Merge remote-tracking branch 'qubesos/pr/67'
* qubesos/pr/67: archlinux fix .service added twice in networking install script Makefile: install-netvm shouldn't be a dependency of itself. archlinux: add recently splitted packages as optional dependencies of qubes-vm-core archlinux: fix incorrect keyring being populated Makefile: remove invalid reference to network dropins install target archlinux: fix shellcheck issues archlinux: create a keyring package to install binary repository automatically Makefile: add network install targets to install-deb Makefile: fix typo created when spliting the install targets Makefile: add basic networking to the new install-corevm target archlinux: split core-agent from netvm-agent Makefile: ensure that everything is installed by default for rh based agents Makefile: split network install target from core agent install target
This commit is contained in:
Marek Marczykowski-Górecki
commit
aab5a28fbe
121
Makefile
121
Makefile
@ -57,14 +57,16 @@ USER_DROPIN_DIR ?= "usr/lib/systemd/user"
|
||||
|
||||
SYSTEM_DROPINS := chronyd.service crond.service
|
||||
SYSTEM_DROPINS += cups.service cups-browsed.service cups.path cups.socket ModemManager.service
|
||||
SYSTEM_DROPINS += NetworkManager.service NetworkManager-wait-online.service getty@tty.service
|
||||
SYSTEM_DROPINS += tinyproxy.service
|
||||
SYSTEM_DROPINS += getty@tty.service
|
||||
SYSTEM_DROPINS += tmp.mount
|
||||
SYSTEM_DROPINS += org.cups.cupsd.service org.cups.cupsd.path org.cups.cupsd.socket
|
||||
SYSTEM_DROPINS += systemd-random-seed.service
|
||||
SYSTEM_DROPINS += tor.service tor@default.service
|
||||
SYSTEM_DROPINS += systemd-timesyncd.service
|
||||
|
||||
SYSTEM_DROPINS_NETWORKING := NetworkManager.service NetworkManager-wait-online.service
|
||||
SYSTEM_DROPINS_NETWORKING += tinyproxy.service
|
||||
|
||||
USER_DROPINS := pulseaudio.service pulseaudio.socket
|
||||
|
||||
# Ubuntu Dropins
|
||||
@ -107,6 +109,13 @@ install-systemd-dropins:
|
||||
install -m 0644 vm-systemd/user/$${dropin}.d/*.conf $(DESTDIR)/$(USER_DROPIN_DIR)/$${dropin}.d/ ;\
|
||||
done
|
||||
|
||||
install-systemd-networking-dropins:
|
||||
# Install system dropins
|
||||
@for dropin in $(SYSTEM_DROPINS_NETWORKING); do \
|
||||
install -d $(DESTDIR)/$(SYSTEM_DROPIN_DIR)/$${dropin}.d ;\
|
||||
install -m 0644 vm-systemd/$${dropin}.d/*.conf $(DESTDIR)/$(SYSTEM_DROPIN_DIR)/$${dropin}.d/ ;\
|
||||
done
|
||||
|
||||
install-init:
|
||||
install -d $(DESTDIR)$(LIBDIR)/qubes/init
|
||||
# FIXME: do a source code move vm-systemd/*.sh to init/
|
||||
@ -114,16 +123,17 @@ install-init:
|
||||
install -m 0755 init/*.sh vm-systemd/*.sh $(DESTDIR)$(LIBDIR)/qubes/init/
|
||||
install -m 0644 init/functions $(DESTDIR)$(LIBDIR)/qubes/init/
|
||||
|
||||
# Systemd service files
|
||||
SYSTEMD_ALL_SERVICES := $(wildcard vm-systemd/qubes-*.service)
|
||||
SYSTEMD_NETWORK_SERVICES := vm-systemd/qubes-firewall.service vm-systemd/qubes-iptables.service vm-systemd/qubes-updates-proxy.service
|
||||
