From fbf4c93730ae8e07f5b974c68ddedf6724e0d815 Mon Sep 17 00:00:00 2001 From: Rusty Bird Date: Fri, 1 Jul 2016 16:01:47 +0000 Subject: [PATCH 1/4] dvm, then xendriverdomain, then qrexec-agent Fixes QubesOS/qubes-issues#2126 Fixes QubesOS/qubes-issues#1990 --- vm-systemd/qubes-dvm.service | 1 + vm-systemd/qubes-qrexec-agent.service | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/vm-systemd/qubes-dvm.service b/vm-systemd/qubes-dvm.service index 84a6bdd..294eba3 100644 --- a/vm-systemd/qubes-dvm.service +++ b/vm-systemd/qubes-dvm.service @@ -2,6 +2,7 @@ Description=Prepare Qubes DispVM Template ConditionPathExists=/var/run/qubes-service/qubes-dvm After=systemd-readahead-replay.service +Before=xendriverdomain.service [Service] Type=oneshot diff --git a/vm-systemd/qubes-qrexec-agent.service b/vm-systemd/qubes-qrexec-agent.service index 38d8f71..99a50d0 100644 --- a/vm-systemd/qubes-qrexec-agent.service +++ b/vm-systemd/qubes-qrexec-agent.service @@ -1,6 +1,6 @@ [Unit] Description=Qubes remote exec agent -After=qubes-dvm.service +After=qubes-dvm.service xendriverdomain.service [Service] ExecStartPre=/bin/sh -c '[ -e /dev/xen/evtchn ] || modprobe xen_evtchn' From cb55dfa6aeb24affdb40f5b18ca2f84df1b74ba1 Mon Sep 17 00:00:00 2001 From: Rusty Bird Date: Fri, 1 Jul 2016 16:01:47 +0000 Subject: [PATCH 2/4] *Do* block until good random is available again --- vm-systemd/prepare-dvm.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vm-systemd/prepare-dvm.sh b/vm-systemd/prepare-dvm.sh index 9fdf6f7..92ac6f1 100755 --- a/vm-systemd/prepare-dvm.sh +++ b/vm-systemd/prepare-dvm.sh @@ -22,6 +22,6 @@ if true; then echo "Waiting for save/restore..." qubesdb-read /qubes-restore-complete || wait $watch_pid echo Back to life. - systemctl --no-block restart qubes-random-seed.service + systemctl restart qubes-random-seed.service fi From ae1a334a1dd1f5ca263d6036c9af1e16619482ed Mon Sep 17 00:00:00 2001 From: Rusty Bird Date: Fri, 1 Jul 2016 16:01:48 +0000 Subject: [PATCH 3/4] Remove 'if true' wrapper from 06a0d30d50ce4ea266532c06ef24880bf5363c1b --- vm-systemd/prepare-dvm.sh | 29 +++++++++++++---------------- 1 file changed, 13 insertions(+), 16 deletions(-) diff --git a/vm-systemd/prepare-dvm.sh b/vm-systemd/prepare-dvm.sh index 92ac6f1..f5ffb85 100755 --- a/vm-systemd/prepare-dvm.sh +++ b/vm-systemd/prepare-dvm.sh @@ -9,19 +9,16 @@ possibly_run_save_script() DISPLAY=:0 su - user -c /tmp/qubes-save-script } -if true; then - echo user | /bin/sh /etc/qubes-rpc/qubes.WaitForSession - possibly_run_save_script - umount /rw - dmesg -c >/dev/null - qubesdb-watch /qubes-restore-complete & - watch_pid=$! - free | grep Mem: | - (read label total used free shared buffers cached; qubesdb-write /qubes-used-mem $(( $used + $cached )) ) - # we're still running in DispVM template - echo "Waiting for save/restore..." - qubesdb-read /qubes-restore-complete || wait $watch_pid - echo Back to life. - systemctl restart qubes-random-seed.service -fi - +echo user | /bin/sh /etc/qubes-rpc/qubes.WaitForSession +possibly_run_save_script +umount /rw +dmesg -c >/dev/null +qubesdb-watch /qubes-restore-complete & +watch_pid=$! +free | grep Mem: | + (read label total used free shared buffers cached; qubesdb-write /qubes-used-mem $(( $used + $cached )) ) +# we're still running in DispVM template +echo "Waiting for save/restore..." +qubesdb-read /qubes-restore-complete || wait $watch_pid +echo Back to life. +systemctl restart qubes-random-seed.service From 0cc4803a9d4d78dd149e4dd0306348d7354d8cb6 Mon Sep 17 00:00:00 2001 From: Rusty Bird Date: Sun, 3 Jul 2016 05:00:29 +0000 Subject: [PATCH 4/4] Enable xendriverdomain.service in 75-qubes-vm.preset --- vm-systemd/75-qubes-vm.preset | 1 + 1 file changed, 1 insertion(+) diff --git a/vm-systemd/75-qubes-vm.preset b/vm-systemd/75-qubes-vm.preset index f2541c8..f46e449 100644 --- a/vm-systemd/75-qubes-vm.preset +++ b/vm-systemd/75-qubes-vm.preset @@ -74,3 +74,4 @@ enable qubes-iptables.service enable qubes-random-seed.service enable haveged.service enable chronyd.service +enable xendriverdomain.service