Depending on yum version, adding '-q' option may hide not only
informational messages, but also updates list. This is especially the
case for yum-deprecated in Fedora 22.
So instead of '-q' option, filter the output manually.
QubesOS/qubes-issues#1282
Fix for d44c8ac "dom0-updates: prefer yum-deprecated over dnf"
Because of slightly different options and config syntax, it needs to be
used in call calls, not only the one with --downloaddir option.
QubesOS/qubes-issues#1282
Initramfs created in TemplateVM may be used also in AppVMs based on it, so
technically it is different system. Especially it has different devices
mounted (own /rw, own swap etc), so prevent hardcoding UUIDs here.
QubesOS/qubes-issues#1354
DNF defaults to skip_if_unavailable=True, so make sure that Qubes
repositories are treated as vital one. Otherwise it would allow an
attacker to cut the user from updates without visible error (when using
PackageKit for example).
Do not set it for unstable repository, as it isn't critical one.
FixesQubesOS/qubes-issues#1387
Some of the reasons:
- dnf doesn't support --downloaddir option
- dnf doesn't support `copy_local` repo option (used in automated tests
only)
- dnf is horribly slow, especially without cache fetched
(https://bugzilla.redhat.com/show_bug.cgi?id=1227014)
This is all needed (instead of simply using `yum` command), because
Fedora >= 22 have an command redirection `yum`->`dnf`.
QubesOS/qubes-issues#1282
Initial size of those tmpfs-mounted directories is calculated as 50% of
RAM at VM startup time. Which happen to be quite small number, like
150M. Having such small /tmp and/or /dev/shm apparently isn't enough for
some applications like Google chrome. So set the size statically at 1GB,
which would be the case for baremetal system with 2GB of RAM.
FixesQubesOS/qubes-issues#1003
* origin/pr/31:
Fixed /etc/pam.d/su.qubes. (Moved line 'auth sufficient pam_permit.so' up. May not be low '@include' lines.)
- Prevent 'su -' from asking for password in Debian [based] templates. Thanks to @unman and @marmarek for suggesting the fix! Fixes https://github.com/QubesOS/qubes-issues/issues/1128. - Changed 'ifeq (1,${DEBIANBUILD})' to 'ifeq ($(shell lsb_release -is), Debian)' to make the build work outside of Qubes Builder as well.
Conflicts:
debian/control
Thanks to @unman and @marmarek for suggesting the fix!
Fixes https://github.com/QubesOS/qubes-issues/issues/1128.
- Changed 'ifeq (1,${DEBIANBUILD})' to 'ifeq ($(shell lsb_release -is), Debian)' to make the build work outside of Qubes Builder as well.
Gio.DesktopAppInfo.get_boolean was introduced in glib 2.36. Instead of
crashing simply do not support DBusActivatable there. There is no such
application in default Debian wheezy template anyway.
Usage of _static_ files (dropins) to override some of autostart entries
(enable/disable them in appropriate VM types) is much simpler and less
error prone than automatic generators.
Handling code is implemented in qubes-session-autostart, which is called
from qubes-session.
qubesos/qubes-issues#1151
qubes-desktop-file-install is called by qubes-triggers-desktop-file-install. It's
arguments are based on the Gnome desktop-install-file utility to allow it to be replaced
by same. Currently the Gnome utility can not be used since it automatically validates
the .desktop entry files with no option to skip validation and will fail on some third
party .desktop files that are not formed properly.
A single trigger script is shared between Fedora, Debian. This script is used by the
package managers triggers and will copy original .desktop files from `/etc/xdg/autostart`
to `/usr/share/qubes/xdg/autostart` and modify the OnlyShownIn / NotShownIn, etc. The
original .desktop files are left untouched and left in place.
Qubes modifies the XDG_CONFIG_DIRS to first include the `/usr/share/qubes/xdg`
directory (XDG_CONFIG_DIRS=/usr/share/qubes/xdg:/etc/xdg).
If a package gets removed, it's desktop entry is also removed from the /usr/share/qubes/xdg
directory.
'qubes-desktop-file-install' options:
--dir DIR Install desktop files to the DIR directory (default: <FILE>)
--force Force overwrite of existing desktop files (default: False)
--remove-show-in Remove the "OnlyShowIn" and "NotShowIn" entries from the desktop file (default: False)
--remove-key KEY Remove the KEY key from the desktop files, if present
--set-key (KEY VALUE) Set the KEY key to VALUE
--remove-only-show-in ENVIRONMENT Remove ENVIRONMENT from the list of desktop environment where the desktop files should be displayed
--add-only-show-in ENVIRONMENT Add ENVIRONMENT to the list of desktop environment where the desktop files should be displayed
--remove-not-show-in ENVIRONMENT Remove ENVIRONMENT from the list of desktop environment where the desktop files should not be displayed
--add-not-show-in ENVIRONMENT Add ENVIRONMENT to the list of desktop environment where the desktop files should not be displayed
Restore support for older yum: no --downloadonly option, so use
yumdownloader.
Also add some a code to handle some Debian quirks - especially default
rpmdb location in user home...
Apparently it doesn't help much with DispVM startup time, but causes a
lot of problems when such app do not close in time (either can be killed
forcibly and will complain about it at next run, or will spontaneously
show itself when DispVM is started).