debian: Added maintainers scripts (pre / postinit + rm) - Currently in debug mode
This commit is contained in:
parent
5c351bf4ae
commit
0937a3b3c6
232
debian/postinst
vendored
Executable file
232
debian/postinst
vendored
Executable file
@ -0,0 +1,232 @@
|
||||
#!/bin/bash
|
||||
# postinst script for core-agent-linux
|
||||
#
|
||||
# see: dh_installdeb(1)
|
||||
|
||||
set -x
|
||||
|
||||
# The postint script may be called in the following ways:
|
||||
# * <postinst> 'configure' <most-recently-configured-version>
|
||||
# * <old-postinst> 'abort-upgrade' <new version>
|
||||
# * <conflictor's-postinst> 'abort-remove' 'in-favour' <package>
|
||||
# <new-version>
|
||||
# * <postinst> 'abort-remove'
|
||||
# * <deconfigured's-postinst> 'abort-deconfigure' 'in-favour'
|
||||
# <failed-install-package> <version> 'removing'
|
||||
# <conflicting-package> <version>
|
||||
#
|
||||
# For details, see http://www.debian.org/doc/debian-policy/ or
|
||||
# https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html or
|
||||
# the debian-policy package
|
||||
|
||||
case "$1" in
|
||||
configure)
|
||||
# disable some Upstart services
|
||||
for F in plymouth-shutdown prefdm splash-manager start-ttys tty ; do
|
||||
if [ -e /etc/init/$F.conf ]; then
|
||||
mv -f /etc/init/$F.conf /etc/init/$F.conf.disabled
|
||||
fi
|
||||
done
|
||||
|
||||
remove_ShowIn () {
|
||||
if [ -e /etc/xdg/autostart/$1.desktop ]; then
|
||||
sed -i '/^\(Not\|Only\)ShowIn/d' /etc/xdg/autostart/$1.desktop
|
||||
fi
|
||||
}
|
||||
|
||||
# reenable abrt-aplet if disable by some earlier version of package
|
||||
remove_ShowIn abrt-applet.desktop
|
||||
|
||||
# don't want it at all
|
||||
for F in deja-dup-monitor imsettings-start krb5-auth-dialog pulseaudio restorecond sealertauto gnome-power-manager gnome-sound-applet gnome-screensaver orca-autostart; do
|
||||
if [ -e /etc/xdg/autostart/$F.desktop ]; then
|
||||
remove_ShowIn $F
|
||||
echo 'NotShowIn=QUBES;' >> /etc/xdg/autostart/$F.desktop
|
||||
fi
|
||||
done
|
||||
|
||||
# don't want it in DisposableVM
|
||||
for F in gcm-apply ; do
|
||||
if [ -e /etc/xdg/autostart/$F.desktop ]; then
|
||||
remove_ShowIn $F
|
||||
echo 'NotShowIn=DisposableVM;' >> /etc/xdg/autostart/$F.desktop
|
||||
fi
|
||||
done
|
||||
|
||||
# want it in AppVM only
|
||||
for F in gnome-keyring-gpg gnome-keyring-pkcs11 gnome-keyring-secrets gnome-keyring-ssh gnome-settings-daemon user-dirs-update-gtk gsettings-data-convert ; do
|
||||
if [ -e /etc/xdg/autostart/$F.desktop ]; then
|
||||
remove_ShowIn $F
|
||||
echo 'OnlyShowIn=GNOME;AppVM;' >> /etc/xdg/autostart/$F.desktop
|
||||
fi
|
||||
done
|
||||
|
||||
# remove existing rule to add own later
|
||||
for F in gpk-update-icon nm-applet ; do
|
||||
remove_ShowIn $F
|
||||
done
|
||||
|
||||
echo 'OnlyShowIn=GNOME;UpdateableVM;' >> /etc/xdg/autostart/gpk-update-icon.desktop || :
|
||||
echo 'OnlyShowIn=GNOME;QUBES;' >> /etc/xdg/autostart/nm-applet.desktop || :
|
||||
|
||||
# Create NetworkManager configuration if we do not have it
|
||||
if ! [ -e /etc/NetworkManager/NetworkManager.conf ]; then
|
||||
echo '[main]' > /etc/NetworkManager/NetworkManager.conf
|
||||
