Merge remote-tracking branch 'origin/pr/37'

* origin/pr/37: archlinux: readd lines removed by error during merge archlinux: readd notification-daemon as a dependency archlinux: force running scripts with python2 even when /usr/bin/env is used archlinux: update packaging and install script to use systemd DROPINs
2015-10-24 20:47:43 +02:00 · 2015-10-24 20:47:43 +02:00 · 116e337323
commit 116e337323
parent 97a3793345 2d4b86c020
2 changed files with 87 additions and 168 deletions
--- a/archlinux/PKGBUILD
+++ b/archlinux/PKGBUILD
@ -6,15 +6,15 @@
 # Maintainer: Olivier Medoc <o_medoc@yahoo.fr>
 pkgname=qubes-vm-core
 pkgver=`cat version`
-pkgrel=3
+pkgrel=5
 epoch=
 pkgdesc="The Qubes core files for installation inside a Qubes VM."
 arch=("x86_64")
 url="http://qubes-os.org/"
 license=('GPL')
 groups=()
-depends=(ethtool ntp net-tools qubes-vm-utils gnome-packagekit imagemagick fakeroot notification-daemon pygtk zenity qubes-libvchan qubes-db-vm haveged python2-gobject)
-makedepends=(qubes-vm-utils qubes-libvchan-xen)
+depends=(python2-xdg ethtool ntp net-tools qubes-vm-utils gnome-packagekit imagemagick fakeroot notification-daemon dconf pygtk zenity qubes-libvchan qubes-db-vm haveged python2-gobject python2-dbus xdg-utils notification-daemon)
+makedepends=(qubes-vm-utils qubes-libvchan qubes-db-vm qubes-vm-xen libx11)
 checkdepends=()
 optdepends=(gnome-keyring gnome-settings-daemon networkmanager iptables tinyproxy python2-nautilus gpk-update-viewer)
 provides=()
@ -33,7 +33,7 @@ md5sums=('88f4b3d5b156888a9d38f5bc28702ab8') #generate with 'makepkg -g'

 build() {

-for source in qubes-rpc qrexec misc Makefile vm-init.d vm-systemd network ; do
+for source in autostart-dropins qubes-rpc qrexec misc Makefile vm-init.d vm-systemd network ; do
  (ln -s $srcdir/../$source $srcdir/$source)
 done

@ -48,9 +48,12 @@ sed 's:/sbin/ethtool:ethtool:g' -i network/*
 sed 's:/sbin/ip:ip:g' -i network/*
 sed 's:/bin/grep:grep:g' -i network/*

-# Fix for running with python2
+# Force running all scripts with python2
 sed 's:#!/usr/bin/python:#!/usr/bin/python2:' -i misc/*
+sed 's:#!/usr/bin/env python:#!/usr/bin/env python2:' -i misc/*
 sed 's:#!/usr/bin/python:#!/usr/bin/python2:' -i qubes-rpc/*
+sed 's:#!/usr/bin/env python:#!/usr/bin/env python2:' -i qubes-rpc/*
+

 # Fix for archlinux sbindir
 sed 's:/usr/sbin/ntpdate:/usr/bin/ntpdate:g' -i qubes-rpc/sync-ntp-clock
@ -68,12 +71,7 @@ package() {

  (cd qrexec; make install DESTDIR=$pkgdir SBINDIR=/usr/bin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib)

-  make install-vm DESTDIR=$pkgdir SBINDIR=/usr/bin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib DIST=archlinux
-
-  # Change the place for iptable rules to match archlinux standard
-  mkdir -p $pkgdir/etc/iptables
-  mv $pkgdir/usr/lib/qubes/init/iptables $pkgdir/etc/iptables/iptables.rules
-  mv $pkgdir/usr/lib/qubes/init/ip6tables $pkgdir/etc/iptables/ip6tables.rules
+  make install-vm DESTDIR=$pkgdir SBINDIR=/usr/bin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib DROPIN_DIR=usr/lib/systemd/system DIST=archlinux

  # Remove things non wanted in archlinux
  rm -r $pkgdir/etc/yum*
--- a/archlinux/PKGBUILD.install
+++ b/archlinux/PKGBUILD.install
@ -1,63 +1,4 @@

