From a361fb454c9211c3ce5c169f93f64ad8cf9e99b9 Mon Sep 17 00:00:00 2001 From: unman Date: Sun, 5 Feb 2017 23:36:27 +0000 Subject: [PATCH 1/2] Stop anacron from starting in Debian using existing constraint on cron --- Makefile | 3 +++ patches.debian/01_add_anacron.patch | 8 ++++++++ series-debian-vm.conf | 2 +- vm-systemd/anacron-resume.service.d/30_qubes.conf | 3 +++ vm-systemd/anacron.service.d/30_qubes.conf | 3 +++ 5 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 patches.debian/01_add_anacron.patch create mode 100644 vm-systemd/anacron-resume.service.d/30_qubes.conf create mode 100644 vm-systemd/anacron.service.d/30_qubes.conf diff --git a/Makefile b/Makefile index ae9a2ff..9bc4ee0 100644 --- a/Makefile +++ b/Makefile @@ -77,6 +77,9 @@ ifeq ($(shell lsb_release -is), Debian) # handled by qubes-iptables service now SYSTEM_DROPINS += netfilter-persistent.service + + SYSTEM_DROPINS += anacron.service + SYSTEM_DROPINS += anacron-resume.service endif install-systemd-dropins: diff --git a/patches.debian/01_add_anacron.patch b/patches.debian/01_add_anacron.patch new file mode 100644 index 0000000..849325e --- /dev/null +++ b/patches.debian/01_add_anacron.patch @@ -0,0 +1,8 @@ +Index: core-agent-linux/misc/30_cron.conf +=================================================================== +--- core-agent-linux.orig/misc/30_cron.conf 2017-01-06 22:47:57.855061937 +0000 ++++ core-agent-linux/misc/30_cron.conf 2017-01-07 01:31:16.382061937 +0000 +@@ -1 +1,2 @@ + binds+=( '/var/spool/cron' ) ++binds+=( '/var/spool/anacron' ) + diff --git a/series-debian-vm.conf b/series-debian-vm.conf index 66bb7a9..06d5d05 100644 --- a/series-debian-vm.conf +++ b/series-debian-vm.conf @@ -1 +1 @@ -patches.debian/qrexec_disable_all_warnings_as_errors.patch +patches.debian/01_add_anacron.patch diff --git a/vm-systemd/anacron-resume.service.d/30_qubes.conf b/vm-systemd/anacron-resume.service.d/30_qubes.conf new file mode 100644 index 0000000..dac888e --- /dev/null +++ b/vm-systemd/anacron-resume.service.d/30_qubes.conf @@ -0,0 +1,3 @@ +[Unit] +ConditionPathExists=/var/run/qubes-service/crond + diff --git a/vm-systemd/anacron.service.d/30_qubes.conf b/vm-systemd/anacron.service.d/30_qubes.conf new file mode 100644 index 0000000..dac888e --- /dev/null +++ b/vm-systemd/anacron.service.d/30_qubes.conf @@ -0,0 +1,3 @@ +[Unit] +ConditionPathExists=/var/run/qubes-service/crond + From 3180d09ff42d6d7edf34535d4d8559226aae4a09 Mon Sep 17 00:00:00 2001 From: unman Date: Mon, 6 Feb 2017 00:08:33 +0000 Subject: [PATCH 2/2] Constrain cron and anacron in Ubuntu also --- Makefile | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/Makefile b/Makefile index 9bc4ee0..0417d57 100644 --- a/Makefile +++ b/Makefile @@ -63,6 +63,15 @@ SYSTEM_DROPINS += tor.service tor@default.service USER_DROPINS := pulseaudio.service pulseaudio.socket +# Ubuntu Dropins +ifeq ($(shell lsb_release -is), Ubuntu) + + # 'crond.service' is named 'cron.service in Debian + SYSTEM_DROPINS := $(strip $(patsubst crond.service, cron.service, $(SYSTEM_DROPINS))) + SYSTEM_DROPINS += anacron.service + SYSTEM_DROPINS += anacron-resume.service +endif + # Debian Dropins ifeq ($(shell lsb_release -is), Debian) # Don't have 'ntpd' in Debian