From dfd29e75614253f8fbf0fe395320b55618a04d0a Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Wed, 20 Jul 2011 16:55:43 +0200 Subject: [PATCH] firstboot: create AppVMs as newly created user (#284) Required to create appmenus in proper place (user homedir, not /usr/local). Username retrieved by enumerating qubes group intentional - in some rare cases the user can be created outside of this firstboot instance (ex. firstboot launched by hand). --- firstboot/modules/qubes_setup.py | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/firstboot/modules/qubes_setup.py b/firstboot/modules/qubes_setup.py index 9696e20..c39a893 100644 --- a/firstboot/modules/qubes_setup.py +++ b/firstboot/modules/qubes_setup.py @@ -19,6 +19,7 @@ # # import gtk +import libuser import os, string, sys, time import threading, subprocess, grp @@ -41,9 +42,18 @@ class moduleClass(Module): self.sidebarTitle = N_("Create Service VMs") self.title = N_("Create Service VMs") self.icon = "qubes.png" + self.admin = libuser.admin() def apply(self, interface, testing=False): try: + + qubes_users = self.admin.enumerateUsersByGroup('qubes') + if self.radio_servicevms_and_appvms.get_active() and len(qubes_users) < 1: + self._showErrorMessage(_("You must create a user account to create default AppVMs.")) + return RESULT_FAILURE + else: + self.qubes_user = qubes_users[0] + self.radio_servicevms_and_appvms.set_sensitive(False) self.radio_onlyservicevms.set_sensitive(False) self.radio_dontdoanything.set_sensitive(False) @@ -175,10 +185,10 @@ class moduleClass(Module): subprocess.check_call(['/bin/umount', '/mnt/template-root']) def do_create_appvms(self): - self.run_command(['/usr/bin/qvm-create', '--force-root', 'work', '--label', 'green']) - self.run_command(['/usr/bin/qvm-create', '--force-root', 'banking', '--label', 'green']) - self.run_command(['/usr/bin/qvm-create', '--force-root', 'personal', '--label', 'yellow']) - self.run_command(['/usr/bin/qvm-create', '--force-root', 'untrusted', '--label', 'red']) + self.run_command(['su', '-c', '/usr/bin/qvm-create work --label green', '-', self.qubes_user]) + self.run_command(['su', '-c', '/usr/bin/qvm-create banking --label green', '-', self.qubes_user]) + self.run_command(['su', '-c', '/usr/bin/qvm-create personal --label yellow', '-', self.qubes_user]) + self.run_command(['su', '-c', '/usr/bin/qvm-create untrusted --label red', '-', self.qubes_user]) def createScreen(self): self.vbox = gtk.VBox(spacing=5)