2014-10-31 06:59:20 +01:00
|
|
|
#!/bin/bash
|
|
|
|
# postinst script for core-agent-linux
|
|
|
|
#
|
|
|
|
# see: dh_installdeb(1)
|
|
|
|
|
2014-11-07 06:09:54 +01:00
|
|
|
set -e
|
2014-10-31 06:59:20 +01:00
|
|
|
|
2015-09-20 06:01:57 +02:00
|
|
|
# The postinst script may be called in the following ways:
|
2014-10-31 06:59:20 +01:00
|
|
|
# * <postinst> 'configure' <most-recently-configured-version>
|
|
|
|
# * <old-postinst> 'abort-upgrade' <new version>
|
|
|
|
# * <conflictor's-postinst> 'abort-remove' 'in-favour' <package>
|
|
|
|
# <new-version>
|
|
|
|
# * <postinst> 'abort-remove'
|
|
|
|
# * <deconfigured's-postinst> 'abort-deconfigure' 'in-favour'
|
|
|
|
# <failed-install-package> <version> 'removing'
|
|
|
|
# <conflicting-package> <version>
|
|
|
|
#
|
|
|
|
# For details, see http://www.debian.org/doc/debian-policy/ or
|
|
|
|
# https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html or
|
|
|
|
# the debian-policy package
|
|
|
|
|
2014-11-09 18:58:57 +01:00
|
|
|
|
2015-08-02 23:30:26 +02:00
|
|
|
debug() {
|
|
|
|
if [ "${DEBDEBUG}" == "1" ]; then
|
2017-09-30 04:52:32 +02:00
|
|
|
echo -e "$@"
|
2014-11-09 18:58:57 +01:00
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2017-12-15 02:23:01 +01:00
|
|
|
is_static() {
|
|
|
|
[ -f "/lib/sytemd/system/$1" ] && ! grep -q '^[[].nstall]' "/lib/systemd/system/$1"
|
|
|
|
}
|
|
|
|
|
|
|
|
is_masked() {
|
|
|
|
if [ ! -L /etc/systemd/system/"$1" ]
|
|
|
|
then
|
|
|
|
return 1
|
|
|
|
fi
|
|
|
|
target=$(readlink /etc/systemd/system/"$1" 2>/dev/null || :)
|
|
|
|
if [ "$target" = "/dev/null" ]
|
|
|
|
then
|
|
|
|
return 0
|
|
|
|
fi
|
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
|
|
|
mask() {
|
|
|
|
ln -sf /dev/null /etc/systemd/system/"$1"
|
|
|
|
}
|
|
|
|
|
|
|
|
unmask() {
|
|
|
|
if ! is_masked "$1"
|
|
|
|
then
|
|
|
|
return 0
|
|
|
|
fi
|
|
|
|
rm -f /etc/systemd/system/"$1"
|
|
|
|
}
|
|
|
|
|
|
|
|
preset_units() {
|
|
|
|
local represet=
|
|
|
|
while read -r action unit_name
|
|
|
|
do
|
|
|
|
if [ "$action" = "#" ] && [ "$unit_name" = "Units below this line will be re-preset on package upgrade" ]
|
|
|
|
then
|
|
|
|
represet=1
|
|
|
|
continue
|
|
|
|
fi
|
|
|
|
echo "$action $unit_name" | grep -q '^[[:space:]]*[^#;]' || continue
|
|
|
|
if ! [ -n "$action" ] || ! [ -n "$unit_name" ]; then
|
|
|
|
continue
|
|
|
|
fi
|
|
|
|
if [ "$2" = "initial" ] || [ "$represet" = "1" ]
|
|
|
|
then
|
|
|
|
if [ "$action" = "disable" ] && is_static "$unit_name"
|
|
|
|
then
|
|
|
|
if ! is_masked "$unit_name"
|
|
|
|
then
|
|
|
|
# We must effectively mask these units, even if they are static.
|
2015-07-24 11:02:56 +02:00
|
|
|
deb-systemd-helper mask "${unit_name}" > /dev/null 2>&1 || true
|
2015-04-22 08:04:10 +02:00
|
|
|
fi
|
2017-12-15 02:23:01 +01:00
|
|
|
elif [ "$action" = "enable" ] && is_static "$unit_name"
|
|
|
|
then
|
|
|
|
if is_masked "$unit_name"
|
|
|
|
then
|
|
|
|
# We masked this static unit before, now we unmask it.
|
|
|
|
deb-systemd-helper unmask "${unit_name}" > /dev/null 2>&1 || true
|
|
|
|
fi
|
|
|
|
systemctl --no-reload preset "$unit_name" >/dev/null 2>&1 || :
|
|
|
|
else
|
|
|
|
systemctl --no-reload preset "$unit_name" >/dev/null 2>&1 || :
|
2014-10-31 06:59:20 +01:00
|
|
|
fi
|
2017-12-15 02:23:01 +01:00
|
|
|
fi
|
|
|
|
done < "$1"
|
2015-04-22 08:04:10 +02:00
|
|
|
|
2015-07-24 11:02:56 +02:00
|
|
|
systemctl daemon-reload
|
2014-11-08 00:28:04 +01:00
|
|
|
}
|
|
|
|
|
2015-08-02 23:30:26 +02:00
|
|
|
installSerialConf() {
|
|
|
|
debug "Installing over-ridden serial.conf init script..."
