From d61c7a4e2195fd6b0461ef437bca828459ae8f9b Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Fri, 10 Aug 2012 11:06:58 +0200
Subject: [PATCH 1/4] vm: ignore additional actions in *.desktop files (#631)

---
 qubes_rpc/qubes.GetAppmenus | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/qubes_rpc/qubes.GetAppmenus b/qubes_rpc/qubes.GetAppmenus
index cada68c..5902782 100644
--- a/qubes_rpc/qubes.GetAppmenus
+++ b/qubes_rpc/qubes.GetAppmenus
@@ -1,2 +1,2 @@
 shopt -s nullglob
-/bin/grep -H = /usr/share/applications/*.desktop /usr/local/share/applications/*.desktop 2> /dev/null
+awk '/^\[/ { if (tolower($0) != "\[desktop entry\]") nextfile } /=/ {print FILENAME ":" $0 }' /usr/share/applications/*.desktop /usr/local/share/applications/*.desktop 2> /dev/null

From 220c84cc6142523e4b81da7533a290f9ab92a610 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Fri, 10 Aug 2012 11:06:58 +0200
Subject: [PATCH 2/4] vm: ignore additional actions in *.desktop files (#631)

---
 qubes_rpc/qubes.GetAppmenus | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/qubes_rpc/qubes.GetAppmenus b/qubes_rpc/qubes.GetAppmenus
index cada68c..5902782 100644
--- a/qubes_rpc/qubes.GetAppmenus
+++ b/qubes_rpc/qubes.GetAppmenus
@@ -1,2 +1,2 @@
 shopt -s nullglob
-/bin/grep -H = /usr/share/applications/*.desktop /usr/local/share/applications/*.desktop 2> /dev/null
+awk '/^\[/ { if (tolower($0) != "\[desktop entry\]") nextfile } /=/ {print FILENAME ":" $0 }' /usr/share/applications/*.desktop /usr/local/share/applications/*.desktop 2> /dev/null

From d1ffa58be318075efdc115663a6442d2713b1f2f Mon Sep 17 00:00:00 2001
From: Joanna Rutkowska <joanna@invisiblethingslab.com>
Date: Fri, 10 Aug 2012 14:45:19 +0200
Subject: [PATCH 3/4] version 1.7.43

---
 version_vm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/version_vm b/version_vm
index 2d29ee1..4651b88 100644
--- a/version_vm
+++ b/version_vm
@@ -1 +1 @@
-1.7.42
+1.7.43

From 0ea16ef21b768e4484716e7195021ae09277d5bb Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Sat, 18 Aug 2012 21:17:07 +0200
Subject: [PATCH 4/4] dom0+vm/qfile-copy: use setuid instead of policy setting
 to allow chroot

This will allow to not hardcode "root" username in policy, which can be useful
for non-Linux systems.
---
 qubes_rpc/qubes.Filecopy.policy | 2 +-
 rpm_spec/core-vm.spec           | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/qubes_rpc/qubes.Filecopy.policy b/qubes_rpc/qubes.Filecopy.policy
index 0a0d735..e0bef3e 100644
--- a/qubes_rpc/qubes.Filecopy.policy
+++ b/qubes_rpc/qubes.Filecopy.policy
@@ -3,4 +3,4 @@
 
 ## Please use a single # to start your custom comments
 
-$anyvm	$anyvm	ask,user=root
+$anyvm	$anyvm	ask
diff --git a/rpm_spec/core-vm.spec b/rpm_spec/core-vm.spec
index f9ba774..6c84ae0 100644
--- a/rpm_spec/core-vm.spec
+++ b/rpm_spec/core-vm.spec
@@ -398,7 +398,7 @@ rm -rf $RPM_BUILD_ROOT
 /usr/lib/qubes/meminfo-writer
 /usr/lib/qubes/network-manager-prepare-conf-dir
 /usr/lib/qubes/qfile-agent
-/usr/lib/qubes/qfile-unpacker
+%attr(4755,root,root) /usr/lib/qubes/qfile-unpacker
 /usr/lib/qubes/qopen-in-vm
 /usr/lib/qubes/qrexec_agent
 /usr/lib/qubes/qrexec_client_vm