echo 'plugins = keyfile' >> /etc/NetworkManager/NetworkManager.conf
|
||||
echo '[keyfile]' >> /etc/NetworkManager/NetworkManager.conf
|
||||
fi
|
||||
/usr/lib/qubes/qubes-fix-nm-conf.sh
|
||||
|
||||
|
||||
# Remove ip_forward setting from sysctl, so NM will not reset it
|
||||
sed 's/^net.ipv4.ip_forward.*/#\0/' -i /etc/sysctl.conf
|
||||
|
||||
# Remove old firmware updates link
|
||||
if [ -L /lib/firmware/updates ]; then
|
||||
rm -f /lib/firmware/updates
|
||||
fi
|
||||
|
||||
#if ! grep -q '/etc/yum\.conf\.d/qubes-proxy\.conf' /etc/yum.conf; then
|
||||
# echo >> /etc/yum.conf
|
||||
# echo '# Yum does not support inclusion of config dir...' >> /etc/yum.conf
|
||||
# echo 'include=file:///etc/yum.conf.d/qubes-proxy.conf' >> /etc/yum.conf
|
||||
#fi
|
||||
|
||||
# Revert 'Prevent unnecessary updates in VMs':
|
||||
#sed -i -e '/^exclude = kernel/d' /etc/yum.conf
|
||||
|
||||
# qubes-core-vm has been broken for some time - it overrides /etc/hosts; restore original content
|
||||
#if ! grep -q localhost /etc/hosts; then
|
||||
cat <<EOF > /etc/hosts
|
||||
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 `hostname`
|
||||
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
|
||||
EOF
|
||||
#fi
|
||||
|
||||
#if [ "$1" != 1 ] ; then
|
||||
# # do the rest of %post thing only when updating for the first time...
|
||||
# exit 0
|
||||
#fi
|
||||
|
||||
if [ -e /etc/init/serial.conf ] && ! [ -f /var/lib/qubes/serial.orig ] ; then
|
||||
cp /etc/init/serial.conf /var/lib/qubes/serial.orig
|
||||
fi
|
||||
|
||||
# Remove most of the udev scripts to speed up the VM boot time
|
||||
# Just leave the xen* scripts, that are needed if this VM was
|
||||
# ever used as a net backend (e.g. as a VPN domain in the future)
|
||||
#echo "--> Removing unnecessary udev scripts..."
|
||||
mkdir -p /var/lib/qubes/removed-udev-scripts
|
||||
for f in /etc/udev/rules.d/*
|
||||
do
|
||||
if [ $(basename $f) == "xen-backend.rules" ] ; then
|
||||
continue
|
||||
fi
|
||||
|
||||
if [ $(basename $f) == "50-qubes-misc.rules" ] ; then
|
||||
continue
|
||||
fi
|
||||
|
||||
if echo $f | grep -q qubes; then
|
||||
continue
|
||||
fi
|
||||
|
||||
mv $f /var/lib/qubes/removed-udev-scripts/
|
||||
done
|
||||
mkdir -p /rw
|
||||
#rm -f /etc/mtab
|
||||
#echo "--> Removing HWADDR setting from /etc/sysconfig/network-scripts/ifcfg-eth0"
|
||||
#mv /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth0.orig
|
||||
#grep -v HWADDR /etc/sysconfig/network-scripts/ifcfg-eth0.orig > /etc/sysconfig/network-scripts/ifcfg-eth0
|
||||
|
||||
#######################################################################
|
||||
# systemd post-init
|
||||
#######################################################################
|
||||
for srv in qubes-dvm qubes-sysinit qubes-misc-post qubes-netwatcher qubes-network qubes-firewall qubes-updates-proxy qubes-qrexec-agent; do
|
||||
/bin/systemctl enable $srv.service 2> /dev/null
|
||||
done
|
||||
|
||||
/bin/systemctl enable qubes-update-check.timer 2> /dev/null
|
||||
|
||||
UNITDIR=/lib/systemd/system
|
||||
OVERRIDEDIR=/usr/lib/qubes/init
|
||||
|
||||
# XXX: Debian specific
|
||||
if [ -f "$OVERRIDEDIR/NetworkManager.service" ]; then
|
||||
