Commit Graph

577 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
abd82a321f Handle untrusted appmenus coming from DispVM-sandboxed build 2015-03-17 15:08:25 +01:00
Marek Marczykowski-Górecki
853a4679fb Do not include builder_setup in build_template_rpm
Everything it needs is already present in the environment.
2015-03-17 15:07:44 +01:00
Marek Marczykowski-Górecki
af8cd92285 Improve handling root.img build alone
Provide separate make targets: rootimg-build (root.img) and package
(make the rpm).
2015-03-17 15:05:14 +01:00
Jason Mehring
79de4f1997
Updated tests to include tests for new features added to functions*.sh 2015-03-15 15:04:23 -04:00
Jason Mehring
7dc2bcaa56
Fixed templateName function where it was throwing an error that template name was
too long, even though it should have been reported as okay

- Added better code to shorten long names automatically
- remove reference to 'infi' function since this library does not import functions.sh
2015-03-15 15:00:50 -04:00
Jason Mehring
87aad36262
Added the ability for template files to be found side by side the original file
which allows template flavor suffix to be added to package lists as well as most
any other file type now.

- created a new function to check if a file exists that was refactored out od
  the templateFile function
- Added elementIn function which checks if an element exists within an array
2015-03-15 14:56:08 -04:00
Marek Marczykowski-Górecki
f1b1258631 version 2.1.9 2015-03-11 18:06:13 +01:00
Marek Marczykowski-Górecki
efd762ec06 Add workaround for bug in qvm-sync-appmenus
qvm-sync-appmenus did not regenerated appmenus for the template itself,
only dependent VMs. Do it manually here. When used with fixed
qvm-sync-appmenus this will regenerate the appmenus twice, which should
be harmless.

This commit should be reverted when new qvm-sync-appmenus got released
and appropriate Require line added here.
2015-03-11 07:26:29 +01:00
Marek Marczykowski-Górecki
94f944b81c Remove old repo directory 2015-03-10 23:57:13 +01:00
Marek Marczykowski-Górecki
3092bb2d71 Add support for plugins, move all distribution-specific code there
While at it, also change name of local repo to pkgs-for-tmplate (was
yum_repo_qubes).
2015-03-10 23:57:13 +01:00
Marek Marczykowski-Górecki
518b0a39da Fix creating volatile.img 2015-03-10 23:57:13 +01:00
Marek Marczykowski-Górecki
f22a06d8ad Store root image named 'root.img' inside of tar archive
Prevent renaming at installation, this will make the process cleaner.
2015-03-10 23:57:12 +01:00
Marek Marczykowski-Górecki
c9809c7d6e Minimize data contained in the template package
1. Remove appmenus - regenerate them at installation time (start the
   template for that)
2. Remove volatile.img - regenerate it at installation time

This way, the only real data carried in template rpm is root.img.
2015-03-08 23:55:36 +01:00
unman
0716de226c Actually remove deb files from template 2015-02-23 21:49:40 +01:00
Marek Marczykowski-Górecki
936dff99c0 Provide chroot() wrapper also in quiet mode 2015-02-19 04:07:51 +01:00
Marek Marczykowski-Górecki
1980e023bb Tag for commit 620739019a
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJU4oOBAAoJEBu5sftaTG2tMMsP/21u8/oyKtCAhC7D5YTcK+E6
 bYMjM8aFtptJUdCy1EjEUjv5FMGcC9CMoe/sXzMkxQHsegkzPS9PsOK2aELytyxI
 x/GyQwEjI8wyzigQtsBXGzGkIePUqJtngmh67KFsVYINlXf1wx21AguSR/ZsHwCf
 hNBxNciZhUCwPfZt1Luk10jRdmSkKlcx77U52Z5ZMU4qOZGY5WVmvUttdKAR3JfG
 EcZG8JDa2sPV+8ryAqK7MCMzVqE+zkb6zYf6JwJSaR1OGvr91hbL8T3rSer6eXu+
 lu39eLSz1ITm91jeDirgTgPUMfplLOt+Y3luDpY2Uth+7rDSN6V7XLcuLJJzbRIC
 t8t84i2e+wL9iTWLxyo8v2lDS+PIKfhYbxHHvaoo/k9o6qvqqsy9VgYgA/toKfdg
 Fv+i4jwmqTXE+8+qxjT74boYP8FWpqKSpWWr/Aou5wBzG1bdKSxmqyMAYSCTsWmB
 wOHomBtQFpl5G3SCV/3FZHOroxwNlKgfzSalwxNpWN6nRTO1shBNOM+er6PBvIPT
 coJdpdQSR5aREg2IzrwoHH/1xE1KPJV2QbelMJg0p2Ca+9v2Ge5wLODotwRFYRDN
 j3nFnNr6kn5Rw9/wrCnZh61t4syKctQ6Kpg2/14AuogI2ut5IpSpNvlaA47df7Vi
 BuBRHBx+969YN1bYSP21
 =wO05
 -----END PGP SIGNATURE-----

Merge tag 'jm_62073901'