|
|
|
|
if [ -e /etc/init/serial.conf ]; then
|
|
|
|
cp /usr/share/qubes/serial.conf /etc/init/serial.conf
|
|
|
|
fi
|
|
|
|
}
|
2014-11-08 00:28:04 +01:00
|
|
|
|
|
|
|
case "${1}" in
|
|
|
|
configure)
|
2015-08-02 23:30:26 +02:00
|
|
|
# Initial installation of package only
|
|
|
|
# ($2 contains version number on update; nothing on initial installation)
|
|
|
|
if [ -z "${2}" ]; then
|
|
|
|
|
|
|
|
debug "FIRST INSTALL..."
|
|
|
|
# Location of files which contains list of protected files
|
2017-09-30 04:52:32 +02:00
|
|
|
# shellcheck source=init/functions
|
2016-10-22 17:43:16 +02:00
|
|
|
. /usr/lib/qubes/init/functions
|
2015-08-02 23:30:26 +02:00
|
|
|
|
|
|
|
# ensure that hostname resolves to 127.0.1.1 resp. ::1 and that /etc/hosts is
|
|
|
|
# in the form expected by qubes-sysinit.sh
|
2016-10-22 17:43:16 +02:00
|
|
|
if ! is_protected_file /etc/hostname ; then
|
2015-08-02 23:30:26 +02:00
|
|
|
for ip in '127\.0\.1\.1' '::1'; do
|
|
|
|
if grep -q "^${ip}\(\s\|$\)" /etc/hosts; then
|
2017-09-30 04:52:32 +02:00
|
|
|
sed -i "/^${ip}\s/,+0s/\(\s$(hostname)\)\+\(\s\|$\)/\2/g" /etc/hosts || true
|
|
|
|
sed -i "s/^${ip}\(\s\|$\).*$/\0 $(hostname)/" /etc/hosts || true
|
2015-08-02 23:30:26 +02:00
|
|
|
else
|
2017-09-30 04:52:32 +02:00
|
|
|
echo "${ip//\\/} $(hostname)" >> /etc/hosts || true
|
2015-08-02 23:30:26 +02:00
|
|
|
fi
|
|
|
|
done
|
|
|
|
fi
|
|
|
|
|
|
|
|
# remove hostname from 127.0.0.1 line (in debian the hostname is by default
|
|
|
|
# resolved to 127.0.1.1)
|
2016-10-22 17:43:16 +02:00
|
|
|
if ! is_protected_file /etc/hosts ; then
|
2017-09-30 04:52:32 +02:00
|
|
|
sed -i "/^127\.0\.0\.1\s/,+0s/\(\s$(hostname)\)\+\(\s\|$\)/\2/g" /etc/hosts || true
|
2015-08-02 23:30:26 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
# Set default "runlevel"
|
|
|
|
rm -f /etc/systemd/system/default.target
|
|
|
|
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
|
|
|
|
|
|
|
|
# Systemd preload-all
|
2017-12-15 02:23:01 +01:00
|
|
|
preset_units /lib/systemd/system-preset/75-qubes-vm.preset initial
|
2015-08-02 23:30:26 +02:00
|
|
|
|
2015-10-15 04:34:55 +02:00
|
|
|
# Maybe install overridden serial.conf init script
|
2015-08-02 23:30:26 +02:00
|
|
|
installSerialConf
|
2017-12-15 02:23:01 +01:00
|
|
|
else
|
|
|
|
preset_units /lib/systemd/system-preset/75-qubes-vm.preset upgrade
|
2015-08-02 23:30:26 +02:00
|
|
|
fi
|
2016-11-14 03:33:20 +01:00
|
|
|
systemctl reenable haveged
|
2015-08-02 23:30:26 +02:00
|
|
|
|
2018-05-01 17:34:52 +02:00
|
|
|
chgrp user /var/lib/qubes/dom0-updates
|
|
|
|
|
2015-08-02 23:30:26 +02:00
|
|
|
debug "UPDATE..."
