From f564a4d143ace574be83147dae4d4aafa456c1ed Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@mimuw.edu.pl>
Date: Wed, 22 Jun 2011 00:44:48 +0200
Subject: [PATCH] dom0+vm: Tools for downloading dom0 update by VM (#198)

Mainly 4 parts:
 - scripts for providing rpmdb and yum repos to VM (choosen by qvm-set-updatevm)
 - VM script for downloading updates (qubes_download_dom0_updates.sh)
 - qfile-dom0-unpacker which receive updates, check signatures and place its in dom0 local yum repo
 - qvm-dom0-upgrade which calls all of above and after all yum gpk-update-viewer

Besides qvm-dom0-upgrade, updates are checked every 6h and user is prompted if
want to download it. At dom0 side gpk-update-icon (disabled yet) should notice
new updates in "local" repo.
---
 appvm/Makefile                        |  4 +--
 {appvm => common}/copy_file.c         |  0
 {appvm => common}/crc32.c             |  0
 {appvm => common}/crc32.h             |  0
 {appvm => common}/filecopy.h          |  0
 common/qubes_download_dom0_updates.sh | 51 +++++++++++++++++++++++++++
 {appvm => common}/unpack.c            |  0
 rpm_spec/core-commonvm.spec           |  3 ++
 8 files changed, 56 insertions(+), 2 deletions(-)
 rename {appvm => common}/copy_file.c (100%)
 rename {appvm => common}/crc32.c (100%)
 rename {appvm => common}/crc32.h (100%)
 rename {appvm => common}/filecopy.h (100%)
 create mode 100755 common/qubes_download_dom0_updates.sh
 rename {appvm => common}/unpack.c (100%)

diff --git a/appvm/Makefile b/appvm/Makefile
index df9989e..d1e1040 100644
--- a/appvm/Makefile
+++ b/appvm/Makefile
@@ -5,9 +5,9 @@ dvm_file_editor: dvm_file_editor.o ../common/ioall.o
 	$(CC) -pie -g -o $@ $^
 qfile-agent-dvm: qfile-agent-dvm.o ../common/ioall.o ../common/gui-fatal.o
 	$(CC) -pie -g -o $@ $^
-qfile-agent: qfile-agent.o ../common/ioall.o ../common/gui-fatal.o copy_file.o crc32.o
+qfile-agent: qfile-agent.o ../common/ioall.o ../common/gui-fatal.o ../common/copy_file.o ../common/crc32.o
 	$(CC) -pie -g -o $@ $^
-qfile-unpacker: qfile-unpacker.o ../common/ioall.o ../common/gui-fatal.o copy_file.o unpack.o crc32.o
+qfile-unpacker: qfile-unpacker.o ../common/ioall.o ../common/gui-fatal.o ../common/copy_file.o ../common/unpack.o ../common/crc32.o
 	$(CC) -pie -g -o $@ $^
 
 clean:
diff --git a/appvm/copy_file.c b/common/copy_file.c
similarity index 100%
rename from appvm/copy_file.c
rename to common/copy_file.c
diff --git a/appvm/crc32.c b/common/crc32.c
similarity index 100%
rename from appvm/crc32.c
rename to common/crc32.c
diff --git a/appvm/crc32.h b/common/crc32.h
similarity index 100%
rename from appvm/crc32.h
rename to common/crc32.h
diff --git a/appvm/filecopy.h b/common/filecopy.h
similarity index 100%
rename from appvm/filecopy.h
rename to common/filecopy.h
diff --git a/common/qubes_download_dom0_updates.sh b/common/qubes_download_dom0_updates.sh
new file mode 100755
index 0000000..488eecb
--- /dev/null
+++ b/common/qubes_download_dom0_updates.sh
@@ -0,0 +1,51 @@
+#!/bin/bash
+
+DOM0_UPDATES_DIR=/var/lib/qubes/dom0-updates
+
+DOIT=0
+GUI=1
+while [ -n "$1" ]; do
+    if [ "x--doit" = "x$1" ]; then
+        DOIT=1
+    elif [ "x--nogui" = "x$1" ]; then
+        GUI=0
+    fi
+    shift
+done
+
+if ! [ -d "$DOM0_UPDATES_DIR" ]; then
+    echo "Dom0 updates dir does not exists: $DOM0_UPDATES_DIR"
+    exit 1
+fi
+
+mkdir -p $DOM0_UPDATES_DIR/etc
+cp /etc/yum.conf $DOM0_UPDATES_DIR/etc/
+
+echo "Checking for updates..."
+PKGLIST=`yum --installroot $DOM0_UPDATES_DIR check-update -q | cut -f 1 -d ' '`
+
+if [ -z $PKGLIST ]; then
+    # No new updates
+    exit 0
+fi
+
+if [ "$DOIT" != "1" ]; then
+    zenity --question --title="Qubes Dom0 updates" \
+      --text="Updates for dom0 available. Do you want to download its now?" || exit 0
+fi
+
+mkdir -p "$DOM0_UPDATES_DIR/packages"
+
+set -e
+
+if [ "$GUI" = 1 ]; then
+    ( echo "1"
+    yumdownloader --destdir "$DOM0_UPDATES_DIR/packages" --installroot "$DOM0_UPDATES_DIR" $PKGLIST
+    echo 100 ) | zenity --progress --pulsate --auto-close --auto-kill \
+         --text="Downloading updates for Dom0, please wait..." --title="Qubes Dom0 updates"
+else
+    yumdownloader --destdir "$DOM0_UPDATES_DIR/packages" --installroot "$DOM0_UPDATES_DIR" $PKGLIST
+fi
+
+# qvm-copy-to-vm works only from user
+su -c "qvm-copy-to-vm @dom0updates $DOM0_UPDATES_DIR/packages/*.rpm" user
diff --git a/appvm/unpack.c b/common/unpack.c
similarity index 100%
rename from appvm/unpack.c
rename to common/unpack.c
diff --git a/rpm_spec/core-commonvm.spec b/rpm_spec/core-commonvm.spec
index 993b277..d754c36 100644
--- a/rpm_spec/core-commonvm.spec
+++ b/rpm_spec/core-commonvm.spec
@@ -79,10 +79,12 @@ mkdir -p $RPM_BUILD_ROOT/etc/udev/rules.d
 cp qubes_network.rules $RPM_BUILD_ROOT/etc/udev/rules.d/
 mkdir -p $RPM_BUILD_ROOT/usr/lib/qubes/
 cp setup_ip $RPM_BUILD_ROOT/usr/lib/qubes/
+cp qubes_download_dom0_updates.sh $RPM_BUILD_ROOT/usr/lib/qubes/
 mkdir -p $RPM_BUILD_ROOT/etc/yum/post-actions
 cp qubes_trigger_sync_appmenus.action $RPM_BUILD_ROOT/etc/yum/post-actions/
 mkdir -p $RPM_BUILD_ROOT/usr/lib/qubes
 cp qubes_trigger_sync_appmenus.sh $RPM_BUILD_ROOT/usr/lib/qubes/
+mkdir -p $RPM_BUILD_ROOT/var/lib/qubes/dom0-updates
 
 %triggerin -- initscripts
 cp /var/lib/qubes/serial.conf /etc/init/serial.conf
@@ -233,3 +235,4 @@ rm -rf $RPM_BUILD_ROOT
 /usr/lib/qubes/setup_ip
 /etc/yum/post-actions/qubes_trigger_sync_appmenus.action
 /usr/lib/qubes/qubes_trigger_sync_appmenus.sh
+/usr/lib/qubes/qubes_download_dom0_updates.sh