From e660c4a05ff39c85e22e13b8589489ee92ce594a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?=
 <frederic.pierret@qubes-os.org>
Date: Fri, 24 Jul 2020 16:07:39 +0200
Subject: [PATCH 1/5] Drop legacy xen entry in fstab

---
 filesystem/fstab                 |  1 -
 vm-systemd/75-qubes-vm.preset    |  1 +
 vm-systemd/qubes-sysinit.service |  2 +-
 vm-systemd/qubes-sysinit.sh      | 11 +----------
 4 files changed, 3 insertions(+), 12 deletions(-)

diff --git a/filesystem/fstab b/filesystem/fstab
index 4673ee7..df2b112 100644
--- a/filesystem/fstab
+++ b/filesystem/fstab
@@ -10,5 +10,4 @@ tmpfs                   /dev/shm                tmpfs   defaults,size=1G
 devpts                  /dev/pts                devpts  gid=5,mode=620  0 0
 sysfs                   /sys                    sysfs   defaults        0 0
 proc                    /proc                   proc    defaults        0 0
-xen                     /proc/xen               xenfs   defaults        0 0
 /dev/xvdi	/mnt/removable	auto noauto,user,rw 0 0
diff --git a/vm-systemd/75-qubes-vm.preset b/vm-systemd/75-qubes-vm.preset
index 9933fe9..7304933 100644
--- a/vm-systemd/75-qubes-vm.preset
+++ b/vm-systemd/75-qubes-vm.preset
@@ -108,3 +108,4 @@ enable qubes-sync-time.timer
 # Disable useless Xen services in Qubes VM
 disable xenstored.service
 disable xenconsoled.service
+disable proc-xen.mount
diff --git a/vm-systemd/qubes-sysinit.service b/vm-systemd/qubes-sysinit.service
index 815e56d..bc4a678 100644
--- a/vm-systemd/qubes-sysinit.service
+++ b/vm-systemd/qubes-sysinit.service
@@ -2,7 +2,7 @@
 Description=Init Qubes Services settings
 DefaultDependencies=no
 Before=sysinit.target
-After=proc-xen.mount systemd-modules-load.service qubes-db.service
+After=systemd-modules-load.service qubes-db.service
 
 [Service]
 Type=oneshot
diff --git a/vm-systemd/qubes-sysinit.sh b/vm-systemd/qubes-sysinit.sh
index b86fb14..e48f281 100755
--- a/vm-systemd/qubes-sysinit.sh
+++ b/vm-systemd/qubes-sysinit.sh
@@ -17,7 +17,7 @@ if systemd_version_changed ; then
 fi
 
 # Wait for xenbus initialization
-while [ ! -e /dev/xen/xenbus ] && [ -e /proc/xen/xenbus ]; do
+while [ ! -e /dev/xen/xenbus ]; do
   sleep 0.1
 done
 
@@ -27,15 +27,6 @@ chmod 0775 /var/run/qubes
 mkdir -p /var/run/qubes-service
 mkdir -p /var/run/xen-hotplug
 
-# Set permissions to /proc/xen/xenbus, so normal user can talk to xenstore, to
-# open vchan connection. Note that new code uses /dev/xen/xenbus (which have
-# permissions set by udev), so this probably can go away soon
-chmod 666 /proc/xen/xenbus
-
-# Set permissions to /proc/xen/privcmd, so a user in qubes group can access
-chmod 660 /proc/xen/privcmd
-chgrp qubes /proc/xen/privcmd
-
 # Set default services depending on VM type
 is_appvm && DEFAULT_ENABLED=$DEFAULT_ENABLED_APPVM && touch /var/run/qubes/this-is-appvm
 is_netvm && DEFAULT_ENABLED=$DEFAULT_ENABLED_NETVM && touch /var/run/qubes/this-is-netvm

From 8aea0d9aabb7ac5b9306822efd39ee6f79ee5561 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?=
 <frederic.pierret@qubes-os.org>
Date: Sun, 26 Jul 2020 15:27:26 +0200
Subject: [PATCH 2/5] xendriverdomain: remove Requires and After proc-xen.mount

---
 Makefile                           |  3 ++-
 debian/qubes-core-agent.install    |  1 +
 rpm_spec/core-agent.spec.in        |  1 +
 vm-systemd/xendriverdomain.service | 10 ++++++++++
 4 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 vm-systemd/xendriverdomain.service

diff --git a/Makefile b/Makefile
index ac0b789..06651a0 100644
--- a/Makefile
+++ b/Makefile
@@ -106,11 +106,12 @@ SYSTEMD_NETWORK_SERVICES := vm-systemd/qubes-firewall.service vm-systemd/qubes-i
 SYSTEMD_CORE_SERVICES := $(filter-out $(SYSTEMD_NETWORK_SERVICES), $(SYSTEMD_ALL_SERVICES))
 
 install-systemd: install-init
-	install -d $(DESTDIR)$(SYSLIBDIR)/systemd/system{,-preset} $(DESTDIR)$(LIBDIR)/qubes/init $(DESTDIR)$(SYSLIBDIR)/modules-load.d
+	install -d $(DESTDIR)$(SYSLIBDIR)/systemd/system{,-preset} $(DESTDIR)$(LIBDIR)/qubes/init $(DESTDIR)$(SYSLIBDIR)/modules-load.d $(DESTDIR)/etc/systemd/system
 	install -m 0644 $(SYSTEMD_CORE_SERVICES) $(DESTDIR)$(SYSLIBDIR)/systemd/system/
 	install -m 0644 vm-systemd/qubes-*.timer $(DESTDIR)$(SYSLIBDIR)/systemd/system/
 	install -m 0644 vm-systemd/75-qubes-vm.preset $(DESTDIR)$(SYSLIBDIR)/systemd/system-preset/
 	install -m 0644 vm-systemd/qubes-core.conf $(DESTDIR)$(SYSLIBDIR)/modules-load.d/
+	install -m 0644 vm-systemd/xendriverdomain.service $(DESTDIR)/etc/systemd/system/
 
