ # if we do only a partial extraction, it gets a bit -+ # complicated with computing the preload items: if a hardlink master item is not -+ # selected (== not extracted), we will still need to preload its chunks if a -+ # corresponding hardlink slave is selected (== is extracted). -+ # due to a side effect of the filter() call, we now have hardlink_masters dict populated. -+ masters_preloaded = set() -+ for item in items: -+ if 'chunks' in item: # regular file, maybe a hardlink master -+ preload(item.chunks) -+ # if this is a hardlink master, remember that we already preloaded it: -+ if 'source' not in item and hardlinkable(item.mode) and item.get('hardlink_master', True): -+ masters_preloaded.add(item.path) -+ elif 'source' in item and hardlinkable(item.mode): # hardlink slave -+ source = item.source -+ if source not in masters_preloaded: -+ # we only need to preload *once* (for the 1st selected slave) -+ chunks, _ = hardlink_masters[source] -+ preload(chunks) -+ masters_preloaded.add(source) -+ else: -+ # easy: we do not have a filter, thus all items are selected, thus we need to preload all chunks. -+ for item in items: -+ if 'chunks' in item: -+ preload(item.chunks) -+ - for item in items: - yield item - -@@ -433,8 +461,10 @@ def item_filter(self, item, filter=None): - return False - return filter(item) if filter else True - -- def iter_items(self, filter=None, preload=False): -- for item in self.pipeline.unpack_many(self.metadata.items, preload=preload, -+ def iter_items(self, filter=None, partial_extract=False, preload=False, hardlink_masters=None): -+ assert not (filter and partial_extract and preload) or hardlink_masters is not None -+ for item in self.pipeline.unpack_many(self.metadata.items, partial_extract=partial_extract, -+ preload=preload, hardlink_masters=hardlink_masters, - filter=lambda item: self.item_filter(item, filter)): - yield item - -diff --git a/src/borg/archiver.py b/src/borg/archiver.py -index 957959d6..dcc20455 100644 ---- a/src/borg/archiver.py -+++ b/src/borg/archiver.py -@@ -755,7 +755,8 @@ def peek_and_store_hardlink_masters(item, matched): - else: - pi = None - -- for item in archive.iter_items(filter, preload=True): -+ for item in archive.iter_items(filter, partial_extract=partial_extract, -+ preload=True, hardlink_masters=hardlink_masters): - orig_path = item.path - if strip_components: - item.path = os.sep.join(orig_path.split(os.sep)[strip_components:]) -@@ -997,7 +998,7 @@ def item_to_tarinfo(item, original_path): - return None, stream - return tarinfo, stream - -- for item in archive.iter_items(filter, preload=True): -+ for item in archive.iter_items(filter, preload=True, hardlink_masters=hardlink_masters): - orig_path = item.path - if strip_components: - item.path = os.sep.join(orig_path.split(os.sep)[strip_components:]) -diff --git a/src/borg/testsuite/archiver.py b/src/borg/testsuite/archiver.py -index c35ad800..935b3d79 100644 ---- a/src/borg/testsuite/archiver.py -+++ b/src/borg/testsuite/archiver.py -@@ -823,7 +823,18 @@ def test_mount_hardlinks(self): - assert open('input/dir1/subdir/hardlink', 'rb').read() == b'123456' - - @requires_hardlinks -- def test_extract_hardlinks(self): -+ def test_extract_hardlinks1(self): -+ self._extract_hardlinks_setup() -+ with changedir('output'): -+ self.cmd('extract', self.repository_location + '::test') -+ assert os.stat('input/source').st_nlink == 4 -+ assert os.stat('input/abba').st_nlink == 4 -+ assert os.stat('input/dir1/hardlink').st_nlink == 4 -+ assert os.stat('input/dir1/subdir/hardlink').st_nlink == 4 -+ assert open('input/dir1/subdir/hardlink', 'rb').read() == b'123456' -+ -+ @requires_hardlinks -+ def