From d6a588e0a4318d0fa77e4130ad03f9f7a2b3187a Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Wed, 19 Dec 2012 04:50:16 +0100
Subject: [PATCH] firstboot: add text-based fallback in case of GUI failed

If firstboot fails it is very hard to debug the problem, because lack of any
user and no network access. So provide some basic fallback.
---
 firstboot/firstboot-qubes-text | 98 ++++++++++++++++++++++++++++++++++
 firstboot/firstboot.spec       |  2 +
 firstboot/init/firstboot       |  2 +-
 3 files changed, 101 insertions(+), 1 deletion(-)
 create mode 100755 firstboot/firstboot-qubes-text

diff --git a/firstboot/firstboot-qubes-text b/firstboot/firstboot-qubes-text
new file mode 100755
index 0000000..ea24b3e
--- /dev/null
+++ b/firstboot/firstboot-qubes-text
@@ -0,0 +1,98 @@
+#!/bin/bash
+
+# Failsafe minimal text-mode firstboot
+
+# Welcome
+
+echo "########################################################"
+echo "###                                                  ###"
+echo "### Welcome to `cat /etc/qubes-release`                  ###"
+echo "###                                                  ###"
+echo "########################################################"
+echo
+echo "This is failsafe text-mode firstboot. If you see this message, you have"
+echo "some problem with Xorg (most probably video driver)"
+echo
+echo "Anyway some basic setup is needed to continue:"
+
+# User creation
+
+echo
+echo "1. Setup user account"
+user=
+while [ -z "$user" ]; do
+    echo -n "Enter desired username: "
+    read user
+    if echo "$user" | grep -q "[^a-z0-9]"; then
+        echo "ERROR: Invalid characters in username, try again"
+    elif id $user > /dev/null 2>&1; then
+        echo "ERROR: This user already exists, try again"
+    else
+        break
+    fi
+done
+useradd -G qubes -m "$user" || exit 1
+while ! passwd "$user"; do true; done
+
+
+# Create default VMs
+
+echo
+echo "2. Create default VMs"
+echo
+echo "Choose one option:"
+echo "  1. Create default service VMs, and pre-defined AppVMs (work, banking, personal, untrusted)"
+echo "  2. Just create default service VMs"
+echo "  3. Do not create any VMs right now (not recommended, for advanced users only)"
+vms_option=
+while true; do
+    echo -n "Enter your choice (1/2/3): "
+    read vms_option
+    if [ "$vms_option" == "1" ]; then
+        vms_service=yes
+        vms_app=yes
+        break
+    elif [ "$vms_option" == "2" ]; then
+        vms_service=yes
+        break
+    elif [ "$vms_option" == "3" ]; then
+        break
+    else
+        echo "ERROR: Invalid choice, try again"
+    fi
+done
+
+set -e
+
+if [ "$vms_service" == "yes" ]; then
+    echo "-> Creating default netvm..."
+    su -c "/usr/bin/qvm-create --net --label red netvm" - $user
+    for dev in `/sbin/lspci -mm -n | sed -ne 's/^\([0-9][0-9]:[0-9][0-9].[0-9]\) "02.*/\1/p'`; do
+        su -c "/usr/bin/qvm-pci -a netvm $dev" - $user
+    done 
+    echo "-> Creating default firewallvm..."
+    su -c "/usr/bin/qvm-create --proxy --label green firewallvm" - $user
+    su -c "/usr/bin/qvm-prefs --set firewallvm netvm netvm" - $user
+    su -c "/usr/bin/qubes-prefs --set default-netvm firewallvm" - $user
+    echo "-> Configuring template..."
+    /bin/mkdir -p /mnt/template-root
+    for template in `ls /var/lib/qubes/vm-templates`; do
+        /bin/mount -oloop "/var/lib/qubes/vm-templates/$template/root.img" /mnt/template-root
+        cp /etc/localtime /mnt/template-root/etc
+        cp /etc/ntp.conf /mnt/template-root/etc
+        umount /mnt/template-root
+    done
+    echo "-> Starting network..."
+    /etc/init.d/qubes_netvm start
+    echo "-> Creating DispVM savefile (can take long time)..."
+    su -c "/usr/bin/qvm-create-default-dvm --default-template --default-script" - $user
+fi
+
+if [ "$vms_app" == "yes" ]; then
+    echo "-> Creating default AppVMs..."
+    su -c "/usr/bin/qvm-create work --label green" - $user
+    su -c "/usr/bin/qvm-create banking --label green" - $user
+    su -c "/usr/bin/qvm-create personal --label yellow" - $user
+    su -c "/usr/bin/qvm-create untrusted --label red" - $user
+fi
+echo "-> Done."
diff --git a/firstboot/firstboot.spec b/firstboot/firstboot.spec
index 7a58028..3a38ef2 100644
--- a/firstboot/firstboot.spec
+++ b/firstboot/firstboot.spec
@@ -42,6 +42,7 @@ rm -rf %{buildroot}
 make DESTDIR=%{buildroot} SITELIB=%{python_sitelib} install
 rm %{buildroot}/%{_datadir}/firstboot/modules/additional_cds.py*
 %find_lang %{name}
+install -m 0755 -D firstboot-qubes-text %{buildroot}%{_sbindir}/firstboot-qubes-text
 
 %clean
 rm -rf %{buildroot}
@@ -67,6 +68,7 @@ fi
 %config %{_initrddir}/firstboot
 %{python_sitelib}/*
 %{_sbindir}/firstboot
+%{_sbindir}/firstboot-qubes-text
 %{_datadir}/firstboot/modules/create_user.py*
 %{_datadir}/firstboot/modules/date.py*
 %{_datadir}/firstboot/modules/eula.py*
diff --git a/firstboot/init/firstboot b/firstboot/init/firstboot
index c042f89..257115a 100755
--- a/firstboot/init/firstboot
+++ b/firstboot/init/firstboot
@@ -67,7 +67,7 @@ case "$1" in
 
         /usr/bin/plymouth --hide-splash
 
-        /usr/sbin/firstboot $args
+        /usr/sbin/firstboot $args || /usr/sbin/firstboot-qubes-text
         RETVAL=$?
 
         /usr/bin/plymouth --show-splash