diff --git a/archlinux/PKGBUILD b/archlinux/PKGBUILD index 36eff5d..bbfa3c1 100644 --- a/archlinux/PKGBUILD +++ b/archlinux/PKGBUILD @@ -6,7 +6,7 @@ # Maintainer: Olivier Medoc pkgname=qubes-vm-core pkgver=`cat version` -pkgrel=7 +pkgrel=8 epoch= pkgdesc="The Qubes core files for installation inside a Qubes VM." arch=("x86_64") @@ -25,10 +25,14 @@ options=() install=PKGBUILD.install changelog= -source=(PKGBUILD.qubes-ensure-lib-modules.service PKGBUILD.qubes-update-desktop-icons.hook) +source=( PKGBUILD.qubes-ensure-lib-modules.service PKGBUILD.qubes-update-desktop-icons.hook + PKGBUILD-qubes-noupgrade.conf + ) noextract=() -md5sums=('88f4b3d5b156888a9d38f5bc28702ab8' 'bbfb946d6d2787e5abf8e2236502a3d4') +md5sums=( '88f4b3d5b156888a9d38f5bc28702ab8' 'bbfb946d6d2787e5abf8e2236502a3d4' + 'c1c1b86eed48cc0f943f21b9a1df8b8e' + ) build() { @@ -82,6 +86,10 @@ package() { mkdir -p ${pkgdir}/usr/share/libalpm/hooks/ install -m 644 $srcdir/PKGBUILD.qubes-update-desktop-icons.hook ${pkgdir}/usr/share/libalpm/hooks/qubes-update-desktop-icons.hook + # Install pacman.d drop-ins (at least 1 drop-in must be installed or pacman will fail) + mkdir -p ${pkgdir}/etc/pacman.d + install -m 644 $srcdir/PKGBUILD-qubes-noupgrade.conf ${pkgdir}/etc/pacman.d/qubes-noupgrade.conf + # Archlinux specific: enable autologin on tty1 mkdir -p $pkgdir/etc/systemd/system/getty@tty1.service.d/ cat < $pkgdir/etc/systemd/system/getty@tty1.service.d/autologin.conf diff --git a/archlinux/PKGBUILD-qubes-noupgrade.conf b/archlinux/PKGBUILD-qubes-noupgrade.conf new file mode 100644 index 0000000..0b4ff7d --- /dev/null +++ b/archlinux/PKGBUILD-qubes-noupgrade.conf @@ -0,0 +1,2 @@ +NoUpgrade = etc/pam.d/su +NoUpgrade = etc/pam.d/su-l \ No newline at end of file diff --git a/archlinux/PKGBUILD.install b/archlinux/PKGBUILD.install index a8177c3..4af2b3f 100644 --- a/archlinux/PKGBUILD.install +++ b/archlinux/PKGBUILD.install @@ -202,68 +202,47 @@ config_prependtomark() { FILE=$1 APPENDBEFORELINE=$2 APPENDLINE=$3 -grep -q "$APPENDLINE" "$FILE" || sed "/$APPENDBEFORELINE/i$APPENDLINE" -i "$FILE" +grep -F -q "$APPENDLINE" "$FILE" || sed "/$APPENDBEFORELINE/i$APPENDLINE" -i "$FILE" } config_appendtomark() { FILE=$1 APPENDAFTERLINE=$2 APPENDLINE=$3 -grep -q "$APPENDLINE" "$FILE" || sed "/$APPENDAFTERLINE/a$APPENDLINE" -i "$FILE" +grep -F -q "$APPENDLINE" "$FILE" || sed "/$APPENDAFTERLINE/a$APPENDLINE" -i "$FILE" } config_cleanupmark() { FILE="$1" BEGINMARK="$2" ENDMARK="$3" -if grep -q "$BEGINMARK" "$FILE"; then - if grep -q "$ENDMARK" "$FILE"; then +if grep -F -q "$BEGINMARK" "$FILE"; then + if grep -F -q "$ENDMARK" "$FILE"; then cp "$FILE" "$FILE.qubes-update-orig" - sed -i -e "/^$BEGINMARK\$/,/^$ENDMARK\$/{ - /^$ENDMARK\$/b + sed -i -e "/^$BEGINMARK$/,/^$ENDMARK$/{ + /^$ENDMARK$/b /^$BEGINMARK$/!d }" "$FILE" rm -f "$FILE.qubes-update-orig" else echo "ERROR: found $BEGINMARK marker but not $ENDMARK in $FILE. Please cleanup this file manually." fi -elif grep -q "$ENDMARK" "$FILE"; then +elif grep -F -q "$ENDMARK" "$FILE"; then echo "ERROR: found $ENDMARK marker but not $BEGINMARK in $FILE. Please cleanup this file manually." fi } update_finalize() { - # Archlinux specific: Prepare pacman.conf to add qubes specific config + # Archlinux specific: Cleanup pre pacman.d qubes marker QUBES_MARKER="### QUBES CONFIG MARKER ###" - config_prependtomark "/etc/pacman.conf" "# REPOSITORIES" "$QUBES_MARKER" + if grep -F -q "$QUBES_MARKER" /etc/pacman.conf; then + config_prependtomark "/etc/pacman.conf" "# REPOSITORIES" "### QUBES CONFIG END MARKER ###" + config_cleanupmark "/etc/pacman.conf" "$QUBES_MARKER" "### QUBES CONFIG END MARKER ###" + fi - # Ensure pam.d will not be modified by archlinux package updates - config_appendtomark '/etc/pacman.conf' "$QUBES_MARKER" 'NoUpgrade = etc/pam.d/su' - config_appendtomark '/etc/pacman.conf' "$QUBES_MARKER" 'NoUpgrade = etc/pam.d/su-l' - - # Add Qubes setup script markers at the right place (this won't work at the end of pacman.conf)" - config_appendtomark "/etc/pacman.conf" "$QUBES_MARKER" "### QUBES END ###" - config_appendtomark "/etc/pacman.conf" "$QUBES_MARKER" "### QUBES BEGIN ###" - - - ## Archlinux specific: Cleanup pre pacman.d qubes marker - ## Commented out until pacman.d snipped are supported - #QUBES_MARKER="### QUBES CONFIG MARKER ###" - #if grep -q "$QUBES_MARKER" /etc/pacman.conf; then - # if ! grep -q "### QUBES CONFIG END MARKER ###" /etc/pacman.conf; then - # # Perform cleanup before continuing - # config_prependtomark "/etc/pacman.conf" "# REPOSITORIES" "### QUBES CONFIG END MARKER ###" - # config_cleanupmark "/etc/pacman.conf" "$QUBES_MARKER" "### QUBES CONFIG END MARKER ###" - # fi - #fi - #config_prependtomark "/etc/pacman.conf" "# REPOSITORIES" "$QUBES_MARKER" - #config_prependtomark "/etc/pacman.conf" "# REPOSITORIES" "### QUBES CONFIG END MARKER ###" - # - ## Add qubes includes - #config_appendtomark "/etc/pacman.conf" "$QUBES_MARKER" "Include /etc/pacman.d/qubes-noupdate.conf" - #config_appendtomark "/etc/pacman.conf" "$QUBES_MARKER" "Include /etc/pacman.d/qubes-updateproxy.conf" - #config_prependtomark "/etc/pacman.conf" "### QUBES CONFIG END MARKER ###" "Include /etc/pacman.d/qubes-repositories.conf" + # Include /etc/pacman.d drop-in directory + config_appendtomark "/etc/pacman.conf" "$QUBES_MARKER" "Include = /etc/pacman.d/*.conf" # Archlinux specific: Update pam.d configuration for su to enable systemd-login wrapper # Also remove pam_unix.so from su configuration