Use Qubes DB instead of Xenstore
This commit is contained in:
Marek Marczykowski
Marek Marczykowski-Górecki
parent
a3aab7dab2
commit
db35abadc8
@ -1,6 +1,6 @@
|
||||
#!/bin/sh
|
||||
|
||||
UPDATEABLE=`/usr/bin/xenstore-read qubes-vm-updateable`
|
||||
UPDATEABLE=`/usr/bin/qubesdb-read /qubes-vm-updateable`
|
||||
|
||||
if [ "$UPDATEABLE" = "True" ]; then
|
||||
/usr/lib/qubes/qrexec-client-vm dom0 qubes.SyncAppMenus /bin/sh /etc/qubes-rpc/qubes.GetAppmenus
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
#!/bin/sh
|
||||
if [ x$2 == xup ]; then
|
||||
INET=$(/sbin/ip addr show dev $1 | /bin/grep inet)
|
||||
/usr/bin/xenstore-write qubes-netvm-external-ip "$INET"
|
||||
/usr/bin/qubesdb-write /qubes-netvm-external-ip "$INET"
|
||||
fi
|
||||
if [ x$2 == xdown ]; then
|
||||
/usr/bin/xenstore-write qubes-netvm-external-ip ""
|
||||
/usr/bin/qubesdb-write /qubes-netvm-external-ip ""
|
||||
fi
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
set -e
|
||||
|
||||
PIDFILE=/var/run/qubes/qubes-firewall.pid
|
||||
XENSTORE_IPTABLES=qubes-iptables
|
||||
XENSTORE_IPTABLES_HEADER=qubes-iptables-header
|
||||
XENSTORE_ERROR=qubes-iptables-error
|
||||
XENSTORE_IPTABLES=/qubes-iptables
|
||||
XENSTORE_IPTABLES_HEADER=/qubes-iptables-header
|
||||
XENSTORE_ERROR=/qubes-iptables-error
|
||||
OLD_RULES=""
|
||||
# PIDfile handling
|
||||
[[ -e $PIDFILE ]] && kill -s 0 $(<$PIDFILE) 2>/dev/null && exit 0
|
||||
@ -22,9 +22,9 @@ while true; do
|
||||
FIRST_TIME=
|
||||
TRIGGER=reload
|
||||
else
|
||||
# Wait for changes in xenstore file
|
||||
/usr/bin/xenstore-watch-qubes $XENSTORE_IPTABLES
|
||||
TRIGGER=$(/usr/bin/xenstore-read $XENSTORE_IPTABLES)
|
||||
# Wait for changes in qubesdb file
|
||||
/usr/bin/qubesdb-watch $XENSTORE_IPTABLES
|
||||
TRIGGER=$(/usr/bin/qubesdb-read $XENSTORE_IPTABLES)
|
||||
fi
|
||||
|
||||
if ! [ "$TRIGGER" = "reload" ]; then continue ; fi
|
||||
@ -34,19 +34,19 @@ while true; do
|
||||
# during the time when the rules are being (re)applied
|
||||
echo "0" > /proc/sys/net/ipv4/ip_forward
|
||||
|
||||
RULES=$(/usr/bin/xenstore-read $XENSTORE_IPTABLES_HEADER)
|
||||
RULES=$(/usr/bin/qubesdb-read $XENSTORE_IPTABLES_HEADER)
|
||||
IPTABLES_SAVE=$(/sbin/iptables-save | sed '/^\*filter/,/^COMMIT/d')
|
||||
OUT=`echo -e "$RULES\n$IPTABLES_SAVE" | /sbin/iptables-restore 2>&1 || true`
|
||||
|
||||
for i in $(xenstore-list qubes-iptables-domainrules) ; do
|
||||
RULES=$(/usr/bin/xenstore-read qubes-iptables-domainrules/"$i")
|
||||
for i in $(qubesdb-list -f /qubes-iptables-domainrules) ; do
|
||||
RULES=$(/usr/bin/qubesdb-read "$i")