SYSTEMD_CORE_SERVICES := $(filter-out $(SYSTEMD_NETWORK_SERVICES), $(SYSTEMD_ALL_SERVICES))
|
||||
|
||||
install-systemd: install-init
|
||||
install -d $(DESTDIR)$(SYSLIBDIR)/systemd/system{,-preset} $(DESTDIR)$(LIBDIR)/qubes/init $(DESTDIR)$(SYSLIBDIR)/modules-load.d
|
||||
install -m 0644 vm-systemd/qubes-*.service $(DESTDIR)$(SYSLIBDIR)/systemd/system/
|
||||
install -m 0644 $(SYSTEMD_CORE_SERVICES) $(DESTDIR)$(SYSLIBDIR)/systemd/system/
|
||||
install -m 0644 vm-systemd/qubes-*.timer $(DESTDIR)$(SYSLIBDIR)/systemd/system/
|
||||
install -m 0644 vm-systemd/qubes-*.socket $(DESTDIR)$(SYSLIBDIR)/systemd/system/
|
||||
install -m 0644 vm-systemd/75-qubes-vm.preset $(DESTDIR)$(SYSLIBDIR)/systemd/system-preset/
|
||||
install -m 0644 vm-systemd/qubes-core.conf $(DESTDIR)$(SYSLIBDIR)/modules-load.d/
|
||||
install -m 0755 network/qubes-iptables $(DESTDIR)$(LIBDIR)/qubes/init/
|
||||
install -D -m 0644 vm-systemd/qubes-core-agent-linux.tmpfiles \
|
||||
$(DESTDIR)/usr/lib/tmpfiles.d/qubes-core-agent-linux.conf
|
||||
|
||||
install-sysvinit: install-init
|
||||
install -d $(DESTDIR)/etc/init.d
|
||||
@ -175,11 +185,6 @@ install-common: install-doc
|
||||
PATH="/usr/bin:$(PATH)" $(PYTHON) setup.py install $(PYTHON_PREFIX_ARG) -O1 --root $(DESTDIR)
|
||||
mkdir -p $(DESTDIR)$(SBINDIR)
|
||||
|
||||
ifneq ($(SBINDIR),/usr/bin)
|
||||
mv $(DESTDIR)/usr/bin/qubes-firewall $(DESTDIR)$(SBINDIR)/qubes-firewall
|
||||
endif
|
||||
|
||||
|
||||
install -d -m 0750 $(DESTDIR)/etc/sudoers.d/
|
||||
install -D -m 0440 misc/qubes.sudoers $(DESTDIR)/etc/sudoers.d/qubes
|
||||
install -D -m 0440 misc/sudoers.d_qt_x11_no_mitshm $(DESTDIR)/etc/sudoers.d/qt_x11_no_mitshm
|
||||
@ -214,26 +219,6 @@ endif
|
||||
install misc/upgrades-status-notify $(DESTDIR)$(LIBDIR)/qubes/upgrades-status-notify
|
||||
|
||||
install -m 0644 network/udev-qubes-network.rules $(DESTDIR)/etc/udev/rules.d/99-qubes-network.rules
|
||||
install network/qubes-setup-dnat-to-ns $(DESTDIR)$(LIBDIR)/qubes
|
||||
install network/qubes-fix-nm-conf.sh $(DESTDIR)$(LIBDIR)/qubes
|
||||
install network/setup-ip $(DESTDIR)$(LIBDIR)/qubes/
|
||||
install network/network-manager-prepare-conf-dir $(DESTDIR)$(LIBDIR)/qubes/
|
||||
install -d $(DESTDIR)/etc/dhclient.d
|
||||
ln -s /usr/lib/qubes/qubes-setup-dnat-to-ns $(DESTDIR)/etc/dhclient.d/qubes-setup-dnat-to-ns.sh
|
||||
install -d $(DESTDIR)/etc/NetworkManager/dispatcher.d/
|
||||
install network/{qubes-nmhook,30-qubes-external-ip} $(DESTDIR)/etc/NetworkManager/dispatcher.d/
|
||||
install -d $(DESTDIR)/usr/lib/NetworkManager/conf.d
|
||||
install -m 0644 network/nm-30-qubes.conf $(DESTDIR)/usr/lib/NetworkManager/conf.d/30-qubes.conf
|
||||
install -D network/vif-route-qubes $(DESTDIR)/etc/xen/scripts/vif-route-qubes
|
||||
install -D network/vif-qubes-nat.sh $(DESTDIR)/etc/xen/scripts/vif-qubes-nat.sh
|
||||
install -m 0644 -D network/tinyproxy-updates.conf $(DESTDIR)/etc/tinyproxy/tinyproxy-updates.conf
|
||||
install -m 0644 -D network/updates-blacklist $(DESTDIR)/etc/tinyproxy/updates-blacklist