-###################
-## Install Hooks ##
-###################
-
-configure_initscripts() {
-
-	if [ -e /etc/init/serial.conf ]; then
-		cp /usr/share/qubes/serial.conf /etc/init/serial.conf
-	fi
-
-}
-
-
-
-configure_iptables() {
-
-	if ! grep -q IPTABLES_DATA /etc/sysconfig/iptables-config; then
-	    cat <<EOF >>/etc/sysconfig/iptables-config
-
-	### Automatically added by Qubes:
-	# Override default rules location on Qubes
-	IPTABLES_DATA=/etc/sysconfig/iptables.qubes
-EOF
-	fi
-
-	if ! grep -q IP6TABLES_DATA /etc/sysconfig/ip6tables-config; then
-	    cat <<EOF >>/etc/sysconfig/ip6tables-config
-
-	### Automatically added by Qubes:
-	# Override default rules location on Qubes
-	IP6TABLES_DATA=/etc/sysconfig/ip6tables.qubes
-EOF
-	fi
-
-}
-
-configure_notification-daemon() {
-	# Enable autostart of notification-daemon when installed
-	ln -s /usr/share/applications/notification-daemon.desktop /etc/xdg/autostart/
-}
-
-configure_selinux() {
-
-	# SELinux is not enabled on archlinux
-	#echo "--> Disabling SELinux..."
-	sed -e s/^SELINUX=.*$/SELINUX=disabled/ </etc/selinux/config >/etc/selinux/config.processed
-	mv /etc/selinux/config.processed /etc/selinux/config
-	setenforce 0 2>/dev/null
-
-}
-
-configure_networkmanager() {
-	# Disable D-BUS activation of NetworkManager - in AppVm it causes problems (eg PackageKit timeouts)
-	systemctl mask dbus-org.freedesktop.NetworkManager.service 2> /dev/null
-
-	# Fix for https://bugzilla.redhat.com/show_bug.cgi?id=974811
-	systemctl enable NetworkManager-dispatcher.service 2> /dev/null
-}
-
 ###########################
 ## Pre-Install functions ##
 ###########################
@ -109,55 +50,32 @@ pre_upgrade() {

 }

+###################
+## Install Hooks ##
+###################
+
+
+configure_notification-daemon() {
+    # Enable autostart of notification-daemon when installed
+    if [ ! -e /etc/xdg/autostart/notification-daemon.desktop ]; then
+        ln -s /usr/share/applications/notification-daemon.desktop /etc/xdg/autostart/
+    fi
+}
+
+configure_selinux() {
+
+	# SELinux is not enabled on archlinux
+	#echo "--> Disabling SELinux..."
+	echo "SELINUX not enabled on archlinux. skipped."
+	# sed -e s/^SELINUX=.*$/SELINUX=disabled/ -i /etc/selinux/config
+	# setenforce 0 2>/dev/null
+
+}
+
 ############################
 ## Post-Install functions ##
 ############################

-remove_ShowIn () {
-	if [ -e /etc/xdg/autostart/$1.desktop ]; then
-		sed -i '/^\(Not\|Only\)ShowIn/d' /etc/xdg/autostart/$1.desktop
-	fi
-}
-
-update_xdgstart () {
-
-	# reenable if disabled by some earlier version of package
-	remove_ShowIn abrt-applet.desktop imsettings-start.desktop
-
-	# don't want it at all
-	for F in deja-dup-monitor krb5-auth-dialog pulseaudio restorecond sealertauto gnome-power-manager gnome-sound-applet gnome-screensaver orca-autostart; do
-		if [ -e /etc/xdg/autostart/$F.desktop ]; then
-			remove_ShowIn $F
-			echo 'NotShowIn=QUBES;' >> /etc/xdg/autostart/$F.desktop
-		fi
-	done
-
-	# don't want it in DisposableVM
-	for F in gcm-apply ; do
-		if [ -e /etc/xdg/autostart/$F.desktop ]; then
-			remove_ShowIn $F
-			echo 'NotShowIn=DisposableVM;' >> /etc/xdg/autostart/$F.desktop
-		fi
-	done
-
-	# want it in AppVM only
-	for F in gnome-keyring-gpg gnome-keyring-pkcs11 gnome-keyring-secrets gnome-keyring-ssh gnome-settings-daemon user-dirs-update-gtk gsettings-data-convert ; do
-		if [ -e /etc/xdg/autostart/$F.desktop ]; then
-			remove_ShowIn $F
-			echo 'OnlyShowIn=GNOME;AppVM;' >> /etc/xdg/autostart/$F.desktop
-		fi
-	done
-
-	# remove existing rule to add own later
-	for F in gpk-update-icon nm-applet ; do
-		remove_ShowIn $F
-	done
-
-	echo 'OnlyShowIn=GNOME;UpdateableVM;' >> /etc/xdg/autostart/gpk-update-icon.desktop || :
-	echo 'OnlyShowIn=GNOME;QUBES;' >> /etc/xdg/autostart/nm-applet.desktop || :
-
-}
-
 update_qubesconfig() {

 	# Remove ip_forward setting from sysctl, so NM will not reset it
@ -193,15 +111,6 @@ EOF
 	    fi
 	fi

-	# Make sure that /etc/sysconfig/ip(|6)tables exists. Otherwise iptales.service
-	# would not start (even when configured to use another configuration file.
-	if [ ! -e '/etc/sysconfig/iptables' ]; then
-	  ln -s iptables.qubes /etc/sysconfig/iptables
-	fi
-	if [ ! -e '/etc/sysconfig/ip6tables' ]; then
-	  ln -s ip6tables.qubes /etc/sysconfig/ip6tables
-	fi
-
 	# ensure that hostname resolves to 127.0.0.1 resp. ::1 and that /etc/hosts is
 	# in the form expected by qubes-sysinit.sh
 	if ! grep -rq "^/etc/hostname$" "${PROTECTED_FILE_LIST}" 2>/dev/null; then
@ -231,7 +140,54 @@ EOF

