2014-04-24 13:42:18 +00:00
|
|
|
#!/bin/sh
|
|
|
|
# vim: set ts=4 sw=4 sts=4 et :
|
|
|
|
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-16 16:03:05 +00:00
|
|
|
# Source external scripts
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
2014-04-24 13:42:18 +00:00
|
|
|
. $SCRIPTSDIR/vars.sh
|
2014-10-14 21:04:42 +00:00
|
|
|
. ./umount_kill.sh >/dev/null
|
2014-10-14 16:02:12 +00:00
|
|
|
|
2014-10-16 16:03:05 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Configurations
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
if [ "$VERBOSE" -ge 2 -o "$DEBUG" == "1" ]; then
|
|
|
|
set -x
|
|
|
|
else
|
|
|
|
set -e
|
|
|
|
fi
|
|
|
|
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# If .prepared_debootstrap has not been completed, don't continue
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
if ! [ -f "$INSTALLDIR/tmp/.prepared_debootstrap" ]; then
|
2014-10-16 16:03:05 +00:00
|
|
|
error "prepared_debootstrap installataion has not completed!... Exiting"
|
|
|
|
umount_kill "$INSTALLDIR" || :
|
2014-10-14 16:02:12 +00:00
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Mount system mount points
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
for fs in /dev /dev/pts /proc /sys /run; do mount -B $fs "$INSTALLDIR/$fs"; done
|
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-22 20:37:26 +00:00
|
|
|
# Execute any template flavor or sub flavor 'pre' scripts
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-22 20:37:26 +00:00
|
|
|
buildStep "$0" "pre"
|
2014-04-24 13:42:18 +00:00
|
|
|
|
2014-10-14 16:02:12 +00:00
|
|
|
if ! [ -f "$INSTALLDIR/tmp/.prepared_groups" ]; then
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Cleanup function
|
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-16 16:03:05 +00:00
|
|
|
function cleanup() {
|
|
|
|
error "Install groups error and umount"
|
2014-10-14 16:02:12 +00:00
|
|
|
rm -f "$INSTALLDIR/usr/sbin/policy-rc.d"
|
2014-10-14 21:04:42 +00:00
|
|
|
umount_kill "$INSTALLDIR" || :
|
2014-10-14 16:02:12 +00:00
|
|
|
exit 1
|
|
|
|
}
|
2014-10-16 16:03:05 +00:00
|
|
|
trap cleanup ERR
|
|
|
|
trap cleanup EXIT
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Set up a temporary policy-rc.d to prevent apt from starting services
|
|
|
|
# on package installation
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
cat > "$INSTALLDIR/usr/sbin/policy-rc.d" <<EOF
|
2014-04-24 13:42:18 +00:00
|
|
|
#!/bin/sh
|
|
|
|
return 101 # Action forbidden by policy
|
|
|
|
EOF
|
2014-10-14 16:02:12 +00:00
|
|
|
chmod 755 "$INSTALLDIR/usr/sbin/policy-rc.d"
|
2014-04-24 13:42:18 +00:00
|
|
|
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Add debian security repository
|
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-16 16:03:05 +00:00
|
|
|
debug "Adding debian-security repository."