mv -f $OVERRIDEDIR/NetworkManager.service $OVERRIDEDIR/network-manager.service
|
||||
sed 's/NetworkManager/network-manager/' -i $OVERRIDEDIR/network-manager.service
|
||||
fi
|
||||
if [ -f "$OVERRIDEDIR/NetworkManager-wait-online.service" ]; then
|
||||
mv -f $OVERRIDEDIR/NetworkManager-wait-online.service $OVERRIDEDIR/network-manager-wait-online.service
|
||||
sed 's/NetworkManager/network-manager/' -i $OVERRIDEDIR/network-manager-wait-online.service
|
||||
fi
|
||||
if [ -f "$OVERRIDEDIR/ModemManager" ]; then
|
||||
mv -f $OVERRIDEDIR/ModemManager $OVERRIDEDIR/modemmanager.service
|
||||
sed 's/ModemManager/modemmanager/' -i $OVERRIDEDIR/modemmanager.service
|
||||
fi
|
||||
|
||||
# Install overriden services only when original exists
|
||||
#for srv in cups modemmanager network-manager network-manager-wait-online ntpd chronyd; do
|
||||
for srv in cups modemmanager network-manager network-manager-wait-online; do
|
||||
if [ -f $UNITDIR/$srv.service ]; then
|
||||
cp $OVERRIDEDIR/$srv.service /etc/systemd/system/
|
||||
fi
|
||||
if [ -f $UNITDIR/$srv.socket -a -f $OVERRIDEDIR/$srv.socket ]; then
|
||||
cp $OVERRIDEDIR/$srv.socket /etc/systemd/system/
|
||||
fi
|
||||
if [ -f $UNITDIR/$srv.path -a -f $OVERRIDEDIR/$srv.path ]; then
|
||||
cp $OVERRIDEDIR/$srv.path /etc/systemd/system/
|
||||
fi
|
||||
done
|
||||
|
||||
# Set default "runlevel"
|
||||
rm -f /etc/systemd/system/default.target
|
||||
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
|
||||
|
||||
#DISABLE_SERVICES="alsa-store alsa-restore auditd avahi avahi-daemon backuppc cpuspeed crond"
|
||||
#DISABLE_SERVICES="$DISABLE_SERVICES fedora-autorelabel fedora-autorelabel-mark ipmi hwclock-load hwclock-save"
|
||||
#DISABLE_SERVICES="$DISABLE_SERVICES mdmonitor multipathd openct rpcbind mcelog fedora-storage-init fedora-storage-init-late"
|
||||
#DISABLE_SERVICES="$DISABLE_SERVICES plymouth-start plymouth-read-write plymouth-quit plymouth-quit-wait"
|
||||
#DISABLE_SERVICES="$DISABLE_SERVICES sshd tcsd sm-client sendmail mdmonitor-takeover"
|
||||
#DISABLE_SERVICES="$DISABLE_SERVICES rngd smartd upower irqbalance colord"
|
||||
#for srv in $DISABLE_SERVICES; do
|
||||
# if [ -f /lib/systemd/system/$srv.service ]; then
|
||||
# if fgrep -q '[Install]' /lib/systemd/system/$srv.service; then
|
||||
# /bin/systemctl disable $srv.service 2> /dev/null
|
||||
# else
|
||||
# # forcibly disable
|
||||
# ln -sf /dev/null /etc/systemd/system/$srv.service
|
||||
# fi
|
||||
# fi
|
||||
#done
|
||||
|
||||
rm -f /etc/systemd/system/getty.target.wants/getty@tty*.service
|
||||
|
||||
# Enable some services
|
||||
/bin/systemctl enable iptables.service 2> /dev/null
|
||||
/bin/systemctl enable ip6tables.service 2> /dev/null
|
||||
/bin/systemctl enable rsyslog.service 2> /dev/null
|
||||
/bin/systemctl enable ntpd.service 2> /dev/null
|
||||
|
||||
# Enable cups only when it is real SystemD service
|
||||
[ -e /lib/systemd/system/cups.service ] && /bin/systemctl enable cups.service 2> /dev/null
|
||||
;;
|
||||
|
||||
abort-upgrade|abort-remove|abort-deconfigure)
|
||||
exit 0
|
||||
;;
|
||||
|
||||
*)
|
||||
echo "postinst called with unknown argument \`$1'" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
