From ef2a3092ac2c409a84dd7b163458003447e8f4cf Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Mon, 12 Nov 2012 13:44:10 +0100 Subject: [PATCH 01/10] vm/dispvm: use of user-provided DispVM settings (#651) When /rw/home/user/.qubes-dispvm-customized is present use /rw/home/user instead of default /etc/dispvm-dotfiles.tbz. Also make sure that /rw will not remain mounted during DispVM creation. --- misc/dispvm-prerun.sh | 13 +++++++++++-- vm-init.d/qubes_core_appvm | 4 +++- vm-systemd/misc-post.sh | 2 +- vm-systemd/prepare-dvm.sh | 4 +++- 4 files changed, 18 insertions(+), 5 deletions(-) diff --git a/misc/dispvm-prerun.sh b/misc/dispvm-prerun.sh index c0453f2..fc071e7 100755 --- a/misc/dispvm-prerun.sh +++ b/misc/dispvm-prerun.sh @@ -2,7 +2,12 @@ apps="evince /usr/libexec/evinced soffice firefox" -cat /etc/dispvm-dotfiles.tbz | tar -xjf- --overwrite -C /home/user --owner user 2>&1 >/tmp/dispvm-dotfiles-errors.log +#If user have customized DispVM settings, use its home instead of default dotfiles +if [ -e /rw/home/user/.qubes-dispvm-customized ]; then + cp -af /rw/home/user /home/ +else + cat /etc/dispvm-dotfiles.tbz | tar -xjf- --overwrite -C /home/user --owner user 2>&1 >/tmp/dispvm-dotfiles-errors.log +fi for app in $apps ; do echo "Launching: $app..." @@ -22,6 +27,10 @@ done ps ax > /tmp/dispvm-prerun-proclist.log -cat /etc/dispvm-dotfiles.tbz | tar -xjf- --overwrite -C /home/user --owner user 2>&1 >>/tmp/dispvm-dotfiles-errors.log +if [ -e /rw/home/user/.qubes-dispvm-customized ]; then + cp -af /rw/home/user /home/ +else + cat /etc/dispvm-dotfiles.tbz | tar -xjf- --overwrite -C /home/user --owner user 2>&1 >>/tmp/dispvm-dotfiles-errors.log +fi echo done. diff --git a/vm-init.d/qubes_core_appvm b/vm-init.d/qubes_core_appvm index ebd3e01..a0cfe06 100755 --- a/vm-init.d/qubes_core_appvm +++ b/vm-init.d/qubes_core_appvm @@ -46,8 +46,10 @@ start() if xenstore-read qubes_save_request 2>/dev/null ; then ln -sf /home_volatile /home - possibly_run_save_script touch /etc/this_is_dvm + mount /rw + possibly_run_save_script + umount /rw dmesg -c >/dev/null free | grep Mem: | (read a b c d ; xenstore-write device/qubes_used_mem $c) diff --git a/vm-systemd/misc-post.sh b/vm-systemd/misc-post.sh index 7db58d2..df4c8a4 100755 --- a/vm-systemd/misc-post.sh +++ b/vm-systemd/misc-post.sh @@ -12,7 +12,7 @@ fi # xenstore-read fails INTERFACE=eth0 /usr/lib/qubes/setup_ip -if [ -e /dev/xvdb ] ; then +if [ -e /dev/xvdb -a ! -e /etc/this_is_dvm ] ; then mount /rw if ! [ -d /rw/home ] ; then diff --git a/vm-systemd/prepare-dvm.sh b/vm-systemd/prepare-dvm.sh index d0f4570..2229afc 100755 --- a/vm-systemd/prepare-dvm.sh +++ b/vm-systemd/prepare-dvm.sh @@ -14,8 +14,10 @@ possibly_run_save_script() if xenstore-read qubes_save_request 2>/dev/null ; then ln -sf /home_volatile /home - possibly_run_save_script touch /etc/this_is_dvm + mount /rw + possibly_run_save_script + umount /rw dmesg -c >/dev/null free | grep Mem: | (read a b c d ; xenstore-write device/qubes_used_mem $c) From a4d00922b4acce055d0320c3bab81f7915cd49c5 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Mon, 12 Nov 2012 14:08:09 +0100 Subject: [PATCH 02/10] version 2.1.2 --- version_vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version_vm b/version_vm index 3e3c2f1..eca07e4 100644 --- a/version_vm +++ b/version_vm @@ -1 +1 @@ -2.1.1 +2.1.2 From 97aa4ed9cb27be470a0c4f64be583eac4d9692e7 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Tue, 13 Nov 2012 04:28:09 +0100 Subject: [PATCH 03/10] dom0/core: API CHANGE: pass username as keyword param to vm.run() (#577) Get rid of ugly embedding username into commandline. This will make much easier avoid hardcoding username in dom0 code. Currently dom0 is free of hardcoded "user" username ("root" still is used). --- misc/xl-qvm-usb-attach.py | 2 +- misc/xl-qvm-usb-detach.