Compare commits
14 commits
main
...
4.2/druide
Author | SHA1 | Date | |
---|---|---|---|
b2d3f186f4 | |||
6d48b785ff | |||
597e7886a3 | |||
7b0bcd1550 | |||
960293833e | |||
6d4cb0f4f1 | |||
8d0f7b55ce | |||
4f4c87063f | |||
54447345b4 | |||
14b2ac8af5 | |||
e1f435d938 | |||
cc3a7230e9 | |||
51e314e969 | |||
d366575faa |
18 changed files with 251 additions and 53 deletions
|
@ -42,14 +42,27 @@ lint:
|
||||||
build-v3.18:
|
build-v3.18:
|
||||||
extends: .build
|
extends: .build
|
||||||
when: always
|
when: always
|
||||||
|
variables:
|
||||||
|
CI_ALPINE_TARGET_RELEASE: v3.18
|
||||||
tags:
|
tags:
|
||||||
- apk-v3.18-x86_64
|
- apk-$CI_ALPINE_TARGET_RELEASE-x86_64
|
||||||
|
|
||||||
build-v3.17:
|
build-v3.19:
|
||||||
extends: .build
|
extends: .build
|
||||||
when: manual
|
when: always
|
||||||
|
variables:
|
||||||
|
CI_ALPINE_TARGET_RELEASE: v3.19
|
||||||
tags:
|
tags:
|
||||||
- apk-v3.17-x86_64
|
- apk-$CI_ALPINE_TARGET_RELEASE-x86_64
|
||||||
|
|
||||||
|
build-edge:
|
||||||
|
extends: .build
|
||||||
|
when: always
|
||||||
|
variables:
|
||||||
|
CI_ALPINE_TARGET_RELEASE: edge
|
||||||
|
tags:
|
||||||
|
- apk-$CI_ALPINE_TARGET_RELEASE-x86_64
|
||||||
|
|
||||||
|
|
||||||
push:
|
push:
|
||||||
interruptible: true
|
interruptible: true
|
||||||
|
|
|
@ -169,7 +169,8 @@ copy_artifacts() {
|
||||||
|
|
||||||
if [ "$packages_size" -lt $MAX_ARTIFACT_SIZE ]; then
|
if [ "$packages_size" -lt $MAX_ARTIFACT_SIZE ]; then
|
||||||
msg "Copying packages for artifact upload"
|
msg "Copying packages for artifact upload"
|
||||||
cp -ar "$REPODEST"/* packages/ 2>/dev/null
|
mkdir packages/$CI_ALPINE_TARGET_RELEASE
|
||||||
|
cp -ar "$REPODEST"/* packages/$CI_ALPINE_TARGET_RELEASE 2>/dev/null
|
||||||
cp ~/.abuild/*.rsa.pub keys/
|
cp ~/.abuild/*.rsa.pub keys/
|
||||||
else
|
else
|
||||||
msg "Artifact size $packages_size larger than max ($MAX_ARTIFACT_SIZE), skipping uploading them" yellow
|
msg "Artifact size $packages_size larger than max ($MAX_ARTIFACT_SIZE), skipping uploading them" yellow
|
||||||
|
|
|
@ -11,8 +11,6 @@ readonly APORTSDIR=$CI_PROJECT_DIR
|
||||||
readonly REPOS="backports user"
|
readonly REPOS="backports user"
|
||||||
readonly BASEBRANCH=$CI_MERGE_REQUEST_TARGET_BRANCH_NAME
|
readonly BASEBRANCH=$CI_MERGE_REQUEST_TARGET_BRANCH_NAME
|
||||||
|
|
||||||
ALPINE_RELEASE=$(echo $CI_RUNNER_TAGS | awk -F '-' '{print $2}')
|
|
||||||
|
|
||||||
export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
|
export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"
|
||||||
|
|
||||||
gitlab_key_to_rsa $ABUILD_KEY rsa-private $HOME/.abuild/$ABUILD_KEY_NAME.rsa
|
gitlab_key_to_rsa $ABUILD_KEY rsa-private $HOME/.abuild/$ABUILD_KEY_NAME.rsa
|
||||||
|
@ -25,14 +23,6 @@ echo "PACKAGER_PRIVKEY=$HOME/.abuild/$ABUILD_KEY_NAME.rsa" > $HOME/.abuild/abuil
|
||||||
echo "REPODEST=$HOME/repo-apk/qubes" >> $HOME/.abuild/abuild.conf
|
echo "REPODEST=$HOME/repo-apk/qubes" >> $HOME/.abuild/abuild.conf
|
||||||
sudo cp $HOME/.abuild/$ABUILD_KEY_NAME.rsa.pub /etc/apk/keys/.
|
sudo cp $HOME/.abuild/$ABUILD_KEY_NAME.rsa.pub /etc/apk/keys/.