# dh_installdeb will replace this with shell code automatically
|
||||
# generated by other debhelper scripts.
|
||||
|
||||
#DEBHELPER#
|
||||
|
||||
exit 0
|
||||
|
||||
# vim: set ts=4 sw=4 sts=4 et :
|
54
debian/postrm
vendored
Executable file
54
debian/postrm
vendored
Executable file
@ -0,0 +1,54 @@
|
||||
#!/bin/bash
|
||||
# postrm script for core-agent-linux
|
||||
#
|
||||
# see: dh_installdeb(1)
|
||||
|
||||
set -x
|
||||
|
||||
# The prerm script may be called in the following ways:
|
||||
# * <postrm> 'remove'
|
||||
# * <postrm> 'purge'
|
||||
# * <old-postrm> 'upgrade' <new-version>
|
||||
# * <disappearer's-postrm> 'disappear' <overwriter> <overwriter-version>
|
||||
#
|
||||
# The postrm script is called after the package's files have been removed
|
||||
# or replaced. The package whose postrm is being called may have previously been
|
||||
# deconfigured and only be "Unpacked", at which point subsequent package changes
|
||||
# do not consider its dependencies. Therefore, all postrm actions may only rely
|
||||
# on essential packages and must gracefully skip any actions that require the
|
||||
# package's dependencies if those dependencies are unavailable.[48]
|
||||
#
|
||||
# * <new-postrm> 'failed-upgrade' <old-version>
|
||||
#
|
||||
# Called when the old postrm upgrade action fails. The new package will be
|
||||
# unpacked, but only essential packages and pre-dependencies can be relied on.
|
||||
# Pre-dependencies will either be configured or will be "Unpacked" or
|
||||
# "Half-Configured" but previously had been configured and was never removed.
|
||||
#
|
||||
# * <new-postrm> 'abort-install'
|
||||
# * <new-postrm> 'abort-install' <old-version>
|
||||
# * <new-postrm> 'abort-upgrade' <old-version>
|
||||
#
|
||||
# Called before unpacking the new package as part of the error handling of
|
||||
# preinst failures. May assume the same state as preinst can assume.
|
||||
#
|
||||
# For details, see http://www.debian.org/doc/debian-policy/ or
|
||||
# https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html or
|
||||
# the debian-policy package
|
||||
|
||||
if [ "$1" = "remove" ] ; then
|
||||
/usr/bin/glib-compile-schemas /usr/share/glib-2.0/schemas &> /dev/null || :
