Remove other Linux-specific stuff
Move remaining files to linux/ subdirectory.
This commit is contained in:
Marek Marczykowski
parent
fa8d659189
commit
9db68897c7
10
Makefile
10
Makefile
@ -1,7 +1,6 @@
|
||||
RPMS_DIR=rpm/
|
||||
|
||||
VERSION := $(shell cat version)
|
||||
VERSION_VAIO_FIXES := $(shell cat version_vaio_fixes)
|
||||
|
||||
DIST_DOM0 ?= fc18
|
||||
|
||||
@ -19,28 +18,21 @@ rpms: rpms-dom0
|
||||
rpms-vm:
|
||||
@true
|
||||
|
||||
rpms-dom0: rpms-vaio-fixes
|
||||
rpms-dom0:
|
||||
rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-dom0.spec
|
||||
rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-dom0-doc.spec
|
||||
rpm --addsign \
|
||||
$(RPMS_DIR)/x86_64/qubes-core-dom0-$(VERSION)*.rpm \
|
||||
$(RPMS_DIR)/noarch/qubes-core-dom0-doc-$(VERSION)*rpm
|
||||
|
||||
rpms-vaio-fixes:
|
||||
rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-dom0-vaio-fixes.spec
|
||||
rpm --addsign $(RPMS_DIR)/x86_64/qubes-core-dom0-vaio-fixes-$(VERSION_VAIO_FIXES)*.rpm
|
||||
|
||||
update-repo-current:
|
||||
ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-$(VERSION)*$(DIST_DOM0)*.rpm ../yum/current-release/current/dom0/rpm/
|
||||
ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-vaio-fixes-$(VERSION_VAIO_FIXES)*$(DIST_DOM0)*.rpm ../yum/current-release/current/dom0/rpm/
|
||||
|
||||
update-repo-current-testing:
|
||||
ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-$(VERSION)*$(DIST_DOM0)*.rpm ../yum/current-release/current-testing/dom0/rpm/
|
||||
ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-vaio-fixes-$(VERSION_VAIO_FIXES)*$(DIST_DOM0)*.rpm ../yum/current-release/current-testing/dom0/rpm/
|
||||
|
||||
update-repo-unstable:
|
||||
ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-$(VERSION)*$(DIST_DOM0)*.rpm ../yum/current-release/unstable/dom0/rpm/
|
||||
ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-vaio-fixes-$(VERSION_VAIO_FIXES)*$(DIST_DOM0)*.rpm ../yum/current-release/unstable/dom0/rpm/
|
||||
|
||||
update-repo-installer:
|
||||
ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-*$(VERSION)*$(DIST_DOM0)*.rpm ../installer/yum/qubes-dom0/rpm/
|
||||
|
||||
@ -1 +0,0 @@
|
||||
modprobe pciback 2> /dev/null || modprobe xen-pciback
|
||||
@ -1 +0,0 @@
|
||||
*/6 * * * * root /usr/bin/qvm-sync-clock > /dev/null 2>&1 || true
|
||||
@ -1,61 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
NAME=${DEVNAME#/dev/}
|
||||
DESC="${ID_MODEL} (${ID_FS_LABEL})"
|
||||
SIZE=$[ $(cat /sys/$DEVPATH/size) * 512 ]
|
||||
MODE=w
|
||||
XS_KEY="qubes-block-devices/$NAME"
|
||||
|
||||
xs_remove() {
|
||||
if [ "$QUBES_EXPOSED" == "1" ]; then
|
||||
xenstore-rm "$XS_KEY"
|
||||
fi
|
||||
echo QUBES_EXPOSED=0
|
||||
}
|
||||
|
||||
# Ignore mounted...
|
||||
if fgrep -q $DEVNAME /proc/mounts; then
|
||||
xs_remove
|
||||
exit 0
|
||||
fi
|
||||
# ... and used by device-mapper
|
||||
if [ -n "`ls -A /sys/$DEVPATH/holders 2> /dev/null`" ]; then
|
||||
xs_remove
|
||||
exit 0
|
||||
fi
|
||||
# ... and "empty" loop devices
|
||||
if [ "$MAJOR" -eq 7 -a ! -d /sys/$DEVPATH/loop ]; then
|
||||
xs_remove
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# Special case for CD
|
||||
if [ "$ID_TYPE" = "cd" ]; then
|
||||
if [ "$ID_CDROM_MEDIA" != "1" ]; then
|
||||
# Hide empty cdrom drive
|
||||
xs_remove
|
||||
exit 0
|
||||
fi
|
||||
MODE=r
|
||||
fi
|
||||
|
||||
# Special description for loop devices
|
||||
if [ -d /sys/$DEVPATH/loop ]; then
|
||||
DESC=$(cat /sys/$DEVPATH/loop/backing_file)