test_extract_hardlinks2(self): - self._extract_hardlinks_setup() - with changedir('output'): - self.cmd('extract', self.repository_location + '::test', '--strip-components', '2') -@@ -839,13 +850,6 @@ def test_extract_hardlinks(self): - assert open('input/dir1/subdir/hardlink', 'rb').read() == b'123456' - assert os.stat('input/dir1/aaaa').st_nlink == 2 - assert os.stat('input/dir1/source2').st_nlink == 2 -- with changedir('output'): -- self.cmd('extract', self.repository_location + '::test') -- assert os.stat('input/source').st_nlink == 4 -- assert os.stat('input/abba').st_nlink == 4 -- assert os.stat('input/dir1/hardlink').st_nlink == 4 -- assert os.stat('input/dir1/subdir/hardlink').st_nlink == 4 -- assert open('input/dir1/subdir/hardlink', 'rb').read() == b'123456' - - def test_extract_include_exclude(self): - self.cmd('init', '--encryption=repokey', self.repository_location) --- -2.21.0 - diff --git a/gnu/packages/patches/icecat-makeicecat.patch b/gnu/packages/patches/icecat-makeicecat.patch index 2a11bf0b70..7d4f774c83 100644 --- a/gnu/packages/patches/icecat-makeicecat.patch +++ b/gnu/packages/patches/icecat-makeicecat.patch @@ -3,10 +3,10 @@ in a snippet without network access. After this patch is applied, some additional changes will be made using 'substitute*'. diff --git a/makeicecat b/makeicecat -index aa46b94..db27a86 100644 +index 5a4390b..fcfa143 100644 --- a/makeicecat +++ b/makeicecat -@@ -36,75 +36,75 @@ export DEBFULLNAME="Ruben Rodriguez" +@@ -29,55 +29,55 @@ SOURCEDIR=icecat-$FFVERSION DATA="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"/data @@ -25,6 +25,7 @@ index aa46b94..db27a86 100644 -wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc -gpg --recv-keys --keyserver keyserver.ubuntu.com 24C6F355 -gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc +-echo -n 0a5f0c1d8d1e9443d85083d37fec32e5cc15c1001ea992d49745490065b4a023 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - - -echo Extracting Firefox tarball -tar -xf firefox-${FFVERSION}esr.source.tar.xz @@ -36,6 +37,7 @@ index aa46b94..db27a86 100644 +# wget -N https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/${FFVERSION}esr/source/firefox-${FFVERSION}esr.source.tar.xz.asc +# gpg --recv-keys --keyserver keyserver.ubuntu.com 24C6F355 +# gpg --verify firefox-${FFVERSION}esr.source.tar.xz.asc ++# echo -n 0a5f0c1d8d1e9443d85083d37fec32e5cc15c1001ea992d49745490065b4a023 firefox-${FFVERSION}esr.source.tar.xz |sha256sum -c - +# +# echo Extracting Firefox tarball +# tar -xf firefox-${FFVERSION}esr.source.tar.xz @@ -43,43 +45,6 @@ index aa46b94..db27a86 100644 +# mv firefox-${FFVERSION} $SOURCEDIR ############################################################################### - # Retrieve /debian from Ubuntu - ############################################################################### - --rm -rf firefox.$CODENAME --bzr branch https://code.launchpad.net/~mozillateam/firefox/firefox.$CODENAME --cd firefox.$CODENAME --bzr revert -r$REVISION --echo '3.0 (native)' > debian/source/format -- --for PATCH in ubuntu-bookmarks.patch ubuntu-ua-string-changes.patch unity-menubar.patch ubuntu-search-defaults.patch fix-make-package-tests-without-webrtc.patch revert-upstream-search-engine-changes.patch --do -- rm debian/patches/$PATCH -- sed "/$PATCH/d" -i debian/patches/series --done --sed "/test-/d" -i debian/patches/series --cd .. -- --mv firefox.$CODENAME/debian $SOURCEDIR --rm -rf firefox.$CODENAME -+# rm -rf firefox.$CODENAME -+# bzr branch https://code.launchpad.net/~mozillateam/firefox/firefox.$CODENAME -+# cd firefox.