|
||||
install -m 0755 -D network/iptables-updates-proxy $(DESTDIR)$(LIBDIR)/qubes/iptables-updates-proxy
|
||||
install -d $(DESTDIR)/etc/xdg/autostart
|
||||
install -m 0755 network/show-hide-nm-applet.sh $(DESTDIR)$(LIBDIR)/qubes/show-hide-nm-applet.sh
|
||||
install -m 0644 network/show-hide-nm-applet.desktop $(DESTDIR)/etc/xdg/autostart/00-qubes-show-hide-nm-applet.desktop
|
||||
install -m 0400 -D network/iptables $(DESTDIR)/etc/qubes/iptables.rules
|
||||
install -m 0400 -D network/ip6tables $(DESTDIR)/etc/qubes/ip6tables.rules
|
||||
install -m 0755 network/update-proxy-configs $(DESTDIR)$(LIBDIR)/qubes/
|
||||
|
||||
install -d $(DESTDIR)$(BINDIR)
|
||||
@ -276,7 +261,6 @@ endif
|
||||
install -m 0755 qubes-rpc/qubes.InstallUpdatesGUI $(DESTDIR)/etc/qubes-rpc
|
||||
install -m 0755 qubes-rpc/qubes.ResizeDisk $(DESTDIR)/etc/qubes-rpc
|
||||
install -m 0755 qubes-rpc/qubes.StartApp $(DESTDIR)/etc/qubes-rpc
|
||||
install -m 0755 qubes-rpc/qubes.UpdatesProxy $(DESTDIR)/etc/qubes-rpc
|
||||
install -m 0755 qubes-rpc/qubes.PostInstall $(DESTDIR)/etc/qubes-rpc
|
||||
install -m 0755 qubes-rpc/qubes.GetDate $(DESTDIR)/etc/qubes-rpc
|
||||
|
||||
@ -320,7 +304,70 @@ endif
|
||||
install -d $(DESTDIR)/var/run/qubes
|
||||
install -d $(DESTDIR)/rw
|
||||
|
||||
install-deb: install-common install-systemd install-systemd-dropins
|
||||
# Networking install target includes:
|
||||
# * basic network functionality (setting IP address, DNS, default gateway)
|
||||
# * package update proxy client
|
||||
install-networking:
|
||||
install -d $(DESTDIR)$(SYSLIBDIR)/systemd/system
|
||||
install -m 0644 vm-systemd/qubes-*.socket $(DESTDIR)$(SYSLIBDIR)/systemd/system/
|
||||
|
||||
install -d $(DESTDIR)$(LIBDIR)/qubes/
|
||||
install network/setup-ip $(DESTDIR)$(LIBDIR)/qubes/
|
||||
|
||||
# Netvm install target includes:
|
||||
# * qubes-firewall service (FirewallVM)
|
||||
# * DNS redirection setup
|
||||
# * proxy service used by TemplateVMs to download updates
|
||||
install-netvm:
|
||||
install -D -m 0644 $(SYSTEMD_NETWORK_SERVICES) $(DESTDIR)$(SYSLIBDIR)/systemd/system/
|
||||
|
||||
install -D -m 0755 network/qubes-iptables $(DESTDIR)$(LIBDIR)/qubes/init/qubes-iptables
|
||||
|
||||
install -D -m 0644 vm-systemd/qubes-core-agent-linux.tmpfiles \
|
||||
$(DESTDIR)/usr/lib/tmpfiles.d/qubes-core-agent-linux.conf
|
||||
|
||||
mkdir -p $(DESTDIR)$(SBINDIR)
|
||||
|
||||
ifneq ($(SBINDIR),/usr/bin)
|
||||
mv $(DESTDIR)/usr/bin/qubes-firewall $(DESTDIR)$(SBINDIR)/qubes-firewall
|
||||
endif
|
||||
|
||||
install -D network/qubes-setup-dnat-to-ns $(DESTDIR)$(LIBDIR)/qubes/qubes-setup-dnat-to-ns
|
||||
|
||||
install -d $(DESTDIR)/etc/dhclient.d
|
||||
ln -s /usr/lib/qubes/qubes-setup-dnat-to-ns $(DESTDIR)/etc/dhclient.d/qubes-setup-dnat-to-ns.sh
|
||||
|
||||
install -D network/vif-route-qubes $(DESTDIR)/etc/xen/scripts/vif-route-qubes
|
||||
install -D network/vif-qubes-nat.sh $(DESTDIR)/etc/xen/scripts/vif-qubes-nat.sh
|
||||