|
||||
ERRS=`echo -e "$RULES" | /sbin/iptables-restore -n 2>&1 || true`
|
||||
if [ -n "$ERRS" ]; then
|
||||
echo "Failed applying rules for $i: $ERRS" >&2
|
||||
OUT="$OUT$ERRS"
|
||||
fi
|
||||
done
|
||||
/usr/bin/xenstore-write $XENSTORE_ERROR "$OUT"
|
||||
/usr/bin/qubesdb-write $XENSTORE_ERROR "$OUT"
|
||||
if [ -n "$OUT" ]; then
|
||||
DISPLAY=:0 /usr/bin/notify-send -t 3000 "Firewall loading error ($HOSTNAME)" "$OUT" || :
|
||||
fi
|
||||
|
||||
@ -1,16 +1,10 @@
|
||||
#!/bin/sh
|
||||
|
||||
if [ -x /usr/sbin/xenstore-read ]; then
|
||||
XENSTORE_READ="/usr/sbin/xenstore-read"
|
||||
else
|
||||
XENSTORE_READ="/usr/bin/xenstore-read"
|
||||
fi
|
||||
|
||||
ip=`$XENSTORE_READ qubes-ip 2> /dev/null`
|
||||
ip=`/usr/bin/qubesdb-read /qubes-ip 2> /dev/null`
|
||||
if [ x$ip != x ]; then
|
||||
netmask=`$XENSTORE_READ qubes-netmask`
|
||||
gateway=`$XENSTORE_READ qubes-gateway`
|
||||
secondary_dns=`$XENSTORE_READ qubes-secondary-dns`
|
||||
netmask=`/usr/bin/qubesdb-read /qubes-netmask`
|
||||
gateway=`/usr/bin/qubesdb-read /qubes-gateway`
|
||||
secondary_dns=`/usr/bin/qubesdb-read /qubes-secondary-dns`
|
||||
/sbin/ifconfig $INTERFACE $ip netmask 255.255.255.255
|
||||
/sbin/ifconfig $INTERFACE up
|
||||
/sbin/route add -host $gateway dev $INTERFACE
|
||||
@ -19,11 +13,11 @@ if [ x$ip != x ]; then
|
||||
/sbin/ethtool -K $INTERFACE tx off
|
||||
echo "nameserver $gateway" > /etc/resolv.conf
|
||||
echo "nameserver $secondary_dns" >> /etc/resolv.conf
|
||||
network=$($XENSTORE_READ qubes-netvm-network 2>/dev/null)
|
||||
network=$(/usr/bin/qubesdb-read /qubes-netvm-network 2>/dev/null)
|
||||
if [ "x$network" != "x" ]; then
|
||||
gateway=$($XENSTORE_READ qubes-netvm-gateway)
|
||||
netmask=$($XENSTORE_READ qubes-netvm-netmask)
|
||||
secondary_dns=$($XENSTORE_READ qubes-netvm-secondary-dns)
|
||||
gateway=$(/usr/bin/qubesdb-read /qubes-netvm-gateway)
|
||||
netmask=$(/usr/bin/qubesdb-read /qubes-netvm-netmask)
|
||||
secondary_dns=$(/usr/bin/qubesdb-read /qubes-netvm-secondary-dns)
|
||||
echo "NS1=$gateway" > /var/run/qubes/qubes-ns
|
||||
echo "NS2=$secondary_dns" >> /var/run/qubes/qubes-ns
|
||||
/usr/lib/qubes/qubes-setup-dnat-to-ns
|
||||
|
||||
@ -54,7 +54,7 @@ if [ "${ip}" ] ; then
|
||||
${cmdprefix} ip route ${ipcmd} ${addr} dev ${vif} metric $metric
|
||||
done
|
||||
${cmdprefix} iptables -t raw $iptables_cmd -i ${vif} \! -s ${ip} -j DROP
|
||||
back_ip=`xenstore-read qubes-netvm-gateway`
|
||||
back_ip=`qubesdb-read /qubes-netvm-gateway`
|
||||
${cmdprefix} ip addr ${ipcmd} ${back_ip}/32 dev ${vif}
|
||||
fi
|
||||
|
||||
|
