2014-04-24 13:42:18 +00:00
|
|
|
#!/bin/sh
|
|
|
|
# vim: set ts=4 sw=4 sts=4 et :
|
|
|
|
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Source external scripts
|
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-28 08:09:55 +00:00
|
|
|
. ${SCRIPTSDIR}/vars.sh
|
2014-10-14 21:04:42 +00:00
|
|
|
. ./umount_kill.sh >/dev/null
|
2014-10-14 16:02:12 +00:00
|
|
|
|
2014-10-16 16:03:05 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Configurations
|
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-28 08:09:55 +00:00
|
|
|
if [ "${VERBOSE}" -ge 2 -o "${DEBUG}" == "1" ]; then
|
2014-10-16 16:03:05 +00:00
|
|
|
set -x
|
|
|
|
else
|
|
|
|
set -e
|
|
|
|
fi
|
|
|
|
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# If .prepared_groups has not been completed, don't continue
|
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-28 08:09:55 +00:00
|
|
|
if ! [ -f "${INSTALLDIR}/tmp/.prepared_groups" ]; then
|
2014-10-16 16:03:05 +00:00
|
|
|
error "prepared_groups installataion has not completed!... Exiting"
|
2014-10-14 16:02:12 +00:00
|
|
|
exit 1
|
|
|
|
fi
|
2014-04-24 13:42:18 +00:00
|
|
|
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Mount system mount points
|
|
|
|
# ------------------------------------------------------------------------------
|
2014-12-01 19:12:45 +00:00
|
|
|
for fs in /dev /dev/pts /proc /sys; do mount -B $fs "${INSTALLDIR}/$fs"; done
|
|
|
|
mount -t tmpfs none "${INSTALLDIR}/run"
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-22 20:37:26 +00:00
|
|
|
# Execute any template flavor or sub flavor 'pre' scripts
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-22 20:37:26 +00:00
|
|
|
buildStep "$0" "pre"
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
# Install Qubes Packages
|
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-28 08:09:55 +00:00
|
|
|
if ! [ -f "${INSTALLDIR}/tmp/.prepared_qubes" ]; then
|
2014-10-16 16:03:05 +00:00
|
|
|
debug "Installing qbues modules"
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
# Set up a temporary policy-rc.d to prevent apt from starting services
|
|
|
|
# on package installation
|
|
|
|
# --------------------------------------------------------------------------
|
2014-10-28 08:09:55 +00:00
|
|
|
cat > "${INSTALLCHROOT}/usr/sbin/policy-rc.d" <<EOF
|
2014-04-24 13:42:18 +00:00
|
|
|
#!/bin/sh
|
|
|
|
return 101 # Action forbidden by policy
|
|
|
|
EOF
|
2014-10-28 08:09:55 +00:00
|
|
|
chmod 755 ${INSTALLCHROOT}/usr/sbin/policy-rc.d
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
# Generate locales
|
|
|
|
# --------------------------------------------------------------------------
|
2014-10-16 16:03:05 +00:00
|
|
|
debug "Generate locales"
|
2014-10-28 08:09:55 +00:00
|
|
|
echo "en_US.UTF-8 UTF-8" >> "${INSTALLDIR}/etc/locale.gen"
|
|
|
|
chroot "${INSTALLDIR}" locale-gen
|
|
|
|
chroot "${INSTALLDIR}" update-locale LANG=en_US.UTF-8
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
# Link mtab
|
|
|
|
# --------------------------------------------------------------------------
|
2014-10-28 08:09:55 +00:00
|
|
|
rm -f "${INSTALLDIR}/etc/mtab"
|
|
|
|
ln -s "../proc/self/mounts" "${INSTALLDIR}/etc/mtab"
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
# Start of Qubes package installation
|
|
|
|
# --------------------------------------------------------------------------
|
2014-10-16 16:03:05 +00:00
|
|
|
debug "Installing qubes packages"
|
2014-10-28 08:09:55 +00:00
|
|
|
export CUSTOMREPO="${PWD}/yum_repo_qubes/${DIST}"
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
# Install keyrings
|
|
|
|
# --------------------------------------------------------------------------
|
2014-10-28 08:09:55 +00:00
|
|
|
if ! [ -e "${CACHEDIR}/repo-secring.gpg" ]; then
|
|
|
|
mkdir -p "${CACHEDIR}"
|
2014-10-14 16:02:12 +00:00
|
|
|
gpg --gen-key --batch <<EOF
|
2014-07-26 02:33:49 +00:00
|
|
|
Key-Type: RSA
|
|
|
|
Key-Length: 1024
|
|
|
|
Key-Usage: sign
|
|
|
|
Name-Real: Qubes builder
|
|
|
|
Expire-Date: 0
|
2014-10-28 08:09:55 +00:00
|
|
|
%pubring ${CACHEDIR}/repo-pubring.gpg