install -m 0644 -D network/tinyproxy-updates.conf $(DESTDIR)/etc/tinyproxy/tinyproxy-updates.conf
|
||||
install -m 0644 -D network/updates-blacklist $(DESTDIR)/etc/tinyproxy/updates-blacklist
|
||||
install -m 0755 -D network/iptables-updates-proxy $(DESTDIR)$(LIBDIR)/qubes/iptables-updates-proxy
|
||||
|
||||
install -m 0400 -D network/iptables $(DESTDIR)/etc/qubes/iptables.rules
|
||||
install -m 0400 -D network/ip6tables $(DESTDIR)/etc/qubes/ip6tables.rules
|
||||
|
||||
install -m 0755 -D qubes-rpc/qubes.UpdatesProxy $(DESTDIR)/etc/qubes-rpc/qubes.UpdatesProxy
|
||||
|
||||
# networkmanager install target allow integration of NetworkManager for Qubes VM:
|
||||
# * make connections config persistent
|
||||
# * adjust DNS redirections when needed
|
||||
# * show/hide NetworkManager applet icon
|
||||
install-networkmanager:
|
||||
install -d $(DESTDIR)$(LIBDIR)/qubes/
|
||||
install network/qubes-fix-nm-conf.sh $(DESTDIR)$(LIBDIR)/qubes/
|
||||
install network/network-manager-prepare-conf-dir $(DESTDIR)$(LIBDIR)/qubes/
|
||||
|
||||
install -d $(DESTDIR)/etc/NetworkManager/dispatcher.d/
|
||||
install network/{qubes-nmhook,30-qubes-external-ip} $(DESTDIR)/etc/NetworkManager/dispatcher.d/
|
||||
|
||||
install -d $(DESTDIR)/usr/lib/NetworkManager/conf.d
|
||||
install -m 0644 network/nm-30-qubes.conf $(DESTDIR)/usr/lib/NetworkManager/conf.d/30-qubes.conf
|
||||
|
||||
install -d $(DESTDIR)/etc/xdg/autostart
|
||||
install -m 0755 network/show-hide-nm-applet.sh $(DESTDIR)$(LIBDIR)/qubes/
|
||||
install -m 0644 network/show-hide-nm-applet.desktop $(DESTDIR)/etc/xdg/autostart/00-qubes-show-hide-nm-applet.desktop
|
||||
|
||||
install-deb: install-common install-systemd install-systemd-dropins install-systemd-networking-dropins install-networking install-networkmanager install-netvm
|
||||
mkdir -p $(DESTDIR)/etc/apt/sources.list.d
|
||||
sed -e "s/@DIST@/`lsb_release -cs`/" misc/qubes-r4.list.in > $(DESTDIR)/etc/apt/sources.list.d/qubes-r4.list
|
||||
install -D -m 644 misc/qubes-archive-keyring.gpg $(DESTDIR)/etc/apt/trusted.gpg.d/qubes-archive-keyring.gpg
|
||||
@ -339,4 +386,8 @@ install-deb: install-common install-systemd install-systemd-dropins
|
||||
mkdir -p $(DESTDIR)/etc/systemd/system/
|
||||
install -m 0644 vm-systemd/haveged.service $(DESTDIR)/etc/systemd/system/
|
||||
|
||||
install-vm: install-rh install-common
|
||||
install-corevm: install-rh install-common install-systemd install-sysvinit install-systemd-dropins install-networking
|
||||
|
||||
install-netvm: install-systemd-networking-dropins install-networkmanager
|
||||
|
||||
install-vm: install-corevm install-netvm
|
||||
|
||||
@ -1,25 +1,22 @@
|
||||
#!/bin/bash
|
||||
# Maintainer: Olivier Medoc <o_medoc@yahoo.fr>
|
||||
# shellcheck disable=SC2034
|
||||
pkgname=qubes-vm-core
|
||||
pkgname=(qubes-vm-core qubes-vm-networking qubes-vm-keyring)
|
||||
pkgver=$(cat version)
|
||||
pkgrel=13
|
||||
pkgrel=14
|
||||
epoch=
|
||||
pkgdesc="The Qubes core files for installation inside a Qubes VM."
