From d15696ebefe868b2af0f0813dea3df6721d4835a Mon Sep 17 00:00:00 2001
From: "Manuel Amador (Rudd-O)" <rudd-o@rudd-o.com>
Date: Fri, 28 Oct 2016 05:21:33 +0000
Subject: [PATCH] Fix VM settings running while / is readonly.

---
 rpm_spec/core-vm.spec                    |  1 +
 vm-systemd/75-qubes-vm.preset            |  1 +
 vm-systemd/qubes-early-vm-config.service | 13 +++++++++
 vm-systemd/qubes-early-vm-config.sh      | 37 ++++++++++++++++++++++++
 vm-systemd/qubes-sysinit.sh              | 29 -------------------
 5 files changed, 52 insertions(+), 29 deletions(-)
 create mode 100644 vm-systemd/qubes-early-vm-config.service
 create mode 100755 vm-systemd/qubes-early-vm-config.sh

diff --git a/rpm_spec/core-vm.spec b/rpm_spec/core-vm.spec
index 79bcfe6..6fcb2ce 100644
--- a/rpm_spec/core-vm.spec
+++ b/rpm_spec/core-vm.spec
@@ -549,6 +549,7 @@ The Qubes core startup configuration for SystemD init.
 /lib/systemd/system/qubes-network.service
 /lib/systemd/system/qubes-iptables.service
 /lib/systemd/system/qubes-sysinit.service
+/lib/systemd/system/qubes-early-vm-config.service
 /lib/systemd/system/qubes-update-check.service
 /lib/systemd/system/qubes-update-check.timer
 /lib/systemd/system/qubes-updates-proxy.service
diff --git a/vm-systemd/75-qubes-vm.preset b/vm-systemd/75-qubes-vm.preset
index 54dbcfa..7562503 100644
--- a/vm-systemd/75-qubes-vm.preset
+++ b/vm-systemd/75-qubes-vm.preset
@@ -57,6 +57,7 @@ disable sshd.service
 disable tcsd.service
 
 enable qubes-sysinit.service
+enable qubes-early-vm-config.service
 enable qubes-db.service
 enable qubes-gui-agent.service
 enable qubes-update-check.timer
diff --git a/vm-systemd/qubes-early-vm-config.service b/vm-systemd/qubes-early-vm-config.service
new file mode 100644
index 0000000..fa9dbd3
--- /dev/null
+++ b/vm-systemd/qubes-early-vm-config.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=Early Qubes VM settings
+DefaultDependencies=no
+Before=sysinit.target
+After=local-fs.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/lib/qubes/init/qubes-early-vm-config.sh
+
+[Install]
+WantedBy=sysinit.target
diff --git a/vm-systemd/qubes-early-vm-config.sh b/vm-systemd/qubes-early-vm-config.sh
new file mode 100755
index 0000000..999bb90
--- /dev/null
+++ b/vm-systemd/qubes-early-vm-config.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+# This is invoked by qubes-early-vm-config.service.
+# It happens after local-fs.target is reached
+# but before sysinit.target is reached.
+
+# Source Qubes library.
+. /usr/lib/qubes/init/functions
+
+# Set the hostname
+if ! is_protected_file /etc/hostname ; then
+    name=`qubesdb-read /name`
+    if [ -n "$name" ]; then
+        hostname $name
+        if [ -e /etc/debian_version ]; then
+            ipv4_localhost_re="127\.0\.1\.1"
+        else
+            ipv4_localhost_re="127\.0\.0\.1"
+        fi
+        sed -i "s/^\($ipv4_localhost_re\(\s.*\)*\s\).*$/\1${name}/" /etc/hosts
+        sed -i "s/^\(::1\(\s.*\)*\s\).*$/\1${name}/" /etc/hosts
+    fi
+fi
+
+# Set the timezone
+if ! is_protected_file /etc/timezone ; then
+    timezone=`qubesdb-read /qubes-timezone 2> /dev/null`
+    if [ -n "$timezone" ]; then
+        ln -sf ../usr/share/zoneinfo/"$timezone" /etc/localtime
+        if [ -e /etc/debian_version ]; then
+            echo "$timezone" > /etc/timezone
+        elif test -d /etc/sysconfig ; then
+            echo "# Clock configuration autogenerated based on Qubes dom0 settings" > /etc/sysconfig/clock
+            echo "ZONE=\"$timezone\"" >> /etc/sysconfig/clock
+        fi
+    fi
+fi
diff --git a/vm-systemd/qubes-sysinit.sh b/vm-systemd/qubes-sysinit.sh
index 9db4661..c1ee760 100755
--- a/vm-systemd/qubes-sysinit.sh
+++ b/vm-systemd/qubes-sysinit.sh
@@ -60,35 +60,6 @@ for srv in `qubesdb-multiread /qubes-service/ 2>/dev/null |grep ' = 0'|cut -f 1
     rm -f /var/run/qubes-service/$srv
 done
 
-# Set the hostname
-if ! is_protected_file /etc/hostname ; then
-    name=`qubesdb-read /name`
-    if [ -n "$name" ]; then
-        hostname $name
-        if [ -e /etc/debian_version ]; then
-            ipv4_localhost_re="127\.0\.1\.1"
-        else
-            ipv4_localhost_re="127\.0\.0\.1"
-        fi
-        sed -i "s/^\($ipv4_localhost_re\(\s.*\)*\s\).*$/\1${name}/" /etc/hosts
-        sed -i "s/^\(::1\(\s.*\)*\s\).*$/\1${name}/" /etc/hosts
-    fi
-fi
-
-# Set the timezone
-if ! is_protected_file /etc/timezone ; then
-    timezone=`qubesdb-read /qubes-timezone 2> /dev/null`
-    if [ -n "$timezone" ]; then
-        ln -sf ../usr/share/zoneinfo/"$timezone" /etc/localtime
-        if [ -e /etc/debian_version ]; then
-            echo "$timezone" > /etc/timezone
-        elif test -d /etc/sysconfig ; then
-            echo "# Clock configuration autogenerated based on Qubes dom0 settings" > /etc/sysconfig/clock
-            echo "ZONE=\"$timezone\"" >> /etc/sysconfig/clock
-        fi
-    fi
-fi
-
 # Prepare environment for other services
 echo > /var/run/qubes-service-environment