--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/desktop/xscreensaver/patches/0006-allow-root.patch Tue Mar 08 09:00:31 2016 -0800
@@ -0,0 +1,208 @@
+From 53a079ae5ba815381fd94cace1a56cd2841e09ed Mon Sep 17 00:00:00 2001
+From: Alan Coopersmith <[email protected]>
+Date: Sat, 2 Jan 2016 20:56:50 -0800
+Subject: [PATCH] allow root
+
+Fix for: Bug 15155994 - SUNBT4849641 xscreensaver won't run as root
+
+Let root lock the screen, but don't launch the hacks for root.
+
+Rejected by upstream because upstream author argues instead that users should
+not login as root, which is correct, but not something we can force all of
+our customers to stop doing.
+
+See http://www.jwz.org/xscreensaver/faq.html#root-lock for his side.
+---
+ driver/demo-Gtk.c | 18 ++++++++++++++++++
+ driver/exec.c | 2 ++
+ driver/setuid.c | 12 ++++++++++++
+ driver/subprocs.c | 3 +++
+ driver/timers.c | 2 +-
+ driver/xscreensaver.c | 7 ++++---
+ 6 files changed, 40 insertions(+), 4 deletions(-)
+
+diff --git a/driver/demo-Gtk.c b/driver/demo-Gtk.c
+index ece3c44..d4cc4a5 100644
+--- a/driver/demo-Gtk.c
++++ b/driver/demo-Gtk.c
+@@ -713,6 +713,14 @@ run_hack (state *s, int list_elt, Bool report_errors_p)
+ char *err = 0;
+ int status;
+
++ if (getuid () == 0)
++ {
++ char buf [255];
++ strlcpy (buf, _("Can not run hacks if logged in as root!"), sizeof(buf));
++ warning_dialog (s->toplevel_widget, buf, False, 100);
++ return;
++ }
++
+ if (list_elt < 0) return;
+ hack_number = s->list_elt_to_hack_number[list_elt];
+
+@@ -5173,6 +5181,15 @@ main (int argc, char **argv)
+ GtkMenu *menu = GTK_MENU (gtk_option_menu_get_menu (opt));
+ GList *kids = gtk_container_children (GTK_CONTAINER (menu));
+ int i;
++
++ if (getuid () == 0)
++ {
++ /* If logged in as root disable menu so user can't activate a hack. */
++ gtk_widget_set_sensitive (GTK_WIDGET (opt), False);
++ gtk_widget_set_sensitive (GTK_WIDGET (menu), False);
++ }
++ else
++ {
+ for (i = 0; kids; kids = kids->next, i++)
+ {
+ gtk_signal_connect (GTK_OBJECT (kids->data), "activate",
+@@ -5186,6 +5203,7 @@ main (int argc, char **argv)
+ mode_menu_order[i] == RANDOM_HACKS_SAME)
+ gtk_widget_hide (GTK_WIDGET (kids->data));
+ }
++ }
+
+ if (s->nscreens <= 1) /* recompute option-menu size */
+ {
+diff --git a/driver/exec.c b/driver/exec.c
+index 38ca88a..b68089e 100644
+--- a/driver/exec.c
++++ b/driver/exec.c
+@@ -186,6 +186,7 @@ exec_command (const char *shell, const char *command, int nice_level)
+ hairy_p = !!strpbrk (command, "*?$&!<>[];`'\\\"=");
+ /* note: = is in the above because of the sh syntax "FOO=bar cmd". */
+
++#ifdef DONT_ALLOW_ROOT_LOGIN
+ if (getuid() == (uid_t) 0 || geteuid() == (uid_t) 0)
+ {
+ /* If you're thinking of commenting this out, think again.
+@@ -196,6 +197,7 @@ exec_command (const char *shell, const char *command, int nice_level)
+ blurb());
+ exit (-1);
+ }
++#endif /*DONT_ALLOW_ROOT_LOGIN*/
+
+ if (hairy_p)
+ /* If it contains any shell metacharacters, do it the hard way,
+diff --git a/driver/setuid.c b/driver/setuid.c
+index a17194a..e3aa78d 100644
+--- a/driver/setuid.c
++++ b/driver/setuid.c
+@@ -121,6 +121,10 @@ set_ids_by_number (uid_t uid, gid_t gid, char **message_ret)
+ struct passwd *p = getpwuid (uid);
+ struct group *g = getgrgid (gid);
+
++ /* if we are logged in as root i.e. uid==0 then dont do anything*/
++ if (getuid () == (uid_t) 0)
++ return 0;
++
+ if (message_ret)
+ *message_ret = 0;
+
+@@ -278,11 +282,13 @@ hack_uid (saver_info *si)
+ of the xscreensaver manual titled "LOCKING AND ROOT LOGINS",
+ and "USING XDM".