|
||||
arch=("x86_64")
|
||||
url="http://qubes-os.org/"
|
||||
license=('GPL')
|
||||
groups=()
|
||||
depends=("qubes-vm-utils>=3.1.3" python2 python2-xdg ethtool ntp net-tools gnome-packagekit imagemagick fakeroot notification-daemon dconf zenity qubes-libvchan "qubes-db-vm>=3.2.1" haveged python2-gobject python2-dbus xdg-utils notification-daemon gawk sed procps-ng librsvg)
|
||||
makedepends=(gcc make pkg-config "qubes-vm-utils>=3.1.3" qubes-libvchan qubes-db-vm qubes-vm-xen libx11 python2 python3 lsb-release pandoc)
|
||||
checkdepends=()
|
||||
optdepends=(gnome-keyring gnome-settings-daemon networkmanager iptables tinyproxy python2-nautilus gpk-update-viewer)
|
||||
provides=()
|
||||
conflicts=()
|
||||
replaces=()
|
||||
backup=()
|
||||
options=()
|
||||
install=PKGBUILD.install
|
||||
changelog=
|
||||
|
||||
source=(
|
||||
@ -27,6 +24,9 @@ source=(
|
||||
PKGBUILD-qubes-pacman-options.conf
|
||||
PKGBUILD-qubes-repo-3.2.conf
|
||||
PKGBUILD-qubes-repo-4.0.conf
|
||||
PKGBUILD-keyring-keys
|
||||
PKGBUILD-keyring-trusted
|
||||
PKGBUILD-keyring-revoked
|
||||
)
|
||||
|
||||
noextract=()
|
||||
@ -60,15 +60,31 @@ build() {
|
||||
done
|
||||
}
|
||||
|
||||
package() {
|
||||
#This package provides:
|
||||
# * qrexec agent
|
||||
# * qubes rpc scripts
|
||||
# * core linux tools and scripts
|
||||
# * core systemd services and drop-ins
|
||||
# * basic network functionality (setting IP address, DNS, default gateway)
|
||||
package_qubes-vm-core() {
|
||||
depends=("qubes-vm-utils>=3.1.3" python2 python2-xdg ethtool ntp net-tools
|
||||
gnome-packagekit imagemagick fakeroot notification-daemon dconf
|
||||
zenity qubes-libvchan "qubes-db-vm>=3.2.1" haveged python2-gobject
|
||||
python2-dbus xdg-utils notification-daemon gawk sed procps-ng librsvg
|
||||
socat
|
||||
)
|
||||
optdepends=(gnome-keyring gnome-settings-daemon python2-nautilus gpk-update-viewer qubes-vm-networking qubes-vm-keyring)
|
||||
install=PKGBUILD.install
|
||||
|
||||
# Note: Archlinux removed use of directory such as /sbin /bin /usr/sbin (https://mailman.archlinux.org/pipermail/arch-dev-public/2012-March/022625.html)
|
||||
# shellcheck disable=SC2154
|
||||
make -C qrexec install DESTDIR="$pkgdir" SBINDIR=/usr/bin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib
|
||||
|
||||
PYTHON=python2 make install-vm DESTDIR="$pkgdir" SBINDIR=/usr/bin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib SYSTEM_DROPIN_DIR=/usr/lib/systemd/system USER_DROPIN_DIR=/usr/lib/systemd/user DIST=archlinux
|
||||
PYTHON=python2 make install-corevm DESTDIR="$pkgdir" SBINDIR=/usr/bin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib SYSTEM_DROPIN_DIR=/usr/lib/systemd/system USER_DROPIN_DIR=/usr/lib/systemd/user DIST=archlinux
|
||||
|
||||
