From db35abadc85ebb406a7ca2e65829b58baabc3879 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Fri, 7 Jun 2013 05:20:55 +0200 Subject: [PATCH] Use Qubes DB instead of Xenstore --- misc/qubes-trigger-sync-appmenus.sh | 2 +- network/30-qubes-external-ip | 4 ++-- network/qubes-firewall | 20 ++++++++++---------- network/setup-ip | 22 ++++++++-------------- network/vif-route-qubes | 2 +- rpm_spec/core-vm.spec | 2 +- vm-init.d/qubes-core | 19 +++++++------------ vm-init.d/qubes-core-appvm | 20 ++++++++------------ vm-init.d/qubes-core-netvm | 14 +++++++------- vm-init.d/qubes-core.modules | 1 + vm-init.d/qubes-firewall | 4 ++-- vm-init.d/qubes-netwatcher | 4 ++-- vm-init.d/qubes-updates-proxy | 4 ++-- vm-systemd/misc-post.sh | 2 +- vm-systemd/network-proxy-setup.sh | 8 ++++---- vm-systemd/prepare-dvm.sh | 11 ++++++----- vm-systemd/qubes-core.conf | 1 + vm-systemd/qubes-sysinit.service | 2 +- vm-systemd/qubes-sysinit.sh | 24 +++++++++++------------- 19 files changed, 76 insertions(+), 90 deletions(-) diff --git a/misc/qubes-trigger-sync-appmenus.sh b/misc/qubes-trigger-sync-appmenus.sh index 453100e..89690c7 100755 --- a/misc/qubes-trigger-sync-appmenus.sh +++ b/misc/qubes-trigger-sync-appmenus.sh @@ -1,6 +1,6 @@ #!/bin/sh -UPDATEABLE=`/usr/bin/xenstore-read qubes-vm-updateable` +UPDATEABLE=`/usr/bin/qubesdb-read /qubes-vm-updateable` if [ "$UPDATEABLE" = "True" ]; then /usr/lib/qubes/qrexec-client-vm dom0 qubes.SyncAppMenus /bin/sh /etc/qubes-rpc/qubes.GetAppmenus diff --git a/network/30-qubes-external-ip b/network/30-qubes-external-ip index 1761257..0f8e867 100755 --- a/network/30-qubes-external-ip +++ b/network/30-qubes-external-ip @@ -1,8 +1,8 @@ #!/bin/sh if [ x$2 == xup ]; then INET=$(/sbin/ip addr show dev $1 | /bin/grep inet) - /usr/bin/xenstore-write qubes-netvm-external-ip "$INET" + /usr/bin/qubesdb-write /qubes-netvm-external-ip "$INET" fi if [ x$2 == xdown ]; then - /usr/bin/xenstore-write qubes-netvm-external-ip "" + /usr/bin/qubesdb-write /qubes-netvm-external-ip "" fi diff --git a/network/qubes-firewall b/network/qubes-firewall index 9f8aa44..76636fc 100755 --- a/network/qubes-firewall +++ b/network/qubes-firewall @@ -2,9 +2,9 @@ set -e PIDFILE=/var/run/qubes/qubes-firewall.pid -XENSTORE_IPTABLES=qubes-iptables -XENSTORE_IPTABLES_HEADER=qubes-iptables-header -XENSTORE_ERROR=qubes-iptables-error +XENSTORE_IPTABLES=/qubes-iptables +XENSTORE_IPTABLES_HEADER=/qubes-iptables-header +XENSTORE_ERROR=/qubes-iptables-error OLD_RULES="" # PIDfile handling [[ -e $PIDFILE ]] && kill -s 0 $(<$PIDFILE) 2>/dev/null && exit 0 @@ -22,9 +22,9 @@ while true; do FIRST_TIME= TRIGGER=reload else - # Wait for changes in xenstore file - /usr/bin/xenstore-watch-qubes $XENSTORE_IPTABLES - TRIGGER=$(/usr/bin/xenstore-read $XENSTORE_IPTABLES) + # Wait for changes in qubesdb file + /usr/bin/qubesdb-watch $XENSTORE_IPTABLES + TRIGGER=$(/usr/bin/qubesdb-read $XENSTORE_IPTABLES) fi if ! [ "$TRIGGER" = "reload" ]; then continue ; fi @@ -34,19 +34,19 @@ while true; do # during the time when the rules are being (re)applied echo "0" > /proc/sys/net/ipv4/ip_forward - RULES=$(/usr/bin/xenstore-read $XENSTORE_IPTABLES_HEADER) + RULES=$(/usr/bin/qubesdb-read $XENSTORE_IPTABLES_HEADER) IPTABLES_SAVE=$(/sbin/iptables-save | sed '/^\*filter/,/^COMMIT/d') OUT=`echo -e "$RULES\n$IPTABLES_SAVE" | /sbin/iptables-restore 2>&1 || true` - for i in $(xenstore-list qubes-iptables-domainrules) ; do - RULES=$(/usr/bin/xenstore-read qubes-iptables-domainrules/"$i") + for i in $(qubesdb-list -f /qubes-iptables-domainrules) ; do + RULES=$(/usr/bin/qubesdb-read "$i") ERRS=`echo -e "$RULES" | /sbin/iptables-restore -n 2>&1 || true` if [ -n "$ERRS" ]; then echo "Failed applying rules for $i: $ERRS" >&2 OUT="$OUT$ERRS" fi done - /usr/bin/xenstore-write $XENSTORE_ERROR "$OUT" + /usr/bin/qubesdb-write $XENSTORE_ERROR "$OUT" if [ -n "$OUT" ]; then DISPLAY=:0 /usr/bin/notify-send -t 3000 "Firewall loading error ($HOSTNAME)" "$OUT" || : fi diff --git a/network/setup-ip b/network/setup-ip index 907a295..30334a2 100755 --- a/network/setup-ip +++ b/network/setup-ip @@ -1,16 +1,10 @@ #!/bin/sh -if [ -x /usr/sbin/xenstore-read ]; then - XENSTORE_READ="/usr/sbin/xenstore-read" -else - XENSTORE_READ="/usr/bin/xenstore-read" -fi - -ip=`$XENSTORE_READ qubes-ip 2> /dev/null` +ip=`/usr/bin/qubesdb-read /qubes-ip 2> /dev/null` if [ x$ip != x ]; then - netmask=`$XENSTORE_READ qubes-netmask` - gateway=`$XENSTORE_READ qubes-gateway` - secondary_dns=`$XENSTORE_READ qubes-secondary-dns` + netmask=`/usr/bin/qubesdb-read /qubes-netmask` + gateway=`/usr/bin/qubesdb-read /qubes-gateway` + secondary_dns=`/usr/bin/qubesdb-read /qubes-secondary-dns` /sbin/ifconfig $INTERFACE $ip netmask 255.255.255.255 /sbin/ifconfig $INTERFACE up /sbin/route add -host $gateway dev $INTERFACE @@ -19,11 +13,11 @@ if [ x$ip != x ]; then /sbin/ethtool -K $INTERFACE tx off echo "nameserver $gateway" > /etc/resolv.conf echo "nameserver $secondary_dns" >> /etc/resolv.conf - network=$($XENSTORE_READ qubes-netvm-network 2>/dev/null) + network=$(/usr/bin/qubesdb-read /qubes-netvm-network 2>/dev/null) if [ "x$network" != "x" ]; then - gateway=$($XENSTORE_READ qubes-netvm-gateway) - netmask=$($XENSTORE_READ qubes-netvm-netmask) - secondary_dns=$($XENSTORE_READ qubes-netvm-secondary-dns) + gateway=$(/usr/bin/qubesdb-read /qubes-netvm-gateway) + netmask=$(/usr/bin/qubesdb-read /qubes-netvm-netmask) + secondary_dns=$(/usr/bin/qubesdb-read /qubes-netvm-secondary-dns) echo "NS1=$gateway" > /var/run/qubes/qubes-ns echo "NS2=$secondary_dns" >> /var/run/qubes/qubes-ns /usr/lib/qubes/qubes-setup-dnat-to-ns diff --git a/network/vif-route-qubes b/network/vif-route-qubes index 68fbf38..c0ab41e 100755 --- a/network/vif-route-qubes +++ b/network/vif-route-qubes @@ -54,7 +54,7 @@ if [ "${ip}" ] ; then ${cmdprefix} ip route ${ipcmd} ${addr} dev ${vif} metric $metric done ${cmdprefix} iptables -t raw $iptables_cmd -i ${vif} \! -s ${ip} -j DROP - back_ip=`xenstore-read qubes-netvm-gateway` + back_ip=`qubesdb-read /qubes-netvm-gateway` ${cmdprefix} ip addr ${ipcmd} ${back_ip}/32 dev ${vif} fi diff --git a/rpm_spec/core-vm.spec b/rpm_spec/core-vm.spec index 1f93dde..e79b580 100644 --- a/rpm_spec/core-vm.spec +++ b/rpm_spec/core-vm.spec @@ -32,7 +32,6 @@ Group: Qubes Vendor: Invisible Things Lab License: GPL URL: http://www.qubes-os.org -Requires: /usr/bin/xenstore-read Requires: fedora-release Requires: yum-plugin-post-transaction-actions Requires: NetworkManager >= 0.8.1-1 @@ -58,6 +57,7 @@ Requires: ImageMagick Requires: fakeroot Requires: desktop-notification-daemon Requires: qubes-libvchan +Requires: qubes-db-vm Provides: qubes-core-vm Obsoletes: qubes-core-commonvm Obsoletes: qubes-core-appvm diff --git a/vm-init.d/qubes-core b/vm-init.d/qubes-core index 77a71bf..ce6a9cc 100755 --- a/vm-init.d/qubes-core +++ b/vm-init.d/qubes-core @@ -10,19 +10,14 @@ start() { echo -n $"Executing Qubes Core scripts:" - if ! [ -x /usr/bin/xenstore-read ] ; then - echo "ERROR: /usr/bin/xenstore-read not found!" - exit 1 - fi - - # Set permissions to /proc/xen/xenbus, so normal user can use xenstore-read + # Set permissions to /proc/xen/xenbus, so normal user can use qubesdb-read chmod 666 /proc/xen/xenbus # Set permissions to files needed to listen at vchan chmod 666 /proc/u2mfn mkdir -p /var/run/xen-hotplug - name=$(/usr/bin/xenstore-read name) + name=$(/usr/bin/qubesdb-read /name) if ! [ -f /etc/this-is-dvm ] ; then # we don't want to set hostname for DispVM # because it makes some of the pre-created dotfiles invalid (e.g. .kde/cache-) @@ -31,15 +26,15 @@ start() sed -i "s/^\(127\.0\.0\.1[\t ].*\) \($name \)\?\(.*\)/\1\2 $name/" /etc/hosts fi - timezone=`/usr/bin/xenstore-read qubes-timezone 2> /dev/null` + timezone=`/usr/bin/qubesdb-read /qubes-timezone 2> /dev/null` if [ -n "$timezone" ]; then ln -f /usr/share/zoneinfo/$timezone /etc/localtime echo "# Clock configuration autogenerated based on Qubes dom0 settings" > /etc/sysconfig/clock echo "ZONE=\"$timezone\"" >> /etc/sysconfig/clock fi - yum_proxy_setup=$(/usr/bin/xenstore-read qubes-service/yum-proxy-setup 2> /dev/null || /usr/bin/xenstore-read qubes-service/updates-proxy-setup 2>/dev/null ) - type=$(/usr/bin/xenstore-read qubes-vm-type) + yum_proxy_setup=$(/usr/bin/qubesdb-read /qubes-service/yum-proxy-setup 2> /dev/null || /usr/bin/qubesdb-read /qubes-service/updates-proxy-setup 2> /dev/null) + type=$(/usr/bin/qubesdb-read /qubes-vm-type) if [ "$yum_proxy_setup" != "0" ] || [ -z "$yum_proxy_setup" -a "$type" == "TemplateVM" ]; then echo proxy=http://10.137.255.254:8082/ > /etc/yum.conf.d/qubes-proxy.conf else @@ -49,7 +44,7 @@ start() # Set IP address again (besides action in udev rules); this is needed by # DispVM (to override DispVM-template IP) and in case when qubes-ip was # called by udev before loading evtchn kernel module - in which case - # xenstore-read fails + # qubesdb-read fails INTERFACE=eth0 /usr/lib/qubes/setup-ip mkdir -p /var/run/qubes @@ -85,7 +80,7 @@ start() success echo "" - start_ntpd=$(/usr/bin/xenstore-read qubes-service/ntpd 2> /dev/null) + start_ntpd=$(/usr/bin/qubesdb-read /qubes-service/ntpd 2> /dev/null) if [ "$start_ntpd" == "1" ]; then /sbin/service ntpd start fi diff --git a/vm-init.d/qubes-core-appvm b/vm-init.d/qubes-core-appvm index c14530a..3026812 100755 --- a/vm-init.d/qubes-core-appvm +++ b/vm-init.d/qubes-core-appvm @@ -8,7 +8,7 @@ possibly_run_save_script() { - ENCODED_SCRIPT=$(xenstore-read qubes-save-script) + ENCODED_SCRIPT=$(qubesdb-read /qubes-save-script) if [ -z "$ENCODED_SCRIPT" ] ; then return ; fi echo $ENCODED_SCRIPT|perl -e 'use MIME::Base64 qw(decode_base64); local($/) = undef;print decode_base64()' >/tmp/qubes-save-script chmod 755 /tmp/qubes-save-script @@ -20,19 +20,14 @@ possibly_run_save_script() start() { - if ! [ -x /usr/bin/xenstore-read ] ; then - echo "ERROR: /usr/bin/xenstore-read not found!" - exit 1 - fi - - type=$(/usr/bin/xenstore-read qubes-vm-type) + type=$(/usr/bin/qubesdb-read /qubes-vm-type) if [ "$type" != "AppVM" -a "$type" != "DisposableVM" -a "$type" != "TemplateVM" ]; then # This script runs only on AppVMs return 0 fi # Start AppVM specific services - start_cups=$(/usr/bin/xenstore-read qubes-service/cups 2> /dev/null) + start_cups=$(/usr/bin/qubesdb-read /qubes-service/cups 2> /dev/null) if [ "$start_cups" != "0" ]; then /sbin/service cups start # Allow also notification icon @@ -44,7 +39,7 @@ start() echo -n $"Executing Qubes Core scripts for AppVM:" - if xenstore-read qubes-save-request 2>/dev/null ; then + if qubesdb-read /qubes-save-request 2>/dev/null ; then if [ -L /home ]; then rm /home mkdir /home @@ -56,17 +51,18 @@ start() umount /rw dmesg -c >/dev/null free | grep Mem: | - (read a b c d ; xenstore-write device/qubes-used-mem $c) + (read a b c d ; qubesdb-write /qubes-used-mem $c) # we're still running in DispVM template echo "Waiting for save/restore..." # ... wait until qubes-restore.c (in Dom0) recreates VM-specific keys - while ! xenstore-read qubes-restore-complete 2>/dev/null ; do + # TODO: restart qubesdb service before this + while ! qubesdb-read /qubes-restore-complete 2>/dev/null ; do usleep 10 done echo Back to life. fi - start_meminfo_writer=$(/usr/bin/xenstore-read qubes-service/meminfo-writer 2>/dev/null) + start_meminfo_writer=$(/usr/bin/qubesdb-read /qubes-service/meminfo-writer 2>/dev/null) if [ "$start_meminfo_writer" != "0" ]; then MEM_CHANGE_THRESHOLD_KB=30000 MEMINFO_DELAY_USEC=100000 diff --git a/vm-init.d/qubes-core-netvm b/vm-init.d/qubes-core-netvm index 253ee40..16033dc 100755 --- a/vm-init.d/qubes-core-netvm +++ b/vm-init.d/qubes-core-netvm @@ -8,12 +8,12 @@ start() { - if ! [ -x /usr/bin/xenstore-read ] ; then - echo "ERROR: /usr/bin/xenstore-read not found!" + if ! [ -x /usr/bin/qubesdb-read ] ; then + echo "ERROR: /usr/bin/qubesdb-read not found!" exit 1 fi - type=$(/usr/bin/xenstore-read qubes-vm-type) + type=$(/usr/bin/qubesdb-read /qubes-vm-type) if [ "$type" == "NetVM" ]; then /usr/lib/qubes/network-manager-prepare-conf-dir /sbin/service NetworkManager start @@ -22,11 +22,11 @@ start() echo -n $"Executing Qubes Core scripts NetVM:" # Setup gateway for all the VMs this netVM is serviceing... - network=$(/usr/bin/xenstore-read qubes-netvm-network 2>/dev/null) + network=$(/usr/bin/qubesdb-read /qubes-netvm-network 2>/dev/null) if [ "x$network" != "x" ]; then - gateway=$(/usr/bin/xenstore-read qubes-netvm-gateway) - netmask=$(/usr/bin/xenstore-read qubes-netvm-netmask) - secondary_dns=$(/usr/bin/xenstore-read