|
||||||
|
|
||||||
if [ -d $HOME/repo-apk ]; then
|
|
||||||
git -C $HOME/repo-apk fetch
|
|
||||||
git -C $HOME/repo-apk checkout $ALPINE_RELEASE
|
|
||||||
git -C $HOME/repo-apk pull --rebase
|
|
||||||
else
|
|
||||||
git clone git@lab.ilot.io:ayakael/repo-apk -b $ALPINE_RELEASE $HOME/repo-apk
|
|
||||||
fi
|
|
||||||
|
|
||||||
get_qubes_release() {
|
get_qubes_release() {
|
||||||
case $BASEBRANCH in
|
case $BASEBRANCH in
|
||||||
r*) echo $BASEBRANCH;;
|
r*) echo $BASEBRANCH;;
|
||||||
|
@ -43,22 +33,33 @@ get_qubes_release() {
|
||||||
|
|
||||||
QUBES_REL=$(get_qubes_release)
|
QUBES_REL=$(get_qubes_release)
|
||||||
|
|
||||||
for i in $(find packages -type f -name "*.apk"); do
|
for release in $(find packages -type d -maxdepth 1 -mindepth 1 -printf '%f\n'); do
|
||||||
install -vDm644 $i ${i/packages\/qubes-aports/$HOME\/repo-apk\/qubes\/$QUBES_REL}
|
|
||||||
|
if [ -d $HOME/repo-apk ]; then
|
||||||
|
git -C $HOME/repo-apk fetch
|
||||||
|
git -C $HOME/repo-apk checkout $release
|
||||||
|
git -C $HOME/repo-apk pull --rebase
|
||||||
|
else
|
||||||
|
git clone git@lab.ilot.io:ayakael/repo-apk -b $release $HOME/repo-apk
|
||||||
|
fi
|
||||||
|
|
||||||
|
for i in $(find packages/$release -type f -name "*.apk"); do
|
||||||
|
install -vDm644 $i ${i/packages\/$release\/qubes-aports/$HOME\/repo-apk\/qubes\/$QUBES_REL}
|
||||||
|
done
|
||||||
|
|
||||||
|
fetch_flags="-qn"
|
||||||
|
git fetch $fetch_flags "$CI_MERGE_REQUEST_PROJECT_URL" \
|
||||||
|
"+refs/heads/$BASEBRANCH:refs/heads/$BASEBRANCH"
|
||||||
|
|
||||||
|
rm $HOME/repo-apk/qubes/$QUBES_REL/*/APKINDEX.tar.gz || true
|
||||||
|
mkdir -p qubes/$QUBES_REL/DUMMY
|
||||||
|
echo "pkgname=DUMMY" > qubes/$QUBES_REL/DUMMY/APKBUILD
|
||||||
|
cd qubes/$QUBES_REL/DUMMY
|
||||||
|
abuild index
|
||||||
|
cd "$CI_PROJECT_DIR"
|
||||||
|
rm -R qubes/$QUBES_REL/DUMMY
|
||||||
|
|
||||||
|
git -C $HOME/repo-apk add .
|
||||||
|
git -C $HOME/repo-apk commit -m "Update from $CI_MERGE_REQUEST_IID - $CI_MERGE_REQUEST_TITLE"
|
||||||
|
git -C $HOME/repo-apk push
|
||||||
done
|
done
|
||||||
|
|
||||||
fetch_flags="-qn"
|
|
||||||
git fetch $fetch_flags "$CI_MERGE_REQUEST_PROJECT_URL" \
|
|
||||||
"+refs/heads/$BASEBRANCH:refs/heads/$BASEBRANCH"
|
|
||||||
|
|
||||||
rm $HOME/repo-apk/qubes/$QUBES_REL/*/APKINDEX.tar.gz || true
|
|
||||||
mkdir -p qubes/$QUBES_REL/DUMMY
|
|
||||||
echo "pkgname=DUMMY" > qubes/$QUBES_REL/DUMMY/APKBUILD
|
|
||||||
cd qubes/$QUBES_REL/DUMMY
|
|
||||||
abuild index
|
|
||||||
cd "$CI_PROJECT_DIR"
|
|
||||||
rm -R qubes/$QUBES_REL/DUMMY
|
|
||||||
|
|
||||||
git -C $HOME/repo-apk add .
|
|
||||||
git -C $HOME/repo-apk commit -m "Update from $CI_MERGE_REQUEST_IID - $CI_MERGE_REQUEST_TITLE"
|
|
||||||
git -C $HOME/repo-apk push
|
|
||||||
|
|
53
README.md
Normal file
53
README.md
Normal file
|
@ -0,0 +1,53 @@
|
||||||
|
# qubes-aports
|
||||||
|
Upstream: https://lab.ilot.io/ayakael/qubes-aports
|
||||||
|
|
||||||
|
## Description
|
||||||
|
|
||||||
|
This repository contains aports that allow Alpine Linux to be used as an Alpine
|
||||||
|
Linux template. The upstream repo uses GitLab's CI to build and deploy packages
|
||||||
|
targetting multiple Alpine Linux versions. QubesOS releases are tracked using
|
||||||
|
branches.
