183 lines
6.1 KiB
Text
183 lines
6.1 KiB
Text
# Contributor: Antoine Martin (ayakael) <dev@ayakael.net>
|
|
# Maintainer: Antoine Martin (ayakael) <dev@ayakael.net>
|
|
pkgname=qubes-vm-core
|
|
subpackages="
|
|
qubes-vm-networking:networking:noarch
|
|
qubes-vm-passwordless-root:root:noarch
|
|
$pkgname-openrc
|
|
$pkgname-doc
|
|
$pkgname-pyc
|
|
"
|
|
pkgver=4.3.13
|
|
pkgrel=0
|
|
_gittag="v$pkgver"
|
|
pkgdesc="The Qubes core files for installation inside a Qubes VM."
|
|
arch="x86_64"
|
|
url="https://github.com/QubesOS/qubes-core-agent-linux"
|
|
license="GPL"
|
|
options="!check" # No testsuite
|
|
depends="
|
|
blkid
|
|
coreutils
|
|
dbus-x11
|
|
dconf
|
|
desktop-file-utils
|
|
device-mapper
|
|
diffutils
|
|
e2fsprogs
|
|
e2fsprogs-extra
|
|
ethtool
|
|
fakeroot
|
|
findutils
|
|
gawk
|
|
grep
|
|
haveged
|
|
icu
|
|
imagemagick
|
|
librsvg
|
|
net-tools
|
|
ntpsec
|
|
procps
|
|
py3-dbus
|
|
py3-gobject3
|
|
py3-xdg
|
|
qubes-db-vm
|
|
qubes-libvchan-xen
|
|
qubes-vm-utils
|
|
rsvg-convert
|
|
sed
|
|
socat
|
|
xdg-utils
|
|
zenity
|
|
"
|
|
makedepends="
|
|
gcc
|
|
libx11-dev
|
|
linux-pam-dev
|
|
lsb-release-minimal
|
|
make
|
|
pandoc
|
|
pkgconf
|
|
py3-setuptools
|
|
python3
|
|
qubes-db-vm
|
|
qubes-libvchan-xen
|
|
qubes-vm-utils
|
|
"
|
|
options="suid"
|
|
source="
|
|
$pkgname-$_gittag.tar.gz::https://github.com/QubesOS/qubes-core-agent-linux/archive/refs/tags/$_gittag.tar.gz
|
|
qubes-core-early.openrc
|
|
qubes-core-netvm.openrc
|
|
qubes-core.openrc
|
|
qubes-firewall.openrc
|
|
qubes-iptables.openrc
|
|
qubes-sysinit.openrc
|
|
qubes-updates-proxy-forwarder.openrc
|
|
qubes-updates-proxy.openrc
|
|
apk-proxy.sh
|
|
qvm-sync-clock.sh
|
|
setupip-do-not-use-systemctl.patch
|
|
silence-stringop-overread-error.patch
|
|
"
|
|
builddir="$srcdir"/qubes-core-agent-linux-${_gittag/v}
|
|
|
|
|
|
build() {
|
|
# Fix for network tools paths
|
|
sed 's:/sbin/ethtool:ethtool:g' -i network/*
|
|
sed 's:/sbin/ip:ip:g' -i network/*
|
|
sed 's:/bin/grep:grep:g' -i network/*
|
|
|
|
for dir in qubes-rpc misc; do
|
|
make -C "$dir"
|
|
done
|
|
|
|
# replace all shebangs with /bin/sh as qubes expects bash
|
|
# shellcheck disable=SC2013
|
|
for i in $(grep '/bin/sh' -Rl .); do
|
|
sed -i 's|/bin/sh|/bin/bash|' "$i"
|
|
done
|
|
}
|
|
|
|
#This package provides:
|
|
# * qrexec agent
|
|
# * qubes rpc scripts
|
|
# * core linux tools and scripts
|
|
# * core systemd services and drop-ins
|
|
# * basic network functionality (setting IP address, DNS, default gateway)
|
|
package() {
|
|
make DESTDIR="$pkgdir" SYSTEM_DROPIN_DIR=/usr/lib/systemd SBINDIR=/usr/sbin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib install-corevm
|
|
make -C app-menu DESTDIR="$pkgdir" LIBDIR=/usr/lib SYSLIBDIR=/usr/lib install
|
|
make -C misc DESTDIR="$pkgdir" LIBDIR=/usr/lib SYSLIBDIR=/usr/lib install
|
|
make -C qubes-rpc DESTDIR="$pkgdir" install
|
|
make -C qubes-rpc/kde DESTDIR="$pkgdir" install
|
|
make -C qubes-rpc/nautilus DESTDIR="$pkgdir" install
|
|
make -C qubes-rpc/thunar DESTDIR="$pkgdir" install
|
|
make -C network DESTDIR="$pkgdir" install
|
|
install -Dm755 "$builddir"/network/update-proxy-configs "$pkgdir"/usr/lib/qubes/.
|
|
install -Dm755 "$srcdir"/qvm-sync-clock.sh "$pkgdir"/etc/qubes/suspend-post.d/.