|
||||
fi
|
||||
|
||||
# Get lock only in dom0 - there are so many block devices so it causes xenstore
|
||||
# deadlocks sometimes.
|
||||
if [ -f /etc/qubes-release ]; then
|
||||
# Skip xenstore-write if cannot obtain lock. This can mean very early system startup
|
||||
# stage without /run mounted (or populated). Devices will be rediscovered later
|
||||
# by qubes-core startup script.
|
||||
exec 9>>/var/run/qubes/block-xenstore.lock || exit 0
|
||||
flock 9
|
||||
fi
|
||||
|
||||
xenstore-write "$XS_KEY/desc" "$DESC" "$XS_KEY/size" "$SIZE" "$XS_KEY/mode" "$MODE"
|
||||
echo QUBES_EXPOSED=1
|
||||
|
||||
# Make sure that block backend is loaded
|
||||
/sbin/modprobe xen-blkback 2> /dev/null || /sbin/modprobe blkbk
|
||||
@ -1,8 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
DEVID=$[ $MAJOR * 256 + $MINOR ]
|
||||
|
||||
XS_PATH="device/vbd/$DEVID"
|
||||
|
||||
# Double check that DEVID is not empty
|
||||
[ -n "$DEVID" ] && xenstore-rm $XS_PATH
|
||||
@ -1,32 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
NAME=${DEVNAME#/dev/}
|
||||
XS_KEY="qubes-block-devices/$NAME"
|
||||
xenstore-rm "$XS_KEY"
|
||||
|
||||
# If device was connected to some VM - detach it
|
||||
# Notice: this can be run also in VM, so we cannot use xl...
|
||||
|
||||
device_detach() {
|
||||
xs_path=$1
|
||||
|
||||
xenstore-write $xs_path/online 0 $xs_path/state 5
|
||||
|
||||
# Wait for backend to finish dev shutdown
|
||||
try=30
|
||||
# -lt will break loop also when 'state' will be empty
|
||||
while [ "`xenstore-read $xs_path/state 2> /dev/null`" -lt 6 ]; do
|
||||
try=$[ $try - 1 ]
|
||||
[ "$try" -le 0 ] && break
|
||||
sleep 0.1
|
||||
done
|
||||
xenstore-rm $xs_path
|
||||
}
|
||||
|
||||
for XS_DEV_PATH in `xenstore-ls -f backend/vbd | grep 'backend/vbd/[0-9]*/[0-9]* ' | cut -f 1 -d ' '`; do
|
||||
CUR_DEVICE=`xenstore-read "$XS_DEV_PATH/params"`
|
||||
if [ "$CUR_DEVICE" == "$DEVNAME" ]; then
|
||||
device_detach "$XS_DEV_PATH"
|
||||
exit 0
|
||||
fi
|
||||
done
|
||||
@ -1,40 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
##
|
||||
## This script is invoked by udev rules whenever USB device appears or
|
||||
## changes. This happens in usbvm domain (or dom0 if USB controller
|
||||
## drivers are in dom0). The script records information about available
|
||||
## USB devices into XS directory, making it available to qvm-usb tool
|
||||
## running in dom0.
|
||||
##
|
||||
|
||||
# FIXME: Ignore USB hubs and other wierd devices (see also in udev-usb-remove).
|
||||
[ "`echo $TYPE | cut -f1 -d/`" = "9" ] && exit 0
|
||||
[ "$DEVTYPE" != "usb_device" ] && exit 0
|
||||
|
||||
# xenstore doesn't allow dot in key name
|
||||
XSNAME=`basename ${DEVPATH} | tr . _`
|
||||
|
||||
# FIXME: For some devices (my Cherry keyboard) ID_SERIAL does not
|
||||
# contain proper human-readable name, should find better method to
|
||||
# build devide description.
|
||||
#DESC=`python -c "dev='%d-%d' % (int('${BUSNUM}'.lstrip('0')), (int('${DEVNUM}'.lstrip('0'))-1)); from xen.util import vusb_util; print vusb_util.get_usbdevice_info(dev);"`
|
||||
DESC="${ID_VENDOR_ID}:${ID_MODEL_ID} ${ID_SERIAL}"
|
||||
|
||||
VERSION=`cat /sys/$DEVPATH/version`
|
||||
if [ "${VERSION}" = " 1.00" -o "${VERSION}" = " 1.10" ] ; then
|
||||
VERSION=1
|
||||
elif [ "${VERSION}" = " 2.00" ] ; then
|
||||
VERSION=2
|
||||
else
|
||||
# FIXME: silently ignoring devices with unexpected USB version
|
||||
exit 0
|
||||
fi
|
||||
|
||||
XS_KEY="qubes-usb-devices/$XSNAME"
|
||||
|
||||
xenstore-write "$XS_KEY/desc" "$DESC"
|
||||
xenstore-write "$XS_KEY/usb-ver" "$VERSION"