|
||||||
|
|
||||||
|
#### Template builder
|
||||||
|
The template builder is housed in its [own repo](https://lab.ilot.io/ayakael/qubes-builder-alpine).
|
||||||
|
RPMs are built in-pipeline using the build artifacts produced by this repo. These RPMs facilitate
|
||||||
|
installation of your very own Alpine Linux template on QubesOS.
|
||||||
|
|
||||||
|
#### Provided packages
|
||||||
|
|
||||||
|
Use `abuild-r` to build the following packages.
|
||||||
|
For more information on how to build an Alpine Package, read [this](https://wiki.alpinelinux.org/wiki/Creating_an_Alpine_package)
|
||||||
|
|
||||||
|
Core VM packages
|
||||||
|
* qubes-vm-xen - Qubes's version of xen
|
||||||
|
* qubes-libvchan-xen - libvchan library dependency
|
||||||
|
* qubes-db-vm - qubes-db package
|
||||||
|
* qubes-vm-utils - qubes-meminfo-writer service package
|
||||||
|
* qubes-vm-core - Core init.d / qubes scripts
|
||||||
|
* qubes-vm-gui-dev - Library dependencies for `qubes-vm-gui`
|
||||||
|
* qubes-vm-gui - GUI agent
|
||||||
|
* qubes-vm-qrexec - qrexec agent
|
||||||
|
* qubes-gpg-split
|
||||||
|
* qubes-usb-proxy
|
||||||
|
* qubes-meta-packages - Meta package that pulls everything when added to world
|
||||||
|
|
||||||
|
Extra packages
|
||||||
|
* qubes-pass - Aport for Rudd-O's inter-VM password manager for Qubes OS
|
||||||
|
|
||||||
|
Omitted packages
|
||||||
|
* qubes-vmm-xen - The default Alpine xen package seems to provide the necessary modules
|
||||||
|
|
||||||
|
#### Known issues
|
||||||
|
Known issues are currently being tracked in [qubes-builder-alpine](https://lab.ilot.io/ayakael/qubes-builder-alpine) repo.
|
||||||
|
|
||||||
|
#### Issues, recommendations and proposals
|
||||||
|
**To report an issue or share a recommendation**
|
||||||
|
|
||||||
|
Go [here](https://gitlab.alpinelinux.org/ayakael/qubes-aports/-/issues)
|
||||||
|
|
||||||
|
**To make a merge request**
|
||||||
|
* Fork the repo from Alpine's GitLab [here](https://gitlab.alpinelinux.org/ayakael/qubes-aports)
|
||||||
|
* Clone your fork locally. (`git clone $repo`)
|
||||||
|
* Make a branch with a descriptive name (`git checkout -b $descriptivename`)
|
||||||
|
* Make the changes you want to see in the world, commit, and push to the GitLab's remote repo
|
||||||
|
* Request a merge [here](https://gitlab.alpinelinux.org/ayakael/qubes-aports/-/merge_requests)
|
22
qubes-app-linux-druide-antidote/APKBUILD
Normal file
22
qubes-app-linux-druide-antidote/APKBUILD
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
pkgname=qubes-app-linux-druide-antidote
|
||||||
|
pkgver=0.0.1_git20240201
|
||||||
|
_gittag=c724c88aa2a20b1e422b464499015ff05753316d
|
||||||
|
pkgrel=0
|
||||||
|
arch="noarch"
|
||||||
|
pkgdesc="Qubes Druide-Antidote is a Qubes Application. It send a file to the Antidote Qube, invoke Antidote, and retrieve the file"
|
||||||
|
url=https://github.com/neowutran/qubes-app-linux-druide-antidote
|
||||||
|
license="GPL-3.0-only"
|
||||||
|
source="$pkgname-$_gittag.tar.gz::https://github.com/neowutran/qubes-app-linux-druide-antidote/archive/$_gittag.tar.gz"
|
||||||
|
depends="bash"
|
||||||
|
makedepends="pandoc"
|
||||||
|
builddir="$srcdir"/$pkgname-$_gittag
|
||||||
|
|
||||||
|
check(){
|
||||||
|
tests/all
|
||||||
|
}
|
||||||
|
package() {
|
||||||
|
make install-vm DESTDIR="$pkgdir/"
|
||||||
|
}
|
||||||
|
sha512sums="
|
||||||
|
e3597804bdcea25b2938aa325dfe9495f5bcde47c8515c7680c19882120e065d0a9ef8d120545ff3c9966b84a329cf87c5b993380510311ec8b5d9f5a8b35833 qubes-app-linux-druide-antidote-c724c88aa2a20b1e422b464499015ff05753316d.tar.gz
|
||||||
|
"
|
|
@ -4,7 +4,7 @@
|
||||||
pkgname=qubes-db-vm
|
pkgname=qubes-db-vm
|
||||||
subpackages="$pkgname-openrc"
|
subpackages="$pkgname-openrc"
|
||||||
pkgver=4.1.17
|
pkgver=4.1.17
|
||||||
pkgrel=0
|
pkgrel=2
|
||||||
_gittag="v$pkgver"
|
_gittag="v$pkgver"
|
||||||
pkgdesc="QubesDB libs and daemon service."
