dfbf078155
This can cause some rules to fail and eg remove dm-* devices. Replace it with what is really needed to hide mounted (and other ignored) devices from qubes-block-devices.
96 lines
2.4 KiB
Bash
Executable File
96 lines
2.4 KiB
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# chkconfig: 2345 80 00
|
|
# description: Executes Qubes core scripts at Dom0 boot
|
|
#
|
|
### BEGIN INIT INFO
|
|
# Provides: qubes-core
|
|
# Required-Start: xend
|
|
# Default-Start: 3 4 5
|
|
# Default-Stop: 0 1 2 6
|
|
# Default-Enabled: yes
|
|
# Short-Description: Start/stop qubes-core services
|
|
# Description: Starts and stops the qubes-core serives
|
|
### END INIT INFO
|
|
|
|
# Source function library.
|
|
. /etc/rc.d/init.d/functions
|
|
|
|
|
|
start()
|
|
{
|
|
echo -n $"Executing Qubes Core scripts:"
|
|
modprobe evtchn 2> /dev/null || modprobe xen-evtchn
|
|
chgrp qubes /etc/xen
|
|
chmod 710 /etc/xen
|
|
chgrp qubes /var/run/xenstored/*
|
|
chmod 660 /var/run/xenstored/*
|
|
chgrp qubes /var/lib/xen
|
|
chmod 770 /var/lib/xen
|
|
chgrp qubes /var/log/xen
|
|
chmod 770 /var/log/xen
|
|
chgrp qubes /proc/xen/privcmd
|
|
chmod 660 /proc/xen/privcmd
|
|
chgrp qubes /dev/xen/evtchn
|
|
chmod 660 /dev/xen/evtchn
|
|
touch /var/run/qubes/xl-lock
|
|
chgrp qubes /var/run/qubes/xl-lock
|
|
chmod 660 /var/run/qubes/xl-lock
|
|
chgrp -R qubes /var/log/xen
|
|
chmod -R g+rX /var/log/xen
|
|
chmod g+s /var/log/xen/console
|
|
mkdir -p /var/run/xen-hotplug
|
|
|
|
xenstore-write /local/domain/0/name dom0
|
|
DOM0_MAXMEM=`/usr/sbin/xl info | grep total_memory | awk '{ print $3 }'`
|
|
xenstore-write /local/domain/0/memory/static-max $[ $DOM0_MAXMEM * 1024 ]
|
|
|
|
xl sched-credit -d 0 -w 512
|
|
cp /var/lib/qubes/qubes.xml /var/lib/qubes/backup/qubes-$(date +%F-%T).xml
|
|
|
|
/usr/lib/qubes/qmemman_daemon.py >/var/log/qubes/qmemman.log 2>/var/log/qubes/qmemman.errs &
|
|
MEM_CHANGE_THRESHOLD_KB=30000
|
|
MEMINFO_DELAY_USEC=100000
|
|
/usr/lib/qubes/meminfo-writer $MEM_CHANGE_THRESHOLD_KB $MEMINFO_DELAY_USEC &
|
|
|
|
/usr/lib/qubes/block_cleaner_daemon.py > /var/log/qubes/block_cleaner.log 2>&1 &
|
|
|
|
# Hide mounted devices from qubes-block list (at first udev run, only / is mounted)
|
|
for dev in `xenstore-list /local/domain/0/qubes-block-devices`; do
|
|
( eval `udevadm info -q property -n $dev|sed -e 's/\([^=]*\)=\(.*\)/export \1="\2"/'`;
|
|
/usr/lib/qubes/block_add_change
|
|
)
|
|
done
|
|
|
|
touch /var/lock/subsys/qubes_core
|
|
success
|
|
echo
|
|
|
|
}
|
|
|
|
stop()
|
|
{
|
|
echo -n $"Shutting down all Qubes VMs:"
|
|
qvm-shutdown -q --all --wait
|
|
rm -f /var/lock/subsys/qubes_core
|
|
killall meminfo-writer
|
|
killall qmemman_daemon.py
|
|
success
|
|
echo
|
|
}
|
|
|
|
case "$1" in
|
|
start)
|
|
start
|
|
;;
|
|
stop)
|
|
stop
|
|
;;
|
|
*)
|
|
echo $"Usage: $0 {start|stop}"
|
|
exit 3
|
|
;;
|
|
esac
|
|
|
|
exit $RETVAL
|