|
||||
|
||||
# Make sure PVUSB backend driver is loaded.
|
||||
/sbin/modprobe xen-usbback 2> /dev/null || /sbin/modprobe usbbk
|
||||
@ -1,9 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
# FIXME: Ignore USB hubs.
|
||||
[ "`echo $TYPE | cut -f1 -d/`" = "9" ] && exit 0
|
||||
|
||||
NAME=`basename ${DEVPATH} | tr . _`
|
||||
XS_KEY="qubes-usb-devices/$NAME"
|
||||
|
||||
xenstore-rm "$XS_KEY"
|
||||
@ -1,4 +0,0 @@
|
||||
# Apprently some of the drivers required when using a processor with AESNI for LUKS
|
||||
# are missing in the initramfs, so lets include them manually here:
|
||||
|
||||
add_drivers+=" xts aesni-intel aes-x86_64 crc32c-intel fpu ghash-clmulni-intel salsa20-x86_64 twofish-x86_64 "
|
||||
@ -1,5 +0,0 @@
|
||||
# This is to include Qubes-specific dracut module that takes care of
|
||||
# detecting and hiding all networking devices at boot time
|
||||
# so that Dom0 doesn't load drivers for them...
|
||||
|
||||
add_dracutmodules+=" qubes-pciback "
|
||||
@ -1,5 +0,0 @@
|
||||
#!/bin/bash
|
||||
inst_hook cmdline 02 "$moddir/qubes-pciback.sh"
|
||||
inst lspci
|
||||
inst grep
|
||||
inst awk
|
||||
@ -1,3 +0,0 @@
|
||||
#!/bin/bash
|
||||
modinfo -k $kernel pciback > /dev/null 2>&1 && instmods pciback
|
||||
modinfo -k $kernel xen-pciback > /dev/null 2>&1 && instmods xen-pciback
|
||||
@ -1,13 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
install() {
|
||||
inst_hook cmdline 02 "$moddir/qubes-pciback.sh"
|
||||
inst lspci
|
||||
inst grep
|
||||
inst awk
|
||||
}
|
||||
|
||||
installkernel() {
|
||||
modinfo -k $kernel pciback > /dev/null 2>&1 && instmods pciback
|
||||
modinfo -k $kernel xen-pciback > /dev/null 2>&1 && instmods xen-pciback
|
||||
}
|
||||
@ -1,8 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
# Find all networking devices currenly installed...
|
||||
HIDE_PCI=`lspci -mm -n | grep '^[^ ]* "02'|awk '{ ORS="";print "(" $1 ")";}'`
|
||||
|
||||
# ... and hide them so that Dom0 doesn't load drivers for them
|
||||
modprobe pciback hide=$HIDE_PCI 2> /dev/null || modprobe xen-pciback hide=$HIDE_PCI
|
||||
|
||||
@ -1,24 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
. "${PM_FUNCTIONS}"
|
||||
|
||||
sync_qubes_vms_wallclock()
|
||||
{
|
||||
# Sync all VMs based on dom0 clock
|
||||
DATE=$(date)
|
||||
echo
|
||||
echo "Syncing VMs clock to: $DATE"
|
||||
qvm-run --all -u root "date -s \"$DATE\""
|
||||
# Then try to sync from the network
|
||||
/usr/bin/qvm-sync-clock &
|
||||
}
|
||||
|
||||
case "$1" in
|
||||
thaw|resume) sync_qubes_vms_wallclock ;;
|
||||
# Kill qvm-sync-clock (if running) to not desync time after resume
|
||||
suspend|hibernate)
|
||||
killall qvm-sync-clock 2> /dev/null
|
||||
exit 0
|
||||
;;
|
||||
*) exit 0 ;;
|
||||
esac
|
||||
@ -1,39 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
. "${PM_FUNCTIONS}"
|
||||
|
||||
get_running_netvms() {
|
||||
# Actually get running VMs with PCI devices attached
|
||||
RUNNING_VMS=`xl list | tail -n +3 | cut -f 1 -d " "`
|
||||
RUNNING_NETVMS=""
|
||||
for VM in $RUNNING_VMS; do
|
||||
if [ -n "`xl pci-list $VM|tail -n +2`" ]; then
|
||||
echo "$VM"
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
suspend_net()
|
||||
{
|
||||
for VM in `get_running_netvms`; do
|
||||
qvm-run -u root --pass-io $VM 'QUBESRPC qubes.SuspendPre dom0'
|
||||
done
|
||||
# Ignore exit status from netvm...
|
||||
return 0
|
||||
}
|
||||
|
||||
resume_net()
|
||||
{
|
||||
for VM in `get_running_netvms`; do
|
||||
qvm-run -u root --pass-io $VM 'QUBESRPC qubes.SuspendPost dom0'