+ */
++#ifdef DONT_ALLOW_ROOT_LOGIN
+ if (getuid() == (uid_t) 0)
+ {
+ si->locking_disabled_p = True;
+ si->nolock_reason = "running as root";
+ }
++#endif /*DONT_ALLOW_ROOT_LOGIN*/
+
+
+ /* If we're running as root, switch to a safer user. This is above and
+@@ -297,6 +303,8 @@ hack_uid (saver_info *si)
+ of the xscreensaver manual titled "LOCKING AND ROOT LOGINS",
+ and "USING XDM".
+ */
++/* We are letting root login to fix a P1 bug, i.e. root should lock screen*/
++#ifdef DONT_ALLOW_ROOT_LOGIN
+ if (getuid() == (uid_t) 0)
+ {
+ struct passwd *p;
+@@ -315,6 +323,7 @@ hack_uid (saver_info *si)
+ if (set_ids_by_number (p->pw_uid, p->pw_gid, &si->uid_message) != 0)
+ saver_exit (si, -1, 0);
+ }
++#endif /*DONT_ALLOW_ROOT_LOGIN*/
+
+
+ /* If there's anything even remotely funny looking about the passwd struct,
+@@ -357,7 +366,10 @@ hack_uid (saver_info *si)
+ (p && p->pw_name && *p->pw_name
+ ? p->pw_name : "<unknown>"));
+ si->nolock_reason = buf;
++
++#ifdef DONT_ALLOW_ROOT_LOGIN
+ si->locking_disabled_p = True;
++#endif
+ si->dangerous_uid_p = True;
+ }
+ }
+diff --git a/driver/subprocs.c b/driver/subprocs.c
+index a244f36..c975813 100644
+--- a/driver/subprocs.c
++++ b/driver/subprocs.c
+@@ -947,6 +947,9 @@ spawn_screenhack (saver_screen_info *ssi)
+ saver_preferences *p = &si->prefs;
+ char* complete_hack_command;
+
++ if (getuid () == 0)
++ return; /* Dont let hacks run if logged in as root*/
++
+ if (si->prefs.verbose_p)
+ fprintf(stderr, "--> spawn_screenhack()\n");
+
+diff --git a/driver/timers.c b/driver/timers.c
+index 9afc752..32728a0 100644
+--- a/driver/timers.c
++++ b/driver/timers.c
+@@ -284,7 +284,7 @@ cycle_timer (XtPointer closure, XtIntervalId *id)
+
+ raise_window (si, True, True, False);
+
+- if (!si->throttled_p)
++ if (!si->throttled_p && getuid () != 0)
+ for (i = 0; i < si->nscreens; i++)
+ spawn_screenhack (&si->screens[i]);
+ else
+diff --git a/driver/xscreensaver.c b/driver/xscreensaver.c
+index 33d357a..f357281 100644
+--- a/driver/xscreensaver.c
++++ b/driver/xscreensaver.c
+@@ -487,6 +487,7 @@ startup_ehandler (String name, String type, String class,
+
+ describe_uids (si, stderr);
+
++#ifdef DONT_ALLOW_ROOT_LOGIN
+ if (si->orig_uid && !strncmp (si->orig_uid, "root/", 5))
+ {
+ fprintf (stderr, "\n"
+@@ -500,11 +501,11 @@ startup_ehandler (String name, String type, String class,
+ blurb());
+ }
+ else
++#endif /*DONT_ALLOW_ROOT_LOGIN*/
+ {
+ fprintf (stderr, "\n"
+ "%s: Errors at startup are usually authorization problems.\n"
+-" But you're not logging in as root (good!) so something\n"
+-" else must be wrong. Did you read the manual and the FAQ?\n",
++" Did you read the manual and the FAQ?\n",
+ blurb());
+ }
+
+@@ -1338,7 +1339,7 @@ main_loop (saver_info *si)
+ kill_screenhack (&si->screens[i]);
+
+ raise_window (si, True, True, False);
+- if (si->throttled_p)
++ if (si->throttled_p || getuid () == 0)
+ fprintf (stderr, "%s: not launching hack (throttled.)\n", blurb());
+ else
+ for (i = 0; i < si->nscreens; i++)
+--
+2.6.1
+