|
pkgdesc="QubesDB libs and daemon service."
|
||||||
arch="x86_64"
|
arch="x86_64"
|
||||||
|
|
|
@ -5,7 +5,7 @@ pkgname=qubes-gpg-split
|
||||||
subpackages="$pkgname-doc"
|
subpackages="$pkgname-doc"
|
||||||
pkgver=2.0.69
|
pkgver=2.0.69
|
||||||
_gittag="v$pkgver"
|
_gittag="v$pkgver"
|
||||||
pkgrel=0
|
pkgrel=2
|
||||||
pkgdesc="Used Qubes AppVM as a “smart card”"
|
pkgdesc="Used Qubes AppVM as a “smart card”"
|
||||||
arch="x86_64"
|
arch="x86_64"
|
||||||
url="https://github.com/QubesOS/qubes-app-linux-split-gpg"
|
url="https://github.com/QubesOS/qubes-app-linux-split-gpg"
|
||||||
|
|
|
@ -0,0 +1,61 @@
|
||||||
|
From 8c4c3807119f27957e6c7f87d505d66d0ea4c3d0 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
|
||||||
|
<marmarek@invisiblethingslab.com>
|
||||||
|
Date: Sat, 18 Nov 2023 18:27:28 +0100
|
||||||
|
Subject: [PATCH] Support changed libxenctrl API in Xen 4.18.0
|
||||||
|
|
||||||
|
The xc_domain_getinfo() is gone, it's replaced with
|
||||||
|
xc_domain_getinfo_single. While the new API is a bit nicer, xenctrl.h
|
||||||
|
does not provide any #define to know which one is available. Check
|
||||||
|
library version in the makefile for that.
|
||||||
|
---
|
||||||
|
vchan/Makefile.linux | 4 ++++
|
||||||
|
vchan/io.c | 10 ++++++++++
|
||||||
|
2 files changed, 14 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/vchan/Makefile.linux b/vchan/Makefile.linux
|
||||||
|
index 281f2b5..587cb34 100644
|
||||||
|
--- a/vchan/Makefile.linux
|
||||||
|
+++ b/vchan/Makefile.linux
|
||||||
|
@@ -27,6 +27,11 @@ CFLAGS += -g -Wall -Wextra -Werror -fPIC -O2 -D_GNU_SOURCE -D_FORTIFY_SOURCE=2 -
|
||||||
|
all: libvchan-xen.so vchan-xen.pc
|
||||||
|
-include *.dep
|
||||||
|
|
||||||
|
+# xenctrl.h does not provide any #define to distinguish API versions
|
||||||
|
+XENCTRL_VERSION := $(shell pkg-config --modversion xencontrol)
|
||||||
|
+CFLAGS += $(shell if printf '%s\n' '4.18.0' '$(XENCTRL_VERSION)' | \
|
||||||
|
+ sort -CV; then echo -DHAVE_XC_DOMAIN_GETINFO_SINGLE; fi)
|
||||||
|
+
|
||||||
|
libvchan-xen.so : init.o io.o
|
||||||
|
$(CC) $(LDFLAGS) -shared -o libvchan-xen.so $^ -lxenvchan -lxenctrl
|
||||||
|
clean:
|
||||||
|
diff --git a/vchan/io.c b/vchan/io.c
|
||||||
|
index 3d0ed35..0c23223 100644
|
||||||
|
--- a/vchan/io.c
|
||||||
|
+++ b/vchan/io.c
|
||||||
|
@@ -33,14 +33,24 @@
|
||||||
|
/* check if domain is still alive */
|
||||||
|
int libvchan__check_domain_alive(xc_interface *xc_handle, int dom) {
|
||||||
|
struct evtchn_status evst;
|
||||||
|
+#ifdef HAVE_XC_DOMAIN_GETINFO_SINGLE
|
||||||
|
+ xc_domaininfo_t dominfo;
|
||||||
|
+#else
|
||||||
|
xc_dominfo_t dominfo;
|
||||||
|
+#endif
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
/* first try using domctl, more reliable but available in a privileged
|
||||||
|
* domain only */
|
||||||
|
+#ifdef HAVE_XC_DOMAIN_GETINFO_SINGLE
|
||||||
|
+ ret = xc_domain_getinfo_single(xc_handle, dom, &dominfo);
|
||||||
|
+ if (ret == 0)
|
||||||
|
+ return !(dominfo.flags & XEN_DOMINF_dying);
|
||||||
|
+#else
|
||||||
|
ret = xc_domain_getinfo(xc_handle, dom, 1, &dominfo);
|
||||||
|
if (ret == 1)
|
||||||
|
return dominfo.domid == (uint32_t)dom && !dominfo.dying;
|
||||||
|
+#endif
|
||||||
|
else if (ret == -1 && errno == ESRCH)
|
||||||
|
return 0;
|
||||||
|
/* otherwise fallback to xc_evtchn_status method */
|
||||||
|
|
|
@ -3,18 +3,21 @@
|
||||||
|
|
||||||
pkgname=qubes-libvchan-xen
|
pkgname=qubes-libvchan-xen
|
||||||
pkgver=4.1.13
|
pkgver=4.1.13
|
||||||
pkgrel=1
|
pkgrel=4
|
||||||
_gittag=v$pkgver
|
_gittag=v$pkgver
|
||||||
pkgdesc="The Qubes core libraries for installation inside a Qubes Dom0 and VM."