|
||||
done
|
||||
# Ignore exit status from netvm...
|
||||
return 0
|
||||
}
|
||||
|
||||
|
||||
case "$1" in
|
||||
resume) resume_net ;;
|
||||
suspend) suspend_net ;;
|
||||
*) exit 0 ;;
|
||||
esac
|
||||
@ -1,23 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
. "${PM_FUNCTIONS}"
|
||||
|
||||
pause_vms()
|
||||
{
|
||||
echo
|
||||
qvm-run --all --pause
|
||||
}
|
||||
|
||||
|
||||
unpause_vms()
|
||||
{
|
||||
echo
|
||||
qvm-run --all --unpause
|
||||
}
|
||||
|
||||
|
||||
case "$1" in
|
||||
thaw|resume) unpause_vms ;;
|
||||
suspend|hibernate) pause_vms ;;
|
||||
*) exit 0 ;;
|
||||
esac
|
||||
@ -1,12 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
if modinfo cpufreq-xen > /dev/null 2>&1; then
|
||||
modprobe acpi-cpufreq || exit 1
|
||||
modprobe cpufreq-xen
|
||||
|
||||
for f in /sys/devices/system/cpu/cpu[0-9]*/cpufreq/scaling_governor; do
|
||||
echo xen > $f
|
||||
done
|
||||
|
||||
fi
|
||||
|
||||
@ -1,8 +0,0 @@
|
||||
# Generated by ip6tables-save v1.4.14 on Tue Sep 25 16:00:20 2012
|
||||
*filter
|
||||
:INPUT DROP [1:72]
|
||||
:FORWARD DROP [0:0]
|
||||
:OUTPUT ACCEPT [0:0]
|
||||
-A INPUT -i lo -j ACCEPT
|
||||
COMMIT
|
||||
# Completed on Tue Sep 25 16:00:20 2012
|
||||
@ -1,30 +0,0 @@
|
||||
# Generated by iptables-save v1.4.5 on Mon Sep 6 08:57:46 2010
|
||||
*nat
|
||||
:PREROUTING ACCEPT [85:5912]
|
||||
:OUTPUT ACCEPT [0:0]
|
||||
:POSTROUTING ACCEPT [0:0]
|
||||
:PR-QBS - [0:0]
|
||||
:PR-QBS-SERVICES - [0:0]
|
||||
-A PREROUTING -j PR-QBS
|
||||
-A PREROUTING -j PR-QBS-SERVICES
|
||||
-A POSTROUTING -o vif+ -j ACCEPT
|
||||
-A POSTROUTING -o lo -j ACCEPT
|
||||
-A POSTROUTING -j MASQUERADE
|
||||
COMMIT
|
||||
# Completed on Mon Sep 6 08:57:46 2010
|
||||
# Generated by iptables-save v1.4.5 on Mon Sep 6 08:57:46 2010
|
||||
*filter
|
||||
:INPUT ACCEPT [168:11399]
|
||||
:FORWARD ACCEPT [0:0]
|
||||
:OUTPUT ACCEPT [128:12536]
|
||||
-A INPUT -i vif+ -p udp -m udp --dport 68 -j DROP
|
||||
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
|
||||
-A INPUT -p icmp -j ACCEPT
|
||||
-A INPUT -i lo -j ACCEPT
|
||||
-A INPUT -j REJECT --reject-with icmp-host-prohibited
|
||||
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
|
||||
-A FORWARD -i vif+ -o vif+ -j DROP
|
||||
-A FORWARD -i vif+ -j ACCEPT
|
||||
-A FORWARD -j DROP
|
||||
COMMIT
|
||||
# Completed on Mon Sep 6 08:57:46 2010
|
||||
@ -1,3 +0,0 @@
|
||||
# xl create needs to allocate and mlock all VM memory
|
||||
@qubes soft memlock unlimited
|
||||
@qubes hard memlock unlimited
|
||||
@ -1,2 +0,0 @@
|
||||
//allow any action, detailed reasoning in sudoers.d/qubes
|
||||
polkit.addRule(function(action,subject) { return polkit.Result.YES; });
