|
@@ -1,5 +1,4 @@
|
|
|
|
|
|
-
|
|
|
###########################
|
|
|
## Pre-Install functions ##
|
|
|
###########################
|
|
@@ -29,7 +28,7 @@ pre_install() {
|
|
|
mkdir -p /var/lib/qubes
|
|
|
|
|
|
# Backup fstab / But use archlinux defaults (cp instead of mv)
|
|
|
- if [ -e /etc/fstab ] ; then
|
|
|
+ if [ -e /etc/fstab ] ; then
|
|
|
cp /etc/fstab /var/lib/qubes/fstab.orig
|
|
|
fi
|
|
|
|
|
@@ -71,7 +70,6 @@ configure_selinux() {
|
|
|
# sed -e s/^SELINUX=.*$/SELINUX=disabled/ -i /etc/selinux/config
|
|
|
# setenforce 0 2>/dev/null
|
|
|
|
|
|
-
|
|
|
}
|
|
|
|
|
|
############################
|
|
@@ -83,7 +81,7 @@ update_qubesconfig() {
|
|
|
# Remove ip_forward setting from sysctl, so NM will not reset it
|
|
|
# Archlinux now use sysctl.d/ instead of sysctl.conf
|
|
|
#sed 's/^net.ipv4.ip_forward.*/#\0/' -i /etc/sysctl.conf
|
|
|
-
|
|
|
+
|
|
|
# Remove old firmware updates link
|
|
|
if [ -L /lib/firmware/updates ]; then
|
|
|
rm -f /lib/firmware/updates
|
|
@@ -102,7 +100,7 @@ update_qubesconfig() {
|
|
|
# Location of files which contains list of protected files
|
|
|
mkdir -p /etc/qubes/protected-files.d
|
|
|
PROTECTED_FILE_LIST='/etc/qubes/protected-files.d'
|
|
|
-
|
|
|
+
|
|
|
# qubes-core-vm has been broken for some time - it overrides /etc/hosts; restore original content
|
|
|
if ! grep -rq "^/etc/hosts$" "${PROTECTED_FILE_LIST}" 2>/dev/null; then
|
|
|
if ! grep -q localhost /etc/hosts; then
|
|
@@ -112,7 +110,7 @@ update_qubesconfig() {
|
|
|
EOF
|
|
|
fi
|
|
|
fi
|
|
|
-
|
|
|
+
|
|
|
# ensure that hostname resolves to 127.0.0.1 resp. ::1 and that /etc/hosts is
|
|
|
# in the form expected by qubes-sysinit.sh
|
|
|
if ! grep -rq "^/etc/hostname$" "${PROTECTED_FILE_LIST}" 2>/dev/null; then
|
|
@@ -149,7 +147,7 @@ PRESET_FAILED=0
|
|
|
if [ $1 -eq 1 ]; then
|
|
|
systemctl --no-reload preset-all > /dev/null 2>&1 && PRESET_FAILED=0 || PRESET_FAILED=1
|
|
|
else
|
|
|
- services="qubes-dvm qubes-misc-post qubes-firewall qubes-mount-home"
|
|
|
+ services="qubes-dvm qubes-misc-post qubes-firewall qubes-mount-dirs"
|
|
|
services="$services qubes-netwatcher qubes-network qubes-sysinit"
|
|
|
services="$services qubes-iptables qubes-updates-proxy qubes-qrexec-agent"
|
|
|
services="$services qubes-random-seed"
|
|
@@ -199,7 +197,7 @@ update_finalize() {
|
|
|
sed '/session\t\trequired\tpam_unix.so/asession\t\tinclude\t\tsystem-login' -i /etc/pam.d/su
|
|
|
cp /etc/pam.d/su /etc/pam.d/su-l
|
|
|
fi
|
|
|
-
|
|
|
+
|
|
|
# Archlinux specific: ensure tty1 is enabled
|
|
|
rm -f /etc/systemd/system/getty.target.wants/getty@tty*.service
|
|
|
systemctl enable getty\@tty1.service
|
|
@@ -227,15 +225,15 @@ post_install() {
|
|
|
if [ $(basename $f) == "xen-backend.rules" ] ; then
|
|
|
continue
|
|
|
fi
|
|
|
-
|
|
|
+
|
|
|
if [ $(basename $f) == "50-qubes-misc.rules" ] ; then
|
|
|
continue
|
|
|
fi
|
|
|
-
|
|
|
+
|
|
|
if echo $f | grep -q qubes; then
|
|
|
continue
|
|
|
fi
|
|
|
-
|
|
|
+
|
|
|
mv $f /var/lib/qubes/removed-udev-scripts/
|
|
|
done
|
|
|
|
|
@@ -252,8 +250,6 @@ post_install() {
|
|
|
|
|
|
}
|
|
|
|
|
|
-
|
|
|
-
|
|
|
## arg 1: the new package version
|
|
|
## arg 2: the old package version
|
|
|
post_upgrade() {
|
|
@@ -263,13 +259,10 @@ post_upgrade() {
|
|
|
configure_notification-daemon
|
|
|
configure_selinux
|
|
|
|
|
|
- configure_systemd 1
|
|
|
-
|
|
|
update_finalize
|
|
|
|
|
|
/usr/bin/glib-compile-schemas /usr/share/glib-2.0/schemas &> /dev/null || :
|
|
|
|
|
|
-
|
|
|
}
|
|
|
|
|
|
######################
|
|
@@ -299,12 +292,8 @@ post_remove() {
|
|
|
rm /lib/firmware/updates
|
|
|
fi
|
|
|
|
|
|
- rm -rf /var/lib/qubes/xdg
|
|
|
-
|
|
|
- for srv in qubes-dvm qubes-sysinit qubes-misc-post qubes-mount-home qubes-netwatcher qubes-network qubes-qrexec-agent; do
|
|
|
+ for srv in qubes-dvm qubes-sysinit qubes-misc-post qubes-mount-dirs qubes-netwatcher qubes-network qubes-qrexec-agent; do
|
|
|
systemctl disable $srv.service
|
|
|
done
|
|
|
-
|
|
|
|
|
|
}
|
|
|
-
|