|
2014-11-08 00:28:04 +01:00
|
|
|
# disable some Upstart services
|
|
|
|
for init in plymouth-shutdown \
|
|
|
|
prefdm \
|
|
|
|
splash-manager \
|
|
|
|
start-ttys \
|
|
|
|
tty ; do
|
2015-01-24 22:41:05 +01:00
|
|
|
dpkg-divert --divert /etc/init/${init}.conf.qubes-disabled --package qubes-core-agent --rename --add /etc/init/${init}.conf
|
2014-11-08 00:28:04 +01:00
|
|
|
done
|
2015-07-24 11:02:56 +02:00
|
|
|
dpkg-divert --divert /etc/init/serial.conf.qubes-orig --package qubes-core-agent --rename --add /etc/init/serial.conf
|
2015-04-22 08:04:10 +02:00
|
|
|
|
2017-02-16 23:41:14 +01:00
|
|
|
if [ ! -L /etc/systemd/system/rpcbind.service ]; then
|
|
|
|
ln -s /dev/null /etc/systemd/system/rpcbind.service
|
|
|
|
fi
|
|
|
|
|
2014-10-31 06:59:20 +01:00
|
|
|
# Remove old firmware updates link
|
|
|
|
if [ -L /lib/firmware/updates ]; then
|
2014-11-08 00:28:04 +01:00
|
|
|
rm -f /lib/firmware/updates
|
2014-10-31 06:59:20 +01:00
|
|
|
fi
|
|
|
|
|
2016-07-25 13:51:20 +02:00
|
|
|
# remove old symlinks
|
|
|
|
if [ -L /etc/systemd/system/sysinit.target.wants/qubes-random-seed.service ]; then
|
2016-07-28 19:13:30 +02:00
|
|
|
rm /etc/systemd/system/sysinit.target.wants/qubes-random-seed.service
|
2016-07-25 13:51:20 +02:00
|
|
|
fi
|
2016-07-28 19:08:09 +02:00
|
|
|
if [ -L /etc/systemd/system/multi-user.target.wants/qubes-mount-home.service ]; then
|
2016-07-28 19:13:30 +02:00
|
|
|
rm /etc/systemd/system/multi-user.target.wants/qubes-mount-home.service
|
2016-07-25 13:51:20 +02:00
|
|
|
fi
|
|
|
|
|
2015-07-18 15:05:15 +02:00
|
|
|
if ! dpkg-statoverride --list /var/lib/qubes/dom0-updates >/dev/null 2>&1; then
|
|
|
|
dpkg-statoverride --update --add user user 775 /var/lib/qubes/dom0-updates
|
|
|
|
fi
|
|
|
|
|
2017-02-20 23:25:39 +01:00
|
|
|
glib-compile-schemas /usr/share/glib-2.0/schemas || true
|
2017-02-12 04:06:48 +01:00
|
|
|
|
2018-03-13 17:10:40 +01:00
|
|
|
if [ -x /usr/bin/dconf ]; then
|
|
|
|
dconf update
|
|
|
|
fi
|
2017-02-12 04:06:48 +01:00
|
|
|
|
2018-02-13 17:05:42 +01:00
|
|
|
# tell dom0 about installed updates (applications, features etc)
|
|
|
|
/etc/qubes-rpc/qubes.PostInstall || true
|
2014-10-31 06:59:20 +01:00
|
|
|
;;
|
|
|
|
|
|
|
|
abort-upgrade|abort-remove|abort-deconfigure)
|
|
|
|
exit 0
|
|
|
|
;;
|
|
|
|
|
2014-11-05 04:37:34 +01:00
|
|
|
triggered)
|
2014-11-08 00:28:04 +01:00
|
|
|
for trigger in ${2}; do
|
|
|
|
case "${trigger}" in
|
|
|
|
|
2014-11-07 06:09:54 +01:00
|
|
|
/usr/share/applications)
|
2018-02-13 17:05:42 +01:00
|
|
|
debug "Updating Qubes App Menus and advertising features..."
|
|
|
|
/etc/qubes-rpc/qubes.PostInstall || true
|
2014-11-08 00:28:04 +01:00
|
|
|
;;
|
|
|
|
|
2015-10-15 04:34:55 +02:00
|
|
|
# Install overridden serial.conf init script
|
2014-11-08 00:28:04 +01:00
|
|
|
/etc/init/serial.conf)
|
2015-08-02 23:30:26 +02:00
|
|
|
installSerialConf
|
2014-11-08 00:28:04 +01:00
|
|
|
;;
|
|
|
|
|
2014-11-07 06:09:54 +01:00
|
|
|
esac
|
|
|
|
done
|
2015-07-24 11:02:56 +02:00
|
|
|
exit 0
|
2014-11-05 04:37:34 +01:00
|
|
|
;;
|
|
|
|
|
2014-10-31 06:59:20 +01:00
|
|
|
*)
|
2014-11-08 00:28:04 +01:00
|
|
|
echo "postinst called with unknown argument \`${1}'" >&2
|
2014-10-31 06:59:20 +01:00
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
# dh_installdeb will replace this with shell code automatically
|
|
|
|
# generated by other debhelper scripts.
|
|
|
|
|
|
|
|
#DEBHELPER#
|
|
|
|
|
|
|
|
exit 0
|
|
|
|
|
|
|
|
# vim: set ts=4 sw=4 sts=4 et :
|