f380c346cf
This significantly speeds up DispVM creation for large customized homes, since no data has to be copied, and instead CoW is used.
92 lines
2.9 KiB
Bash
92 lines
2.9 KiB
Bash
#!/bin/sh
|
|
|
|
# check if private.img (xvdb) is empty - all zeros
|
|
private_size_512=`blockdev --getsz /dev/xvdb`
|
|
if dd if=/dev/zero bs=512 count=$private_size_512 2>/dev/null | diff /dev/xvdb - >/dev/null; then
|
|
# the device is empty, create filesystem
|
|
echo "--> Virgin boot of the VM: creating filesystem on private.img"
|
|
mkfs.ext4 -m 0 -q /dev/xvdb || exit 1
|
|
fi
|
|
|
|
tune2fs -m 0 /dev/xvdb
|
|
mount /rw
|
|
resize2fs /dev/xvdb 2> /dev/null || echo "'resize2fs /dev/xvdb' failed"
|
|
|
|
if ! [ -d /rw/home ] ; then
|
|
echo
|
|
echo "--> Virgin boot of the VM: Populating /rw/home"
|
|
|
|
mkdir -p /rw/config
|
|
touch /rw/config/rc.local
|
|
cat > /rw/config/rc.local <<EOF
|
|
#!/bin/sh
|
|
|
|
# This script will be executed at every VM startup, you can place your own
|
|
# custom commands here. This include overriding some configuration in /etc,
|
|
# starting services etc.
|
|
#
|
|
# You need to make this script executable to have it enabled.
|
|
|
|
# Example for overriding the whole CUPS configuration:
|
|
# rm -rf /etc/cups
|
|
# ln -s /rw/config/cups /etc/cups
|
|
# systemctl --no-block restart cups
|
|
EOF
|
|
|
|
touch /rw/config/qubes-firewall-user-script
|
|
cat > /rw/config/qubes-firewall-user-script <<EOF
|
|
#!/bin/sh
|
|
|
|
# This script is called in ProxyVM after firewall every update (configuration
|
|
# change, starting some VM etc). This is good place to write own custom
|
|
# firewall rules, in addition to autogenerated one. Remember that in most cases
|
|
# you'll need to insert the rules at the beginning (iptables -I) to have it
|
|
# efective.
|
|
#
|
|
# You need to make this script executable to have it enabled.
|
|
EOF
|
|
|
|
touch /rw/config/suspend-module-blacklist
|
|
cat > /rw/config/suspend-module-blacklist <<EOF
|
|
# You can list here modules you want to be unloaded before going to sleep. This
|
|
# file is used only if the VM has any PCI device assigned. Modules will be
|
|
# automatically loaded after resume.
|
|
EOF
|
|
|
|
mkdir -p /rw/home
|
|
cp -a /home.orig/user /rw/home
|
|
|
|
mkdir -p /rw/usrlocal
|
|
cp -a /usr/local.orig/* /rw/usrlocal
|
|
|
|
touch /var/lib/qubes/first-boot-completed
|
|
fi
|
|
|
|
# Chown home if user UID have changed - can be the case on template switch
|
|
HOME_USER_UID=`ls -dn /rw/home/user | awk '{print $3}'`
|
|
if [ "`id -u user`" -ne "$HOME_USER_UID" ]; then
|
|
find /rw/home/user -uid "$HOME_USER_UID" -print0 | xargs -0 chown user:user
|
|
fi
|
|
|
|
# Old Qubes versions had symlink /home -> /rw/home; now we use mount --bind
|
|
if [ -L /home ]; then
|
|
rm /home
|
|
mkdir /home
|
|
fi
|
|
|
|
if [ -e /var/run/qubes-service/qubes-dvm ]; then
|
|
mount --bind /home_volatile /home
|
|
touch /etc/this-is-dvm
|
|
|
|
#If user have customized DispVM settings, use its home instead of default dotfiles
|
|
if [ ! -e /home/user/.qubes-dispvm-customized ]; then
|
|
if [ -e /rw/home/user/.qubes-dispvm-customized ]; then
|
|
cp -af /rw/home/user /home/
|
|
else
|
|
cat /etc/dispvm-dotfiles.tbz | tar -xjf- --overwrite -C /home/user --owner user 2>&1 >/tmp/dispvm-dotfiles-errors.log
|
|
fi
|
|
fi
|
|
else
|
|
mount /home
|
|
fi
|