$CODENAME -+# bzr revert -r$REVISION -+# echo '3.0 (native)' > debian/source/format -+# -+# for PATCH in ubuntu-bookmarks.patch ubuntu-ua-string-changes.patch unity-menubar.patch ubuntu-search-defaults.patch fix-make-package-tests-without-webrtc.patch revert-upstream-search-engine-changes.patch -+# do -+# rm debian/patches/$PATCH -+# sed "/$PATCH/d" -i debian/patches/series -+# done -+# sed "/test-/d" -i debian/patches/series -+# cd .. -+# -+# mv firefox.$CODENAME/debian $SOURCEDIR -+# rm -rf firefox.$CODENAME - - ############################################################################### # Retrieve l10n ############################################################################### @@ -133,19 +98,10 @@ index aa46b94..db27a86 100644 #for patch in $DATA/patches/*; do # echo Patching with file: $patch -@@ -720,7 +720,7 @@ debian/rules debian/control - touch -d "yesterday" debian/control - debian/rules debian/control - --echo | dch -b -D stable -v "$ICECATVERSION" "Converted into IceCat (http://www.gnu.org/software/gnuzilla/)" -+# echo | dch -b -D stable -v "$ICECATVERSION" "Converted into IceCat (http://www.gnu.org/software/gnuzilla/)" - sed "1s/firefox/icecat/" -i debian/changelog - - touch configure js/src/configure -@@ -734,6 +734,6 @@ sed 's/777/755/;' -i toolkit/crashreporter/google-breakpad/Makefile.in +@@ -590,6 +590,6 @@ sed 's/777/755/;' -i toolkit/crashreporter/google-breakpad/Makefile.in + # Fix CVE-2012-3386 /bin/sed 's/chmod a+w/chmod u+w/' -i ./js/src/ctypes/libffi/Makefile.in ./toolkit/crashreporter/google-breakpad/Makefile.in ./toolkit/crashreporter/google-breakpad/src/third_party/glog/Makefile.in || true - -cd .. -echo Packaging tarball -tar cfj icecat-$ICECATVERSION.tar.bz2 $SOURCEDIR diff --git a/gnu/packages/patches/libevent-2.0-CVE-2016-10195.patch b/gnu/packages/patches/libevent-2.0-CVE-2016-10195.patch deleted file mode 100644 index bffe2c454c..0000000000 --- a/gnu/packages/patches/libevent-2.0-CVE-2016-10195.patch +++ /dev/null @@ -1,41 +0,0 @@ -Fix CVE-2016-10195 (buffer overread in libevent's DNS code): - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10195 -https://github.com/libevent/libevent/issues/317 - -Patch copied from upstream source repository: - -https://github.com/libevent/libevent/commit/96f64a022014a208105ead6c8a7066018449d86d - -From 3c570970516f48da35f42fef98276531fcc0abaa Mon Sep 17 00:00:00 2001 -From: Azat Khuzhin <a3at.mail@gmail.com> -Date: Mon, 1 Feb 2016 17:32:09 +0300 -Subject: [PATCH] evdns: name_parse(): fix remote stack overread - ---- - evdns.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/evdns.c b/evdns.c -index 60b10485..137c24ea 100644 ---- a/evdns.c -+++ b/evdns.c -@@ -960,7 +960,6 @@ name_parse(u8 *packet, int length, int *idx, char *name_out, int name_out_len) { - - for (;;) { - u8 label_len; -- if (j >= length) return -1; - GET8(label_len); - if (!label_len) break; - if (label_len & 0xc0) { -@@ -981,6 +980,7 @@ name_parse(u8 *packet, int length, int *idx, char *name_out, int name_out_len) { - *cp++ = '.'; - } - if (cp + label_len >= end) return -1; -+ if (j + label_len > length) return -1; - memcpy(cp, packet + j, label_len); - cp += label_len; - j += label_len; --- -2.11.0 - diff --git a/gnu/packages/patches/libevent-2.0-CVE-2016-10196.patch b/gnu/packages/patches/libevent-2.0-CVE-2016-10196.patch deleted file mode 100644 index 03f96e938b..0000000000 --- a/gnu/packages/patches/libevent-2.0-CVE-2016-10196.patch +++ /dev/null @@ -1,41 +0,0 @@ -Fix CVE-2016-10196 (buffer overflow in evutil): - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10196 -https://github.com/libevent/libevent/issues/318 - -Patch copied from upstream source repository: - -https://github.com/libevent/libevent/commit/329acc18a0768c21ba22522f01a5c7f46cacc4d5 - -From 28bdc2f3f62259d21ccaf7be2b60ef0a53e6f342 Mon Sep 17 00:00:00 2001 -From: Azat Khuzhin <a3at.mail@gmail.com> -Date: Sun, 31 Jan 2016 00:57:16 +0300 -Subject: [PATCH] evutil_parse_sockaddr_port(): fix buffer overflow - ---- - evutil.