||||
@ -32,7 +32,6 @@ Group: Qubes
|
||||
Vendor: Invisible Things Lab
|
||||
License: GPL
|
||||
URL: http://www.qubes-os.org
|
||||
Requires: /usr/bin/xenstore-read
|
||||
Requires: fedora-release
|
||||
Requires: yum-plugin-post-transaction-actions
|
||||
Requires: NetworkManager >= 0.8.1-1
|
||||
@ -58,6 +57,7 @@ Requires: ImageMagick
|
||||
Requires: fakeroot
|
||||
Requires: desktop-notification-daemon
|
||||
Requires: qubes-libvchan
|
||||
Requires: qubes-db-vm
|
||||
Provides: qubes-core-vm
|
||||
Obsoletes: qubes-core-commonvm
|
||||
Obsoletes: qubes-core-appvm
|
||||
|
||||
@ -10,19 +10,14 @@ start()
|
||||
{
|
||||
echo -n $"Executing Qubes Core scripts:"
|
||||
|
||||
if ! [ -x /usr/bin/xenstore-read ] ; then
|
||||
echo "ERROR: /usr/bin/xenstore-read not found!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Set permissions to /proc/xen/xenbus, so normal user can use xenstore-read
|
||||
# Set permissions to /proc/xen/xenbus, so normal user can use qubesdb-read
|
||||
chmod 666 /proc/xen/xenbus
|
||||
# Set permissions to files needed to listen at vchan
|
||||
chmod 666 /proc/u2mfn
|
||||
|
||||
mkdir -p /var/run/xen-hotplug
|
||||
|
||||
name=$(/usr/bin/xenstore-read name)
|
||||
name=$(/usr/bin/qubesdb-read /name)
|
||||
if ! [ -f /etc/this-is-dvm ] ; then
|
||||
# we don't want to set hostname for DispVM
|
||||
# because it makes some of the pre-created dotfiles invalid (e.g. .kde/cache-<hostname>)
|
||||
@ -31,15 +26,15 @@ start()
|
||||
sed -i "s/^\(127\.0\.0\.1[\t ].*\) \($name \)\?\(.*\)/\1\2 $name/" /etc/hosts
|
||||
fi
|
||||
|
||||
timezone=`/usr/bin/xenstore-read qubes-timezone 2> /dev/null`
|
||||
timezone=`/usr/bin/qubesdb-read /qubes-timezone 2> /dev/null`
|
||||
if [ -n "$timezone" ]; then
|
||||
ln -f /usr/share/zoneinfo/$timezone /etc/localtime
|
||||
echo "# Clock configuration autogenerated based on Qubes dom0 settings" > /etc/sysconfig/clock
|
||||
echo "ZONE=\"$timezone\"" >> /etc/sysconfig/clock
|
||||
fi
|
||||
|
||||
yum_proxy_setup=$(/usr/bin/xenstore-read qubes-service/yum-proxy-setup 2> /dev/null || /usr/bin/xenstore-read qubes-service/updates-proxy-setup 2>/dev/null )
|
||||
type=$(/usr/bin/xenstore-read qubes-vm-type)
|
||||
yum_proxy_setup=$(/usr/bin/qubesdb-read /qubes-service/yum-proxy-setup 2> /dev/null || /usr/bin/qubesdb-read /qubes-service/updates-proxy-setup 2> /dev/null)
|
||||
type=$(/usr/bin/qubesdb-read /qubes-vm-type)
|
||||
if [ "$yum_proxy_setup" != "0" ] || [ -z "$yum_proxy_setup" -a "$type" == "TemplateVM" ]; then
|
||||
echo proxy=http://10.137.255.254:8082/ > /etc/yum.conf.d/qubes-proxy.conf
