Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Implement qubes.PostInstall service

Browse Source 
This is meant to notify dom0 about features supported by just-installed
template. This service is called by dom0 just after template
installation.

Fixes QubesOS/qubes-issues#1637
Documentation pending: QubesOS/qubes-issues#2829
This commit is contained in:
Marek Marczykowski-Górecki 2017-05-26 05:19:21 +02:00
parent b49ae50ad5
commit 8694931665
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724
9 changed files with 63 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Makefile
View File

@ -271,11 +271,15 @@ install-common:
install -m 0755 qubes-rpc/qubes.ResizeDisk $(DESTDIR)/etc/qubes-rpc install -m 0755 qubes-rpc/qubes.ResizeDisk $(DESTDIR)/etc/qubes-rpc
install -m 0755 qubes-rpc/qubes.StartApp $(DESTDIR)/etc/qubes-rpc install -m 0755 qubes-rpc/qubes.StartApp $(DESTDIR)/etc/qubes-rpc
install -m 0755 qubes-rpc/qubes.UpdatesProxy $(DESTDIR)/etc/qubes-rpc install -m 0755 qubes-rpc/qubes.UpdatesProxy $(DESTDIR)/etc/qubes-rpc
install -m 0755 qubes-rpc/qubes.PostInstall $(DESTDIR)/etc/qubes-rpc
install -d $(DESTDIR)/etc/qubes/suspend-pre.d install -d $(DESTDIR)/etc/qubes/suspend-pre.d
install -m 0644 qubes-rpc/suspend-pre.README $(DESTDIR)/etc/qubes/suspend-pre.d/README install -m 0644 qubes-rpc/suspend-pre.README $(DESTDIR)/etc/qubes/suspend-pre.d/README
install -d $(DESTDIR)/etc/qubes/suspend-post.d install -d $(DESTDIR)/etc/qubes/suspend-post.d
install -m 0644 qubes-rpc/suspend-post.README $(DESTDIR)/etc/qubes/suspend-post.d/README install -m 0644 qubes-rpc/suspend-post.README $(DESTDIR)/etc/qubes/suspend-post.d/README
install -d $(DESTDIR)/etc/qubes/post-install.d
install -m 0644 post-install.d/README $(DESTDIR)/etc/qubes/post-install.d/
install -m 0755 post-install.d/*.sh $(DESTDIR)/etc/qubes/post-install.d/
install -d $(DESTDIR)/usr/share/nautilus-python/extensions install -d $(DESTDIR)/usr/share/nautilus-python/extensions
install -m 0644 qubes-rpc/*_nautilus.py $(DESTDIR)/usr/share/nautilus-python/extensions install -m 0644 qubes-rpc/*_nautilus.py $(DESTDIR)/usr/share/nautilus-python/extensions

1
debian/control vendored
View File

@ -42,6 +42,7 @@ Depends:
util-linux, util-linux,
python2.7, python2.7,
python-daemon, python-daemon,
python-qubesdb,
python-gi, python-gi,
python-xdg, python-xdg,
python-dbus, python-dbus,

3
debian/qubes-core-agent.install vendored
View File

@ -19,6 +19,7 @@ etc/qubes-rpc/qubes.GetImageRGBA
etc/qubes-rpc/qubes.InstallUpdatesGUI etc/qubes-rpc/qubes.InstallUpdatesGUI
etc/qubes-rpc/qubes.OpenInVM etc/qubes-rpc/qubes.OpenInVM
etc/qubes-rpc/qubes.OpenURL etc/qubes-rpc/qubes.OpenURL
etc/qubes-rpc/qubes.PostInstall
etc/qubes-rpc/qubes.ResizeDisk etc/qubes-rpc/qubes.ResizeDisk
etc/qubes-rpc/qubes.Restore etc/qubes-rpc/qubes.Restore
etc/qubes-rpc/qubes.SelectDirectory etc/qubes-rpc/qubes.SelectDirectory
@ -37,6 +38,8 @@ etc/qubes-suspend-module-blacklist
etc/qubes/autostart/* etc/qubes/autostart/*
etc/qubes/ip6tables.rules etc/qubes/ip6tables.rules
etc/qubes/iptables.rules etc/qubes/iptables.rules
etc/qubes/post-install.d/README
etc/qubes/post-install.d/*.sh
etc/qubes/suspend-post.d/README etc/qubes/suspend-post.d/README
etc/qubes/suspend-pre.d/README etc/qubes/suspend-pre.d/README
etc/sudoers.d/qt_x11_no_mitshm etc/sudoers.d/qt_x11_no_mitshm