# Remove things non wanted in archlinux
|
||||
rm -r "$pkgdir/etc/yum"*
|
||||
rm -r "$pkgdir/etc/dnf"*
|
||||
rm -r "$pkgdir/etc/init.d"
|
||||
# Remove fedora specific scripts
|
||||
rm "$pkgdir/etc/fstab"
|
||||
@ -101,4 +117,37 @@ EOF
|
||||
rm -r "$pkgdir/var/run"
|
||||
}
|
||||
|
||||
#This package provides:
|
||||
# * proxy service used by TemplateVMs to download updates
|
||||
# * qubes-firewall service (FirewallVM)
|
||||
#
|
||||
#Integration of NetworkManager for Qubes VM:
|
||||
# * make connections config persistent
|
||||
# * adjust DNS redirections when needed
|
||||
# * show/hide NetworkManager applet icon
|
||||
#
|
||||
package_qubes-vm-networking() {
|
||||
pkgdesc="Qubes OS tools allowing to use a Qubes VM as a NetVM/ProxyVM"
|
||||
depends=(qubes-vm-core "qubes-vm-utils>=3.1.3" python2 ethtool net-tools
|
||||
"qubes-db-vm>=3.2.1" networkmanager iptables tinyproxy nftables
|
||||
)
|
||||
install=PKGBUILD-networking.install
|
||||
|
||||
# shellcheck disable=SC2154
|
||||
PYTHON=python2 make install-netvm DESTDIR="$pkgdir" SBINDIR=/usr/bin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib SYSTEM_DROPIN_DIR=/usr/lib/systemd/system USER_DROPIN_DIR=/usr/lib/systemd/user DIST=archlinux
|
||||
|
||||
}
|
||||
|
||||
package_qubes-vm-keyring() {
|
||||
pkgdesc="Qubes OS Binary Repository Activation package and Keyring"
|
||||
install=PKGBUILD-keyring.install
|
||||
|
||||
# Install keyring (will be activated through the .install file)
|
||||
install -dm755 "${pkgdir}/usr/share/pacman/keyrings/"
|
||||
install -m0644 PKGBUILD-keyring-keys "${pkgdir}/usr/share/pacman/keyrings/qubesos-vm.gpg"
|
||||
install -m0644 PKGBUILD-keyring-trusted "${pkgdir}/usr/share/pacman/keyrings/qubesos-vm-trusted"
|
||||
install -m0644 PKGBUILD-keyring-revoked "${pkgdir}/usr/share/pacman/keyrings/qubesos-vm-revoked"
|
||||
|
||||
}
|
||||
|
||||
# vim:set ts=2 sw=2 et:
|
||||
|
||||
30
archlinux/PKGBUILD-keyring-keys
Normal file
30
archlinux/PKGBUILD-keyring-keys
Normal file
@ -0,0 +1,30 @@
|
||||
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||
|
||||
mQENBFM0TnYBCADNyamUtA9e0/oUu4AeAgt1JYDtq3zCQSX7pHpY1zkGtulppSOe
|
||||
gkCgW2db+FlKeUNHQ+JX0uv8Ny0SjQBZO0yNxDLfPuqJzM/VjUIdLTJS0FEpxzT1
|
||||
Oiz0WRdcbeHtQ8SmEfmRStaB9PTNZ97FogFFONvQ6r/ICNldqfe+Qq72D/p6FqNM
|
||||
mW16dZokQEOgJpOb/L7dHNrta1ye8CurrEbXIt7B+4NnUpvzFmnQ+OxsC3AUbvI5
|
||||
PbaQyu8ivhoofnpgj66PojlFYMaL8mUaScL2VM5Ljx72zVA5+MUmk8O02O2X8Rdc
|
||||
+5boRi2h7oyCASBYK3x+WayaDTNWx3o8+sSdABEBAAG0N09saXZpZXIgTUVET0Mg
|
||||
KFF1YmVzLU9TIHNpZ25pbmcga2V5KSA8b19tZWRvY0B5YWhvby5mcj6JAT4EEwEC
|
||||
ACgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheABQJW+jhsBQkHiFDrAAoJECBD
|
||||
56zBgzucHCwH/RLCCM1PJ50jEMJg7ZBrwkv5cvKePD1iGhPFOZ1gBtMTYfl7zJO7
|
||||
gOuOgQ+TKjfIFM/ijQBFMRmByrQ0ZkGNIqY7JB3shZ5EsCeb7cgyw7hEyj4S3O6e
