From ad404bfbe63de831bf5712c89b4a7e1e488cd5a6 Mon Sep 17 00:00:00 2001 From: Christopher Laprise Date: Sun, 12 Mar 2017 23:15:45 -0400 Subject: [PATCH 1/2] Starting mods for template upgrade support --- dom0-updates/qubes-dom0-update | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/dom0-updates/qubes-dom0-update b/dom0-updates/qubes-dom0-update index 26d1de3..c00d133 100755 --- a/dom0-updates/qubes-dom0-update +++ b/dom0-updates/qubes-dom0-update @@ -61,11 +61,12 @@ while [ $# -gt 0 ]; do shift done -# Prevent template upgrade - this would override user changes - -# but do allow explicit template reinstalls -if [ "$YUM_ACTION" == "reinstall" ] && [[ "$PKGS" == *"qubes-template-"* ]]; then +# Prevent implicit update of template - this would override user changes - +# but do allow explicit template upgrade, downgrade, reinstall +if [ "$YUM_ACTION" == "reinstall" ] || [ "$YUM_ACTION" == "upgrade" ] || [ "$YUM_ACTION" == "downgrade" ] \ +&& [[ "$PKGS" == *"qubes-template-"* ]]; then TEMPLATE_EXCLUDE_OPTS="" - echo "WARNING: Reinstalling a template will erase all files in template's /home and /rw !" + echo "WARNING: Replacing a template will erase all files in template's /home and /rw !" ONEPKG=`cut -f 1 -d ' ' <<<$PKGS` if [[ "$ONEPKG" == "qubes-template-"* ]] && [[ "$ONEPKG" == "${PKGS#\ }" ]]; then # test "$PKGS" minus space @@ -83,7 +84,7 @@ if [ "$YUM_ACTION" == "reinstall" ] && [[ "$PKGS" == *"qubes-template-"* ]]; the TEMPLATE_NETVM="default" fi else - echo "ERROR: Specify only one package to reinstall template" + echo "ERROR: Specify only one package when replacing template" exit 1 fi From 25f1801061faf5cee60e7e083fb9a8c2241a6e2f Mon Sep 17 00:00:00 2001 From: Christopher Laprise Date: Wed, 15 Mar 2017 10:10:36 -0400 Subject: [PATCH 2/2] Fixes --- dom0-updates/qubes-dom0-update | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/dom0-updates/qubes-dom0-update b/dom0-updates/qubes-dom0-update index c00d133..02541a4 100755 --- a/dom0-updates/qubes-dom0-update +++ b/dom0-updates/qubes-dom0-update @@ -63,15 +63,16 @@ done # Prevent implicit update of template - this would override user changes - # but do allow explicit template upgrade, downgrade, reinstall -if [ "$YUM_ACTION" == "reinstall" ] || [ "$YUM_ACTION" == "upgrade" ] || [ "$YUM_ACTION" == "downgrade" ] \ -&& [[ "$PKGS" == *"qubes-template-"* ]]; then +if [ "$YUM_ACTION" == "reinstall" ] || [ "$YUM_ACTION" == "upgrade" ] || [ "$YUM_ACTION" == "upgrade-to" ] \ +|| [ "$YUM_ACTION" == "downgrade" ] && [[ "$PKGS" == *"qubes-template-"* ]]; then TEMPLATE_EXCLUDE_OPTS="" echo "WARNING: Replacing a template will erase all files in template's /home and /rw !" ONEPKG=`cut -f 1 -d ' ' <<<$PKGS` if [[ "$ONEPKG" == "qubes-template-"* ]] && [[ "$ONEPKG" == "${PKGS#\ }" ]]; then # test "$PKGS" minus space # Prepare to backup template root.img in case reinstall doesn't complete. - TEMPLATE=${ONEPKG#qubes-template-} + ONEPKG=`sed -r 's/-[0-9]+(\.[0-9-]+)+(\.noarch)*$//' <<<$ONEPKG` # Remove version suffix + TEMPLATE=${ONEPKG#qubes-template-} # Remove prefix if qvm-shutdown --wait $TEMPLATE ; then echo "Template VM halted" fi @@ -84,7 +85,7 @@ if [ "$YUM_ACTION" == "reinstall" ] || [ "$YUM_ACTION" == "upgrade" ] || [ "$YUM TEMPLATE_NETVM="default" fi else - echo "ERROR: Specify only one package when replacing template" + echo "ERROR: Specify only one package to reinstall template" exit 1 fi @@ -194,6 +195,9 @@ if [ "x$PKGS" != "x" ]; then mv "$BAK_TEMPLATE_ROOT" "$BAK_TEMPLATE_ROOT-bak" mv "$BAK_TEMPLATE_PRIVATE" "$BAK_TEMPLATE_PRIVATE-bak" TDIR=`qvm-prefs --force-root $TEMPLATE dir` + if [ -f "$TDIR/firewall.xml" ]; then + mv "$TDIR/firewall.xml" "$TDIR/firewall.xml-bak" + fi rm -f "$TDIR/volatile.img" echo "--> Creating private.img..." truncate -s 2G $BAK_TEMPLATE_PRIVATE @@ -218,6 +222,10 @@ if [ "x$PKGS" != "x" ]; then echo "ERROR: NetVM setting could not be restored!" exit 1 fi + if [ -f "$TDIR/firewall.xml-bak" ]; then + mv "$TDIR/firewall.xml-bak" "$TDIR/firewall.xml" + fi + fi elif [ -f /var/lib/qubes/updates/repodata/repomd.xml ]; then # Above file exists only when at least one package was downloaded