core-agent-linux/archlinux/PKGBUILD.install

remove_ShowIn () {
	if [ -e /etc/xdg/autostart/$1.desktop ]; then
		sed -i '/^\(Not\|Only\)ShowIn/d' /etc/xdg/autostart/$1.desktop
	fi
}

update_xdgstart () {

# don't want it at all
for F in abrt-applet deja-dup-monitor imsettings-start krb5-auth-dialog pulseaudio restorecond sealertauto gnome-power-manager gnome-sound-applet gnome-screensaver orca-autostart; do
	if [ -e /etc/xdg/autostart/$F.desktop ]; then
		remove_ShowIn $F
		echo 'NotShowIn=QUBES;' >> /etc/xdg/autostart/$F.desktop
	fi
done

# don't want it in DisposableVM
for F in gcm-apply ; do
	if [ -e /etc/xdg/autostart/$F.desktop ]; then
		remove_ShowIn $F
		echo 'NotShowIn=DisposableVM;' >> /etc/xdg/autostart/$F.desktop
	fi
done

# want it in AppVM only
for F in gnome-keyring-gpg gnome-keyring-pkcs11 gnome-keyring-secrets gnome-keyring-ssh gnome-settings-daemon user-dirs-update-gtk gsettings-data-convert ; do
	if [ -e /etc/xdg/autostart/$F.desktop ]; then
		remove_ShowIn $F
		echo 'OnlyShowIn=GNOME;AppVM;' >> /etc/xdg/autostart/$F.desktop
	fi
done

# remove existing rule to add own later
for F in gpk-update-icon nm-applet ; do
	remove_ShowIn $F
done

echo 'OnlyShowIn=GNOME;UpdateableVM;' >> /etc/xdg/autostart/gpk-update-icon.desktop || :
echo 'OnlyShowIn=GNOME;NetVM;' >> /etc/xdg/autostart/nm-applet.desktop || :

}

update_qubesconfig () {

# Create NetworkManager configuration if we do not have it
if ! [ -e /etc/NetworkManager/NetworkManager.conf ]; then
echo '[main]' > /etc/NetworkManager/NetworkManager.conf
echo 'plugins = keyfile' >> /etc/NetworkManager/NetworkManager.conf
echo '[keyfile]' >> /etc/NetworkManager/NetworkManager.conf
fi
/usr/lib/qubes/qubes-fix-nm-conf.sh

# Remove ip_forward setting from sysctl, so NM will not reset it
# Archlinux now use sysctl.d/ instead of sysctl.conf
# sed 's/^net.ipv4.ip_forward.*/#\0/'  -i /etc/sysctl.conf


# Install firmware link only on system which haven't it yet
if ! [ -e /lib/firmware/updates ]; then
  if ! [ -h /lib/firmware/updates ]; then
    ln -s /lib/modules/firmware /lib/firmware/updates
  fi
fi

# qubes-core-vm has been broken for some time - it overrides /etc/hosts; restore original content
if ! grep -q localhost /etc/hosts; then
  cat <<EOF > /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4 `hostname`
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
EOF
fi

# Remove most of the udev scripts to speed up the VM boot time
# Just leave the xen* scripts, that are needed if this VM was
# ever used as a net backend (e.g. as a VPN domain in the future)
#echo "--> Removing unnecessary udev scripts..."
mkdir -p /var/lib/qubes/removed-udev-scripts
for f in /etc/udev/rules.d/*
do
    if [ $(basename $f) == "xen-backend.rules" ] ; then
        continue
    fi

    if [ $(basename $f) == "50-qubes-misc.rules" ] ; then
        continue
    fi

    if echo $f | grep -q qubes; then
        continue
    fi

    mv $f /var/lib/qubes/removed-udev-scripts/
done

}

update_systemd() {

for srv in qubes-dvm qubes-misc-post qubes-netwatcher qubes-network qubes-firewall qubes-yum-proxy qubes-qrexec-agent; do
    systemctl enable $srv.service 2> /dev/null
done

systemctl enable qubes-update-check.timer 2> /dev/null

UNITDIR=/lib/systemd/system
OVERRIDEDIR=/usr/lib/qubes/init

# Install overriden services only when original exists
for srv in cups NetworkManager NetworkManager-wait-online ntpd chronyd; do
    if [ -f $UNITDIR/$srv.service ]; then
        cp $OVERRIDEDIR/$srv.service /etc/systemd/system/
    fi
    if [ -f $UNITDIR/$srv.socket -a -f $OVERRIDEDIR/$srv.socket ]; then
        cp $OVERRIDEDIR/$srv.socket /etc/systemd/system/
    fi
    if [ -f $UNITDIR/$srv.path -a -f $OVERRIDEDIR/$srv.path ]; then
        cp $OVERRIDEDIR/$srv.service /etc/systemd/system/
    fi
done