3
post-install.d/10-qubes-core-agent-appmenus.sh Executable file
View File

@ -0,0 +1,3 @@
#!/bin/sh
/usr/lib/qubes/qubes-trigger-sync-appmenus.sh

9
post-install.d/10-qubes-core-agent-features.sh Executable file
View File

@ -0,0 +1,9 @@
#!/bin/sh
# announce features supported by this template
qvm-features-request qrexec=1
if [ -x /usr/bin/qubes-gui ]; then
qvm-features-request gui=1
fi

6
post-install.d/90-qubes-core-agent.sh Executable file
View File

@ -0,0 +1,6 @@
#!/bin/sh
# Actually send requested features to dom0. Then dom0 will evaluate them and
# adjust appropriate settings (or ignore).
qvm-features-request --commit

3
post-install.d/README Normal file
View File

@ -0,0 +1,3 @@
All executable files with `.sh` suffix in this directory will be executed as
root just after template installation. Template VM may not have access to the
network at this time yet.

28
qubes-rpc/qubes.PostInstall Executable file
View File

@ -0,0 +1,28 @@
#!/bin/sh
#
# The Qubes OS Project, http://www.qubes-os.org
#
# Copyright (C) 2017 Marek Marczykowski-Górecki
# <marmarek@invisiblethingslab.com>
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
#
for script in /etc/qubes/post-install.d/*.sh; do
if [ -x "$script" ]; then
"$script"
fi
done

6
rpm_spec/core-vm.spec
View File

@ -140,6 +140,8 @@ Requires: dbus-python
# for qubes-session-autostart, xdg-icon # for qubes-session-autostart, xdg-icon
Requires: pyxdg Requires: pyxdg
Requires: python-daemon Requires: python-daemon
# for qvm-feature-request
Requires: python2-qubesdb
Requires: nftables Requires: nftables
Requires: ImageMagick Requires: ImageMagick
Requires: librsvg2-tools Requires: librsvg2-tools
@ -442,6 +444,7 @@ rm -f %{name}-%{version}
%config(noreplace) /etc/qubes-rpc/qubes.ResizeDisk %config(noreplace) /etc/qubes-rpc/qubes.ResizeDisk
%config(noreplace) /etc/qubes-rpc/qubes.StartApp %config(noreplace) /etc/qubes-rpc/qubes.StartApp
%config(noreplace) /etc/qubes-rpc/qubes.UpdatesProxy %config(noreplace) /etc/qubes-rpc/qubes.UpdatesProxy
%config(noreplace) /etc/qubes-rpc/qubes.PostInstall
%dir /etc/qubes/autostart %dir /etc/qubes/autostart
/etc/qubes/autostart/README.txt /etc/qubes/autostart/README.txt
%config /etc/qubes/autostart/*.desktop.d/30_qubes.conf %config /etc/qubes/autostart/*.desktop.d/30_qubes.conf
@ -449,6 +452,9 @@ rm -f %{name}-%{version}
/etc/qubes/suspend-pre.d/README /etc/qubes/suspend-pre.d/README
%dir /etc/qubes/suspend-post.d %dir /etc/qubes/suspend-post.d
/etc/qubes/suspend-post.d/README /etc/qubes/suspend-post.d/README
%dir /etc/qubes/post-install.d
/etc/qubes/post-install.d/README
/etc/qubes/post-install.d/*.sh
%config(noreplace) /etc/sudoers.d/qubes %config(noreplace) /etc/sudoers.d/qubes
%config(noreplace) /etc/sudoers.d/qt_x11_no_mitshm %config(noreplace) /etc/sudoers.d/qt_x11_no_mitshm
%config(noreplace) /etc/sysctl.d/20_tcp_timestamps.conf %config(noreplace) /etc/sysctl.d/20_tcp_timestamps.conf