|
pkgdesc="The Qubes core libraries for installation inside a Qubes Dom0 and VM."
|
||||||
arch="x86_64"
|
arch="x86_64"
|
||||||
url="https://github.com/QubesOS/qubes-core-vchan-xen"
|
url="https://github.com/QubesOS/qubes-core-vchan-xen"
|
||||||
license='GPL'
|
license='GPL'
|
||||||
depends="xen"
|
depends="xen"
|
||||||
makedepends="xen-dev"
|
makedepends="xen-dev coreutils"
|
||||||
builddir="$srcdir"/qubes-core-vchan-xen-$pkgver
|
builddir="$srcdir"/qubes-core-vchan-xen-$pkgver
|
||||||
subpackages="$pkgname-dev"
|
subpackages="$pkgname-dev"
|
||||||
|
|
||||||
source="$pkgname-$_gittag.tar.gz::https://github.com/QubesOS/qubes-core-vchan-xen/archive/refs/tags/$_gittag.tar.gz"
|
source="
|
||||||
|
$pkgname-$_gittag.tar.gz::https://github.com/QubesOS/qubes-core-vchan-xen/archive/refs/tags/$_gittag.tar.gz
|
||||||
|
39_support-changed-libxenctrl-api-xen418.patch
|
||||||
|
"
|
||||||
|
|
||||||
build() {
|
build() {
|
||||||
cd "$builddir"/vchan
|
cd "$builddir"/vchan
|
||||||
|
@ -27,4 +30,5 @@ package() {
|
||||||
|
|
||||||
sha512sums="
|
sha512sums="
|
||||||
cefb6b89f75936d791910d2169170536221d3123a1b33a14bea1fc5c08950ce934666719bf08eb3cc86ac055f85e6834f71e21c31189fa7299af09296c3cd99f qubes-libvchan-xen-v4.1.13.tar.gz
|
cefb6b89f75936d791910d2169170536221d3123a1b33a14bea1fc5c08950ce934666719bf08eb3cc86ac055f85e6834f71e21c31189fa7299af09296c3cd99f qubes-libvchan-xen-v4.1.13.tar.gz
|
||||||
|
fedcba617d3843e41f257ff16b0a3108af844184252d4e702df8eccba21a4ef17d62c96acdb87bb4964e783b7f2f026305777be3379e7e7b51f4535a4704b52a 39_support-changed-libxenctrl-api-xen418.patch
|
||||||
"
|
"
|
||||||
|
|
|
@ -8,7 +8,7 @@ subpackages="
|
||||||
"
|
"
|
||||||
pkgver=4.1.24
|
pkgver=4.1.24
|
||||||
_gittag="v$pkgver"
|
_gittag="v$pkgver"
|
||||||
pkgrel=0
|
pkgrel=2
|
||||||
pkgdesc="Meta packages for Qubes-specific components"
|
pkgdesc="Meta packages for Qubes-specific components"
|
||||||
arch="noarch"
|
arch="noarch"
|
||||||
url="https://github.com/QubesOS/qubes-meta-packages"
|
url="https://github.com/QubesOS/qubes-meta-packages"
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
pkgname=qubes-pass
|
pkgname=qubes-pass
|
||||||
pkgver=0.1.0
|
pkgver=0.1.0
|
||||||
_gittag="v$pkgver"
|
_gittag="v$pkgver"
|
||||||
pkgrel=0
|
pkgrel=2
|
||||||
pkgdesc="An inter-VM password manager for Qubes OS"
|
pkgdesc="An inter-VM password manager for Qubes OS"
|
||||||
arch="noarch"
|
arch="noarch"
|
||||||
url="https://github.com/Rudd-O/qubes-pass"
|
url="https://github.com/Rudd-O/qubes-pass"
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
pkgname=qubes-usb-proxy
|
pkgname=qubes-usb-proxy
|
||||||
pkgver=1.1.5
|
pkgver=1.1.5
|
||||||
_gittag="v$pkgver"
|
_gittag="v$pkgver"
|
||||||
pkgrel=0
|
pkgrel=2
|
||||||
pkgdesc="The Qubes service for proxying USB devices"
|
pkgdesc="The Qubes service for proxying USB devices"
|
||||||
arch="noarch"
|
arch="noarch"
|
||||||
url="https://github.com/QubesOS/qubes-app-linux-usb-proxy"
|
url="https://github.com/QubesOS/qubes-app-linux-usb-proxy"
|
||||||
|
|
|
@ -9,7 +9,7 @@ subpackages="
|
||||||
$pkgname-doc
|
$pkgname-doc
|
||||||
"
|
"
|
||||||
pkgver=4.1.44
|
pkgver=4.1.44
|
||||||
pkgrel=0
|
pkgrel=6
|
||||||
_gittag="v$pkgver"
|
_gittag="v$pkgver"
|
||||||
pkgdesc="The Qubes core files for installation inside a Qubes VM."