|
||||
@ -1,31 +0,0 @@
|
||||
%qubes ALL=(ALL) NOPASSWD: ALL
|
||||
|
||||
#
|
||||
# What we're saying above basically means: if the attacker got user access in
|
||||
# Dom0, then you're screwed already, as there are dozens of ways for the
|
||||
# attacker to escalate to root from user (e.g. via xend).
|
||||
#
|
||||
# Even that is not necessary, in fact! As all the VM control actions can be
|
||||
# done by user -- after all this is why you can easily start/create VMs and
|
||||
# apps in VMs from GUI -- all that the attacker needs is user access in Dom0.
|
||||
#
|
||||
# So, because in Qubes OS, in Dom0, user account is just as sensitive as root
|
||||
# account, we don't pretend otherwise, and try to make life a bit easier for
|
||||
# the user allowing for easy escalation (no need to choose and remember a root
|
||||
# password in Dom0).
|
||||
#
|
||||
# This is also why we don't pretend that Qubes OS is a multiuser system -- it
|
||||
# is not! (for the reasons given above). The assumption is that there is only
|
||||
# one user that logs into GUI manager: YOU. This is hardly a limiting factor
|
||||
# these days, when it's not uncommon for a single person to own not one, but
|
||||
# several computers, which are not shared with others (phone, tablet, laptops).
|
||||
# We live in a PC-era! :)
|
||||
#
|
||||
# This means that the user password you choose during installation servers only
|
||||
# one purpose: it allows you to lock your screen while you're away via the
|
||||
# screen saver. Nothing more!
|
||||
#
|
||||
# joanna.
|
||||
#
|
||||
|
||||
Defaults !requiretty
|
||||
@ -1,20 +0,0 @@
|
||||
# Expose all (except xen-frontend) block devices via xenstore
|
||||
|
||||
# Only block devices are interesting
|
||||
SUBSYSTEM!="block", GOTO="qubes_block_end"
|
||||
|
||||
# Skip xen-blkfront devices
|
||||
ENV{MAJOR}=="202", GOTO="qubes_block_end"
|
||||
|
||||
# Skip device-mapper devices
|
||||
ENV{MAJOR}=="253", GOTO="qubes_block_end"
|
||||
|
||||
IMPORT{db}="QUBES_EXPOSED"
|
||||
ACTION=="add", IMPORT{program}="/usr/lib/qubes/udev-block-add-change"
|
||||
ACTION=="change", IMPORT{program}="/usr/lib/qubes/udev-block-add-change"
|
||||
ACTION=="remove", RUN+="/usr/lib/qubes/udev-block-remove"
|
||||
|
||||
LABEL="qubes_block_end"
|
||||
|
||||
# Cleanup disconnected frontend from xenstore
|
||||
ACTION=="remove", SUBSYSTEM=="block", ENV{MAJOR}=="202", RUN+="/usr/lib/qubes/udev-block-cleanup"
|
||||
@ -1,10 +0,0 @@
|
||||
# Expose all USB devices (except block) via xenstore
|
||||
|
||||
# Handle only USB devices
|
||||
SUBSYSTEM!="usb", GOTO="qubes_usb_end"
|
||||
|
||||
ACTION=="add", IMPORT{program}="/usr/lib/qubes/udev-usb-add-change"
|
||||
ACTION=="change", IMPORT{program}="/usr/lib/qubes/udev-usb-add-change"
|
||||
ACTION=="remove", RUN+="/usr/lib/qubes/udev-usb-remove"
|
||||
|
||||
LABEL="qubes_usb_end"
|
||||
@ -1,8 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
. "${PM_FUNCTIONS}"
|
||||
|
||||
case "$1" in
|
||||
thaw|resume) amixer sset Master 100;;
|
||||
*) exit 0 ;;
|
||||
esac
|
||||
@ -1,11 +0,0 @@
|
||||
#!/bin/sh
|
||||
|
||||
. "${PM_FUNCTIONS}"
|
||||
|
||||
date
|
||||
|
||||
case "$1" in
|
||||
suspend) amixer sset Master 0;;
|
||||
thaw|resume) amixer sset Master 0;;
|
||||
*) exit 0 ;;
|
||||
esac
|
||||
@ -1 +0,0 @@
|
||||
options snd-hda-intel model=sony-assamd
|
||||
@ -1,32 +0,0 @@
|
||||
%{!?version: %define version %(cat version_vaio_fixes)}
|
||||
|
||||
Name: qubes-core-dom0-vaio-fixes
|
||||
Version: %{version}
|
||||
Release: 1%{?dist}
|
||||
Summary: Additional scripts for supporting suspend on Vaio Z laptops
|
||||
Requires: alsa-utils
|
||||
|
||||
Group: Qubes
|
||||
Vendor: Invisible Things Lab
|
||||
License: GPL
|
||||
URL: http://www.qubes-os.org
|
||||
|
||||
%define _builddir %(pwd)/dom0
|
||||
|
||||
%description
|
||||
Additional scripts for supporting suspend on Vaio Z laptops.
|
||||
|
||||
Due to broken Linux GPU drivers we need to do some additional actions during
|
||||