 install-sysvinit: install-init
 	install -d $(DESTDIR)/etc/init.d
diff --git a/debian/qubes-core-agent.install b/debian/qubes-core-agent.install
index fa4f033..5debdca 100644
--- a/debian/qubes-core-agent.install
+++ b/debian/qubes-core-agent.install
@@ -57,6 +57,7 @@ etc/sudoers.d/umask
 etc/sysctl.d/20_tcp_timestamps.conf
 etc/sysctl.d/80-qubes.conf
 etc/systemd/system/haveged.service
+etc/systemd/system/xendriverdomain.service
 lib/modules-load.d/qubes-core.conf
 lib/systemd/system-preset/75-qubes-vm.preset
 lib/systemd/system/boot.automount.d/30_qubes.conf
diff --git a/rpm_spec/core-agent.spec.in b/rpm_spec/core-agent.spec.in
index f4dd797..2cc0e98 100644
--- a/rpm_spec/core-agent.spec.in
+++ b/rpm_spec/core-agent.spec.in
@@ -863,6 +863,7 @@ The Qubes core startup configuration for SystemD init.
 
 %files systemd
 %defattr(-,root,root,-)
+/etc/systemd/system/xendriverdomain.service
 /lib/systemd/system/qubes-misc-post.service
 /lib/systemd/system/qubes-mount-dirs.service
 /lib/systemd/system/qubes-rootfs-resize.service
diff --git a/vm-systemd/xendriverdomain.service b/vm-systemd/xendriverdomain.service
new file mode 100644
index 0000000..9e30d8c
--- /dev/null
+++ b/vm-systemd/xendriverdomain.service
@@ -0,0 +1,10 @@
+[Unit]
+Description=Xen driver domain device daemon
+ConditionVirtualization=xen
+
+[Service]
+Type=forking
+ExecStart=@sbindir@/xl devd
+
+[Install]
+WantedBy=multi-user.target
\ No newline at end of file

From 856e46c3fc93f958a8f65ec0326b254dc32e3dac Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?=
 <frederic.pierret@qubes-os.org>
Date: Sun, 26 Jul 2020 23:27:31 +0200
Subject: [PATCH 3/5] Update travis

---
 .travis.yml | 20 +++-----------------
 1 file changed, 3 insertions(+), 17 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index dfae895..a536523 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,16 +1,8 @@
-sudo: required
-dist: bionic
+import:
+  - source: QubesOS/qubes-continuous-integration:R4.1/travis-base-r4.1.yml
+  - source: QubesOS/qubes-continuous-integration:R4.1/travis-vms-r4.1.yml
 language: python
 python: '3.5'
-install: git clone https://github.com/QubesOS/qubes-builder ~/qubes-builder
-script: ~/qubes-builder/scripts/travis-build
-env:
- - DISTS_VM=fc29 USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
- - DISTS_VM=fc30 USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
- - DISTS_VM=stretch USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
- - DISTS_VM=buster USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
- - DISTS_VM=centos7 USE_QUBES_REPO_VERSION=4.1 USE_QUBES_REPO_TESTING=1
-
 jobs:
   include:
     - python: '3.6'  # needs to match bionic
@@ -29,9 +21,3 @@ jobs:
       python: '3.5'
       env: DIST_DOM0=fc31 TESTS_ONLY=
       script: ~/qubes-builder/scripts/travis-deploy
-
-
-branches:
-  except:
-    - /.*_.*/
-    - build

From 91bce584a2645729a84f95370c51af0a9c33e351 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?=
 <frederic.pierret@qubes-os.org>
Date: Tue, 28 Jul 2020 16:02:34 +0200
Subject: [PATCH 4/5] Fix regex in qubes-fix-nm-conf.sh

---
 network/qubes-fix-nm-conf.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/network/qubes-fix-nm-conf.sh b/network/qubes-fix-nm-conf.sh
index 42e5f4a..915998e 100755
--- a/network/qubes-fix-nm-conf.sh
+++ b/network/qubes-fix-nm-conf.sh
@@ -17,6 +17,6 @@ if ! grep -q "^unmanaged-devices.*$VIFMAC" $FILE ; then
 	sed -i 's/^unmanaged-devices.*$/&,'$VIFMAC/ $FILE
 fi
 if ! grep -q "^dns=" $FILE ; then
-	sed -i '/\[main\] a dns=default' $FILE
+	sed -i '/\[main\]/a dns=default' $FILE
 fi
 exit 0

From b804cfb2702a6be3887b38bf15b166a90a982a8a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?=
 <frederic.pierret@qubes-os.org>
Date: Mon, 3 Aug 2020 13:18:26 +0200
Subject: [PATCH 5/5] xendriverdomain: remove placeholder for sbinpath

---
 vm-systemd/xendriverdomain.service | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/vm-systemd/xendriverdomain.service b/vm-systemd/xendriverdomain.service
index 9e30d8c..31a534e 100644
--- a/vm-systemd/xendriverdomain.service
+++ b/vm-systemd/xendriverdomain.service
@@ -4,7 +4,7 @@ ConditionVirtualization=xen
 
 [Service]
 Type=forking
-ExecStart=@sbindir@/xl devd
+ExecStart=/usr/sbin/xl devd
 
 [Install]
-WantedBy=multi-user.target
\ No newline at end of file
+WantedBy=multi-user.target