|
pkgdesc="The Qubes core files for installation inside a Qubes VM."
|
||||||
arch="x86_64"
|
arch="x86_64"
|
||||||
|
@ -18,9 +18,13 @@ license="GPL"
|
||||||
options="!check" # No testsuite
|
options="!check" # No testsuite
|
||||||
depends="
|
depends="
|
||||||
coreutils
|
coreutils
|
||||||
|
blkid
|
||||||
dconf
|
dconf
|
||||||
desktop-file-utils
|
desktop-file-utils
|
||||||
device-mapper
|
device-mapper
|
||||||
|
diffutils
|
||||||
|
e2fsprogs
|
||||||
|
e2fsprogs-extra
|
||||||
ethtool
|
ethtool
|
||||||
fakeroot
|
fakeroot
|
||||||
gawk
|
gawk
|
||||||
|
@ -48,6 +52,7 @@ makedepends="
|
||||||
gcc
|
gcc
|
||||||
libx11-dev
|
libx11-dev
|
||||||
linux-pam-dev
|
linux-pam-dev
|
||||||
|
lsb-release-minimal
|
||||||
make
|
make
|
||||||
pandoc
|
pandoc
|
||||||
pkgconf
|
pkgconf
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
pkgname=qubes-vm-gui-dev
|
pkgname=qubes-vm-gui-dev
|
||||||
pkgver=4.1.1
|
pkgver=4.1.1
|
||||||
_gittag="v$pkgver"
|
_gittag="v$pkgver"
|
||||||
pkgrel=1
|
pkgrel=3
|
||||||
pkgdesc="Common files for Qubes GUI - protocol headers."
|
pkgdesc="Common files for Qubes GUI - protocol headers."
|
||||||
arch="noarch"
|
arch="noarch"
|
||||||
url="https://github.com/QubesOS/qubes-gui-common"
|
url="https://github.com/QubesOS/qubes-gui-common"
|
||||||
|
|
|
@ -4,7 +4,7 @@
|
||||||
pkgname=qubes-vm-gui
|
pkgname=qubes-vm-gui
|
||||||
subpackages="qubes-vm-pulseaudio $pkgname-openrc"
|
subpackages="qubes-vm-pulseaudio $pkgname-openrc"
|
||||||
pkgver=4.1.31
|
pkgver=4.1.31
|
||||||
pkgrel=0
|
pkgrel=3
|
||||||
_gittag="v$pkgver"
|
_gittag="v$pkgver"
|
||||||
pkgdesc="The Qubes GUI Agent for AppVMs"
|
pkgdesc="The Qubes GUI Agent for AppVMs"
|
||||||
arch="x86_64"
|
arch="x86_64"
|
||||||
|
@ -62,10 +62,6 @@ build() {
|
||||||
sed 's:ExecStartPre=/bin/touch:#ExecStartPre=/bin/touch:' -i appvm-scripts/qubes-gui-agent.service
|
sed 's:ExecStartPre=/bin/touch:#ExecStartPre=/bin/touch:' -i appvm-scripts/qubes-gui-agent.service
|
||||||
# Ensure that qubes-gui-agent starts after user autologin
|
# Ensure that qubes-gui-agent starts after user autologin
|
||||||
sed 's/After=\(.*\)qubes-misc-post.service/After=\1qubes-misc-post.service getty.target/' -i appvm-scripts/qubes-gui-agent.service
|
sed 's/After=\(.*\)qubes-misc-post.service/After=\1qubes-misc-post.service getty.target/' -i appvm-scripts/qubes-gui-agent.service
|
||||||
# Starts qubes-session after X11 start
|
|
||||||
install -Dm 755 "$srcdir"/qubes-sessions.sh "$pkgdir"/etc/X11/xinit/xinitrc.d/90-qubes-sessions.sh
|
|
||||||
# Remove broken pam and replace with adequate
|
|
||||||
install -Dm 644 "$srcdir"/qubes-gui-agent.pam "$pkgdir"/etc/pam.d/qubes-gui-agent
|
|
||||||
|
|
||||||
make BACKEND_VMM="$_qubes_backend_vmm" appvm
|
make BACKEND_VMM="$_qubes_backend_vmm" appvm
|
||||||
make appvm
|
make appvm
|
||||||
|
@ -80,6 +76,12 @@ build() {
|
||||||
package() {
|
package() {
|
||||||
make install-rh-agent DESTDIR="$pkgdir" LIBDIR=/usr/lib USRLIBDIR=/usr/lib SYSLIBDIR=/lib
|
make install-rh-agent DESTDIR="$pkgdir" LIBDIR=/usr/lib USRLIBDIR=/usr/lib SYSLIBDIR=/lib