|
||||
K+CVVy4CBAyXILVr/En8xU41K1qQpEiHkvqk0E05sEkYcN4Ggvw5JUNWpZO7fl6I
|
||||
tLvTBf5aPqiLqWN08fjdmVJ/5l+LCdMyJxUdsQV0pkzcv9l8ouB/0ig8HikoC+dW
|
||||
HuWbk9uj1CU0c4C8tTbOszjKAbEZ5msZ2NUxPM1vqKaac8IbWkSJBqlYFcb3PSMk
|
||||
LmFtXN/0hAcf8KbziODQgKcyuEBi3b5d6wy5AQ0EUzROdgEIAOG22xrDqJkCrEx8
|
||||
QFnZYSwxV2lI9fDyCT/kaHPa/5YOV/Xa01RLM27UPbV/UKkKN+M6+mFj26e+E25p
|
||||
2R/e1Wk9HDrbu7NDXozGcKDlTIAmQ4yjNVb/G1850/SO1vuPDfNzMD81F18XzYCa
|
||||
eyUV88HjXTbJSeJAbjWNvTkoMK4wY6PlHfyT0G0i4svfL/mZCGM8KagNouGHuG8s
|
||||
5JKwlC1BZnmfDuB4exP7cSNEDWwnBn98rx13DMLkGJu1xGnLqdGJw6WpP4a1IG7A
|
||||
9NDE2VetAS/ElMbMqfyuqiAxhtnuGdxstDaU7gW4VMTjAOMtO9LLY20EipsSBUrg
|
||||
7U1ync0AEQEAAYkBJQQYAQIADwIbDAUCVvo4nQUJB4hRJAAKCRAgQ+eswYM7nLWy
|
||||
CAC6enhJbXKGchqgfh+CeKsvWg97JG8yjW4W/9RL9Vto8ppgNzIKbA7AKgqOiy5l
|
||||
TToLaxK+Z1JE72lsWUnALmz1Oa7M7M9J1ptfD8TMj1/D3cj2Lnrg7qTaEEL5Nw+t
|
||||
FRNXeUjsuWt+iW7eYiGtI+eSWBokH945Ig32vf88n0t3F8whDRzv5fy1yF35aMRS
|
||||
HS5gDJv5t2BnPtehMhr5EOHbUH3UFevA79Hf4bUlOOo7eTTmSPMDcWFUA9MMKoE5
|
||||
pkHwoimXiNJy3e8TZ4uSTBH8XcXA/5mYSXbWKBX4Y5JznOBTtkjGsbL7dua3zDbF
|
||||
BGNH5RhiY1/bJ+m4zxU8bDWq
|
||||
=ofdo
|
||||
-----END PGP PUBLIC KEY BLOCK-----
|
||||
0
archlinux/PKGBUILD-keyring-revoked
Normal file
0
archlinux/PKGBUILD-keyring-revoked
Normal file
1
archlinux/PKGBUILD-keyring-trusted
Normal file
1
archlinux/PKGBUILD-keyring-trusted
Normal file
@ -0,0 +1 @@
|
||||
D85EE12F967851CCF433515A2043E7ACC1833B9C:4:
|
||||
18
archlinux/PKGBUILD-keyring.install
Normal file
18
archlinux/PKGBUILD-keyring.install
Normal file
@ -0,0 +1,18 @@
|
||||
post_upgrade() {
|
||||
if usr/bin/pacman-key -l >/dev/null 2>&1; then
|
||||
usr/bin/pacman-key --populate qubesos-vm
|
||||
fi
|
||||
release=$(echo "$1" | cut -d '.' -f 1,2)
|
||||
|
||||
if ! [ -h /etc/pacman.d/99-qubes-repository-${release}.conf ] ; then
|
||||
ln -s /etc/pacman.d/99-qubes-repository-${release}.conf.disabled /etc/pacman.d/99-qubes-repository-${release}.conf
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
post_install() {
|
||||
if [ -x usr/bin/pacman-key ]; then
|
||||
post_upgrade "$1"
|
||||
fi
|
||||
}
|
||||
|
||||
41
archlinux/PKGBUILD-networking.install
Normal file
41
archlinux/PKGBUILD-networking.install
Normal file
@ -0,0 +1,41 @@
|
||||
#!/bin/bash
|
||||
|
||||
## arg 1: the new package version
|
||||
post_install() {
|
||||
# Create NetworkManager configuration if we do not have it
|
||||
if ! [ -e /etc/NetworkManager/NetworkManager.conf ]; then
|
||||
echo '[main]' > /etc/NetworkManager/NetworkManager.conf
|
||||
echo 'plugins = keyfile' >> /etc/NetworkManager/NetworkManager.conf
|
||||
echo '[keyfile]' >> /etc/NetworkManager/NetworkManager.conf
|
||||
fi
|
||||
|
||||
# Remove ip_forward setting from sysctl, so NM will not reset it
|