suspend/resume.
|
||||
|
||||
%install
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/lib64/pm-utils/sleep.d
|
||||
cp vaio-fixes/00sony-vaio-audio $RPM_BUILD_ROOT/usr/lib64/pm-utils/sleep.d/
|
||||
cp vaio-fixes/99sony-vaio-audio $RPM_BUILD_ROOT/usr/lib64/pm-utils/sleep.d/
|
||||
mkdir -p $RPM_BUILD_ROOT/etc/modprobe.d/
|
||||
cp vaio-fixes/snd-hda-intel-sony-vaio.conf $RPM_BUILD_ROOT/etc/modprobe.d/
|
||||
|
||||
%files
|
||||
/usr/lib64/pm-utils/sleep.d/00sony-vaio-audio
|
||||
/usr/lib64/pm-utils/sleep.d/99sony-vaio-audio
|
||||
/etc/modprobe.d/snd-hda-intel-sony-vaio.conf
|
||||
@ -87,12 +87,12 @@ done
|
||||
cd dom0
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/lib/systemd/system
|
||||
cp systemd/qubes-block-cleaner.service $RPM_BUILD_ROOT%{_unitdir}
|
||||
cp systemd/qubes-core.service $RPM_BUILD_ROOT%{_unitdir}
|
||||
cp systemd/qubes-setupdvm.service $RPM_BUILD_ROOT%{_unitdir}
|
||||
cp systemd/qubes-meminfo-writer.service $RPM_BUILD_ROOT%{_unitdir}
|
||||
cp systemd/qubes-netvm.service $RPM_BUILD_ROOT%{_unitdir}
|
||||
cp systemd/qubes-qmemman.service $RPM_BUILD_ROOT%{_unitdir}
|
||||
cp linux/systemd/qubes-block-cleaner.service $RPM_BUILD_ROOT%{_unitdir}
|
||||
cp linux/systemd/qubes-core.service $RPM_BUILD_ROOT%{_unitdir}
|
||||
cp linux/systemd/qubes-setupdvm.service $RPM_BUILD_ROOT%{_unitdir}
|
||||
cp linux/systemd/qubes-meminfo-writer.service $RPM_BUILD_ROOT%{_unitdir}
|
||||
cp linux/systemd/qubes-netvm.service $RPM_BUILD_ROOT%{_unitdir}
|
||||
cp linux/systemd/qubes-qmemman.service $RPM_BUILD_ROOT%{_unitdir}
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/bin/
|
||||
cp qvm-tools/qvm-* $RPM_BUILD_ROOT/usr/bin
|
||||
@ -100,14 +100,10 @@ cp qvm-tools/qubes-* $RPM_BUILD_ROOT/usr/bin
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT/etc/xen/scripts
|
||||
cp dispvm/block.qubes $RPM_BUILD_ROOT/etc/xen/scripts
|
||||
cp system-config/vif-route-qubes $RPM_BUILD_ROOT/etc/xen/scripts
|
||||
cp system-config/block-snapshot $RPM_BUILD_ROOT/etc/xen/scripts
|
||||
cp linux/system-config/vif-route-qubes $RPM_BUILD_ROOT/etc/xen/scripts
|
||||
cp linux/system-config/block-snapshot $RPM_BUILD_ROOT/etc/xen/scripts
|
||||
ln -s block-snapshot $RPM_BUILD_ROOT/etc/xen/scripts/block-origin
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT/etc/udev/rules.d
|
||||
cp system-config/udev-qubes-block.rules $RPM_BUILD_ROOT/etc/udev/rules.d/99-qubes-block.rules
|
||||
cp system-config/udev-qubes-usb.rules $RPM_BUILD_ROOT/etc/udev/rules.d/99-qubes-usb.rules
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT%{python_sitearch}/qubes
|
||||
cp core/qubes.py $RPM_BUILD_ROOT%{python_sitearch}/qubes
|
||||
cp core/qubes.py[co] $RPM_BUILD_ROOT%{python_sitearch}/qubes
|
||||
@ -129,24 +125,19 @@ mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/qubes
|
||||
cp qmemman/qmemman.conf $RPM_BUILD_ROOT%{_sysconfdir}/qubes/
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/lib/qubes
|
||||
cp aux-tools/unbind-pci-device.sh $RPM_BUILD_ROOT/usr/lib/qubes
|
||||
cp aux-tools/cleanup-dispvms $RPM_BUILD_ROOT/usr/lib/qubes
|
||||
cp aux-tools/startup-dvm.sh $RPM_BUILD_ROOT/usr/lib/qubes
|
||||
cp aux-tools/startup-misc.sh $RPM_BUILD_ROOT/usr/lib/qubes
|
||||
cp aux-tools/prepare-volatile-img.sh $RPM_BUILD_ROOT/usr/lib/qubes
|
||||
cp linux/aux-tools/unbind-pci-device.sh $RPM_BUILD_ROOT/usr/lib/qubes
|
||||
cp linux/aux-tools/cleanup-dispvms $RPM_BUILD_ROOT/usr/lib/qubes
|
||||
cp linux/aux-tools/startup-dvm.sh $RPM_BUILD_ROOT/usr/lib/qubes
|
||||
cp linux/aux-tools/startup-misc.sh $RPM_BUILD_ROOT/usr/lib/qubes
|
||||
cp linux/aux-tools/prepare-volatile-img.sh $RPM_BUILD_ROOT/usr/lib/qubes
|
||||
cp qmemman/server.py $RPM_BUILD_ROOT/usr/lib/qubes/qmemman_daemon.py
|
||||