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/evutil.c b/evutil.c -index 33445170..e2dfe6e4 100644 ---- a/evutil.c -+++ b/evutil.c -@@ -1808,12 +1808,12 @@ evutil_parse_sockaddr_port(const char *ip_as_string, struct sockaddr *out, int * - - cp = strchr(ip_as_string, ':'); - if (*ip_as_string == '[') { -- int len; -+ size_t len; - if (!(cp = strchr(ip_as_string, ']'))) { - return -1; - } -- len = (int) ( cp-(ip_as_string + 1) ); -- if (len > (int)sizeof(buf)-1) { -+ len = ( cp-(ip_as_string + 1) ); -+ if (len > sizeof(buf)-1) { - return -1; - } - memcpy(buf, ip_as_string+1, len); --- -2.11.0 - diff --git a/gnu/packages/patches/libevent-2.0-CVE-2016-10197.patch b/gnu/packages/patches/libevent-2.0-CVE-2016-10197.patch deleted file mode 100644 index c62a328627..0000000000 --- a/gnu/packages/patches/libevent-2.0-CVE-2016-10197.patch +++ /dev/null @@ -1,39 +0,0 @@ -Fix CVE-2016-10197 (out of bounds read on empty hostnames in evdns): - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10197 -https://github.com/libevent/libevent/issues/332 - -Patch copied from upstream source repository: - -https://github.com/libevent/libevent/commit/ec65c42052d95d2c23d1d837136d1cf1d9ecef9e - -From a0305cec166a5bc89f1eb362510cc4cd25ecc0bc Mon Sep 17 00:00:00 2001 -From: Azat Khuzhin <a3at.mail@gmail.com> -Date: Fri, 25 Mar 2016 00:33:47 +0300 -Subject: [PATCH] evdns: fix searching empty hostnames - ---- - evdns.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/evdns.c b/evdns.c -index 137c24ea..6191c677 100644 ---- a/evdns.c -+++ b/evdns.c -@@ -3122,9 +3122,12 @@ search_set_from_hostname(struct evdns_base *base) { - static char * - search_make_new(const struct search_state *const state, int n, const char *const base_name) { - const size_t base_len = strlen(base_name); -- const char need_to_append_dot = base_name[base_len - 1] == '.' ? 0 : 1; -+ char need_to_append_dot; - struct search_domain *dom; - -+ if (!base_len) return NULL; -+ need_to_append_dot = base_name[base_len - 1] == '.' ? 0 : 1; -+ - for (dom = state->head; dom; dom = dom->next) { - if (!n--) { - /* this is the postfix we want */ --- -2.11.0 - diff --git a/gnu/packages/patches/libevent-2.0-evbuffer-add-use-last-with-datap.patch b/gnu/packages/patches/libevent-2.0-evbuffer-add-use-last-with-datap.patch deleted file mode 100644 index 0253700bf6..0000000000 --- a/gnu/packages/patches/libevent-2.0-evbuffer-add-use-last-with-datap.patch +++ /dev/null @@ -1,38 +0,0 @@ -From a8769ef12d7e223e33fc47bed03fba2bfa2f3536 Mon Sep 17 00:00:00 2001 -From: Marcus Sundberg <marcus@marcussundberg.com> -Date: Sat, 26 Mar 2016 20:11:43 +0100 -Subject: [PATCH] evbuffer_add: Use last_with_datap if set, not last. - -evbuffer_add() would always put data in the last chain, even if there -was available space in a previous chain, and in doing so it also -failed to update last_with_datap, causing subsequent calls to other -functions that do look at last_with_datap to add data in the middle -of the evbuffer instead of at the end. - -Fixes the evbuffer_add() part of issue #335, and the evbuffer/add2 and -evbuffer/add3 tests, and also prevents wasting space available in the -chain pointed to by last_with_datap. ---- - buffer.