||||
# Archlinux now use sysctl.d/ instead of sysctl.conf
|
||||
#sed 's/^net.ipv4.ip_forward.*/#\0/' -i /etc/sysctl.conf
|
||||
|
||||
/usr/lib/qubes/qubes-fix-nm-conf.sh
|
||||
|
||||
# Yum proxy configuration is fedora specific
|
||||
#if ! grep -q '/etc/yum\.conf\.d/qubes-proxy\.conf' /etc/yum.conf; then
|
||||
# echo >> /etc/yum.conf
|
||||
# echo '# Yum does not support inclusion of config dir...' >> /etc/yum.conf
|
||||
# echo 'include=file:///etc/yum.conf.d/qubes-proxy.conf' >> /etc/yum.conf
|
||||
#fi
|
||||
|
||||
for srv in qubes-firewall.service qubes-iptables.service qubes-network.service qubes-updates-proxy.service ; do
|
||||
systemctl enable $srv
|
||||
done
|
||||
}
|
||||
|
||||
## arg 1: the new package version
|
||||
## arg 2: the old package version
|
||||
post_upgrade() {
|
||||
post_install
|
||||
}
|
||||
|
||||
## arg 1: the old package version
|
||||
post_remove() {
|
||||
for srv in qubes-firewall.service qubes-iptables.service qubes-network.service qubes-updates-proxy.service ; do
|
||||
systemctl disable $srv
|
||||
done
|
||||
}
|
||||
@ -74,29 +74,11 @@ configure_selinux() {
|
||||
############################
|
||||
|
||||
update_qubesconfig() {
|
||||
# Create NetworkManager configuration if we do not have it
|
||||
if ! [ -e /etc/NetworkManager/NetworkManager.conf ]; then
|
||||
echo '[main]' > /etc/NetworkManager/NetworkManager.conf
|
||||
echo 'plugins = keyfile' >> /etc/NetworkManager/NetworkManager.conf
|
||||
echo '[keyfile]' >> /etc/NetworkManager/NetworkManager.conf
|
||||
fi
|
||||
/usr/lib/qubes/qubes-fix-nm-conf.sh
|
||||
|
||||
# Remove ip_forward setting from sysctl, so NM will not reset it
|
||||
# Archlinux now use sysctl.d/ instead of sysctl.conf
|
||||
#sed 's/^net.ipv4.ip_forward.*/#\0/' -i /etc/sysctl.conf
|
||||
|
||||
# Remove old firmware updates link
|
||||
if [ -L /lib/firmware/updates ]; then
|
||||
rm -f /lib/firmware/updates
|
||||
fi
|
||||
|
||||
# Yum proxy configuration is fedora specific
|
||||
#if ! grep -q '/etc/yum\.conf\.d/qubes-proxy\.conf' /etc/yum.conf; then
|
||||
# echo >> /etc/yum.conf
|
||||
# echo '# Yum does not support inclusion of config dir...' >> /etc/yum.conf
|
||||
# echo 'include=file:///etc/yum.conf.d/qubes-proxy.conf' >> /etc/yum.conf
|
||||
#fi
|
||||
#/usr/lib/qubes/update-proxy-configs
|
||||
# Archlinux pacman configuration is handled in update_finalize
|
||||
|
||||
@ -438,7 +420,7 @@ post_remove() {
|
||||
|
||||
rm -rf /var/lib/qubes/xdg
|
||||
|
||||
for srv in qubes-sysinit qubes-misc-post qubes-mount-dirs qubes-network qubes-qrexec-agent; do
|
||||
for srv in qubes-sysinit qubes-misc-post qubes-mount-dirs qubes-qrexec-agent; do
|
||||
systemctl disable $srv.service
|
||||
done
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user