qubes-netvm-secondary-dns) + gateway=$(/usr/bin/qubesdb-read /qubes-netvm-gateway) + netmask=$(/usr/bin/qubesdb-read /qubes-netvm-netmask) + secondary_dns=$(/usr/bin/qubesdb-read /qubes-netvm-secondary-dns) modprobe netbk 2> /dev/null || modprobe xen-netback echo "NS1=$gateway" > /var/run/qubes/qubes-ns echo "NS2=$secondary_dns" >> /var/run/qubes/qubes-ns diff --git a/vm-init.d/qubes-core.modules b/vm-init.d/qubes-core.modules index d2331be..88ffa9c 100755 --- a/vm-init.d/qubes-core.modules +++ b/vm-init.d/qubes-core.modules @@ -3,3 +3,4 @@ modprobe xen-blkback 2> /dev/null || modprobe blkbk modprobe xen-usbfront 2> /dev/null modprobe u2mfn 2>/dev/null modprobe xen-gntalloc 2> /dev/null +modprobe xen-gntdev 2> /dev/null diff --git a/vm-init.d/qubes-firewall b/vm-init.d/qubes-firewall index 7995792..989cced 100755 --- a/vm-init.d/qubes-firewall +++ b/vm-init.d/qubes-firewall @@ -10,8 +10,8 @@ PIDFILE=/var/run/qubes/qubes-firewall.pid start() { - type=$(/usr/bin/xenstore-read qubes-vm-type) - start_firewall=$(/usr/bin/xenstore-read qubes-service/qubes-firewall 2> /dev/null) + type=$(/usr/bin/qubesdb-read /qubes-vm-type) + start_firewall=$(/usr/bin/qubesdb-read /qubes-service/qubes-firewall 2> /dev/null) if [ -z "$start_firewall" ] && [ "$type" == "ProxyVM" ] || [ "$start_firewall" == "1" ]; then echo -n $"Starting Qubes Firewall monitor:" /sbin/ethtool -K eth0 sg off diff --git a/vm-init.d/qubes-netwatcher b/vm-init.d/qubes-netwatcher index bc334ab..5f7a921 100755 --- a/vm-init.d/qubes-netwatcher +++ b/vm-init.d/qubes-netwatcher @@ -10,8 +10,8 @@ PIDFILE=/var/run/qubes/qubes-netwatcher.pid start() { - type=$(/usr/bin/xenstore-read qubes-vm-type) - start_netwatcher=$(/usr/bin/xenstore-read qubes-service/qubes-netwatcher 2>/dev/null) + type=$(/usr/bin/qubesdb-read /qubes-vm-type) + start_netwatcher=$(/usr/bin/qubesdb-read /qubes-service/qubes-netwatcher 2>/dev/null) if [ -z "$start_netwatcher" ] && [ "$type" == "ProxyVM" ] || [ "$start_netwatcher" == "1" ]; then echo -n $"Starting Qubes Network monitor:" /sbin/ethtool -K eth0 sg off diff --git a/vm-init.d/qubes-updates-proxy b/vm-init.d/qubes-updates-proxy index 577a386..2959bf6 100755 --- a/vm-init.d/qubes-updates-proxy +++ b/vm-init.d/qubes-updates-proxy @@ -32,8 +32,8 @@ pidfile="/var/run/tinyproxy/tinyproxy-updates.pid" lockfile=/var/lock/subsys/tinyproxy-updates start() { - type=`/usr/bin/xenstore-read qubes-vm-type` - start_updates_proxy=`/usr/bin/xenstore-read qubes-service/qubes-updates-proxy 2>/dev/null` + type=`/usr/bin/qubesdb-read /qubes-vm-type` + start_updates_proxy=`/usr/bin/qubesdb-read /qubes-service/qubes-updates-proxy 2>/dev/null` if [ -z "$start_updates_proxy" ] && [ "$type" != "NetVM" ] || [ "$start_updates_proxy" != "1" ]; then # Yum proxy disabled exit 0 diff --git a/vm-systemd/misc-post.sh b/vm-systemd/misc-post.sh index f4169e7..e92de48 100755 --- a/vm-systemd/misc-post.sh +++ b/vm-systemd/misc-post.sh @@ -19,7 +19,7 @@ fi # Set IP address again (besides action in udev rules); this is needed by # DispVM (to override DispVM-template IP) and in case when qubes-ip was # called by udev before loading evtchn kernel module - in which case -# xenstore-read fails +# qubesdb-read fails INTERFACE=eth0 /usr/lib/qubes/setup-ip if [ -e /dev/xvdb -a ! -e /etc/this-is-dvm ] ; then diff --git a/vm-systemd/network-proxy-setup.sh b/vm-systemd/network-proxy-setup.sh index 020edb2..668d79a 100755 --- a/vm-systemd/network-proxy-setup.sh +++ b/vm-systemd/network-proxy-setup.sh @@ -1,11 +1,11 @@ #!