# Set default "runlevel"
rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target

DISABLE_SERVICES="alsa-store alsa-restore auditd avahi avahi-daemon backuppc cpuspeed crond"
DISABLE_SERVICES="$DISABLE_SERVICES fedora-autorelabel fedora-autorelabel-mark ipmi hwclock-load hwclock-save"
DISABLE_SERVICES="$DISABLE_SERVICES mdmonitor multipathd openct rpcbind mcelog fedora-storage-init fedora-storage-init-late"
DISABLE_SERVICES="$DISABLE_SERVICES plymouth-start plymouth-read-write plymouth-quit plymouth-quit-wait"
DISABLE_SERVICES="$DISABLE_SERVICES sshd tcsd sm-client sendmail mdmonitor-takeover"
DISABLE_SERVICES="$DISABLE_SERVICES rngd smartd upower irqbalance colord"
for srv in $DISABLE_SERVICES; do
    if [ -f /lib/systemd/system/$srv.service ]; then
        if fgrep -q '[Install]' /lib/systemd/system/$srv.service; then
            systemctl disable $srv.service 2> /dev/null
        else
            # forcibly disable
            ln -sf /dev/null /etc/systemd/system/$srv.service
        fi
    fi
done

rm -f /etc/systemd/system/getty.target.wants/getty@tty*.service

# Enable some services
systemctl enable iptables.service 2> /dev/null
systemctl enable ip6tables.service 2> /dev/null
systemctl enable rsyslog.service 2> /dev/null
systemctl enable ntpd.service 2> /dev/null
# Disable original service to enable overriden one
systemctl disable NetworkManager.service 2> /dev/null
# Disable D-BUS activation of NetworkManager - in AppVm it causes problems (eg PackageKit timeouts)
systemctl mask dbus-org.freedesktop.NetworkManager.service 2> /dev/null
systemctl enable NetworkManager.service 2> /dev/null
# Fix for https://bugzilla.redhat.com/show_bug.cgi?id=974811
systemctl enable NetworkManager-dispatcher.service 2> /dev/null

# Enable cups only when it is real SystemD service
[ -e /lib/systemd/system/cups.service ] && systemctl enable cups.service 2> /dev/null

}


## arg 1:  the new package version
pre_install() {
  echo "Pre install..."

  # do this whole %pre thing only when updating for the first time...

  mkdir -p /var/lib/qubes

  # Add qubes core related fstab entries
  echo "xen	/proc/xen	xenfs	defaults	0 0" >> /etc/fstab
  echo "/dev/xvdi	/mnt/removable	auto	noauto,user,rw	0 0" >> /etc/fstab
  #if [ -e /etc/fstab ] ; then 
  # mv /etc/fstab /var/lib/qubes/fstab.orig
  #fi

  # Archlinux bash version has a 'bug' when running su -c, /etc/profile is not loaded because bash consider there is no interactive pty when running 'su - user -c' or something like this.
  # See https://bugs.archlinux.org/task/31831
  useradd --shell /bin/zsh --create-home user
}

## arg 1:  the new package version
post_install() {

update_xdgstart
update_qubesconfig
update_systemd

# do the rest of %post thing only when updating for the first time...
if [ -e /etc/init/serial.conf ] && ! [ -f /var/lib/qubes/serial.orig ] ; then
	cp /etc/init/serial.conf /var/lib/qubes/serial.orig
fi

# SELinux is not enabled on archlinux
# echo "--> Disabling SELinux..."
# sed -e s/^SELINUX=.*$/SELINUX=disabled/ </etc/selinux/config >/etc/selinux/config.processed
# mv /etc/selinux/config.processed /etc/selinux/config
# setenforce 0 2>/dev/null

mkdir -p /rw

}


## arg 1:  the new package version
## arg 2:  the old package version
post_upgrade() {

update_xdgstart
update_qubesconfig
update_systemd

}

## arg 1:  the new package version
## arg 2:  the old package version
pre_upgrade() {
  # do something here
  echo "Pre upgrade..."
}


## arg 1:  the old package version
#pre_remove() {
#
#}

## arg 1:  the old package version
post_remove() {
  for srv in qubes-dvm qubes-sysinit qubes-misc-post qubes-netwatcher qubes-network qubes-qrexec-agent; do
    systemctl disable $srv.service
  done
}