# Contributor: Antoine Martin (ayakael) # Maintainer: Antoine Martin (ayakael) pkgname=qubes-vm-core subpackages=" qubes-vm-networking:networking:noarch qubes-vm-passwordless-root:root:noarch $pkgname-openrc $pkgname-doc $pkgname-pyc " pkgver=4.3.13 pkgrel=0 _gittag="v$pkgver" pkgdesc="The Qubes core files for installation inside a Qubes VM." arch="x86_64" url="https://github.com/QubesOS/qubes-core-agent-linux" license="GPL" options="!check" # No testsuite depends=" blkid coreutils dbus-x11 dconf desktop-file-utils device-mapper diffutils e2fsprogs e2fsprogs-extra ethtool fakeroot findutils gawk grep haveged icu imagemagick librsvg net-tools ntpsec procps py3-dbus py3-gobject3 py3-xdg qubes-db-vm qubes-libvchan-xen qubes-vm-utils rsvg-convert sed socat xdg-utils zenity " makedepends=" gcc libx11-dev linux-pam-dev lsb-release-minimal make pandoc pkgconf py3-setuptools python3 qubes-db-vm qubes-libvchan-xen qubes-vm-utils " options="suid" source=" $pkgname-$_gittag.tar.gz::https://github.com/QubesOS/qubes-core-agent-linux/archive/refs/tags/$_gittag.tar.gz qubes-core-early.openrc qubes-core-netvm.openrc qubes-core.openrc qubes-firewall.openrc qubes-iptables.openrc qubes-sysinit.openrc qubes-updates-proxy-forwarder.openrc qubes-updates-proxy.openrc apk-proxy.sh qvm-sync-clock.sh setupip-do-not-use-systemctl.patch silence-stringop-overread-error.patch " builddir="$srcdir"/qubes-core-agent-linux-${_gittag/v} build() { # Fix for network tools paths sed 's:/sbin/ethtool:ethtool:g' -i network/* sed 's:/sbin/ip:ip:g' -i network/* sed 's:/bin/grep:grep:g' -i network/* for dir in qubes-rpc misc; do make -C "$dir" done # replace all shebangs with /bin/sh as qubes expects bash # shellcheck disable=SC2013 for i in $(grep '/bin/sh' -Rl .); do sed -i 's|/bin/sh|/bin/bash|' "$i" done } #This package provides: # * qrexec agent # * qubes rpc scripts # * core linux tools and scripts # * core systemd services and drop-ins # * basic network functionality (setting IP address, DNS, default gateway) package() { make DESTDIR="$pkgdir" SYSTEM_DROPIN_DIR=/usr/lib/systemd SBINDIR=/usr/sbin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib install-corevm make -C app-menu DESTDIR="$pkgdir" LIBDIR=/usr/lib SYSLIBDIR=/usr/lib install make -C misc DESTDIR="$pkgdir" LIBDIR=/usr/lib SYSLIBDIR=/usr/lib install make -C qubes-rpc DESTDIR="$pkgdir" install make -C qubes-rpc/kde DESTDIR="$pkgdir" install make -C qubes-rpc/nautilus DESTDIR="$pkgdir" install make -C qubes-rpc/thunar DESTDIR="$pkgdir" install make -C network DESTDIR="$pkgdir" install install -Dm755 "$builddir"/network/update-proxy-configs "$pkgdir"/usr/lib/qubes/. install -Dm755 "$srcdir"/qvm-sync-clock.sh "$pkgdir"/etc/qubes/suspend-post.d/. install -Dm644 "$srcdir"/apk-proxy.sh "$pkgdir"/etc/profile.d/apk-proxy.sh install -dm755 "$pkgdir"/etc/bash ln -s /etc/profile.d/apk-proxy.sh "$pkgdir"/etc/bash/apk-proxy.sh for i in $source; do case $i in *.openrc) install -Dm755 "$srcdir"/$i \ "$pkgdir"/etc/init.d/${i%.*};; *.confd) install -Dm644 "$srcdir"/$i \ "$pkgdir"/etc/conf.d/${i%.