/bin/sh # Setup gateway for all the VMs this netVM is serviceing... -network=$(/usr/bin/xenstore-read qubes-netvm-network 2>/dev/null) +network=$(/usr/bin/qubesdb-read /qubes-netvm-network 2>/dev/null) if [ "x$network" != "x" ]; then - gateway=$(/usr/bin/xenstore-read qubes-netvm-gateway) - netmask=$(/usr/bin/xenstore-read qubes-netvm-netmask) - secondary_dns=$(/usr/bin/xenstore-read qubes-netvm-secondary-dns) + gateway=$(/usr/bin/qubesdb-read /qubes-netvm-gateway) + netmask=$(/usr/bin/qubesdb-read /qubes-netvm-netmask) + secondary_dns=$(/usr/bin/qubesdb-read /qubes-netvm-secondary-dns) modprobe netbk 2> /dev/null || modprobe xen-netback echo "NS1=$gateway" > /var/run/qubes/qubes-ns echo "NS2=$secondary_dns" >> /var/run/qubes/qubes-ns diff --git a/vm-systemd/prepare-dvm.sh b/vm-systemd/prepare-dvm.sh index bdd1506..1ce098f 100755 --- a/vm-systemd/prepare-dvm.sh +++ b/vm-systemd/prepare-dvm.sh @@ -2,7 +2,7 @@ possibly_run_save_script() { - ENCODED_SCRIPT=$(xenstore-read qubes-save-script) + ENCODED_SCRIPT=$(qubesdb-read /qubes-save-script) if [ -z "$ENCODED_SCRIPT" ] ; then return ; fi echo $ENCODED_SCRIPT|perl -e 'use MIME::Base64 qw(decode_base64); local($/) = undef;print decode_base64()' >/tmp/qubes-save-script chmod 755 /tmp/qubes-save-script @@ -12,7 +12,7 @@ possibly_run_save_script() killall Xorg } -if xenstore-read qubes-save-request 2>/dev/null ; then +if qubesdb-read /qubes-save-request 2>/dev/null ; then if [ -L /home ]; then rm /home mkdir /home @@ -24,12 +24,13 @@ if xenstore-read qubes-save-request 2>/dev/null ; then umount /rw dmesg -c >/dev/null free | grep Mem: | - (read a b c d ; xenstore-write device/qubes-used-mem $c) + (read a b c d ; qubesdb-write /qubes-used-mem $c) # we're still running in DispVM template echo "Waiting for save/restore..." # ... wait until qubes-restore.c (in Dom0) recreates VM-specific keys - while ! xenstore-read qubes-restore-complete 2>/dev/null ; do - usleep 10000 + # TODO: restart qubesdb-daemon before this + while ! qubesdb-read /qubes-restore-complete 2>/dev/null ; do + usleep 10 done echo Back to life. fi diff --git a/vm-systemd/qubes-core.conf b/vm-systemd/qubes-core.conf index d3c4c6e..421104c 100644 --- a/vm-systemd/qubes-core.conf +++ b/vm-systemd/qubes-core.conf @@ -3,3 +3,4 @@ xen-blkback xen-usbfront u2mfn xen-gntalloc +xen-gntdev diff --git a/vm-systemd/qubes-sysinit.service b/vm-systemd/qubes-sysinit.service index 07decc2..7e8a6ae 100644 --- a/vm-systemd/qubes-sysinit.service +++ b/vm-systemd/qubes-sysinit.service @@ -2,7 +2,7 @@ Description=Init Qubes Services settings DefaultDependencies=no Before=sysinit.target -After=proc-xen.mount systemd-modules-load.service +After=proc-xen.mount systemd-modules-load.service qubes-db.service [Service] Type=oneshot diff --git a/vm-systemd/qubes-sysinit.sh b/vm-systemd/qubes-sysinit.sh index 8775998..33e2b72 100755 --- a/vm-systemd/qubes-sysinit.sh +++ b/vm-systemd/qubes-sysinit.sh @@ -1,19 +1,17 @@ #!