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/buffer.c b/buffer.c -index 7cca0e8a..f378b731 100644 ---- a/buffer.c -+++ b/buffer.c -@@ -1732,7 +1732,11 @@ evbuffer_add(struct evbuffer *buf, const void *data_in, size_t datlen) - goto done; - } - -- chain = buf->last; -+ if (*buf->last_with_datap == NULL) { -+ chain = buf->last; -+ } else { -+ chain = *buf->last_with_datap; -+ } - - /* If there are no chains allocated for this buffer, allocate one - * big enough to hold all the data. */ --- -2.12.0 - diff --git a/gnu/packages/patches/libevent-dns-tests.patch b/gnu/packages/patches/libevent-dns-tests.patch deleted file mode 100644 index 6ff8aaaa7b..0000000000 --- a/gnu/packages/patches/libevent-dns-tests.patch +++ /dev/null @@ -1,16 +0,0 @@ -Disable tests that rely on usable DNS lookups, which aren't available -in build chroots. - ---- libevent-2.0.21-stable/test/regress_dns.c 2013-01-20 22:32:09.000000000 +0100 -+++ libevent-2.0.21-stable/test/regress_dns.c 2013-01-20 22:32:30.000000000 +0100 -@@ -1827,10 +1827,6 @@ end: - - struct testcase_t dns_testcases[] = { - DNS_LEGACY(server, TT_FORK|TT_NEED_BASE), -- DNS_LEGACY(gethostbyname, TT_FORK|TT_NEED_BASE|TT_NEED_DNS), -- DNS_LEGACY(gethostbyname6, TT_FORK|TT_NEED_BASE|TT_NEED_DNS), -- DNS_LEGACY(gethostbyaddr, TT_FORK|TT_NEED_BASE|TT_NEED_DNS), -- { "resolve_reverse", dns_resolve_reverse, TT_FORK, NULL, NULL }, - { "search", dns_search_test, TT_FORK|TT_NEED_BASE, &basic_setup, NULL }, - { "search_cancel", dns_search_cancel_test, - TT_FORK|TT_NEED_BASE, &basic_setup, NULL }, diff --git a/gnu/packages/patches/polkit-CVE-2018-19788.patch b/gnu/packages/patches/polkit-CVE-2018-19788.patch deleted file mode 100644 index 58cde6c5dc..0000000000 --- a/gnu/packages/patches/polkit-CVE-2018-19788.patch +++ /dev/null @@ -1,197 +0,0 @@ -Fix CVE-2018-19788: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19788 -https://gitlab.freedesktop.org/polkit/polkit/issues/74 - -Patch copied from upstream source repository: - -https://gitlab.freedesktop.org/polkit/polkit/commit/2cb40c4d5feeaa09325522bd7d97910f1b59e379 - -From 2cb40c4d5feeaa09325522bd7d97910f1b59e379 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl> -Date: Mon, 3 Dec 2018 10:28:58 +0100 -Subject: [PATCH] Allow negative uids/gids in PolkitUnixUser and Group objects - -(uid_t) -1 is still used as placeholder to mean "unset". This is OK, since -there should be no users with such number, see -https://systemd.io/UIDS-GIDS#special-linux-uids. - -(uid_t) -1 is used as the default value in class initialization. - -When a user or group above INT32_MAX is created, the numeric uid or -gid wraps around to negative when the value is assigned to gint, and -polkit gets confused. Let's accept such gids, except for -1. - -A nicer fix would be to change the underlying type to e.g. uint32 to -not have negative values. But this cannot be done without breaking the -API, so likely new functions will have to be added (a -polkit_unix_user_new variant that takes a unsigned, and the same for -_group_new, _set_uid, _get_uid, _set_gid, _get_gid, etc.). This will -require a bigger patch. - -Fixes https://gitlab.freedesktop.org/polkit/polkit/issues/74. ---- - src/polkit/polkitunixgroup.c | 15 +++++++++++---- - src/polkit/polkitunixprocess.c | 12 ++++++++---- - src/polkit/polkitunixuser.c | 13 ++++++++++--- - 3 files changed, 29 insertions(+), 11 deletions(-) - -diff --git a/src/polkit/polkitunixgroup.c b/src/polkit/polkitunixgroup.c -index c57a1aa..309f689 100644 ---- a/src/polkit/polkitunixgroup.c -+++ b/src/polkit/polkitunixgroup.c -@@ -71,6 +71,7 @@ G_DEFINE_TYPE_WITH_CODE (PolkitUnixGroup, polkit_unix_group, G_TYPE_OBJECT, - static void - polkit_unix_group_init (PolkitUnixGroup *unix_group) - { -+ unix_group->gid = -1; /* (git_t) -1 is not a valid GID under Linux */ - } - - static void -@@ -100,11 +101,14 @@ polkit_unix_group_set_property (GObject *object, - GParamSpec *pspec) - { - PolkitUnixGroup *unix_group = POLKIT_UNIX_GROUP (object); -+ gint val; - - switch (prop_id) - { - case PROP_GID: -- unix_group->gid = g_value_get_int (value); -+ val = g_value_get_int (value); -+ g_return_if_fail (val != -1); -+ unix_group->gid = val; - break; - - default: -@@ -131,9 +135,9 @@ polkit_unix_group_class_init (PolkitUnixGroupClass *klass) - g_param_spec_int ("gid", - "Group ID", - "The UNIX group ID", -- 0, -+ G_MININT, - G_MAXINT, -- 0, -+ -1, - G_PARAM_CONSTRUCT | - G_PARAM_READWRITE | - G_PARAM_STATIC_NAME | -@@ -166,9 +170,10 @@ polkit_unix_group_get_gid (PolkitUnixGroup *group) - */ - void - polkit_unix_group_set_gid (PolkitUnixGroup *group, -- gint gid) -+ gint gid) - { - g_return_if_fail (POLKIT_IS_UNIX_GROUP (group)); -+ g_return_if_fail (gid != -1); - group->gid = gid; - } - -@@ -183,6 +188,8 @@ polkit_unix_group_set_gid (PolkitUnixGroup *group, - PolkitIdentity * - polkit_unix_group_new (gint gid) - { -+ g_return_val_if_fail (gid != -1, NULL); -+ - return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_GROUP, - "gid", gid, - NULL)); -diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c -index 972b777..b02b258 100644 ---- a/src/polkit/polkitunixprocess.c -+++ b/src/polkit/polkitunixprocess.c -@@ -159,9 +159,14 @@ polkit_unix_process_set_property (GObject *object, - polkit_unix_process_set_pid (unix_process, g_value_get_int (value)); - break; - -- case PROP_UID: -- polkit_unix_process_set_uid (unix_process, g_value_get_int (value)); -+ case PROP_UID: { -+ gint val; -+ -+ val = g_value_get_int (value); -+ g_return_if_fail (val != -1); -+ polkit_unix_process_set_uid (unix_process, val); - break; -+ } - - case PROP_START_TIME: - polkit_unix_process_set_start_time (unix_process, g_value_get_uint64 (value)); -@@ -239,7 +244,7 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass) - g_param_spec_int ("uid", - "User ID", - "The UNIX user ID", -- -1, -+ G_MININT, - G_MAXINT, - -1, - G_PARAM_CONSTRUCT | -@@ -303,7 +308,6 @@ polkit_unix_process_set_uid (PolkitUnixProcess *process, - gint uid) - { - g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process)); -- g_return_if_fail (uid >= -1); - process->uid = uid; - } - -diff --git a/src/polkit/polkitunixuser.c b/src/polkit/polkitunixuser.c -index 8bfd3a1..234a697 100644 ---- a/src/polkit/polkitunixuser.c -+++ b/src/polkit/polkitunixuser.c -@@ -72,6 +72,7 @@ G_DEFINE_TYPE_WITH_CODE (PolkitUnixUser, polkit_unix_user, G_TYPE_OBJECT, - static void - polkit_unix_user_init (PolkitUnixUser *unix_user) - { -+ unix_user->uid = -1; /* (uid_t) -1 is not a valid UID under Linux */ - unix_user->name = NULL; - } - -@@ -112,11 +113,14 @@ polkit_unix_user_set_property (GObject *object, - GParamSpec *pspec) - { - PolkitUnixUser *unix_user = POLKIT_UNIX_USER (object); -+ gint val; - - switch (prop_id) - { - case PROP_UID: -- unix_user->uid = g_value_get_int (value); -+ val = g_value_get_int (value); -+ g_return_if_fail (val != -1); -+ unix_user->uid = val; - break; - - default: -@@ -144,9 +148,9 @@ polkit_unix_user_class_init (PolkitUnixUserClass *klass) - g_param_spec_int ("uid", - "User ID", - "The UNIX user ID", -- 0, -+ G_MININT, - G_MAXINT, -- 0, -+ -1, - G_PARAM_CONSTRUCT | - G_PARAM_READWRITE | - G_PARAM_STATIC_NAME | -@@ -182,6 +186,7 @@ polkit_unix_user_set_uid (PolkitUnixUser *user, - gint uid) - { - g_return_if_fail (POLKIT_IS_UNIX_USER (user)); -+ g_return_if_fail (uid != -1); - user->uid = uid; - } - -@@ -196,6 +201,8 @@ polkit_unix_user_set_uid (PolkitUnixUser *user, - PolkitIdentity * - polkit_unix_user_new (gint uid) - { -+ g_return_val_if_fail (uid != -1, NULL); -+ - return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_USER, - "uid", uid, - NULL)); --- -2.18.1 - |