*};; esac done } #This package provides: # * proxy service used by TemplateVMs to download updates # * qubes-firewall service (FirewallVM) # #Integration of NetworkManager for Qubes VM: # * make connections config persistent # * adjust DNS redirections when needed # * show/hide NetworkManager applet icon # networking() { pkgdesc="Qubes OS tools allowing to use a Qubes VM as a NetVM/ProxyVM" depends=" conntrack-tools ethtool iptables net-tools networkmanager nftables qubes-db-vm qubes-vm-core qubes-vm-utils tinyproxy " cd "$builddir" install -dm 755 "$subpkgdir"/usr/bin "$subpkgdir"/usr/lib/systemd/system mv "$pkgdir"/usr/bin/qubes-firewall "$subpkgdir"/usr/bin/. make install-netvm DESTDIR="$subpkgdir" SYSTEM_DROPIN_DIR=/usr/lib/systemd SBINDIR=/usr/sbin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib } root() { cd "$builddir" pkgdesc="Qubes OS Passwordless root access from normal user" make -C passwordless-root install DESTDIR="$subpkgdir" SBINDIR=/usr/sbin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib } sha512sums=" dbbeef8cf0f7e541aa66172b1c9959fb35b42db67f27ee52f0926bae97109de606250b9464ea6cabbaf0e2fd78d5da0796aa496374625d075f4ffc4bb2919450 qubes-vm-core-v4.3.13.tar.gz 95c080a593ca1cd457ffafc0cdd6ee28999c72f67191a3955b6081a4a7d287cae4cd0c626139562e5e1eb55516c25402a174e3599daf7d4cb259d6b4bbdff155 qubes-core-early.openrc 61529413a16b7fa0df691c24adc41b90477c01ea70d572921ecec89df23932e5a2e60c4e73b9a84181dc30424e2e6af4ad1c7dcf6c42689c3cc346a9923d6e07 qubes-core-netvm.openrc da8e293520f5fce29ce76d7586e8ce1a4164798a1214079fb554c690264da1d774fdad3f45825aac52c2c3a0b0cfd39df73eb33394dedd7c043fe0f2344b90ca qubes-core.openrc 164159a80d00c160e74a0ebf4695c047ca7720821e4a9c395405cd96f680b6765e9c4cf426aea94fcb26e08274ec2b42adf45ecc12d26cf683ab3bd0c01afed9 qubes-firewall.openrc 437a3dc443c5b0311c5dc8f792739eef89e38b2e854b9a5bb248211dd0eb0f26c1d79588ca2b4b63236b8bed0d735be6b2265d8328885730a8aa5f854301d61f qubes-iptables.openrc e9096560e4ee4cad836b686e18eb6dbac729227683eda2f0c8b3541c909f64de3489dbb66e3752014deab69cbfae7885bc15b9bb7e3942c02e40328337b9ef30 qubes-sysinit.openrc 99ec0afc167866727072606aa183f0c7a539e68e0d8b9a57f6b9c129d3722c9135e1487eef438807d7138af0e669fb14608cbc1f1d5620ee9e995f294a8929f8 qubes-updates-proxy-forwarder.openrc 29d316b9f48cad15f6e22aaa67b228a5e4893ded86463dbe25b3cc68301b961473e79c01f003b1665e217ad4af2e618625442250d5607c1c16462e3f5eed069c qubes-updates-proxy.openrc 517d59e4699c24f23ccd59f5d4be3a519a426eee99d742c637fe1a9e69caa073621f4e9362c30182ba5a1a3eb0a769070c96e2c6b24cd8366a1f8f450a0b1c01 apk-proxy.sh cca9f49422fa25cd5f3942dce8edd3ecff080bf5c407a7a790b438bedea054f39a4a3d8c179b44c4c08fc490b597e14d00dad9b0240861e83957e0af7aa6475d qvm-sync-clock.sh eb59321c800e65ce873085a1105b1b697d2a8ecaefcdaa8280a81d0082c0022653ecd746c7ec37e2c544265892afb77531effa17b0fa6c45a6a86925b513bdea setupip-do-not-use-systemctl.patch 6b96edf070706da596e7abcb9fe6419fbf17eecb46cbd65aeceea83d078458efaedfadec33021253c2bd1b356a85fa721316fa18d5a535491004046ba2c812d3 silence-stringop-overread-error.patch "