/bin/sh -# List of services enabled by default (in case of absence of xenstore entry) +# List of services enabled by default (in case of absence of qubesdb entry) DEFAULT_ENABLED_NETVM="network-manager qubes-network qubes-update-check qubes-updates-proxy" DEFAULT_ENABLED_PROXYVM="meminfo-writer qubes-network qubes-firewall qubes-netwatcher qubes-update-check" DEFAULT_ENABLED_APPVM="meminfo-writer cups qubes-update-check" DEFAULT_ENABLED_TEMPLATEVM="$DEFAULT_ENABLED_APPVM updates-proxy-setup" DEFAULT_ENABLED="meminfo-writer" -XS_READ=/usr/bin/xenstore-read -[ -x /usr/sbin/xenstore-read ] && XS_READ=/usr/sbin/xenstore-read -XS_LS=/usr/bin/xenstore-ls -[ -x /usr/sbin/xenstore-read ] && XS_LS=/usr/sbin/xenstore-ls +QDB_READ=/usr/bin/qubesdb-read +QDB_LS=/usr/bin/qubesdb-list read_service() { - $XS_READ qubes-service/$1 2> /dev/null + $QDB_READ /qubes-service/$1 2> /dev/null } systemd_pkg_version=`systemctl --version|head -n 1` @@ -31,13 +29,13 @@ mkdir -p /var/run/qubes mkdir -p /var/run/qubes-service mkdir -p /var/run/xen-hotplug -# Set permissions to /proc/xen/xenbus, so normal user can use xenstore-read +# Set permissions to /proc/xen/xenbus, so normal user can use qubesdb-read chmod 666 /proc/xen/xenbus # Set permissions to files needed to listen at vchan chmod 666 /proc/u2mfn # Set default services depending on VM type -TYPE=`$XS_READ qubes-vm-type 2> /dev/null` +TYPE=`$QDB_READ /qubes-vm-type 2> /dev/null` [ "$TYPE" = "AppVM" ] && DEFAULT_ENABLED=$DEFAULT_ENABLED_APPVM [ "$TYPE" = "NetVM" ] && DEFAULT_ENABLED=$DEFAULT_ENABLED_NETVM [ "$TYPE" = "ProxyVM" ] && DEFAULT_ENABLED=$DEFAULT_ENABLED_PROXYVM @@ -49,23 +47,23 @@ for srv in $DEFAULT_ENABLED; do done # Enable services -for srv in `$XS_LS qubes-service 2>/dev/null |grep ' = "1"'|cut -f 1 -d ' '`; do +for srv in `$QDB_LS /qubes-service 2>/dev/null |grep ' = "1"'|cut -f 1 -d ' '`; do touch /var/run/qubes-service/$srv done # Disable services -for srv in `$XS_LS qubes-service 2>/dev/null |grep ' = "0"'|cut -f 1 -d ' '`; do +for srv in `$QDB_LS /qubes-service 2>/dev/null |grep ' = "0"'|cut -f 1 -d ' '`; do rm -f /var/run/qubes-service/$srv done # Set the hostname -name=`$XS_READ name` +name=`$QDB_READ /name` if [ -n "$name" ]; then hostname $name sed -i "s/^\(127\.0\.0\.1[\t ].*\) \($name \)\?\(.*\)/\1\2 $name/" /etc/hosts fi -timezone=`$XS_READ qubes-timezone 2> /dev/null` +timezone=`$QDB_READ /qubes-timezone 2> /dev/null` if [ -n "$timezone" ]; then ln -f /usr/share/zoneinfo/$timezone /etc/localtime echo "# Clock configuration autogenerated based on Qubes dom0 settings" > /etc/sysconfig/clock @@ -75,7 +73,7 @@ fi # Prepare environment for other services echo > /var/run/qubes-service-environment -debug_mode=`$XS_READ qubes-debug-mode 2> /dev/null` +debug_mode=`$QDB_READ /qubes-debug-mode 2> /dev/null` if [ -n "$debug_mode" -a "$debug_mode" -gt 0 ]; then echo "GUI_OPTS=-vv" >> /var/run/qubes-service-environment fi