cp qmemman/meminfo-writer $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp qubes-rpc/qubes-notify-updates $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp aux-tools/udev-block-add-change $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp aux-tools/udev-block-remove $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp aux-tools/udev-block-cleanup $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp aux-tools/udev-usb-add-change $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp aux-tools/udev-usb-remove $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp aux-tools/vusb-ctl.py $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp aux-tools/xl-qvm-usb-attach.py $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp aux-tools/xl-qvm-usb-detach.py $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp aux-tools/block-cleaner-daemon.py $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp aux-tools/fix-dir-perms.sh $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp linux/aux-tools/vusb-ctl.py $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp linux/aux-tools/xl-qvm-usb-attach.py $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp linux/aux-tools/xl-qvm-usb-detach.py $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp linux/aux-tools/block-cleaner-daemon.py $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
cp linux/aux-tools/fix-dir-perms.sh $RPM_BUILD_ROOT/usr/lib/qubes/
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT/etc/qubes-rpc/policy
|
||||
cp qubes-rpc-policy/qubes.Filecopy.policy $RPM_BUILD_ROOT/etc/qubes-rpc/policy/qubes.Filecopy
|
||||
@ -154,10 +145,6 @@ cp qubes-rpc-policy/qubes.OpenInVM.policy $RPM_BUILD_ROOT/etc/qubes-rpc/policy/q
|
||||
cp qubes-rpc-policy/qubes.VMShell.policy $RPM_BUILD_ROOT/etc/qubes-rpc/policy/qubes.VMShell
|
||||
cp qubes-rpc-policy/qubes.NotifyUpdates.policy $RPM_BUILD_ROOT/etc/qubes-rpc/policy/qubes.NotifyUpdates
|
||||
cp qubes-rpc/qubes.NotifyUpdates $RPM_BUILD_ROOT/etc/qubes-rpc/
|
||||
cp qubes-rpc-policy/qubes.ReceiveUpdates.policy $RPM_BUILD_ROOT/etc/qubes-rpc/policy/qubes.ReceiveUpdates
|
||||
cp qubes-rpc/qubes.ReceiveUpdates $RPM_BUILD_ROOT/etc/qubes-rpc/
|
||||
install -D aux-tools/qubes-dom0.modules $RPM_BUILD_ROOT/etc/sysconfig/modules/qubes-dom0.modules
|
||||
install -D aux-tools/qubes-sync-clock.cron $RPM_BUILD_ROOT/etc/cron.d/qubes-sync-clock.cron
|
||||
|
||||
cp dispvm/xenstore-watch $RPM_BUILD_ROOT/usr/bin/xenstore-watch-qubes
|
||||
cp dispvm/qubes-restore $RPM_BUILD_ROOT/usr/lib/qubes
|
||||
@ -175,38 +162,16 @@ mkdir -p $RPM_BUILD_ROOT/var/lib/qubes/backup
|
||||
mkdir -p $RPM_BUILD_ROOT/var/lib/qubes/dvmdata
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/share/qubes
|
||||
cp misc/vm-template.conf $RPM_BUILD_ROOT/usr/share/qubes/
|
||||
cp misc/vm-template-hvm.conf $RPM_BUILD_ROOT/usr/share/qubes/
|
||||
cp xen-vm-config/vm-template.conf $RPM_BUILD_ROOT/usr/share/qubes/
|
||||
cp xen-vm-config/vm-template-hvm.conf $RPM_BUILD_ROOT/usr/share/qubes/
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/bin
|
||||
mkdir -p $RPM_BUILD_ROOT/etc/dhclient.d
|
||||
mkdir -p $RPM_BUILD_ROOT/etc/NetworkManager/dispatcher.d/
|
||||
mkdir -p $RPM_BUILD_ROOT/etc/sysconfig
|
||||
cp system-config/iptables $RPM_BUILD_ROOT/etc/sysconfig
|
||||
cp system-config/ip6tables $RPM_BUILD_ROOT/etc/sysconfig
|
||||
install -m 0644 -D system-config/limits-qubes.conf $RPM_BUILD_ROOT/etc/security/limits.d/99-qubes.conf
|
||||
install -D system-config/cpufreq-xen.modules $RPM_BUILD_ROOT/etc/sysconfig/modules/cpufreq-xen.modules
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT/usr/lib64/pm-utils/sleep.d
|
||||
cp pm-utils/01qubes-sync-vms-clock $RPM_BUILD_ROOT/usr/lib64/pm-utils/sleep.d/
|
||||
cp pm-utils/51qubes-suspend-netvm $RPM_BUILD_ROOT/usr/lib64/pm-utils/sleep.d/
|
||||
cp pm-utils/52qubes-pause-vms $RPM_BUILD_ROOT/usr/lib64/pm-utils/sleep.d/
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT/var/log/qubes
|
||||
mkdir -p $RPM_BUILD_ROOT/var/run/qubes
|
||||
|
||||
install -m 0440 -D system-config/qubes.sudoers $RPM_BUILD_ROOT/etc/sudoers.d/qubes
|
||||
|
||||
install -D system-config/polkit-1-qubes-allow-all.rules $RPM_BUILD_ROOT/etc/polkit-1/rules.d/00-qubes-allow-all.rules
|
||||
|
||||