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/misc/xl-qvm-usb-attach.py b/misc/xl-qvm-usb-attach.py index e854229..58ac2a8 100755 --- a/misc/xl-qvm-usb-attach.py +++ b/misc/xl-qvm-usb-attach.py @@ -45,4 +45,4 @@ else: qvm_collection.unlock_db() # launch - qvm_collection.get_vm_by_name(backendvm_name).run("root: %s" % cmd) + qvm_collection.get_vm_by_name(backendvm_name).run(cmd, user="root") diff --git a/misc/xl-qvm-usb-detach.py b/misc/xl-qvm-usb-detach.py index 478d8bb..e32fe47 100755 --- a/misc/xl-qvm-usb-detach.py +++ b/misc/xl-qvm-usb-detach.py @@ -41,7 +41,7 @@ else: qvm_collection.unlock_db() # launch - qvm_collection.get_vm_by_name(backendvm_name).run("root: %s" % cmd) + qvm_collection.get_vm_by_name(backendvm_name).run(cmd, user="root") # FIXME: command injection os.system("xenstore-write /local/domain/%s/backend/vusb/%s/%s/port/%s ''" From 68aaafc9e56bbe586462f6d8abff5dc682fea0b2 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Wed, 14 Nov 2012 01:41:21 +0100 Subject: [PATCH 04/10] makefile: generic rpms-dom0 and rpms-vm targets --- Makefile | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Makefile b/Makefile index 0ae46dd..69da589 100644 --- a/Makefile +++ b/Makefile @@ -6,6 +6,8 @@ VERSION_VM := $(shell cat version_vm) help: @echo "make rpms -- generate binary rpm packages" + @echo "make rpms-vm -- generate binary rpm packages for VM" + @echo "make rpms-dom0 -- generate binary rpm packages for Dom0" @echo "make update-repo-current -- copy newly generated rpms to qubes yum repo" @echo "make update-repo-current-testing -- same, but to -current-testing repo" @echo "make update-repo-unstable -- same, but to -testing repo" @@ -21,7 +23,7 @@ rpms-vm: $(RPMS_DIR)/x86_64/qubes-core-vm-*$(VERSION_VM)*.rpm \ $(RPMS_DIR)/x86_64/qubes-core-vm-kernel-placeholder-*.rpm -rpms-dom0: +rpms-dom0: rpms-vaio-fixes rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-dom0.spec rpm --addsign \ $(RPMS_DIR)/x86_64/qubes-core-dom0-$(VERSION_DOM0)*.rpm From fe1f685b502927dea9faf372f8c779fd55130176 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Wed, 14 Nov 2012 13:12:51 +0100 Subject: [PATCH 05/10] spec: extract core libs from qubes-core-vm This libs are required by both dom0 and VM so it's better to have it separately. Previously in VM it was separate package, but dom0 have them embedded in qubes-core-dom0, but qubes-core-vm-libs package was used to build qubes-gui-dom0. Now we do not build all packages for all distros (especially do not build core-vm package for dom0 distro, so gui-dom0 build fails), so make it explicit which package is needed by which system. --- Makefile | 16 +++++++-- rpm_spec/core-libs.spec | 73 +++++++++++++++++++++++++++++++++++++++++ rpm_spec/core-vm.spec | 34 +------------------ 3 files changed, 88 insertions(+), 35 deletions(-) create mode 100644 rpm_spec/core-libs.spec diff --git a/Makefile b/Makefile index 69da589..989f15e 100644 --- a/Makefile +++ b/Makefile @@ -3,6 +3,7 @@ RPMS_DIR=rpm/ VERSION_DOM0 := $(shell cat version_dom0) VERSION_VAIO_FIXES := $(shell cat version_vaio_fixes) VERSION_VM := $(shell cat version_vm) +VERSION_LIBS := $(shell cat version_libs) help: @echo "make rpms -- generate binary rpm packages" @@ -16,14 +17,18 @@ help: rpms: rpms-vm rpms-dom0 -rpms-vm: +rpms-libs: + rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-libs.spec + rpm --addsign $(RPMS_DIR)/x86_64/qubes-core-libs-$(VERSION_LIBS)*.rpm + +rpms-vm: rpms-libs rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-vm.spec rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-vm-kernel-placeholder.spec rpm --addsign \ $(RPMS_DIR)/x86_64/qubes-core-vm-*$(VERSION_VM)*.rpm \ $(RPMS_DIR)/x86_64/qubes-core-vm-kernel-placeholder-*.rpm -rpms-dom0: rpms-vaio-fixes +rpms-dom0: rpms-libs rpms-vaio-fixes rpmbuild --define "_rpmdir $(RPMS_DIR)" -bb rpm_spec/core-dom0.spec rpm --addsign \ $(RPMS_DIR)/x86_64/qubes-core-dom0-$(VERSION_DOM0)*.rpm @@ -35,32 +40,39 @@ rpms-vaio-fixes: update-repo-current: ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-$(VERSION_DOM0)*fc13*.rpm ../yum/current-release/current/dom0/rpm/ ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-vaio-fixes-$(VERSION_VAIO_FIXES)*fc13*.rpm ../yum/current-release/current/dom0/rpm/ + ln -f $(RPMS_DIR)/x86_64/qubes-core-libs-$(VERSION_LIBS)*fc13*.rpm ../yum/current-release/current/dom0/rpm/ for vmrepo in ../yum/current-release/current/vm/* ; do \ dist=$$(basename $$vmrepo) ;\ ln -f $(RPMS_DIR)/x86_64/qubes-core-vm-*$(VERSION_VM)*$$dist*.rpm $$vmrepo/rpm/ ;\ ln -f $(RPMS_DIR)/x86_64/qubes-core-vm-kernel-placeholder-*$$dist*.rpm $$vmrepo/rpm/ ;\ + ln -f $(RPMS_DIR)/x86_64/qubes-core-libs-$(VERSION_LIBS)*$$dist*.rpm $$vmrepo/rpm/;\ done update-repo-current-testing: ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-$(VERSION_DOM0)*fc13*.rpm ../yum/current-release/current-testing/dom0/rpm/ ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-vaio-fixes-$(VERSION_VAIO_FIXES)*fc13*.rpm ../yum/current-release/current-testing/dom0/rpm/ + ln -f $(RPMS_DIR)/x86_64/qubes-core-libs-$(VERSION_LIBS)*fc13*.rpm ../yum/current-release/current-testing/dom0/rpm/ for vmrepo in ../yum/current-release/current-testing/vm/* ; do \ dist=$$(basename $$vmrepo) ;\ ln -f $(RPMS_DIR)/x86_64/qubes-core-vm-*$(VERSION_VM)*$$dist*.rpm $$vmrepo/rpm/ ;\ ln -f $(RPMS_DIR)/x86_64/qubes-core-vm-kernel-placeholder-*$$dist*.rpm $$vmrepo/rpm/ ;\ + ln -f $(RPMS_DIR)/x86_64/qubes-core-libs-$(VERSION_LIBS)*$$dist*.rpm $$vmrepo/rpm/;\ done update-repo-unstable: ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-$(VERSION_DOM0)*fc13*.rpm ../yum/current-release/unstable/dom0/rpm/ ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-vaio-fixes-$(VERSION_VAIO_FIXES)*fc13*.rpm ../yum/current-release/unstable/dom0/rpm/ + ln -f $(RPMS_DIR)/x86_64/qubes-core-libs-$(VERSION_LIBS)*fc13*.rpm ../yum/current-release/current-testing/dom0/rpm/ for vmrepo in ../yum/current-release/unstable/vm/* ; do \ dist=$$(basename $$vmrepo) ;\ ln -f $(RPMS_DIR)/x86_64/qubes-core-vm-*$(VERSION_VM)*$$dist*.rpm $$vmrepo/rpm/ ;\ ln -f $(RPMS_DIR)/x86_64/qubes-core-vm-kernel-placeholder-*$$dist*.rpm $$vmrepo/rpm/ ;\ + ln -f $(RPMS_DIR)/x86_64/qubes-core-libs-$(VERSION_LIBS)*$$dist*.rpm $$vmrepo/rpm/;\ done update-repo-installer: ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-*$(VERSION_DOM0)*fc13*.rpm ../installer/yum/qubes-dom0/rpm/ + ln -f $(RPMS_DIR)/x86_64/qubes-core-libs-$(VERSION_LIBS)*fc13*.rpm ../installer/yum/qubes-dom0/rpm/ clean: make -C dom0/qmemman clean diff --git a/rpm_spec/core-libs.spec b/rpm_spec/core-libs.spec new file mode 100644 index 0000000..a2931bf --- /dev/null +++ b/rpm_spec/core-libs.spec @@ -0,0 +1,73 @@ +# +# The Qubes OS Project, http://www.qubes-os.org +# +# Copyright (C) 2010 Joanna Rutkowska +# Copyright (C) 2010 Rafal Wojtczuk +# Copyright (C) 2012 Marek Marczykowski +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# +# + +%{!?version: %define version %(cat version_libs)} + +Name: qubes-core-libs +Version: %{version} +Release: 1%{dist} + +Summary: Qubes core libraries +License: GPL v2 only +Group: Development/Sources +Group: Qubes +Vendor: Invisible Things Lab +URL: http://www.qubes-os.org +Obsoletes: qubes-core-appvm-libs +Obsoletes: qubes-core-vm-libs +BuildRequires: xen-devel + +%define _builddir %(pwd) + +%description +The Qubes core libraries for installation inside a Qubes Dom0 and VM. + +%build +make -C u2mfn +make -C vchan -f Makefile.linux + +%install +install -D -m 0644 vchan/libvchan.h $RPM_BUILD_ROOT/usr/include/libvchan.h +install -D -m 0644 u2mfn/u2mfnlib.h $RPM_BUILD_ROOT/usr/include/u2mfnlib.h +install -D -m 0644 u2mfn/u2mfn-kernel.h $RPM_BUILD_ROOT/usr/include/u2mfn-kernel.h + +install -D vchan/libvchan.so $RPM_BUILD_ROOT/%{_libdir}/libvchan.so +install -D u2mfn/libu2mfn.so $RPM_BUILD_ROOT/%{_libdir}/libu2mfn.so + +%files +%{_libdir}/libvchan.so +%{_libdir}/libu2mfn.so + +%package devel +Summary: Include files for qubes core libraries +License: GPL v2 only +Group: Development/Sources +Obsoletes: qubes-core-appvm-devel +Obsoletes: qubes-core-vm-devel + +%description devel + +%files devel +/usr/include/libvchan.h +/usr/include/u2mfnlib.h +/usr/include/u2mfn-kernel.h diff --git a/rpm_spec/core-vm.spec b/rpm_spec/core-vm.spec index 64884ea..3baab14 100644 --- a/rpm_spec/core-vm.spec +++ b/rpm_spec/core-vm.spec @@ -40,6 +40,7 @@ Requires: ethtool Requires: tinyproxy Requires: ntpdate Requires: qubes-core-vm-kernel-placeholder +Requires: qubes-core-libs Provides: qubes-core-vm Obsoletes: qubes-core-commonvm Obsoletes: qubes-core-appvm @@ -183,13 +184,6 @@ install -D -m 0644 misc/xorg-preload-apps.conf $RPM_BUILD_ROOT/etc/X11/xorg-prel install -d $RPM_BUILD_ROOT/var/run/qubes install -d $RPM_BUILD_ROOT/home_volatile/user -install -D -m 0644 vchan/libvchan.h $RPM_BUILD_ROOT/usr/include/libvchan.h -install -D -m 0644 u2mfn/u2mfnlib.h $RPM_BUILD_ROOT/usr/include/u2mfnlib.h -install -D -m 0644 u2mfn/u2mfn-kernel.h $RPM_BUILD_ROOT/usr/include/u2mfn-kernel.h - -install -D vchan/libvchan.so $RPM_BUILD_ROOT/%{_libdir}/libvchan.so -install -D u2mfn/libu2mfn.so $RPM_BUILD_ROOT/%{_libdir}/libu2mfn.so - %triggerin -- initscripts cp /usr/lib/qubes/serial.conf /etc/init/serial.conf @@ -440,32 +434,6 @@ rm -rf $RPM_BUILD_ROOT %attr(700,user,user) /home_volatile/user %dir /mnt/removable - -%package devel -Summary: Include files for qubes core libraries -License: GPL v2 only -Group: Development/Sources -Obsoletes: qubes-core-appvm-devel - -%description devel - -%files devel -/usr/include/libvchan.h -/usr/include/u2mfnlib.h -/usr/include/u2mfn-kernel.h - -%package libs -Summary: Qubes core libraries -License: GPL v2 only -Group: Development/Sources -Obsoletes: qubes-core-appvm-libs - -%description libs - -%files libs -%{_libdir}/libvchan.so -%{_libdir}/libu2mfn.so - %package sysvinit Summary: Qubes unit files for SysV init style or upstart License: GPL v2 only From a51d9a7c281c76757eb8398ff950f6e0dcd9d440 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Wed, 14 Nov 2012 15:53:42 +0100 Subject: [PATCH 06/10] makefile: update-repo-template target --- Makefile | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/Makefile b/Makefile index 989f15e..2c22afe 100644 --- a/Makefile +++ b/Makefile @@ -74,6 +74,14 @@ update-repo-installer: ln -f $(RPMS_DIR)/x86_64/qubes-core-dom0-*$(VERSION_DOM0)*fc13*.rpm ../installer/yum/qubes-dom0/rpm/ ln -f $(RPMS_DIR)/x86_64/qubes-core-libs-$(VERSION_LIBS)*fc13*.rpm ../installer/yum/qubes-dom0/rpm/ +update-repo-template: + for vmrepo in ../template-builder/yum_repo_qubes/* ; do \ + dist=$$(basename $$vmrepo) ;\ + ln -f $(RPMS_DIR)/x86_64/qubes-core-vm-*$(VERSION_VM)*$$dist*.rpm $$vmrepo/rpm/ ;\ + ln -f $(RPMS_DIR)/x86_64/qubes-core-vm-kernel-placeholder-*$$dist*.rpm $$vmrepo/rpm/ ;\ + ln -f $(RPMS_DIR)/x86_64/qubes-core-libs-$(VERSION_LIBS)*$$dist*.rpm $$vmrepo/rpm/;\ + done + clean: make -C dom0/qmemman clean make -C dom0/restore clean From a7ca7ca3f59bdcd1af53d036b4ef659b3d9f6176 Mon Sep 17 00:00:00 2001 From: Joanna Rutkowska Date: Thu, 15 Nov 2012 16:42:58 +0100 Subject: [PATCH 07/10] version 2.1.3 --- version_vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version_vm b/version_vm index eca07e4..ac2cdeb 100644 --- a/version_vm +++ b/version_vm @@ -1 +1 @@ -2.1.2 +2.1.3 From 8c007b593de6676ab987490112d11bc833e20e01 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Thu, 15 Nov 2012 20:35:29 +0100 Subject: [PATCH 08/10] vm: release 2 yum repository and verification keys (#671) --- misc/RPM-GPG-KEY-qubes-1-primary | 29 ----------------- misc/RPM-GPG-KEY-qubes-1-unstable | 31 ------------------ misc/RPM-GPG-KEY-qubes-2-primary | 39 +++++++++++++++++++++++ misc/RPM-GPG-KEY-qubes-2-unstable | 52 +++++++++++++++++++++++++++++++ misc/qubes.repo | 12 +++---- 5 files changed, 97 insertions(+), 66 deletions(-) delete mode 100644 misc/RPM-GPG-KEY-qubes-1-primary delete mode 100644 misc/RPM-GPG-KEY-qubes-1-unstable create mode 100644 misc/RPM-GPG-KEY-qubes-2-primary create mode 100644 misc/RPM-GPG-KEY-qubes-2-unstable diff --git a/misc/RPM-GPG-KEY-qubes-1-primary b/misc/RPM-GPG-KEY-qubes-1-primary deleted file mode 100644 index 2749c64..0000000 --- a/misc/RPM-GPG-KEY-qubes-1-primary +++ /dev/null @@ -1,29 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1.4.12 (GNU/Linux) - -mQINBE92zX4BEADEOLD8SH3qZunNWnE0IFg4L0m7N33AfIjs8m0CdHi0xKFq8+aA -VOq+Bu2c/v56PSChpYRYqFymt4k7U254uta+bKhUve150Ov5ukCYIPNS/Fx5rRjY -uDLP9zQwlfrABpKNzP4PP9TKOcnb/B8aI8x0GtIa7hTPeBbuJSx6yeazzjHc5bco -8mL1x4nWTqD2n0Ze37B0e5VaVwJyP7+d17amQAWlDAWD/hus/GvTxGX6dT22UBXx -r4WWAGSjx2zT4xe25yysWg3CS0S3Z7ib3xSqdCILN7eCAX7baXTB7s+aziGw3cJJ -cUU2fzTGfGKJ4lAnQeI0gu2XBbHjygC6Kvp1HiyBNGHJ1FvoWqT1KDntFe/xKzTg -akcbqBaMqoUtcbkWNDb7TjrCh3xiwG9oQREuc6RbmMCR4De6fJhton2F9QGMJKg6 -WXeA915v8cdHE4SSyZzXq/VdiMFZ9PX0tmFBBy4H7JfRv1bUZg4LStuosZHc9fBI -McV6ohokkWNDNRBrc86+3Pif+v1QqmQu4kjI+G+zXc27sVag/umh9BqziT03F0O4 -Jq4cvgfTLj62PCqF+7vVJcBiezOE+NGqWkuDMBvcEX8fVrElhaRDsEqhlRfQUm+k -atene95aQ2vki6C7VqqYoJnSgN3D4WiF2psMRlwbfV7JRHkYkNbE6Oc7BQARAQAB -tB5RdWJlcyBPUyBSZWxlYXNlIDEgU2lnbmluZyBLZXmJAjgEEwECACIFAk92zX4C -GwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEOoBIBshEJOnafcQALoC5azP -rp5GQa87OKcSUCWY8u/PqUDnlrA708GpAi1cehR4eJKzAp9KEb6EWDTxRQYPFZSr -ijycLfCje8G0/owckEIcmIAkB1cMgY7a8JcM5G0Fvm0Rcr9mLfIVc++l0O4UAXgk -wAN7V3qGfVVIu8iMTO/2VJaTUdppWmK5RK0HxsOlPw/p9WyaFLe8koql1LwvrnqH -/Y7FV2O7w8Ha3nBpnWyn4wlBh39LRo/45WJx6iliyQweia32z3QywS5GzbdTqO9Z -oOIJNBHUu9GjGC3NC1tu3LPj2QrxJJaaysikvvYjsacUIviTDnUoZ0uNNSWSCUIF -Wgxn3PFn6hb+EiTa4T2XJGPNKnky0v7FAEWK1zfQzaGlsIHrCjHTk3xPliWqpRDY -DoBirg7Kd/mEZd8jjs8PFFs3QnolUV587642e6H/1w+zevE3GwD+M7cLD4XishRx -khfBYFr8HRRrHLJEszSOEod3yeYCHooxXY7589kGnGDY3E/qz2iOd6ee7RUslzwp -SURVaOCrM3sK1wL3kB9NiJ/b4vbggUMEpLrSqaaQF3Uc9Qi7teLev1L594Sgywoe -GWfVomnaV8KYy51k6Or+wVtB3Wx4FvZCI7Vy05BYMbrbbVD9H5b4+Vtrozj22wAj -Fe4itDzWHJUnZy6CNagwhz271QPh3GT/K58W -=2dJF ------END PGP PUBLIC KEY BLOCK----- diff --git a/misc/RPM-GPG-KEY-qubes-1-unstable b/misc/RPM-GPG-KEY-qubes-1-unstable deleted file mode 100644 index 97d5582..0000000 --- a/misc/RPM-GPG-KEY-qubes-1-unstable +++ /dev/null @@ -1,31 +0,0 @@ ------BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v1.4.11 (GNU/Linux) - -mQENBE9KHjMBCADgs1Zw+Gag5MXDqAHzVfo/JSJ0q7Oj096l+/TU0/P2qpoF7sTo -uLpDLCfOOSqil7omOKMjn6yl/73RAd4oWIRivJMQKjgD4Tk8qlLI1NrBGhEdwyLm -SZ+7CU79HzahN8w8+l9H978obIN6S0UD36z7su42QnFmKQqT0EnD1NVZpqvq1iKC -0o0TqhZ90QE8YqWxjnbjDkk1mX2K4iHNJJ2mS/r1+4fXqvHzcmSB+vopGGGXxNB7 -fbNM6nI9RTpPecmnfKrqKrXYfHfyaLVUFXf2xZW/V85qq70dmEPi5g3YpRCXadJ+ -wKt1uZvi4xomPCxymHooF9Fplzv9MpKVIDNlABEBAAG0J1F1YmVzIE9TIFJlbGVh -c2UgMSBVbnN0YWJsZSBTaWduaW5nIEtleYkBPgQTAQIAKAUCT0ogagIbAwUJAeEz -gAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQ77E0ZaTirKEbpgf8C9zqmkqo -u+dudzcrPPUW12FjK2WAYQd7WNYpBY4wOmvOUkvq68FUJ0mwNyjEkNhvLnrxlMqn -Z9vraqw1m2FwIAJfmbpnvJ6LeldNj/SYbutY9Y320eQDgLDZp5Xk0w6z1+Q1RXVJ -AkU935sXhtmVYVa4Cnk7Su6lG0Une3b5dpE90M5ewehYllqsqmtKIwqbRaBmvM6y -QHVqOJwNNo9XK78r0dKvXigXBObqatwItM2gan2oF0dplwTD//DqjldBzZ4mgrN8 -M/SZtynfTnoV8Yw7+JlsPCHIfcIXXWqJtLhNO3LqFAG6PwJX032eHNSrT+4UWIbP -q8Ccvhbxa7iNabkBDQRPSh4zAQgA7OyPodlWz93OuP8/Bh83dHDd1xV7tXByBDUX -O9am5uGKybcx3V8kBqJXbefds/aem1w2MLtDG+CxDC8Gi5gfNQNeCnIw3mpnZnMU -ZNjtXIn3VfKRyhmaHNvaNZiBzKovfjw152UuMsHfzsSMaWldj5J8oFz+eBthGJTT -uxktijIxHiZ/9RqzJLPMBQ5qRPbpqUn9piWEGxx2c4FbqeEOzzV49rX92adBPmUJ -KBo96vW+L6izE0RcQoTMhicbAqF+K2QUGzy0uTp5+G2V0q5HAfrCMIr1Zx93yuz0 -yQZNNLsGYGnYjrFjYiRpJRBbxerlCdGjlwnfXCk5EKRNuqr5twARAQABiQElBBgB -AgAPBQJPSh4zAhsMBQkB4TOAAAoJEO+xNGWk4qyh33MIAIOS9A0rkmBTPZwAsdJv -sz/J9+8AvfwMisN2sKTfEBTO8kEnSPcBZuau3JxKCGHxaPwXhGmnc9xnz/TY3JCj -6ZUgjgQQ3iT/BJk+h6n4xom9NRw5hn4j4NeIpboC6p6JfcYzZyapUNFmAsrSjakw -RxxpaVLb4moOfYzS7i7JqsEetBwoYAeFZoPYZpo4VH9PUPVAih6psmO/bz6Y8W+/ -tkXzViq15bwPUmDwBzX0nX0T8nQqMl85nCLDM2rVMs/lnVxfJas4QjTfzgeZOHQ6 -0ikGqwlnyWk/oUzUXFV/P7sKAXoOaMSEVHtfSxLjVH0RYsAv6SotjHwPAatrynyp -gYY= -=UROF ------END PGP PUBLIC KEY BLOCK----- diff --git a/misc/RPM-GPG-KEY-qubes-2-primary b/misc/RPM-GPG-KEY-qubes-2-primary new file mode 100644 index 0000000..8b3a764 --- /dev/null +++ b/misc/RPM-GPG-KEY-qubes-2-primary @@ -0,0 +1,39 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBFClJWMBEADyAZgyocTmLQA0VpEXJKNvziKwaRWWrfzHw992okqRH/7wHfLn +uXZCSeLnFH/u2r7fOearUBajI879YeG8EpQ71wfAybQYGF5ZJWoW4fOEAZKVP8bC +1z65kKZguPcLfBiOWMAhLd8qxB3Zx5vVBM+8pGZ5ToRYxK6ivNTGOJfkz0GMxWCT +q7kMhVpd9xO62pNbDYC884lXk/24CMDy9QDAhTiAPIB+6rN74zw0XYHo5BId9SuL +ougyO3SZObkLOnfaWWEfZGbyFwvZWXigdZ/OPR2EvynBRF/ruJNlmS0EkxGEOMO8 +ASeeik4HblNhdVDgnUG1zsQ6AqS7tKsy/il55gE9teCAnAL7nPLW7YJmnbzdl6nF +HKiHp7rZ+AtbDjkFpGmcbemvD+9gneUhuCzO8YQygqApdTXlcC5bY14SRyFtVDMp +wD9XX0cVHyapMAbWedVTXqhcdQ88kWGZ85jHCaFXkl8JyGNsVYMchJF9D8iemgW+ +IhwveVEN+5FA9Mrd9NrlgxxO9+BuOgGUPKuw3425cOI47Z3hwGrKm35poZfKqA3U +o1Dwz/JbKM7yNXaZeKrj7Sa0zkzMKXff6PRQTZKqnu/ooyOeNziXgulxLMl2qgYg +ZGijQ/VPwhoaoQtThfyUKc/ttozguAWj5K3Se/BUJJyn0as87RA+8mQD8wARAQAB +tB5RdWJlcyBPUyBSZWxlYXNlIDIgU2lnbmluZyBLZXmJAjgEEwECACIFAlClJWMC +GwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJEAxzudQKQORYvqUQAPAMwdFu +vyR98Q18jzgW6k+5OXNOW53xET+zSZyO/Na7oHC7l8uSOrA8Cu054zeVPzaKMfmr +9bnmb6pfk73Yd/P5AMWXd7h7xZ27Jwi0lhLmxsjMB1fJEJ/bA65m//PxqgIC9PNT +alg0yVE66GdHCVsXJA2XFBTuRyJbLphU8dY1kNesHVdW+Msm+prGOrv+FFzTZDxT +jp87L+xKqTYKgmpphPeM5OzaEj3bOHg3SK1VTVrzRgVVRRKNJKuLIprx5SOpGZxf +5xoPqqdotR4PbM0HQ2gvWy/JlIntN+btVAvwS7e+gcr15oBVsU6uvVJQERZsBDFV +dDffkgOgGVimv21zcxj5RKaUYEpBTqkKZaV23iZ6SQPFBhrjNmljDganTe5tioVQ +mo52s875hYV9VSOLVFOn+pkS0kV5/kFVxoPwHZ+SRKsVcSrRnd9t/et4+VcOCdaC +jX9rYPVQOP019V94dNQWLHYZDBcUZE6zX3xujH2BY+iw5EtjkNl5flaLw+yEUp1o +fbPjOgu0oA6qfoeK/3JtV12RnA08yi35fPKEQ45Qx/Rfs3fMNxiTxD9qZIM3rzXD +nLiNb3cXzqO29iLjhohC17IZrNfSgL81c9NeZ17eKVbUmKicM70BzJyJUvum3bHB +CvO5f7WECZP8UKiqmT4ys6yIyRz1ZrnaY5O7iQIcBBABAgAGBQJQpScRAAoJEN36 +Gj42h5SUMHYP/2orT2b87YIXkOa1fwnaJtvLbMOisdscCn5kOU+30oQF0HLcCvdT +3iHokH9qFAr2slFAHDumkXu/iMordpR1lGItwLF1v6+9yHor03p/LP1JcVl/0PDf +nH4q6P9gQwHjq3RYVOdgYHJsDz2VSbvcsIfODKSxr95TsR1LgYasab4gre64gW3Y +kS4ao9W3QUeglbcYUbeYR+mbZvzq1yMg2qIrv89cYcXGdJFrIrlc6biD7v1V5pRH +CbAX9oWNoaUzPeg99w13Adt2e9PBJoq4hhouk87xnBg1QrMnL2ubUHvgTaH28J7U +V2hAwiCcSUwlY5zLs0QVUr13cfvvbGwHSU4avP15Xzgn1VKv+PRlfXPriU3HgG4R +td/Fdz7C+sBMwf7lb+fQSqJdJyB9SojHYMdpz3HmYuGJCySgC59iV5LX1i3AWAMo +7CvFSfqdiKSsHUH4Nl2jnduEcq2Q0uODCXIVcsIlNK/KWEE8CoadKLl55Efdc9JJ +miiW+iHwyHsPM6pqVV4F2R9IL4Wl8Rveaplbj/+TGGblVVO293VhswUGeOSLbXx2 +xzFkTUWU/OrmVOLj6aqId6EinWB5oGJaiuKgZt66sLTs1niUnIzOmqi7R/dZ2mUf +QX62MfVWCv8NfkyMhrOft6ggS0Axo4F8fAcIInVXalvs2YScLSWdq54k +=4+bD +-----END PGP PUBLIC KEY BLOCK----- diff --git a/misc/RPM-GPG-KEY-qubes-2-unstable b/misc/RPM-GPG-KEY-qubes-2-unstable new file mode 100644 index 0000000..3d06e36 --- /dev/null +++ b/misc/RPM-GPG-KEY-qubes-2-unstable @@ -0,0 +1,52 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v1.4.12 (GNU/Linux) + +mQINBFClIUgBEACp0upqK7inupk52+8PHmIZFbm4lkV7IL2S9b285x579s1qysq7 +az0JMekouPzNCu9MGFzSktIWT2ti6JHsGgXmY2PoCMDnBCubx5/nPA2fial7yoKg +ZxzpXGb6ZMtx5GOjXgpryUrNukYwORVR/jZS0noDb8rNnbeKi8R0SgaxRTYyJPvB +ChMl1kVX6R15nHsd43ndkgcgSOGT22f/mxqOka9t2cB3HevfDvEJvz8PMkxRgb3n +GOHFJRLYNIGmSegMllkMjUhZpu1e7T940WC3TWzJfpTNIo1Dsj0GIhGGniebGn/L +BvUrmANxQ5rGMjTFOkSb/vKa/w9ss0OECeIL/K4+A6NQTKXLAoKJYA/bx75Dh2dU +E3H8e4KoYuP3Q1lmLfcU3sX7s/MeszTpYHoUWTKyQXZYJged4ihP/RKz5iHRuAu2 +0fjPdb6RGJYYi/3TDEoVHkkYyL88wETygXeJW2XtBz33ITLyiB3qfxh8eO4tVre2 +QCus0nTpW+dblbfpG1Eb77OJTGlOF3rYx1oEEokochROEstN4bn3fMGMl6zHwBID +tVNPvnQTjrBj7wksvc4xoJNe6Om0kNB7w58l6tCpa/oknW/N9XbwTgm1CI7lMWKD +paieqfJbSYifCHEt0uVzsitoV992xZ8PRoooghGhBGWqTOSC3UDvJuajwwARAQAB +tCdRdWJlcyBPUyBSZWxlYXNlIDIgVW5zdGFibGUgU2lnbmluZyBLZXmJAjgEEwEC +ACIFAlClIUgCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJECMUDzj1Me+n +h7wP/At7TBmp5R9fDVKulLfHM9xDMwNCjmdDcKNwF7xy7c18uzhOpA7ENzgZWTR1 +lkLrr+OlqXVlThzN1YRgvSx0KghSAIf0wuu8eeNKX+r1QFxEtxNrCobzK4ToNTiT +xuPrycJgJBThj0gfq2jaSYGuhi79HYkgFYiRDOfaTms3hL8+oSq0HmDsu3/JSfse +LAHiXbNyNvn1vpt09JH40me4RNTN0N3pUm9c5+7G0jwcE8OQZkjS7h04rpjbrDQE +DHxadqgkwzP4aJm3l3u/OZF7npI16jpCYpV/mWyDbEj047EN/sJjV3KfuN+AdeAT +9C7HJlGKcobeQztjzJuvzIILuzPewn77d7gua5kezM89nM6TK7T48upizNrCHxbw +l2Z2DdzHfSHMWYT0LS4JAjvUyuu2iTWkMGmh8r3SrAmUecFk2/bP0A2MTb10z17K +mzMzRU/u1n5DEsWlHzkXLmHJCKgid0UHuRbPabPWEK3E0yNid9MBkJWMZTFaALx7 +QMdF7QUc/2mEj2ILuNO4V0KHIBVHDwT+SYGXJ+wPY6nHSo5pIeiSWdNpozvKB24y +8OWc1ST/rA6RaEDajSRMUxEkTtH7rGeueTVMhG8JCWWhmgNeMusg5Jq6OTrSooys +c6EDJsD44QaHrJUn6fXwOuyAgmzjX9p04fga67npSFoNUm7vuQINBFClIUgBEADQ +gWsxXqwIpuLVvcaiIo9pvO3wkt2nzXpLr93vzy+0+DTO11ejRDj9fuIA/9h55Yz5 +8snI9+aIKryDedhY+3/iv1izN9tsWyLms1V0xHdKC0RgmBxtJoHyPVdwgDu/86bd +61zbhZAsaVmtP2vOdRD4dgR8wtTDbKnr9j4S8mRLkPJnjp+9e+H+akVVYbTx+Qki +l5XU7ogZejZnTaAonK/jMsbIUF2d1iFdvkMr1I9xFqqHTLwO0tmH/ZDP/9jcMnf4 +dmVWDA4ykegn9RY+24YZ0mLaZrkDpvtfUrzxcZnvHuLVfROnQzOcIoP27Ut1v9s6 +A1uLq8zxy8+pyHBi/DPz2ae1/fMDNJnZcdo8qQFY2NzRnzL6SRZ1YBzWR8t8B0m4 +AginEa+/61UNNyXjkHzqqkVPv1EZ01c44MhB1P8/HZXF7YX80c6N2TUuGhH9dVRa +5S7JWaee8Ib6MT7Nafn/rmLoXPtU5lLzo1SbcEBHbkZXw365BCzp9X+LfesXF9xj +h4ISrCTcjaE20QoE1cNOsvuiuVK9fRqKsfMxuju0SpvZl5cAGM603WPZBMehbJ8e +i2J4CXHOr7mF/ecAlTAr08nYuQTEEpAx7ad/BtrmHFa8IqEhsEqBNC7xuzwAuPI7 +xiiO7/KgDyS0mJ8Xm+9DMP/1q/QxT7Z4Ni4x2U+/swARAQABiQIfBBgBAgAJBQJQ +pSFIAhsMAAoJECMUDzj1Me+nD80P/0HLsF0BfxPgm/raoYS9Cqve6/aP9pHtAODD +SVGrb//PKAddVqJnsCu0TPbULx0cAYztQHw8n7rAO6iNbrxhOa6kin2vvdO0mVQY +kl3a/bDyo8rP/xyMS8K4EE2DfCL1HSDAS2r37mzi8RZED2Yj9F0aBgTO7rGhSXWt +WsDzsPzP46b8mr8BLQ8NfxKlJFpyIq8DwPEasrS5sKXEVXvnY4ZQMa5C2qzg1+LC +c6lbQHPIOaUnENy9ApBepZT8a09Ol3/2Z75UOe2AM5vynT5iST8fdFJlpI1+Z/hs +b+ZQ2uoMVW+O1VVtq+20o1WQVu9pORIKIq7wbBsIq6mejCC+KIZ5RDUPehs97+sL +il546IMqllX0LP40hBM/JP7vZEknYhkGl/HuJyrhaNi8NI4ryrIO8VL2rSx/1eUP +5Yn7jC5T+7twk6yKnzLZYfAG3F3HMTVrp5QwygBc+xmInwqbgHf4fJgT1WOVelKq +1wfoF7DYRT7+J5gAJboYOvS4cIqXAgeeslW76jRKbaK0X/Fa06fiRw3vGSEWdr+A +r4Kv/RAEB5z4da5MT88CB3OtgiJofnsPb+A+TmjTPcmaV2LHH30U/1aD/3RERBHb +cpKz+AV6MQ/7XpQiusXK14ospdTScEVwruXlCyt0hbqTsijiReNV4lV9nXtfmrEL +L0XnT71B +=o46N +-----END PGP PUBLIC KEY BLOCK----- diff --git a/misc/qubes.repo b/misc/qubes.repo index 4a763bc..75dd600 100644 --- a/misc/qubes.repo +++ b/misc/qubes.repo @@ -1,20 +1,20 @@ [qubes-vm-current] name = Qubes OS Repository for VM (updates) -baseurl = http://yum.qubes-os.org/r1/current/vm/fc$releasever -gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-1-primary +baseurl = http://yum.qubes-os.org/r2/current/vm/fc$releasever +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-2-primary gpgcheck = 1 [qubes-vm-current-testing] name = Qubes OS Repository for VM (updates-testing) -baseurl = http://yum.qubes-os.org/r1/current-testing/vm/fc$releasever -gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-1-primary +baseurl = http://yum.qubes-os.org/r2/current-testing/vm/fc$releasever +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-2-primary gpgcheck = 1 enabled=0 [qubes-vm-unstable] name = Qubes OS Repository for VM (unstable) -baseurl = http://yum.qubes-os.org/r1/unstable/vm/fc$releasever -gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-1-unstable +baseurl = http://yum.qubes-os.org/r2/unstable/vm/fc$releasever +gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-2-unstable gpgcheck = 1 enabled=0 From 16afb1610e6ad778e98f17880ab13610258844c1 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Thu, 15 Nov 2012 21:38:39 +0100 Subject: [PATCH 09/10] vm: remove qubes-upgrade-vm after upgrade --- rpm_spec/core-vm.