archlinux: update installer script in prevision of pacman.d drop-ins
This commit is contained in:
parent
191b2a4cd9
commit
051d806f0a
@ -212,12 +212,59 @@ APPENDLINE=$3
|
||||
grep -q "$APPENDLINE" "$FILE" || sed "/$APPENDAFTERLINE/a$APPENDLINE" -i "$FILE"
|
||||
}
|
||||
|
||||
config_cleanupmark() {
|
||||
FILE="$1"
|
||||
BEGINMARK="$2"
|
||||
ENDMARK="$3"
|
||||
if grep -q "$BEGINMARK" "$FILE"; then
|
||||
if grep -q "$ENDMARK" "$FILE"; then
|
||||
cp "$FILE" "$FILE.qubes-update-orig"
|
||||
sed -i -e "/^$BEGINMARK\$/,/^$ENDMARK\$/{
|
||||
/^$ENDMARK\$/b
|
||||
/^$BEGINMARK$/!d
|
||||
}" "$FILE"
|
||||
rm -f "$FILE.qubes-update-orig"
|
||||
else
|
||||
echo "ERROR: found $BEGINMARK marker but not $ENDMARK in $FILE. Please cleanup this file manually."
|
||||
fi
|
||||
elif grep -q "$ENDMARK" "$FILE"; then
|
||||
echo "ERROR: found $ENDMARK marker but not $BEGINMARK in $FILE. Please cleanup this file manually."
|
||||
fi
|
||||
}
|
||||
|
||||
update_finalize() {
|
||||
|
||||
# Archlinux specific: Prepare pacman.conf to add qubes specific config
|
||||
QUBES_MARKER="### QUBES CONFIG MARKER ###"
|
||||
config_prependtomark "/etc/pacman.conf" "# REPOSITORIES" "$QUBES_MARKER"
|
||||
|
||||
# Ensure pam.d will not be modified by archlinux package updates
|
||||
config_appendtomark '/etc/pacman.conf' "$QUBES_MARKER" 'NoUpgrade = etc/pam.d/su'
|
||||
config_appendtomark '/etc/pacman.conf' "$QUBES_MARKER" 'NoUpgrade = etc/pam.d/su-l'
|
||||
|
||||
# Add Qubes setup script markers at the right place (this won't work at the end of pacman.conf)"
|
||||
config_appendtomark "/etc/pacman.conf" "$QUBES_MARKER" "### QUBES END ###"
|
||||
config_appendtomark "/etc/pacman.conf" "$QUBES_MARKER" "### QUBES BEGIN ###"
|
||||
|
||||
|
||||
## Archlinux specific: Cleanup pre pacman.d qubes marker
|
||||
## Commented out until pacman.d snipped are supported
|
||||
#QUBES_MARKER="### QUBES CONFIG MARKER ###"
|
||||
#if grep -q "$QUBES_MARKER" /etc/pacman.conf; then
|
||||
# if ! grep -q "### QUBES CONFIG END MARKER ###" /etc/pacman.conf; then
|
||||
# # Perform cleanup before continuing
|
||||
# config_prependtomark "/etc/pacman.conf" "# REPOSITORIES" "### QUBES CONFIG END MARKER ###"
|
||||
# config_cleanupmark "/etc/pacman.conf" "$QUBES_MARKER" "### QUBES CONFIG END MARKER ###"
|
||||
# fi
|
||||
#fi
|
||||
#config_prependtomark "/etc/pacman.conf" "# REPOSITORIES" "$QUBES_MARKER"
|
||||
#config_prependtomark "/etc/pacman.conf" "# REPOSITORIES" "### QUBES CONFIG END MARKER ###"
|
||||
#
|
||||
## Add qubes includes
|
||||
#config_appendtomark "/etc/pacman.conf" "$QUBES_MARKER" "Include /etc/pacman.d/qubes-noupdate.conf"
|
||||
#config_appendtomark "/etc/pacman.conf" "$QUBES_MARKER" "Include /etc/pacman.d/qubes-updateproxy.conf"
|
||||
#config_prependtomark "/etc/pacman.conf" "### QUBES CONFIG END MARKER ###" "Include /etc/pacman.d/qubes-repositories.conf"
|
||||
|
||||
# Archlinux specific: Update pam.d configuration for su to enable systemd-login wrapper
|
||||
# Also remove pam_unix.so from su configuration
|
||||
# as system-login (which include system-auth) already gives pam_unix.so
|
||||
@ -237,20 +284,12 @@ account include system-login
|
||||
session include system-login
|
||||
EOF
|
||||
cp /etc/pam.d/su /etc/pam.d/su-l
|
||||
|
||||
echo "Ensure pam.d will not be modified by archlinux package updates"
|
||||
config_appendtomark '/etc/pacman.conf' "$QUBES_MARKER" 'NoUpgrade = etc/pam.d/su'
|
||||
config_appendtomark '/etc/pacman.conf' "$QUBES_MARKER" 'NoUpgrade = etc/pam.d/su-l'
|
||||
fi
|
||||
|
||||
# Archlinux specific: ensure tty1 is enabled
|
||||
rm -f /etc/systemd/system/getty.target.wants/getty@tty*.service
|
||||
systemctl enable getty\@tty1.service
|
||||
|
||||
# Add Qubes setup script markers at the right place (this won't work at the end of pacman.conf)"
|
||||
config_appendtomark "/etc/pacman.conf" "$QUBES_MARKER" "### QUBES END ###"
|
||||
config_appendtomark "/etc/pacman.conf" "$QUBES_MARKER" "### QUBES BEGIN ###"
|
||||
|
||||
|
||||
systemctl daemon-reload
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user