|
||||
else
|
||||
@ -49,7 +44,7 @@ start()
|
||||
# Set IP address again (besides action in udev rules); this is needed by
|
||||
# DispVM (to override DispVM-template IP) and in case when qubes-ip was
|
||||
# called by udev before loading evtchn kernel module - in which case
|
||||
# xenstore-read fails
|
||||
# qubesdb-read fails
|
||||
INTERFACE=eth0 /usr/lib/qubes/setup-ip
|
||||
|
||||
mkdir -p /var/run/qubes
|
||||
@ -85,7 +80,7 @@ start()
|
||||
success
|
||||
echo ""
|
||||
|
||||
start_ntpd=$(/usr/bin/xenstore-read qubes-service/ntpd 2> /dev/null)
|
||||
start_ntpd=$(/usr/bin/qubesdb-read /qubes-service/ntpd 2> /dev/null)
|
||||
if [ "$start_ntpd" == "1" ]; then
|
||||
/sbin/service ntpd start
|
||||
fi
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
|
||||
possibly_run_save_script()
|
||||
{
|
||||
ENCODED_SCRIPT=$(xenstore-read qubes-save-script)
|
||||
ENCODED_SCRIPT=$(qubesdb-read /qubes-save-script)
|
||||
if [ -z "$ENCODED_SCRIPT" ] ; then return ; fi
|
||||
echo $ENCODED_SCRIPT|perl -e 'use MIME::Base64 qw(decode_base64); local($/) = undef;print decode_base64(<STDIN>)' >/tmp/qubes-save-script
|
||||
chmod 755 /tmp/qubes-save-script
|
||||
@ -20,19 +20,14 @@ possibly_run_save_script()
|
||||
|
||||
start()
|
||||
{
|
||||
if ! [ -x /usr/bin/xenstore-read ] ; then
|
||||
echo "ERROR: /usr/bin/xenstore-read not found!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
type=$(/usr/bin/xenstore-read qubes-vm-type)
|
||||
type=$(/usr/bin/qubesdb-read /qubes-vm-type)
|
||||
if [ "$type" != "AppVM" -a "$type" != "DisposableVM" -a "$type" != "TemplateVM" ]; then
|
||||
# This script runs only on AppVMs
|
||||
return 0
|
||||
fi
|
||||
|
||||
# Start AppVM specific services
|
||||
start_cups=$(/usr/bin/xenstore-read qubes-service/cups 2> /dev/null)
|
||||
start_cups=$(/usr/bin/qubesdb-read /qubes-service/cups 2> /dev/null)
|
||||
if [ "$start_cups" != "0" ]; then
|
||||
/sbin/service cups start
|
||||
# Allow also notification icon
|
||||
@ -44,7 +39,7 @@ start()
|
||||
|
||||
echo -n $"Executing Qubes Core scripts for AppVM:"
|
||||
|
||||
if xenstore-read qubes-save-request 2>/dev/null ; then
|
||||
if qubesdb-read /qubes-save-request 2>/dev/null ; then
|
||||
if [ -L /home ]; then
|
||||
rm /home
|
||||
mkdir /home
|
||||
@ -56,17 +51,18 @@ start()
|
||||
umount /rw
|
||||
dmesg -c >/dev/null
|
||||
free | grep Mem: |
|
||||
(read a b c d ; xenstore-write device/qubes-used-mem $c)
|
||||
(read a b c d ; qubesdb-write /qubes-used-mem $c)
|
||||
# we're still running in DispVM template
|
||||
echo "Waiting for save/restore..."