|
||||||
install -Dm 755 "$srcdir"/qubes-gui-agent.openrc "$pkgdir"/etc/init.d/qubes-gui-agent
|
install -Dm 755 "$srcdir"/qubes-gui-agent.openrc "$pkgdir"/etc/init.d/qubes-gui-agent
|
||||||
|
|
||||||
|
# Starts qubes-session after X11 start
|
||||||
|
install -Dm 755 "$srcdir"/qubes-sessions.sh "$pkgdir"/etc/X11/xinit/xinitrc.d/90-qubes-sessions.sh
|
||||||
|
|
||||||
|
# Remove broken pam and replace with adequate
|
||||||
|
install -Dm 644 "$srcdir"/qubes-gui-agent.pam "$pkgdir"/etc/pam.d/qubes-gui-agent
|
||||||
}
|
}
|
||||||
|
|
||||||
pulseaudio() {
|
pulseaudio() {
|
||||||
|
|
|
@ -5,7 +5,7 @@ pkgname=qubes-vm-qrexec
|
||||||
subpackages="$pkgname-openrc $pkgname-doc"
|
subpackages="$pkgname-openrc $pkgname-doc"
|
||||||
pkgver=4.1.22
|
pkgver=4.1.22
|
||||||
_gittag="v$pkgver"
|
_gittag="v$pkgver"
|
||||||
pkgrel=0
|
pkgrel=3
|
||||||
pkgdesc="The Qubes qrexec files (qube side)"
|
pkgdesc="The Qubes qrexec files (qube side)"
|
||||||
arch="x86_64"
|
arch="x86_64"
|
||||||
url="https://github.com/QubesOS/qubes-core-qrexec"
|
url="https://github.com/QubesOS/qubes-core-qrexec"
|
||||||
|
@ -13,17 +13,18 @@ license='GPL'
|
||||||
depends="qubes-libvchan-xen"
|
depends="qubes-libvchan-xen"
|
||||||
options="!check" # No testsuite
|
options="!check" # No testsuite
|
||||||
makedepends="
|
makedepends="
|
||||||
gcc
|
grep
|
||||||
make
|
make
|
||||||
|
lsb-release-minimal
|
||||||
pandoc
|
pandoc
|
||||||
pkgconf
|
pkgconf
|
||||||
py3-setuptools
|
py3-setuptools
|
||||||
lld
|
|
||||||
qubes-libvchan-xen-dev
|
qubes-libvchan-xen-dev
|
||||||
"
|
"
|
||||||
source="
|
source="
|
||||||
$pkgname-$_gittag.tar.gz::https://github.com/QubesOS/qubes-core-qrexec/archive/refs/tags/$_gittag.tar.gz
|
$pkgname-$_gittag.tar.gz::https://github.com/QubesOS/qubes-core-qrexec/archive/refs/tags/$_gittag.tar.gz
|
||||||
qubes-qrexec-agent.openrc
|
qubes-qrexec-agent.openrc
|
||||||
|
makefile-remove-cc-cflags.patch
|
||||||
agent-qrexec-fork-server-undef-fortify-source.patch
|
agent-qrexec-fork-server-undef-fortify-source.patch
|
||||||
"
|
"
|
||||||
builddir="$srcdir/qubes-core-qrexec-${_gittag/v}"
|
builddir="$srcdir/qubes-core-qrexec-${_gittag/v}"
|
||||||
|
@ -47,7 +48,6 @@ build() {
|
||||||
}
|
}
|
||||||
|
|
||||||
package() {
|
package() {
|
||||||
export LDFLAGS="$LDFLAGS -fuse-ld=lld"
|
|
||||||
make install-base DESTDIR="$pkgdir" SBINDIR=/sbin LIBDIR=/usr/lib SYSLIBDIR=/lib
|
make install-base DESTDIR="$pkgdir" SBINDIR=/sbin LIBDIR=/usr/lib SYSLIBDIR=/lib
|
||||||
make install-vm DESTDIR="$pkgdir" SBINDIR=/sbin LIBDIR=/usr/lib SYSLIBDIR=/lib
|
make install-vm DESTDIR="$pkgdir" SBINDIR=/sbin LIBDIR=/usr/lib SYSLIBDIR=/lib
|
||||||
install -Dm 755 "$srcdir"/qubes-qrexec-agent.openrc "$pkgdir"/etc/init.d/qubes-qrexec-agent
|
install -Dm 755 "$srcdir"/qubes-qrexec-agent.openrc "$pkgdir"/etc/init.d/qubes-qrexec-agent
|
||||||
|
@ -55,5 +55,6 @@ package() {
|
||||||
sha512sums="
|
sha512sums="
|
||||||
c4d993dae87446fe73f390bdf0aa3bcfacce1a630b1f0e5f20c6ea7710c14cd9a7a0a66a66e5731dee47c6958c659e61b3c0ebea5a99a31317a52fb326650a2f qubes-vm-qrexec-v4.1.22.tar.gz