|
2014-10-14 16:02:12 +00:00
|
|
|
source="deb http://security.debian.org ${DEBIANVERSION}/updates main"
|
|
|
|
if ! grep -r -q "$source" "$INSTALLDIR/etc/apt/sources.list"*; then
|
|
|
|
touch "$INSTALLDIR/etc/apt/sources.list"
|
|
|
|
echo "$source" >> "$INSTALLDIR/etc/apt/sources.list"
|
|
|
|
fi
|
|
|
|
source="deb-src http://security.debian.org ${DEBIANVERSION}/updates main"
|
|
|
|
if ! grep -r -q "$source" "$INSTALLDIR/etc/apt/sources.list"*; then
|
|
|
|
touch "$INSTALLDIR/etc/apt/sources.list"
|
|
|
|
echo "$source" >> "$INSTALLDIR/etc/apt/sources.list"
|
|
|
|
fi
|
2014-04-24 13:42:18 +00:00
|
|
|
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Upgrade system
|
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-16 16:03:05 +00:00
|
|
|
debug "Upgrading system"
|
2014-10-14 16:02:12 +00:00
|
|
|
chroot "$INSTALLDIR" apt-get update
|
2014-10-18 03:34:01 +00:00
|
|
|
true "${stout}"
|
2014-10-14 16:02:12 +00:00
|
|
|
DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
|
|
|
|
chroot "$INSTALLDIR" apt-get -y --force-yes dist-upgrade
|
2014-07-26 14:54:56 +00:00
|
|
|
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Configure keyboard
|
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-16 16:03:05 +00:00
|
|
|
debug "Setting keyboard layout"
|
2014-10-14 16:02:12 +00:00
|
|
|
chroot "$INSTALLDIR" debconf-set-selections <<EOF
|
2014-07-28 16:54:52 +00:00
|
|
|
keyboard-configuration keyboard-configuration/variant select English (US)
|
|
|
|
keyboard-configuration keyboard-configuration/layout select English (US)
|
|
|
|
keyboard-configuration keyboard-configuration/model select Generic 105-key (Intl) PC
|
|
|
|
keyboard-configuration keyboard-configuration/modelcode string pc105
|
|
|
|
keyboard-configuration keyboard-configuration/layoutcode string us
|
2014-10-14 16:02:12 +00:00
|
|
|
keyboard-configuration keyboard-configuration/variantcode string
|
|
|
|
keyboard-configuration keyboard-configuration/optionscode string
|
2014-07-28 16:54:52 +00:00
|
|
|
EOF
|
|
|
|
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Install extra packages in script_$DEBIANVERSION/packages.list file
|
2014-10-22 20:37:26 +00:00
|
|
|
# -and / or- TEMPLATE_FLAVOR directories
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-22 20:37:26 +00:00
|
|
|
getFileLocations packages_list "packages.list" "${DIST}"
|
|
|
|
if [ -z "${packages_list}" ]; then
|
|
|
|
error "Can not locate a package.list file!"
|
|
|
|
umount_kill "$INSTALLDIR" || :
|
|
|
|
exit 1
|
2014-10-14 16:02:12 +00:00
|
|
|
fi
|
|
|
|
|
2014-10-22 20:37:26 +00:00
|
|
|
for package_list in "${packages_list[@]}"; do
|
|
|
|
debug "Installing extra packages from: ${package_list}"
|
|
|
|
DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
|
|
|
|
xargs chroot $INSTALLDIR apt-get -y --force-yes install < "$package_list"
|
|
|
|
done
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-22 20:37:26 +00:00
|
|
|
# Execute any template flavor or sub flavor scripts after packages are installed
|
2014-10-14 16:02:12 +00:00
|
|
|
# (Whonix needs dependancies installed before installation)
|
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-22 20:37:26 +00:00
|
|
|
buildStep "$0" "packages_installed"
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Install systemd
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# - sysvinit gives problems with qubes initramfs, we depend on systemd