 }

-update_systemd_finalize() {
+configure_systemd() {
+
+PRESET_FAILED=0
+
+if [ $1 -eq 1 ]; then
+    systemctl --no-reload preset-all > /dev/null 2>&1 && PRESET_FAILED=0 || PRESET_FAILED=1
+else
+    services="qubes-dvm qubes-misc-post qubes-firewall qubes-mount-dirs"
+    services="$services qubes-netwatcher qubes-network qubes-sysinit"
+    services="$services qubes-iptables qubes-updates-proxy qubes-qrexec-agent"
+    services="$services qubes-random-seed"
+    for srv in $services; do
+        systemctl --no-reload preset $srv.service
+    done
+    systemctl --no-reload preset qubes-update-check.timer
+    # Upgrade path - now qubes-iptables is used instead
+    systemctl --no-reload preset iptables.service
+    systemctl --no-reload preset ip6tables.service
+fi
+
+# Set default "runlevel"
+rm -f /etc/systemd/system/default.target
+ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
+
+grep '^[[:space:]]*[^#;]' /lib/systemd/system-preset/75-qubes-vm.preset | while read action unit_name; do
+    case "$action" in
+    (disable)
+        if [ -f /lib/systemd/system/$unit_name ]; then
+            if ! fgrep -q '[Install]' /lib/systemd/system/$unit_name; then
+                # forcibly disable
+                ln -sf /dev/null /etc/systemd/system/$unit_name
+            fi
+        fi
+        ;;
+    *)
+        # preset-all is not available in fc20; so preset each unit file listed in 75-qubes-vm.preset
+        if [ $1 -eq 1 -a "${PRESET_FAILED}" -eq 1 ]; then
+            systemctl --no-reload preset "${unit_name}" > /dev/null 2>&1 || true
+        fi
+        ;;
+    esac
+done
+
+systemctl daemon-reload
+
+}
+
+update_finalize() {

 	# Archlinux specific: Update pam.d configuration for su to enable systemd-login wrapper
 	if [ -z "`cat /etc/pam.d/su | grep system-login`" ] ; then
@ -242,38 +198,16 @@ update_systemd_finalize() {
 		cp /etc/pam.d/su /etc/pam.d/su-l
 	fi

-	# Set default "runlevel"
-	rm -f /etc/systemd/system/default.target
-	ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
-
-	grep '^[[:space:]]*[^#;]' /lib/systemd/system-preset/75-qubes-vm.preset | while read action unit_name; do
-	    case "$action" in
-	    (disable)
-	        if [ -f /lib/systemd/system/$unit_name.service ]; then
-	            if ! fgrep -q '[Install]' /lib/systemd/system/$unit_name; then
-	                # forcibly disable
-	                ln -sf /dev/null /etc/systemd/system/$unit_name
-	            fi
-	        fi
-	        ;;
-	    esac
-	done
-
 	# Archlinux specific: ensure tty1 is enabled
 	rm -f /etc/systemd/system/getty.target.wants/getty@tty*.service
 	systemctl enable getty\@tty1.service

-
 	systemctl daemon-reload
-
 }

-
 ## arg 1:  the new package version
 post_install() {

-	update_xdgstart
-
 	update_qubesconfig

 	# do the rest of %post thing only when updating for the first time...
@ -305,43 +239,29 @@ post_install() {

 	mkdir -p /rw

-	configure_iptables
 	configure_notification-daemon
 	configure_selinux
-	configure_networkmanager

-	systemctl --no-reload preset-all
+	configure_systemd 0

-	update_systemd_finalize
+	update_finalize

 	glib-compile-schemas /usr/share/glib-2.0/schemas &> /dev/null || :
-
+	
 }

-
-
 ## arg 1:  the new package version
 ## arg 2:  the old package version
 post_upgrade() {

-	update_xdgstart
-
 	update_qubesconfig

-	configure_iptables
 	configure_notification-daemon
 	configure_selinux
-	configure_networkmanager

-	services="qubes-dvm qubes-misc-post qubes-firewall qubes-mount-dirs"
-	services="$services qubes-netwatcher qubes-network qubes-sysinit"
-	services="$services qubes-updates-proxy qubes-qrexec-agent"
-	for srv in $services; do
-		systemctl --no-reload preset $srv.service
-	done
-	systemctl --no-reload preset qubes-update-check.timer
+	configure_systemd 1

-	update_systemd_finalize
+	update_finalize

 	/usr/bin/glib-compile-schemas /usr/share/glib-2.0/schemas &> /dev/null || :

@ -374,9 +294,10 @@ post_remove() {
      rm /lib/firmware/updates
    fi

+    rm -rf /var/lib/qubes/xdg
+
    for srv in qubes-dvm qubes-sysinit qubes-misc-post qubes-mount-dirs qubes-netwatcher qubes-network qubes-qrexec-agent; do
        systemctl disable $srv.service
    done
-
+    
 }
-