Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3e7a45b4ac
core-agent-linux/debian/qubes-core-agent.postinst
Marek Marczykowski-Górecki 3e7a45b4ac
Split network-related files to -networking and -network-manager packages 
This will save a lot of dependencies if networking is not needed in VMs
based on given template. Thanks to updates proxy over qrexec, template
itself do not need to have network configured too.

QubesOS/qubes-issues#2771
2017-06-08 22:11:34 +02:00

184 lines
6.1 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# postinst script for core-agent-linux
#
# see: dh_installdeb(1)
set -e
# The postinst script may be called in the following ways:
# * <postinst> 'configure' <most-recently-configured-version>
# * <old-postinst> 'abort-upgrade' <new version>
# * <conflictor's-postinst> 'abort-remove' 'in-favour' <package>
# <new-version>
# * <postinst> 'abort-remove'
# * <deconfigured's-postinst> 'abort-deconfigure' 'in-favour'
# <failed-install-package> <version> 'removing'
# <conflicting-package> <version>
#
# For details, see http://www.debian.org/doc/debian-policy/ or
# https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html or
# the debian-policy package
debug() {
if [ "${DEBDEBUG}" == "1" ]; then
echo -e ""$@""
fi
}
systemdPreload() {
# Debian systemd helper does not yet honour preset, therefore use
# systemctl preset on each unit file (not using preset-all either since
# wheezy does not support it) listed in 75-qubes-vm.preset.
systemctl --no-reload preset-all > /dev/null 2>&1 && PRESET_FAILED=0 || PRESET_FAILED=1
# Mask any static unit files that are marked to be disabled
grep '^[[:space:]]*[^#;]' /lib/systemd/system-preset/75-qubes-vm.preset | while read action unit_name; do
case "${action}" in
disable)
if [ -e "/lib/systemd/system/${unit_name}" ]; then
if ! fgrep -q '[Install]' "/lib/systemd/system/${unit_name}"; then
deb-systemd-helper mask "${unit_name}" > /dev/null 2>&1 || true
fi
fi
;;
*)
# preset-all is not available in wheezy; so preset each unit file listed in 75-qubes-vm.preset
if [ "${PRESET_FAILED}" -eq 1 ]; then
systemctl --no-reload preset "${unit_name}" > /dev/null 2>&1 || true
fi
;;
esac
done
systemctl daemon-reload
}
installSerialConf() {
debug "Installing over-ridden serial.conf init script..."
if [ -e /etc/init/serial.conf ]; then
cp /usr/share/qubes/serial.conf /etc/init/serial.conf
fi
}
case "${1}" in
configure)
# Initial installation of package only
# ($2 contains version number on update; nothing on initial installation)
if [ -z "${2}" ]; then
debug "FIRST INSTALL..."
# Location of files which contains list of protected files
. /usr/lib/qubes/init/functions
# ensure that hostname resolves to 127.0.1.1 resp. ::1 and that /etc/hosts is
# in the form expected by qubes-sysinit.sh
if ! is_protected_file /etc/hostname ; then
for ip in '127\.0\.1\.1' '::1'; do
if grep -q "^${ip}\(\s\|$\)" /etc/hosts; then
sed -i "/^${ip}\s/,+0s/\(\s`hostname`\)\+\(\s\|$\)/\2/g" /etc/hosts || true
sed -i "s/^${ip}\(\s\|$\).*$/\0 `hostname`/" /etc/hosts || true
else
echo "${ip//\\/} `hostname`" >> /etc/hosts || true
fi
done
fi
# remove hostname from 127.0.0.1 line (in debian the hostname is by default
# resolved to 127.0.1.1)
if ! is_protected_file /etc/hosts ; then
sed -i "/^127\.0\.0\.1\s/,+0s/\(\s`hostname`\)\+\(\s\|$\)/\2/g" /etc/hosts || true
fi
chown user:user /home_volatile/user
# Set default "runlevel"
rm -f /etc/systemd/system/default.target
ln -s /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
# Systemd preload-all
systemdPreload
# Maybe install overridden serial.conf init script
installSerialConf
fi
systemctl reenable haveged
debug "UPDATE..."
# disable some Upstart services
for init in plymouth-shutdown \
prefdm \
splash-manager \
start-ttys \
tty ; do
dpkg-divert --divert /etc/init/${init}.conf.qubes-disabled --package qubes-core-agent --rename --add /etc/init/${init}.conf
done
dpkg-divert --divert /etc/init/serial.conf.qubes-orig --package qubes-core-agent --rename --add /etc/init/serial.conf
if [ ! -L /etc/systemd/system/rpcbind.service ]; then
ln -s /dev/null /etc/systemd/system/rpcbind.service
fi
# Remove old firmware updates link
if [ -L /lib/firmware/updates ]; then
rm -f /lib/firmware/updates
fi
# remove old symlinks
if [ -L /etc/systemd/system/sysinit.target.wants/qubes-random-seed.service ]; then
rm /etc/systemd/system/sysinit.target.wants/qubes-random-seed.service
fi
if [ -L /etc/systemd/system/multi-user.target.wants/qubes-mount-home.service ]; then
rm /etc/systemd/system/multi-user.target.wants/qubes-mount-home.service
fi
if ! dpkg-statoverride --list /var/lib/qubes/dom0-updates >/dev/null 2>&1; then
dpkg-statoverride --update --add user user 775 /var/lib/qubes/dom0-updates
fi
glib-compile-schemas /usr/share/glib-2.0/schemas || true
# Update Qubes App Menus
/usr/lib/qubes/qubes-trigger-sync-appmenus.sh || true
;;
abort-upgrade|abort-remove|abort-deconfigure)
exit 0
;;
triggered)
for trigger in ${2}; do
case "${trigger}" in
/usr/share/applications)
debug "Updating Qubes App Menus..."
/usr/lib/qubes/qubes-trigger-sync-appmenus.sh || true
;;
# Install overridden serial.conf init script
/etc/init/serial.conf)
installSerialConf
;;
esac
done
exit 0
;;
*)
echo "postinst called with unknown argument \`${1}'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
exit 0
# vim: set ts=4 sw=4 sts=4 et :
Reference in New Issue View Git Blame Copy Permalink