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/rpm_spec/core-vm.spec b/rpm_spec/core-vm.spec index 3baab14..c48fce2 100644 --- a/rpm_spec/core-vm.spec +++ b/rpm_spec/core-vm.spec @@ -46,6 +46,7 @@ Obsoletes: qubes-core-commonvm Obsoletes: qubes-core-appvm Obsoletes: qubes-core-netvm Obsoletes: qubes-core-proxyvm +Obsoletes: qubes-upgrade-vm < 2.0 BuildRequires: xen-devel %define _builddir %(pwd) From a26b3e7016e4d2b396247b817f5df724c6a65c23 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Fri, 16 Nov 2012 14:03:36 +0100 Subject: [PATCH 10/10] vm/core: use mount --bind instead of symlink for /home Many applications doesn't like /home as symlink ($HOME differs from real location). --- misc/fstab | 1 + vm-init.d/qubes_core | 9 +++++++-- vm-init.d/qubes_core_appvm | 6 +++++- vm-systemd/misc-post.sh | 13 +++++++++---- vm-systemd/prepare-dvm.sh | 6 +++++- 5 files changed, 27 insertions(+), 8 deletions(-) diff --git a/misc/fstab b/misc/fstab index b7d0fee..8012120 100644 --- a/misc/fstab +++ b/misc/fstab @@ -8,6 +8,7 @@ # /dev/mapper/dmroot / ext4 defaults,noatime 1 1 /dev/xvdb /rw ext4 noauto,defaults 1 2 +/rw/home /home none noauto,bind,defaults 0 0 /dev/xvdc1 swap swap defaults 0 0 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 diff --git a/vm-init.d/qubes_core b/vm-init.d/qubes_core index 4830587..b3927fd 100755 --- a/vm-init.d/qubes_core +++ b/vm-init.d/qubes_core @@ -65,14 +65,19 @@ start() touch /rw/config/rc.local mkdir -p /rw/home - cp -a /home.orig/user /home + cp -a /home.orig/user /rw/home mkdir -p /rw/usrlocal - cp -a /usr/local.orig/* /usr/local + cp -a /usr/local.orig/* /rw/usrlocal touch /var/lib/qubes/first_boot_completed fi fi + if [ -L /home ]; then + rm /home + mkdir /home + fi + mount /home /usr/lib/qubes/qrexec_agent 2>/var/log/qubes/qrexec_agent.log & diff --git a/vm-init.d/qubes_core_appvm b/vm-init.d/qubes_core_appvm index a0cfe06..6e851d1 100755 --- a/vm-init.d/qubes_core_appvm +++ b/vm-init.d/qubes_core_appvm @@ -45,7 +45,11 @@ start() echo -n $"Executing Qubes Core scripts for AppVM:" if xenstore-read qubes_save_request 2>/dev/null ; then - ln -sf /home_volatile /home + if [ -L /home ]; then + rm /home + mkdir /home + fi + mount --bind /home_volatile /home touch /etc/this_is_dvm mount /rw possibly_run_save_script diff --git a/vm-systemd/misc-post.sh b/vm-systemd/misc-post.sh index df4c8a4..cbd0c63 100755 --- a/vm-systemd/misc-post.sh +++ b/vm-systemd/misc-post.sh @@ -24,18 +24,23 @@ if [ -e /dev/xvdb -a ! -e /etc/this_is_dvm ] ; then touch /rw/config/rc.local-early mkdir -p /rw/home - cp -a /home.orig/user /home + cp -a /home.orig/user /rw/home mkdir -p /rw/usrlocal - cp -a /usr/local.orig/* /usr/local + cp -a /usr/local.orig/* /rw/usrlocal touch /var/lib/qubes/first_boot_completed fi # Chown home if user UID have changed - can be the case on template switch - HOME_USER_UID=`ls -dn /home/user | awk '{print $3}'` + HOME_USER_UID=`ls -dn /rw/home/user | awk '{print $3}'` if [ "`id -u user`" -ne "$HOME_USER_UID" ]; then - find /home/user -uid "$HOME_USER_UID" -print0 | xargs -0 chown user:user + find /rw/home/user -uid "$HOME_USER_UID" -print0 | xargs -0 chown user:user fi + if [ -L /home ]; then + rm /home + mkdir /home + fi + mount /home fi [ -x /rw/config/rc.local ] && /rw/config/rc.local diff --git a/vm-systemd/prepare-dvm.sh b/vm-systemd/prepare-dvm.sh index 2229afc..ae57829 100755 --- a/vm-systemd/prepare-dvm.sh +++ b/vm-systemd/prepare-dvm.sh @@ -13,7 +13,11 @@ possibly_run_save_script() } if xenstore-read qubes_save_request 2>/dev/null ; then - ln -sf /home_volatile /home + if [ -L /home ]; then + rm /home + mkdir /home + fi + mount --bind /home_volatile /home touch /etc/this_is_dvm mount /rw possibly_run_save_script