|
||||
|
||||
if [ -L /lib/firmware/updates ]; then
|
||||
rm /lib/firmware/updates
|
||||
fi
|
||||
fi
|
||||
|
||||
# dh_installdeb will replace this with shell code automatically
|
||||
# generated by other debhelper scripts.
|
||||
|
||||
#DEBHELPER#
|
||||
|
||||
exit 0
|
||||
|
||||
# vim: set ts=4 sw=4 sts=4 et :
|
98
debian/preinst
vendored
Executable file
98
debian/preinst
vendored
Executable file
@ -0,0 +1,98 @@
|
||||
#!/bin/bash
|
||||
# preinst script for core-agent-linux
|
||||
#
|
||||
# see: dh_installdeb(1)
|
||||
|
||||
set -x
|
||||
|
||||
# The preinst script may be called in the following ways:
|
||||
# * <new-preinst> 'install'
|
||||
# * <new-preinst> 'install' <old-version>
|
||||
# * <new-preinst> 'upgrade' <old-version>
|
||||
#
|
||||
# The package will not yet be unpacked, so the preinst script cannot rely
|
||||
# on any files included in its package. Only essential packages and
|
||||
# pre-dependencies (Pre-Depends) may be assumed to be available.
|
||||
# Pre-dependencies will have been configured at least once, but at the time the
|
||||
# preinst is called they may only be in an "Unpacked" or "Half-Configured" state
|
||||
# if a previous version of the pre-dependency was completely configured and has
|
||||
# not been removed since then.
|
||||
#
|
||||
#
|
||||
# * <old-preinst> 'abort-upgrade' <new-version>
|
||||
#
|
||||
# Called during error handling of an upgrade that failed after unpacking the
|
||||
# new package because the postrm upgrade action failed. The unpacked files may
|
||||
# be partly from the new version or partly missing, so the script cannot rely
|
||||
# on files included in the package. Package dependencies may not be available.
|
||||
# Pre-dependencies will be at least "Unpacked" following the same rules as
|
||||
# above, except they may be only "Half-Installed" if an upgrade of the
|
||||
# pre-dependency failed.[46]
|
||||
#
|
||||
# For details, see http://www.debian.org/doc/debian-policy/ or
|
||||
# https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html or
|
||||
# the debian-policy package
|
||||
|
||||
if [ "$1" = "install" ] ; then
|
||||
# --------------------------------------------------------------------------
|
||||
# Create required directories
|
||||
# --------------------------------------------------------------------------
|
||||
mkdir -p /var/lib/qubes
|
||||
mkdir -p /lib/modules
|
||||
#mkdir -p -m 0700 /var/log/xen # xen-utils-common should do this
|
||||
|
||||
if [ -e /etc/fstab ] ; then
|
||||
mv /etc/fstab /var/lib/qubes/fstab.orig
|
||||
fi
|
||||
|
||||
# --------------------------------------------------------------------------
|
||||
# Modules setup
|
||||
# --------------------------------------------------------------------------
|
||||
echo "xen_netfront" >> /etc/modules
|
||||
|
||||
# --------------------------------------------------------------------------
|
||||
# Remove `mesg` from root/.profile?
|
||||
# --------------------------------------------------------------------------
|
||||
sed -i -e '/^mesg n/d' /root/.profile
|
||||
|
||||
# --------------------------------------------------------------------------
|
||||
# Update /etc/fstab
|
||||
# --------------------------------------------------------------------------
|
||||
cat > /etc/fstab <<EOF
|
||||
/dev/mapper/dmroot / ext4 defaults,noatime 1 1
|
||||
/dev/xvdc1 swap swap defaults 0 0
|
||||
|
||||
/dev/xvdb /rw ext4 noauto,defaults,discard 1 2
|
||||
/rw/home /home none noauto,bind,defaults 0 0
|
||||
|
||||
tmpfs /dev/shm tmpfs defaults 0 0
|
||||
devpts /dev/pts devpts gid=5,mode=620 0 0
|
||||
proc /proc proc defaults 0 0
|
||||
sysfs /sys sysfs defaults 0 0
|
||||
xen /proc/xen xenfs defaults 0 0
|
||||
|
||||
/dev/xvdi /mnt/removable auto noauto,user,rw 0 0
|
||||
/dev/xvdd /lib/modules ext3 defaults 0 0
|
||||
EOF
|
||||
|
||||
# --------------------------------------------------------------------------
|
||||
# User add / modifications
|
||||
# --------------------------------------------------------------------------
|
||||
id -u 'user' || adduser user
|
||||
usermod -p '' root
|
||||
usermod -L user
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if [ "$1" = "upgrade" ] ; then
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# dh_installdeb will replace this with shell code automatically
|
||||
# generated by other debhelper scripts.
|
||||
|
||||
#DEBHELPER#
|
||||
|
||||
exit 0
|
||||
|
||||
# vim: set ts=4 sw=4 sts=4 et :
|
54
debian/prerm
vendored
Executable file
54
debian/prerm
vendored
Executable file
@ -0,0 +1,54 @@
|
||||
#!/bin/bash
|
||||
# prerm script for core-agent-linux
|
||||
#
|
||||
# see: dh_installdeb(1)
|
||||
|
||||
set -x
|
||||
|
||||
# The prerm script may be called in the following ways:
|
||||
# * <prerm> 'remove'
|
||||
# * <old-prerm> 'upgrade' <new-version>
|
||||
# * <conflictor's-prerm> 'remove' 'in-favour' <package> <new-version>
|
||||
# * <deconfigured's-prerm> 'deconfigure' 'in-favour' <package-being-installed>
|
||||
# <version> [removing conflicting-package version]
|
||||
#
|
||||
# The package whose prerm is being called will be at least "Half-Installed".
|
||||
# All package dependencies will at least be "Half-Installed" and will have
|
||||
# previously been configured and not removed. If there was no error, all
|
||||
# dependencies will at least be "Unpacked", but these actions may be called in
|
||||
# various error states where dependencies are only "Half-Installed" due to a
|
||||
# partial upgrade.
|
||||
#
|
||||
# * <new-prerm> 'failed-upgrade' <old-version>
|
||||
#
|
||||
# Called during error handling when prerm upgrade fails. The new package
|
||||
# will not yet be unpacked, and all the same constraints as for preinst
|
||||
# upgrade apply.
|
||||
#
|
||||
# For details, see http://www.debian.org/doc/debian-policy/ or
|
||||
# https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html or
|
||||
# the debian-policy package
|
||||
|
||||
if [ "$1" = "remove" ] ; then
|
||||
# no more packages left
|
||||
if [ -e /var/lib/qubes/fstab.orig ] ; then
|
||||
mv /var/lib/qubes/fstab.orig /etc/fstab
|
||||
fi
|
||||
|
||||
if [ -d /var/lib/qubes/removed-udev-scripts ] ; then
|
||||
mv /var/lib/qubes/removed-udev-scripts/* /etc/udev/rules.d/
|
||||
fi
|
||||
|
||||
if [ -e /var/lib/qubes/serial.orig ] ; then
|
||||
mv /var/lib/qubes/serial.orig /etc/init/serial.conf
|
||||
fi
|
||||
fi
|
||||
|
||||
# dh_installdeb will replace this with shell code automatically
|
||||
# generated by other debhelper scripts.
|
||||
|
||||
#DEBHELPER#
|
||||
|
||||
exit 0
|
||||
|
||||
# vim: set ts=4 sw=4 sts=4 et :
|
Loading…
Reference in New Issue
Block a user