|
|
|
|
# for now. Apt *really* doesn't want to replace sysvinit in wheezy.
|
|
|
|
# For jessie and newer, sysvinit is provided by sysvinit-core which
|
|
|
|
# is not an essential package.
|
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-16 16:03:05 +00:00
|
|
|
debug "Installing systemd for debian ($DEBIANVERSION)"
|
2014-10-14 18:26:56 +00:00
|
|
|
if [ "$DEBIANVERSION" == "wheezy" ]; then
|
|
|
|
echo 'Yes, do as I say!' | DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
|
|
|
|
chroot "$INSTALLDIR" apt-get -y --force-yes remove sysvinit
|
|
|
|
else
|
|
|
|
DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
|
|
|
|
chroot "$INSTALLDIR" apt-get -y --force-yes remove sysvinit
|
|
|
|
fi
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# Prevent sysvinit from being re-installed
|
2014-10-16 16:03:05 +00:00
|
|
|
debug "Preventing sysvinit re-installation"
|
2014-10-14 16:02:12 +00:00
|
|
|
chroot "$INSTALLDIR" apt-mark hold sysvinit
|
|
|
|
|
2014-10-17 04:24:00 +00:00
|
|
|
# Pin sysvinit to prevent being re-installed
|
2014-10-18 03:34:01 +00:00
|
|
|
cat > "$INSTALLDIR/etc/apt/preferences.d/qubes_sysvinit" <<EOF
|
2014-10-17 04:24:00 +00:00
|
|
|
Package: sysvinit
|
|
|
|
Pin: version *
|
|
|
|
Pin-Priority: -100
|
|
|
|
EOF
|
|
|
|
chmod 0644 "$INSTALLDIR/etc/apt/preferences.d/qubes_sysvinit"
|
|
|
|
|
2014-10-14 16:02:12 +00:00
|
|
|
chroot "$INSTALLDIR" apt-get update
|
|
|
|
DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
|
|
|
|
chroot "$INSTALLDIR" apt-get -y --force-yes install systemd-sysv
|
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Set multu-user.target as the default target (runlevel 3)
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
#chroot "$INSTALLDIR" systemctl set-default multi-user.target
|
|
|
|
chroot "$INSTALLDIR" rm -f /etc/systemd/system/default.target
|
|
|
|
chroot "$INSTALLDIR" ln -sf /lib/systemd/system/multi-user.target /etc/systemd/system/default.target
|
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Qubes is now being built with some SID packages; grab backport for wheezy
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
if [ "$DEBIANVERSION" == "wheezy" ]; then
|
2014-10-16 16:03:05 +00:00
|
|
|
debug "Adding wheezy backports repository."
|
2014-10-14 18:26:56 +00:00
|
|
|
source="deb ${DEBIAN_MIRROR} wheezy-backports main"
|
2014-10-14 16:02:12 +00:00
|
|
|
if ! grep -r -q "$source" "$INSTALLDIR/etc/apt/sources.list"*; then
|
|
|
|
touch "$INSTALLDIR/etc/apt/sources.list"
|
|
|
|
echo "$source" >> "$INSTALLDIR/etc/apt/sources.list"
|
|
|
|
fi
|
|
|
|
chroot $INSTALLDIR apt-get update
|
|
|
|
DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
|
|
|
|
chroot $INSTALLDIR apt-get -y --force-yes -t wheezy-backports install init-system-helpers
|
|
|
|
fi
|
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Cleanup
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Remove temporary policy layer so services can start normally in the
|
|
|
|
# deployed template.
|
|
|
|
rm -f "$INSTALLDIR/usr/sbin/policy-rc.d"
|
|
|
|
touch "$INSTALLDIR/tmp/.prepared_groups"
|
|
|
|
trap - ERR EXIT
|
|
|
|
trap
|
|
|
|
|
|
|
|
# Kill all processes and umount all mounts within $INSTALLDIR,
|
|
|
|
# but not $INSTALLDIR itself (extra '/' prevents $INSTALLDIR from being
|
|
|
|
# umounted itself)
|
2014-10-14 21:04:42 +00:00
|
|
|
umount_kill "$INSTALLDIR/" || :
|
2014-10-14 16:02:12 +00:00
|
|
|
fi
|
2014-04-24 13:42:18 +00:00
|
|
|
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-22 20:37:26 +00:00
|
|
|
# Execute any template flavor or sub flavor 'post' scripts
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-22 20:37:26 +00:00
|
|
|
buildStep "$0" "post"
|
2014-04-24 13:42:18 +00:00
|
|
|
|