|
|
|
|
%secring ${CACHEDIR}/repo-secring.gpg
|
2014-07-26 02:33:49 +00:00
|
|
|
%commit
|
|
|
|
EOF
|
2014-10-14 16:02:12 +00:00
|
|
|
fi
|
|
|
|
gpg -abs --no-default-keyring \
|
2014-10-28 08:09:55 +00:00
|
|
|
--secret-keyring "${CACHEDIR}/repo-secring.gpg" \
|
|
|
|
--keyring "${CACHEDIR}/repo-pubring.gpg" \
|
|
|
|
-o "${CUSTOMREPO}/dists/${DIST}/Release.gpg" \
|
|
|
|
"${CUSTOMREPO}/dists/${DIST}/Release"
|
|
|
|
cp "${CACHEDIR}/repo-pubring.gpg" "${INSTALLDIR}/etc/apt/trusted.gpg.d/qubes-builder.gpg"
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
# Mount local qubes_repo
|
|
|
|
# --------------------------------------------------------------------------
|
2014-10-28 08:09:55 +00:00
|
|
|
mkdir -p "${INSTALLDIR}/tmp/qubes_repo"
|
|
|
|
mount --bind "${CUSTOMREPO}" "${INSTALLDIR}/tmp/qubes_repo"
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
# Include qubes repo for apt
|
|
|
|
# --------------------------------------------------------------------------
|
2014-10-28 08:09:55 +00:00
|
|
|
cat > "${INSTALLDIR}/etc/apt/sources.list.d/qubes-builder.list" <<EOF
|
|
|
|
deb file:/tmp/qubes_repo ${DEBIANVERSION} main
|
2014-07-26 02:33:49 +00:00
|
|
|
EOF
|
2014-07-27 03:56:02 +00:00
|
|
|
|
2014-10-14 16:02:12 +00:00
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
# Update system; exit is not successful
|
|
|
|
# --------------------------------------------------------------------------
|
2014-10-28 08:09:55 +00:00
|
|
|
chroot "${INSTALLDIR}" apt-get update || { umount_kill "${INSTALLDIR}"; exit 1; }
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
# Install Qubes packages
|
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \
|
2014-11-07 04:59:59 +00:00
|
|
|
chroot "${INSTALLDIR}" apt-get ${APT_GET_OPTIONS} install $(cat ${SCRIPTSDIR}/packages_qubes.list) || \
|
2014-10-28 08:09:55 +00:00
|
|
|
{ umount_kill "${INSTALLDIR}"; exit 1; }
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# --------------------------------------------------------------------------
|
2014-12-01 01:50:37 +00:00
|
|
|
# Remove Qubes Builder repo from sources.list.d
|
2014-10-14 16:02:12 +00:00
|
|
|
# --------------------------------------------------------------------------
|
2014-10-28 08:09:55 +00:00
|
|
|
umount_kill "${INSTALLDIR}/tmp/qubes_repo"
|
|
|
|
rm -f "${INSTALLDIR}/etc/apt/sources.list.d/qubes-builder.list"
|
|
|
|
chroot "${INSTALLDIR}" apt-get update || exit 1
|
2014-10-14 16:02:12 +00:00
|
|
|
|
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
# Remove temporary policy layer so services can start normally in the
|
|
|
|
# deployed template.
|
|
|
|
# --------------------------------------------------------------------------
|
2014-11-07 04:59:59 +00:00
|
|
|
rm -f "${INSTALLDIR}/usr/sbin/policy-rc.d"
|
2014-10-26 18:48:09 +00:00
|
|
|
|
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
# Copy extra files to installation directory. Contains:
|
|
|
|
# - font fixes for display issues
|
|
|
|
# --------------------------------------------------------------------------
|
|
|
|
copyTree "qubes-files" "${SCRIPTSDIR}" "${INSTALLDIR}"
|
2014-10-26 18:55:22 +00:00
|
|
|
|
2014-10-28 08:09:55 +00:00
|
|
|
touch "${INSTALLDIR}/tmp/.prepared_qubes"
|
2014-10-14 16:02:12 +00:00
|
|
|
fi
|
2014-04-24 13:42:18 +00:00
|
|
|
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-22 20:37:26 +00:00
|
|
|
# Execute any template flavor or sub flavor 'post' scripts
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-22 20:37:26 +00:00
|
|
|
buildStep "$0" "post"
|
2014-04-24 13:42:18 +00:00
|
|
|
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-28 08:09:55 +00:00
|
|
|
# Kill all processes and umount all mounts within ${INSTALLDIR}, but not
|
|
|
|
# ${INSTALLDIR} itself (extra '/' prevents ${INSTALLDIR} from being umounted itself)
|
2014-10-14 16:02:12 +00:00
|
|
|
# ------------------------------------------------------------------------------
|
2014-10-28 08:09:55 +00:00
|
|
|
umount_kill "${INSTALLDIR}/" || :
|
2014-04-24 13:42:18 +00:00
|
|
|
|