|
|
install -Dm644 "$srcdir"/apk-proxy.sh "$pkgdir"/etc/profile.d/apk-proxy.sh
|
|
install -dm755 "$pkgdir"/etc/bash
|
|
ln -s /etc/profile.d/apk-proxy.sh "$pkgdir"/etc/bash/apk-proxy.sh
|
|
|
|
for i in $source; do
|
|
case $i in
|
|
*.openrc) install -Dm755 "$srcdir"/$i \
|
|
"$pkgdir"/etc/init.d/${i%.*};;
|
|
*.confd) install -Dm644 "$srcdir"/$i \
|
|
"$pkgdir"/etc/conf.d/${i%.*};;
|
|
esac
|
|
done
|
|
}
|
|
|
|
|
|
#This package provides:
|
|
# * proxy service used by TemplateVMs to download updates
|
|
# * qubes-firewall service (FirewallVM)
|
|
#
|
|
#Integration of NetworkManager for Qubes VM:
|
|
# * make connections config persistent
|
|
# * adjust DNS redirections when needed
|
|
# * show/hide NetworkManager applet icon
|
|
#
|
|
networking() {
|
|
pkgdesc="Qubes OS tools allowing to use a Qubes VM as a NetVM/ProxyVM"
|
|
depends="
|
|
conntrack-tools
|
|
ethtool
|
|
iptables
|
|
net-tools
|
|
networkmanager
|
|
nftables
|
|
qubes-db-vm
|
|
qubes-vm-core
|
|
qubes-vm-utils
|
|
tinyproxy
|
|
"
|
|
cd "$builddir"
|
|
install -dm 755 "$subpkgdir"/usr/bin "$subpkgdir"/usr/lib/systemd/system
|
|
mv "$pkgdir"/usr/bin/qubes-firewall "$subpkgdir"/usr/bin/.
|
|
make install-netvm DESTDIR="$subpkgdir" SYSTEM_DROPIN_DIR=/usr/lib/systemd SBINDIR=/usr/sbin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib
|
|
}
|
|
|
|
root() {
|
|
cd "$builddir"
|
|
pkgdesc="Qubes OS Passwordless root access from normal user"
|
|
make -C passwordless-root install DESTDIR="$subpkgdir" SBINDIR=/usr/sbin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib
|
|
}
|
|
sha512sums="
|
|
dbbeef8cf0f7e541aa66172b1c9959fb35b42db67f27ee52f0926bae97109de606250b9464ea6cabbaf0e2fd78d5da0796aa496374625d075f4ffc4bb2919450 qubes-vm-core-v4.3.13.tar.gz
|
|
95c080a593ca1cd457ffafc0cdd6ee28999c72f67191a3955b6081a4a7d287cae4cd0c626139562e5e1eb55516c25402a174e3599daf7d4cb259d6b4bbdff155 qubes-core-early.openrc
|
|
61529413a16b7fa0df691c24adc41b90477c01ea70d572921ecec89df23932e5a2e60c4e73b9a84181dc30424e2e6af4ad1c7dcf6c42689c3cc346a9923d6e07 qubes-core-netvm.openrc
|
|
da8e293520f5fce29ce76d7586e8ce1a4164798a1214079fb554c690264da1d774fdad3f45825aac52c2c3a0b0cfd39df73eb33394dedd7c043fe0f2344b90ca qubes-core.openrc
|
|
164159a80d00c160e74a0ebf4695c047ca7720821e4a9c395405cd96f680b6765e9c4cf426aea94fcb26e08274ec2b42adf45ecc12d26cf683ab3bd0c01afed9 qubes-firewall.openrc
|
|
437a3dc443c5b0311c5dc8f792739eef89e38b2e854b9a5bb248211dd0eb0f26c1d79588ca2b4b63236b8bed0d735be6b2265d8328885730a8aa5f854301d61f qubes-iptables.openrc
|
|
e9096560e4ee4cad836b686e18eb6dbac729227683eda2f0c8b3541c909f64de3489dbb66e3752014deab69cbfae7885bc15b9bb7e3942c02e40328337b9ef30 qubes-sysinit.openrc
|
|
99ec0afc167866727072606aa183f0c7a539e68e0d8b9a57f6b9c129d3722c9135e1487eef438807d7138af0e669fb14608cbc1f1d5620ee9e995f294a8929f8 qubes-updates-proxy-forwarder.openrc
|
|
29d316b9f48cad15f6e22aaa67b228a5e4893ded86463dbe25b3cc68301b961473e79c01f003b1665e217ad4af2e618625442250d5607c1c16462e3f5eed069c qubes-updates-proxy.openrc
|
|
517d59e4699c24f23ccd59f5d4be3a519a426eee99d742c637fe1a9e69caa073621f4e9362c30182ba5a1a3eb0a769070c96e2c6b24cd8366a1f8f450a0b1c01 apk-proxy.sh
|
|
cca9f49422fa25cd5f3942dce8edd3ecff080bf5c407a7a790b438bedea054f39a4a3d8c179b44c4c08fc490b597e14d00dad9b0240861e83957e0af7aa6475d qvm-sync-clock.sh
|
|
eb59321c800e65ce873085a1105b1b697d2a8ecaefcdaa8280a81d0082c0022653ecd746c7ec37e2c544265892afb77531effa17b0fa6c45a6a86925b513bdea setupip-do-not-use-systemctl.patch
|
|
6b96edf070706da596e7abcb9fe6419fbf17eecb46cbd65aeceea83d078458efaedfadec33021253c2bd1b356a85fa721316fa18d5a535491004046ba2c812d3 silence-stringop-overread-error.patch
|
|
"
|