Tag for commit 620739019a

# gpg: Signature made Tue Feb 17 00:55:45 2015 CET using RSA key ID 5A4C6DAD
# gpg: Good signature from "Jason Mehring (Qubes OS Signing Key) <nrgaway@gmail.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: E0E3 2283 FDCA C1A5 1007  8F27 1BB9 B1FB 5A4C 6DAD
2015-02-17 20:05:24 +01:00
Jason Mehring
620739019a
fc21: Changed 3rd party software not to import package keys 2015-02-16 18:55:36 -05:00
Jason Mehring
1bffbd8813
fc21: Verify all packages downloaded for installation are signed and verify 2015-02-16 07:33:25 -05:00
Jason Mehring
96442c83cb fedora: fc21: Added Fedora 21 template and related configurations 2015-02-14 12:45:00 -05:00
Jason Mehring
0b3eab8591 whonix: Updated appmenus and added a gnome appmenu definition 2015-02-14 12:35:35 -05:00
Jason Mehring
c4fa8ce41b debian: Remove all remaining LXC code 2015-02-14 12:34:54 -05:00
Jason Mehring
d4261919e6 debian: qubuntu: Overwrite existing configuration files by default
Recent changes to core-admin-linux has fstab and iptables being installed by
installer and not in postinit which prevented these files from being written
on initial template creation.
2015-02-14 12:34:31 -05:00
Jason Mehring
dd70031ba0 qubuntu: Added trusty, utopic and vivid templates
Considered experimential at this stage.  vivid has not had any testing

trusty and utopic work as proxyvm's
2015-02-14 12:33:54 -05:00
Jason Mehring
78a903b1f7 debian: Completely refactored Debian and Whonix
- New refactor allow qubuntu to share most of Debian's codebase
- Installation now more closely mimiks Debian's installation methods
- Added a shared functions lib named distributions.sh
- Any portions of Whonix that may need to be updatable have been moved
  to a new package named qubes-whonix which will be updatable via Debian
  package manager.  qubes-whonix is also added as part of installation
  process
2015-02-14 12:33:06 -05:00
Jason Mehring
d6b87ecacb New tests to work with updated functions.sh 2015-02-14 12:32:54 -05:00
Jason Mehring
d9282fceaf Improve mount detection and better able to umount problem mounts
Disable xtrace (-x) during execution since it was too verbose
2015-02-14 12:32:44 -05:00
Jason Mehring
00bf130052 Use cleanup function to trap errors 2015-02-14 12:32:33 -05:00
Jason Mehring
60c1d07538 Reformatted script 2015-02-14 12:32:16 -05:00
Jason Mehring
14762b89e7 Fixed a formatting glitch 2015-02-14 12:32:03 -05:00
Jason Mehring
b342a11c65 Various improvements to functions lib
- Set xtrace verbose mode (-x or +x)
- Added systemd-nspawn alternate to chroot
- Fix message display of multiple paramaters
- templateDir was missing quotes around element which could end up splittng a directory that contained spaces
- added functionality to find template flavors within $SCRIPTSDIR and not have to be located within a sub-directory
- Added a few more comments
2015-02-14 12:31:53 -05:00
Jason Mehring
0f6cdceb61 If template_flavor only contains a '+'; send back $DIST 2015-02-14 12:31:43 -05:00
Jason Mehring
f1142db535 Added qubuntu evn vars indentifiers to builder_setup 2015-02-14 12:31:28 -05:00
Jason Mehring
6bc56dd7cd export DISTRIBUTION and TEMPLATE_NAME 2015-02-14 12:31:13 -05:00
Jason Mehring
2b2b1f4616 Added yum_repo_qubes to gitignore 2015-02-14 12:31:01 -05:00
Marek Marczykowski-Górecki
addf4530e7 fedora: keep minimal template minimal 2015-02-02 06:02:26 +01:00
Marek Marczykowski-Górecki
2667f2f75b gitignore 2015-02-01 23:55:04 +01:00
Olivier MEDOC
86da3b44ce archlinux: fix /etc/os-release and add remote qubes repository (on olivier.medoc.free.fr) 2015-02-01 23:27:57 +01:00
Olivier MEDOC
d0bf2bc374 archlinux: fix bugs and changes caused by 2015-01 install ISO 2015-02-01 23:27:43 +01:00
Marek Marczykowski-Górecki
a97beee8cb Do not duplicate clean-volatile.img.tar for each distribution 2015-01-30 19:16:22 +01:00
Marek Marczykowski-Górecki
ce319754e2 Preliminary support for building in DispVM 2015-01-30 15:35:00 +01:00
Marek Marczykowski-Górecki
5166ca5388 Simplify template name processing
Remove redundant function, move to separate file and load only this file
when only template name is needed. This way a lot less code gets loaded
on every make call.
2015-01-30 04:10:43 +01:00
Marek Marczykowski-Górecki
92faf3296b Merge branch 'wheezy' 2014-12-02 03:15:02 +01:00
Marek Marczykowski-Górecki
7bae8ae353 debian: do not give access to host /run 2014-12-01 20:12:45 +01:00
Marek Marczykowski-Górecki
2b1cb2f323 debian/whonix: it is irrelevant whether ip_forward is enabled on build host 2014-12-01 20:11:47 +01:00
Marek Marczykowski-Górecki
1e999e1ced debian: move system/X11 configuration to gui-agent-linux 2014-12-01 20:10:27 +01:00
Marek Marczykowski-Górecki
f14e132f5e debian: do not remove qubes repo 2014-12-01 02:50:37 +01:00
Marek Marczykowski-Górecki
d87edd0066 whonix: use the same user UID as host to build whonix pkgs
Otherwise whonix_build will have no access to sources (which are
bind-mounted from outside of chroot).
2014-12-01 02:48:50 +01:00
Marek Marczykowski-Górecki
43e319b562 whonix: place "allow all" sudo configuration only build time
qubes-core-agent will provide appropriate file later so do not conflict
with it.
2014-12-01 02:47:31 +01:00
Marek Marczykowski-Górecki
a91429751d whonix: remove unused file 2014-12-01 02:45:53 +01:00
Marek Marczykowski-Górecki
b40322b798 Merge remote-tracking branch 'nrgaway/wheezy' into wheezy 2014-11-29 13:34:02 +01:00