9 năm trước cách đây · 377e0b4cd4
--- a/Makefile
+++ b/Makefile
@@ -46,10 +46,11 @@ all:
 
				 	make -C qubes-rpc
			
 
				 
			
 
				 install-systemd:
			
 
				-	install -d $(DESTDIR)$(SYSLIBDIR)/systemd/system $(DESTDIR)$(LIBDIR)/qubes/init $(DESTDIR)$(SYSLIBDIR)/modules-load.d
			
 
				+	install -d $(DESTDIR)$(SYSLIBDIR)/systemd/system{,-preset} $(DESTDIR)$(LIBDIR)/qubes/init $(DESTDIR)$(SYSLIBDIR)/modules-load.d
			
 
				 	install -m 0755 vm-systemd/*.sh $(DESTDIR)$(LIBDIR)/qubes/init/
			
 
				 	install -m 0644 vm-systemd/qubes-*.service $(DESTDIR)$(SYSLIBDIR)/systemd/system/
			
 
				 	install -m 0644 vm-systemd/qubes-*.timer $(DESTDIR)$(SYSLIBDIR)/systemd/system/
			
 
				+	install -m 0644 vm-systemd/75-qubes-vm.preset $(DESTDIR)$(SYSLIBDIR)/systemd/system-preset/
			
 
				 	install -m 0644 vm-systemd/ModemManager.service $(DESTDIR)$(LIBDIR)/qubes/init/
			
 
				 	install -m 0644 vm-systemd/NetworkManager.service $(DESTDIR)$(LIBDIR)/qubes/init/
			
 
				 	install -m 0644 vm-systemd/NetworkManager-wait-online.service $(DESTDIR)$(LIBDIR)/qubes/init/
			
--- a/rpm_spec/core-vm.spec
+++ b/rpm_spec/core-vm.spec
@@ -547,6 +547,7 @@ The Qubes core startup configuration for SystemD init.
 
				 /lib/systemd/system/qubes-update-check.timer
			
 
				 /lib/systemd/system/qubes-updates-proxy.service
			
 
				 /lib/systemd/system/qubes-qrexec-agent.service
			
 
				+/lib/systemd/system-preset/75-qubes-vm.preset
			
 
				 /lib/modules-load.d/qubes-core.conf
			
 
				 /lib/modules-load.d/qubes-misc.conf
			
 
				 %dir /usr/lib/qubes/init
			
@@ -583,21 +584,19 @@ done
 
				 rm -f /etc/systemd/system/default.target
			
 
				 ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
			
 
				 
			
 
				-DISABLE_SERVICES="alsa-store alsa-restore auditd avahi avahi-daemon backuppc cpuspeed"
			
 
				-DISABLE_SERVICES="$DISABLE_SERVICES fedora-autorelabel fedora-autorelabel-mark ipmi hwclock-load hwclock-save"
			
 
				-DISABLE_SERVICES="$DISABLE_SERVICES mdmonitor multipathd openct rpcbind mcelog fedora-storage-init fedora-storage-init-late"
			
 
				-DISABLE_SERVICES="$DISABLE_SERVICES plymouth-start plymouth-read-write plymouth-quit plymouth-quit-wait"
			
 
				-DISABLE_SERVICES="$DISABLE_SERVICES sshd tcsd sm-client sendmail mdmonitor-takeover"
			
 
				-DISABLE_SERVICES="$DISABLE_SERVICES rngd smartd upower irqbalance colord"
			
 
				-for srv in $DISABLE_SERVICES; do
			
 
				-    if [ -f /lib/systemd/system/$srv.service ]; then
			
 
				-        if fgrep -q '[Install]' /lib/systemd/system/$srv.service; then
			
 
				-            /bin/systemctl --no-reload disable $srv.service 2> /dev/null
			
 
				-        else
			
 
				-            # forcibly disable
			
 
				-            ln -sf /dev/null /etc/systemd/system/$srv.service
			
 
				+grep '^[[:space:]]*[^#;]' /lib/systemd/system-preset/75-qubes-vm.preset | while read action unit_name; do
			
 
				+    case "$action" in
			
 
				+    (disable)
			
 
				+        if [ -f /lib/systemd/system/$unit_name.service ]; then
			
 
				+            if fgrep -q '[Install]' /lib/systemd/system/$unit_name; then
			
 
				+                /bin/systemctl --no-reload preset $unit_name 2> /dev/null
			
 
				+            else
			
 
				+                # forcibly disable
			
 
				+                ln -sf /dev/null /etc/systemd/system/$unit_name
			
 
				+            fi
			
 
				         fi
			
 
				-    fi
			
 
				+        ;;
			
 
				+    esac
			
 
				 done
			
 
				 
			
 
				 rm -f /etc/systemd/system/getty.target.wants/getty@tty*.service
			
--- a/vm-systemd/75-qubes-vm.preset
+++ b/vm-systemd/75-qubes-vm.preset
@@ -0,0 +1,51 @@
 
				+# Units that should not run by default in Qubes VMs.
			
 
				+#
			
 
				+# This file is part of the qubes-core-vm-systemd package.  To ensure that the
			
 
				+# default configuration is applied to all units in the list regardless of
			
 
				+# package installation order, including units added to the list by
			
 
				+# qubes-core-vm-systemd upgrades, all units in the list are preset by a
			
 
				+# scriptlet every time qubes-core-vm-systemd is installed or upgraded.  That
			
 
				+# means that to permanently enable a unit with an [Install] section, you must
			
 
				+# create your own higher-priority preset file.  (It might be possible to be
			
 
				+# smarter and keep a list of units previously preset, but this is not
			
 
				+# implemented.)
			
 
				+#
			
 
				+# For units below with no [Install] section, the scriptlet masks them instead.
			
 
				+# Qubes currently does not provide a way to permanently prevent such units from
			
 
				+# being masked.
			
 
				+#
			
 
				+# https://groups.google.com/d/topic/qubes-users/dpM_GHfmEOk/discussion
			
 
				+
			
 
				+disable alsa-store.service
			
 
				+disable alsa-restore.service
			
 
				+disable auditd.service
			
 
				+disable avahi.service
			
 
				+disable avahi-daemon.service
			
 
				+disable backuppc.service
			
 
				+disable cpuspeed.service
			
 
				+disable fedora-autorelabel.service
			
 
				+disable fedora-autorelabel-mark.service
			
 
				+disable ipmi.service
			
 
				+disable hwclock-load.service
			
 
				+disable hwclock-save.service
			
 
				+disable mdmonitor.service
			
 
				+disable multipathd.service
			
 
				+disable openct.service
			
 
				+disable rpcbind.service
			
 
				+disable mcelog.service
			
 
				+disable fedora-storage-init.service
			
 
				+disable fedora-storage-init-late.service
			
 
				+disable plymouth-start.service
			
 
				+disable plymouth-read-write.service
			
 
				+disable plymouth-quit.service
			
 
				+disable plymouth-quit-wait.service
			
 
				+disable sshd.service
			
 
				+disable tcsd.service
			
 
				+disable sm-client.service
			
 
				+disable sendmail.service
			
 
				+disable mdmonitor-takeover.service
			
 
				+disable rngd.service
			
 
				+disable smartd.service
			
 
				+disable upower.service
			
 
				+disable irqbalance.service
			
 
				+disable colord.service