|
||||
# ... wait until qubes-restore.c (in Dom0) recreates VM-specific keys
|
||||
while ! xenstore-read qubes-restore-complete 2>/dev/null ; do
|
||||
# TODO: restart qubesdb service before this
|
||||
while ! qubesdb-read /qubes-restore-complete 2>/dev/null ; do
|
||||
usleep 10
|
||||
done
|
||||
echo Back to life.
|
||||
fi
|
||||
|
||||
start_meminfo_writer=$(/usr/bin/xenstore-read qubes-service/meminfo-writer 2>/dev/null)
|
||||
start_meminfo_writer=$(/usr/bin/qubesdb-read /qubes-service/meminfo-writer 2>/dev/null)
|
||||
if [ "$start_meminfo_writer" != "0" ]; then
|
||||
MEM_CHANGE_THRESHOLD_KB=30000
|
||||
MEMINFO_DELAY_USEC=100000
|
||||
|
||||
@ -8,12 +8,12 @@
|
||||
|
||||
start()
|
||||
{
|
||||
if ! [ -x /usr/bin/xenstore-read ] ; then
|
||||
echo "ERROR: /usr/bin/xenstore-read not found!"
|
||||
if ! [ -x /usr/bin/qubesdb-read ] ; then
|
||||
echo "ERROR: /usr/bin/qubesdb-read not found!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
type=$(/usr/bin/xenstore-read qubes-vm-type)
|
||||
type=$(/usr/bin/qubesdb-read /qubes-vm-type)
|
||||
if [ "$type" == "NetVM" ]; then
|
||||
/usr/lib/qubes/network-manager-prepare-conf-dir
|
||||
/sbin/service NetworkManager start
|
||||
@ -22,11 +22,11 @@ start()
|
||||
echo -n $"Executing Qubes Core scripts NetVM:"
|
||||
|
||||
# Setup gateway for all the VMs this netVM is serviceing...
|
||||
network=$(/usr/bin/xenstore-read qubes-netvm-network 2>/dev/null)
|
||||
network=$(/usr/bin/qubesdb-read /qubes-netvm-network 2>/dev/null)
|
||||
if [ "x$network" != "x" ]; then
|
||||
gateway=$(/usr/bin/xenstore-read qubes-netvm-gateway)
|
||||
netmask=$(/usr/bin/xenstore-read qubes-netvm-netmask)
|
||||
secondary_dns=$(/usr/bin/xenstore-read qubes-netvm-secondary-dns)
|
||||
gateway=$(/usr/bin/qubesdb-read /qubes-netvm-gateway)
|
||||
netmask=$(/usr/bin/qubesdb-read /qubes-netvm-netmask)
|
||||
secondary_dns=$(/usr/bin/qubesdb-read /qubes-netvm-secondary-dns)
|
||||
modprobe netbk 2> /dev/null || modprobe xen-netback
|
||||
echo "NS1=$gateway" > /var/run/qubes/qubes-ns