install -d $RPM_BUILD_ROOT/etc/xdg/autostart
|
||||
install -m 0644 qubes-guid.desktop $RPM_BUILD_ROOT/etc/xdg/autostart/
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT/etc/dracut.conf.d
|
||||
cp dracut/dracut.conf.d/* $RPM_BUILD_ROOT/etc/dracut.conf.d/
|
||||
|
||||
mkdir -p $RPM_BUILD_ROOT%{_dracutmoddir}
|
||||
cp -r dracut/modules.d/* $RPM_BUILD_ROOT%{_dracutmoddir}/
|
||||
install -m 0644 linux/system-config/qubes-guid.desktop $RPM_BUILD_ROOT/etc/xdg/autostart/
|
||||
|
||||
%post
|
||||
|
||||
@ -262,10 +227,6 @@ if [ "x"$HAD_SYSCONFIG_NETWORK = "xno" ]; then
|
||||
rm -f /etc/sysconfig/network
|
||||
fi
|
||||
|
||||
# Remove unnecessary udev rules that causes problems in dom0 (#605)
|
||||
mkdir -p /var/lib/qubes/removed-udev-scripts
|
||||
mv -f /lib/udev/rules.d/69-xorg-vmmouse.rules /var/lib/qubes/removed-udev-scripts/ 2> /dev/null || :
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
rm -f %{name}-%{version}
|
||||
@ -275,26 +236,15 @@ if ! grep -q ^qubes: /etc/group ; then
|
||||
groupadd qubes
|
||||
fi
|
||||
|
||||
%triggerin -- xen
|
||||
|
||||
%triggerin -- xen-runtime
|
||||
sed -i 's/\/block /\/block.qubes /' /etc/udev/rules.d/xen-backend.rules
|
||||
/usr/lib/qubes/fix-dir-perms.sh
|
||||
|
||||
%triggerin -- xorg-x11-drv-vmmouse
|
||||
mv -f /lib/udev/rules.d/69-xorg-vmmouse.rules /var/lib/qubes/removed-udev-scripts/ 2> /dev/null || :
|
||||
|
||||
%preun
|
||||
if [ "$1" = 0 ] ; then
|
||||
# no more packages left
|
||||
service qubes_netvm stop
|
||||
service qubes_core stop
|
||||
|
||||
for i in /usr/share/qubes/icons/*.png ; do
|
||||
xdg-icon-resource uninstall --novendor --size 48 $i
|
||||
done
|
||||
|
||||
xdg-desktop-menu uninstall /usr/share/qubes/qubes-dispvm.directory /usr/share/qubes/qubes-dispvm-firefox.desktop
|
||||
fi
|
||||
|
||||
%postun
|
||||
@ -333,12 +283,7 @@ fi
|
||||
/usr/lib/qubes/meminfo-writer
|
||||
/usr/lib/qubes/qfile-daemon-dvm*
|
||||
/usr/lib/qubes/qubes-notify-updates
|
||||
/usr/lib/qubes/udev-block-add-change
|
||||
/usr/lib/qubes/udev-block-remove
|
||||
/usr/lib/qubes/udev-block-cleanup
|
||||
/usr/lib/qubes/block-cleaner-daemon.py*
|
||||
/usr/lib/qubes/udev-usb-add-change
|
||||
/usr/lib/qubes/udev-usb-remove
|
||||
/usr/lib/qubes/vusb-ctl.py*
|
||||
/usr/lib/qubes/xl-qvm-usb-attach.py*
|
||||
/usr/lib/qubes/xl-qvm-usb-detach.py*
|
||||
@ -346,7 +291,6 @@ fi
|
||||
/usr/lib/qubes/startup-dvm.sh
|
||||
/usr/lib/qubes/startup-misc.sh
|
||||
/usr/lib/qubes/prepare-volatile-img.sh
|
||||
%attr(4750,root,qubes) /usr/lib/qubes/qfile-dom0-unpacker
|
||||
%{_unitdir}/qubes-block-cleaner.service
|
||||
%{_unitdir}/qubes-core.service
|
||||
%{_unitdir}/qubes-setupdvm.service
|
||||
@ -362,13 +306,6 @@ fi
|
||||
%attr(0770,root,qubes) %dir /var/lib/qubes/vm-kernels
|
||||
/usr/share/qubes/vm-template.conf
|
||||
/usr/share/qubes/vm-template-hvm.conf
|
||||
/etc/sysconfig/iptables
|
||||
/etc/sysconfig/ip6tables
|
||||
/etc/sysconfig/modules/qubes-dom0.modules
|
||||
/etc/sysconfig/modules/cpufreq-xen.modules
|
||||
/usr/lib64/pm-utils/sleep.d/01qubes-sync-vms-clock
|
||||
/usr/lib64/pm-utils/sleep.d/51qubes-suspend-netvm
|
||||
/usr/lib64/pm-utils/sleep.d/52qubes-pause-vms
|
||||
/usr/bin/xenstore-watch-qubes
|
||||
/usr/lib/qubes/qubes-restore
|
||||
/usr/lib/qubes/qubes-prepare-saved-domain.sh
|
||||
@ -384,13 +321,4 @@ fi
|
||||
/etc/qubes-rpc/qubes.NotifyUpdates
|
||||
%attr(2770,root,qubes) %dir /var/log/qubes
|
||||
%attr(0770,root,qubes) %dir /var/run/qubes
|
||||
/etc/sudoers.d/qubes
|
||||
/etc/polkit-1/rules.d/00-qubes-allow-all.rules
|
||||
/etc/xdg/autostart/qubes-guid.desktop
|
||||
/etc/security/limits.d/99-qubes.conf
|
||||
/etc/udev/rules.d/99-qubes-block.rules
|
||||
/etc/udev/rules.d/99-qubes-usb.rules
|
||||
%attr(0644,root,root) /etc/cron.d/qubes-sync-clock.cron
|
||||
/etc/dracut.conf.d/*
|
||||
%dir %{_dracutmoddir}/90qubes-pciback
|
||||
%{_dracutmoddir}/90qubes-pciback/*
|
||||
|
||||
@ -1 +0,0 @@
|
||||
1.6.1
|
||||
Loading…
Reference in New Issue
Block a user