|
c4d993dae87446fe73f390bdf0aa3bcfacce1a630b1f0e5f20c6ea7710c14cd9a7a0a66a66e5731dee47c6958c659e61b3c0ebea5a99a31317a52fb326650a2f qubes-vm-qrexec-v4.1.22.tar.gz
|
||||||
e2dd5cace82e881c40d5d37c69f7327fbabde81c9d23283de23de9f1197b7b018ef07a8d90e95c61bd249426d9d8297e7cb372333245941ffa0682c90ea3461f qubes-qrexec-agent.openrc
|
e2dd5cace82e881c40d5d37c69f7327fbabde81c9d23283de23de9f1197b7b018ef07a8d90e95c61bd249426d9d8297e7cb372333245941ffa0682c90ea3461f qubes-qrexec-agent.openrc
|
||||||
|
e48a06778a880915827fb2ef3e38379eb2bc6cf63f7fed79472be4732f7110b0c642c7a62a43236f53404ce69afddd40a5bc92a984403aae74caae1580c31200 makefile-remove-cc-cflags.patch
|
||||||
69b88c8d344f0d575eac398937040ba39a0d8fb8ea0a2b160c48d84775e1da4e226a76f3c5d3be7b045f577b634bb35cd5c5536248e18117c4121a38f9f3bf13 agent-qrexec-fork-server-undef-fortify-source.patch
|
69b88c8d344f0d575eac398937040ba39a0d8fb8ea0a2b160c48d84775e1da4e226a76f3c5d3be7b045f577b634bb35cd5c5536248e18117c4121a38f9f3bf13 agent-qrexec-fork-server-undef-fortify-source.patch
|
||||||
"
|
"
|
||||||
|
|
35
qubes-vm-qrexec/makefile-remove-cc-cflags.patch
Normal file
35
qubes-vm-qrexec/makefile-remove-cc-cflags.patch
Normal file
|
@ -0,0 +1,35 @@
|
||||||
|
diff --git a/Makefile.orig b/Makefile
|
||||||
|
index ade10bf..7de05a4 100644
|
||||||
|
--- a/Makefile.orig
|
||||||
|
+++ b/Makefile
|
||||||
|
@@ -26,7 +24,7 @@ all-base:
|
||||||
|
$(PYTHON) setup.py build
|
||||||
|
.PHONY: all-base
|
||||||
|
|
||||||
|
-install-base: all-base
|
||||||
|
+install-base:
|
||||||
|
+$(MAKE) install -C libqrexec
|
||||||
|
$(PYTHON) setup.py install -O1 $(PYTHON_PREFIX_ARG) --skip-build --root $(DESTDIR)
|
||||||
|
ln -sf qrexec-policy-exec $(DESTDIR)/usr/bin/qrexec-policy
|
||||||
|
@@ -75,7 +73,7 @@ all-vm-selinux:
|
||||||
|
+$(MAKE) -f /usr/share/selinux/devel/Makefile -C selinux qubes-core-qrexec.pp
|
||||||
|
.PHONY: all-vm
|
||||||
|
|
||||||
|
-install-vm: all-vm
|
||||||
|
+install-vm:
|
||||||
|
+$(MAKE) install -C agent
|
||||||
|
install -d $(DESTDIR)/$(SYSLIBDIR)/systemd/system -m 755
|
||||||
|
install -t $(DESTDIR)/$(SYSLIBDIR)/systemd/system -m 644 systemd/qubes-qrexec-agent.service
|
||||||
|
diff --git a/agent/Makefile.orig b/agent/Makefile
|
||||||
|
index e1500f1..d75f60e 100644
|
||||||
|
--- a/agent/Makefile.orig
|
||||||
|
+++ b/agent/Makefile
|
||||||
|
@@ -32,7 +32,7 @@ else
|
||||||
|
endif
|
||||||
|
|
||||||
|
|
||||||
|
-install: all
|
||||||
|
+install:
|
||||||
|
install -d $(DESTDIR)/etc/qubes-rpc $(DESTDIR)/usr/lib/qubes \
|
||||||
|
$(DESTDIR)/usr/bin $(DESTDIR)/usr/share/man/man1
|
||||||
|
install qrexec-agent $(DESTDIR)/usr/lib/qubes
|
|
@ -7,7 +7,7 @@ subpackages="
|
||||||
$pkgname-openrc
|
$pkgname-openrc
|
||||||
"
|
"
|
||||||
pkgver=4.1.19
|
pkgver=4.1.19
|
||||||
pkgrel=0
|
pkgrel=2
|
||||||
_gittag="v$pkgver"
|
_gittag="v$pkgver"
|
||||||
pkgdesc="Common Linux files for Qubes VM."
|
pkgdesc="Common Linux files for Qubes VM."
|
||||||
arch="x86_64"
|
arch="x86_64"
|
||||||
|
|
Loading…
Reference in a new issue