|
||||
echo "NS2=$secondary_dns" >> /var/run/qubes/qubes-ns
|
||||
|
||||
@ -3,3 +3,4 @@ modprobe xen-blkback 2> /dev/null || modprobe blkbk
|
||||
modprobe xen-usbfront 2> /dev/null
|
||||
modprobe u2mfn 2>/dev/null
|
||||
modprobe xen-gntalloc 2> /dev/null
|
||||
modprobe xen-gntdev 2> /dev/null
|
||||
|
||||
@ -10,8 +10,8 @@ PIDFILE=/var/run/qubes/qubes-firewall.pid
|
||||
|
||||
start()
|
||||
{
|
||||
type=$(/usr/bin/xenstore-read qubes-vm-type)
|
||||
start_firewall=$(/usr/bin/xenstore-read qubes-service/qubes-firewall 2> /dev/null)
|
||||
type=$(/usr/bin/qubesdb-read /qubes-vm-type)
|
||||
start_firewall=$(/usr/bin/qubesdb-read /qubes-service/qubes-firewall 2> /dev/null)
|
||||
if [ -z "$start_firewall" ] && [ "$type" == "ProxyVM" ] || [ "$start_firewall" == "1" ]; then
|
||||
echo -n $"Starting Qubes Firewall monitor:"
|
||||
/sbin/ethtool -K eth0 sg off
|
||||
|
||||
@ -10,8 +10,8 @@ PIDFILE=/var/run/qubes/qubes-netwatcher.pid
|
||||
|
||||
start()
|
||||
{
|
||||
type=$(/usr/bin/xenstore-read qubes-vm-type)
|
||||
start_netwatcher=$(/usr/bin/xenstore-read qubes-service/qubes-netwatcher 2>/dev/null)
|
||||
type=$(/usr/bin/qubesdb-read /qubes-vm-type)
|
||||
start_netwatcher=$(/usr/bin/qubesdb-read /qubes-service/qubes-netwatcher 2>/dev/null)
|
||||
if [ -z "$start_netwatcher" ] && [ "$type" == "ProxyVM" ] || [ "$start_netwatcher" == "1" ]; then
|
||||
echo -n $"Starting Qubes Network monitor:"
|
||||
/sbin/ethtool -K eth0 sg off
|
||||
|
||||
@ -32,8 +32,8 @@ pidfile="/var/run/tinyproxy/tinyproxy-updates.pid"
|
||||
lockfile=/var/lock/subsys/tinyproxy-updates
|
||||
|
||||
start() {
|
||||
type=`/usr/bin/xenstore-read qubes-vm-type`
|
||||
start_updates_proxy=`/usr/bin/xenstore-read qubes-service/qubes-updates-proxy 2>/dev/null`
|
||||
type=`/usr/bin/qubesdb-read /qubes-vm-type`
|
||||
start_updates_proxy=`/usr/bin/qubesdb-read /qubes-service/qubes-updates-proxy 2>/dev/null`
|
||||
if [ -z "$start_updates_proxy" ] && [ "$type" != "NetVM" ] || [ "$start_updates_proxy" != "1" ]; then
|
||||
# Yum proxy disabled
|
||||
exit 0
|
||||
|
||||
@ -19,7 +19,7 @@ fi
|
||||
# Set IP address again (besides action in udev rules); this is needed by
|
||||
# DispVM (to override DispVM-template IP) and in case when qubes-ip was
|
||||
# called by udev before loading evtchn kernel module - in which case
|
||||
# xenstore-read fails
|
||||
# qubesdb-read fails
|
||||
INTERFACE=eth0 /usr/lib/qubes/setup-ip
|
||||
|
||||
if [ -e /dev/xvdb -a ! -e /etc/this-is-dvm ] ; then
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
#!/bin/sh
|
||||
|
||||
# Setup gateway for all the VMs this netVM is serviceing...
|
||||
network=$(/usr/bin/xenstore-read qubes-netvm-network 2>/dev/null)
|
||||
network=$(/usr/bin/qubesdb-read /qubes-netvm-network 2>/dev/null)
|
||||
if [ "x$network" != "x" ]; then
|
||||
gateway=$(/usr/bin/xenstore-read qubes-netvm-gateway)
|
||||
netmask=$(/usr/bin/xenstore-read qubes-netvm-netmask)
|
||||
secondary_dns=$(/usr/bin/xenstore-read qubes-netvm-secondary-dns)
|
||||
gateway=$(/usr/bin/qubesdb-read /qubes-netvm-gateway)
|
||||
netmask=$(/usr/bin/qubesdb-read /qubes-netvm-netmask)
|
||||
secondary_dns=$(/usr/bin/qubesdb-read /qubes-netvm-secondary-dns)
|
||||
modprobe netbk 2> /dev/null || modprobe xen-netback
|
||||
echo "NS1=$gateway" > /var/run/qubes/qubes-ns
|
||||
echo "NS2=$secondary_dns" >> /var/run/qubes/qubes-ns
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
possibly_run_save_script()
|
||||
{
|
||||
ENCODED_SCRIPT=$(xenstore-read qubes-save-script)
|
||||
ENCODED_SCRIPT=$(qubesdb-read /qubes-save-script)
|
||||
if [ -z "$ENCODED_SCRIPT" ] ; then return ; fi
|
||||
echo $ENCODED_SCRIPT|perl -e 'use MIME::Base64 qw(decode_base64); local($/) = undef;print decode_base64(<STDIN>)' >/tmp/qubes-save-script
|
||||
chmod 755 /tmp/qubes-save-script
|
||||
@ -12,7 +12,7 @@ possibly_run_save_script()
|
||||
killall Xorg
|
||||
}
|
||||
|
||||
if xenstore-read qubes-save-request 2>/dev/null ; then
|
||||
if qubesdb-read /qubes-save-request 2>/dev/null ; then
|
||||
if [ -L /home ]; then
|
||||
rm /home
|
||||
mkdir /home
|
||||
@ -24,12 +24,13 @@ if xenstore-read qubes-save-request 2>/dev/null ; then
|
||||
umount /rw
|
||||
dmesg -c >/dev/null
|
||||
free | grep Mem: |
|
||||
(read a b c d ; xenstore-write device/qubes-used-mem $c)
|
||||
(read a b c d ; qubesdb-write /qubes-used-mem $c)
|
||||
# we're still running in DispVM template
|
||||
echo "Waiting for save/restore..."
|
||||
# ... wait until qubes-restore.c (in Dom0) recreates VM-specific keys
|
||||
while ! xenstore-read qubes-restore-complete 2>/dev/null ; do
|
||||
usleep 10000
|
||||
# TODO: restart qubesdb-daemon before this
|
||||
while ! qubesdb-read /qubes-restore-complete 2>/dev/null ; do
|
||||
usleep 10
|
||||
done
|
||||
echo Back to life.
|
||||
fi
|
||||
|
||||
@ -3,3 +3,4 @@ xen-blkback
|
||||
xen-usbfront
|
||||
u2mfn
|
||||
xen-gntalloc
|
||||
xen-gntdev
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
Description=Init Qubes Services settings
|
||||
DefaultDependencies=no
|
||||
Before=sysinit.target
|
||||
After=proc-xen.mount systemd-modules-load.service
|
||||
After=proc-xen.mount systemd-modules-load.service qubes-db.service
|
||||
|
||||
[Service]
|
||||
Type=oneshot
|
||||
|
||||
@ -1,19 +1,17 @@
|
||||
#!/bin/sh
|
||||
|
||||
# List of services enabled by default (in case of absence of xenstore entry)
|
||||
# List of services enabled by default (in case of absence of qubesdb entry)
|
||||
DEFAULT_ENABLED_NETVM="network-manager qubes-network qubes-update-check qubes-updates-proxy"
|
||||
DEFAULT_ENABLED_PROXYVM="meminfo-writer qubes-network qubes-firewall qubes-netwatcher qubes-update-check"
|
||||
DEFAULT_ENABLED_APPVM="meminfo-writer cups qubes-update-check"
|
||||
DEFAULT_ENABLED_TEMPLATEVM="$DEFAULT_ENABLED_APPVM updates-proxy-setup"
|
||||
DEFAULT_ENABLED="meminfo-writer"
|
||||
|
||||
XS_READ=/usr/bin/xenstore-read
|
||||
[ -x /usr/sbin/xenstore-read ] && XS_READ=/usr/sbin/xenstore-read
|
||||
XS_LS=/usr/bin/xenstore-ls
|
||||
[ -x /usr/sbin/xenstore-read ] && XS_LS=/usr/sbin/xenstore-ls
|
||||
QDB_READ=/usr/bin/qubesdb-read
|
||||
QDB_LS=/usr/bin/qubesdb-list
|
||||
|
||||
read_service() {
|
||||
$XS_READ qubes-service/$1 2> /dev/null
|
||||
$QDB_READ /qubes-service/$1 2> /dev/null
|
||||
}
|
||||
|
||||
systemd_pkg_version=`systemctl --version|head -n 1`
|
||||
@ -31,13 +29,13 @@ mkdir -p /var/run/qubes
|
||||
mkdir -p /var/run/qubes-service
|
||||
mkdir -p /var/run/xen-hotplug
|
||||
|
||||
# Set permissions to /proc/xen/xenbus, so normal user can use xenstore-read
|
||||
# Set permissions to /proc/xen/xenbus, so normal user can use qubesdb-read
|
||||
chmod 666 /proc/xen/xenbus
|
||||
# Set permissions to files needed to listen at vchan
|
||||
chmod 666 /proc/u2mfn
|
||||
|
||||
# Set default services depending on VM type
|
||||
TYPE=`$XS_READ qubes-vm-type 2> /dev/null`
|
||||
TYPE=`$QDB_READ /qubes-vm-type 2> /dev/null`
|
||||
[ "$TYPE" = "AppVM" ] && DEFAULT_ENABLED=$DEFAULT_ENABLED_APPVM
|
||||
[ "$TYPE" = "NetVM" ] && DEFAULT_ENABLED=$DEFAULT_ENABLED_NETVM
|
||||
[ "$TYPE" = "ProxyVM" ] && DEFAULT_ENABLED=$DEFAULT_ENABLED_PROXYVM
|
||||
@ -49,23 +47,23 @@ for srv in $DEFAULT_ENABLED; do
|
||||
done
|
||||
|
||||
# Enable services
|
||||
for srv in `$XS_LS qubes-service 2>/dev/null |grep ' = "1"'|cut -f 1 -d ' '`; do
|
||||
for srv in `$QDB_LS /qubes-service 2>/dev/null |grep ' = "1"'|cut -f 1 -d ' '`; do
|
||||
touch /var/run/qubes-service/$srv
|
||||
done
|
||||
|
||||
# Disable services
|
||||
for srv in `$XS_LS qubes-service 2>/dev/null |grep ' = "0"'|cut -f 1 -d ' '`; do
|
||||
for srv in `$QDB_LS /qubes-service 2>/dev/null |grep ' = "0"'|cut -f 1 -d ' '`; do
|
||||
rm -f /var/run/qubes-service/$srv
|
||||
done
|
||||
|
||||
# Set the hostname
|
||||
name=`$XS_READ name`
|
||||
name=`$QDB_READ /name`
|
||||
if [ -n "$name" ]; then
|
||||
hostname $name
|
||||
sed -i "s/^\(127\.0\.0\.1[\t ].*\) \($name \)\?\(.*\)/\1\2 $name/" /etc/hosts
|
||||
fi
|
||||
|
||||
timezone=`$XS_READ qubes-timezone 2> /dev/null`
|
||||
timezone=`$QDB_READ /qubes-timezone 2> /dev/null`
|
||||
if [ -n "$timezone" ]; then
|
||||
ln -f /usr/share/zoneinfo/$timezone /etc/localtime
|
||||
echo "# Clock configuration autogenerated based on Qubes dom0 settings" > /etc/sysconfig/clock
|
||||
@ -75,7 +73,7 @@ fi
|
||||
# Prepare environment for other services
|
||||
echo > /var/run/qubes-service-environment
|
||||
|
||||
debug_mode=`$XS_READ qubes-debug-mode 2> /dev/null`
|
||||
debug_mode=`$QDB_READ /qubes-debug-mode 2> /dev/null`
|
||||
if [ -n "$debug_mode" -a "$debug_mode" -gt 0 ]; then
|
||||
echo "GUI_OPTS=-vv" >> /var/run/qubes-service-environment
|
||||
fi
|
||||
|
||||
Loading…
Reference in New Issue
Block a user