#!/bin/sh # vim: set ts=4 sw=4 sts=4 et : # ------------------------------------------------------------------------------ # Source external scripts # ------------------------------------------------------------------------------ . ${SCRIPTSDIR}/vars.sh . ./umount_kill.sh >/dev/null # ------------------------------------------------------------------------------ # Configurations # ------------------------------------------------------------------------------ if [ "${VERBOSE}" -ge 2 -o "${DEBUG}" == "1" ]; then set -x else set -e fi # ------------------------------------------------------------------------------ # If .prepared_debootstrap has not been completed, don't continue # ------------------------------------------------------------------------------ if ! [ -f "${INSTALLDIR}/tmp/.prepared_debootstrap" ]; then error "prepared_debootstrap installataion has not completed!... Exiting" umount_kill "${INSTALLDIR}" || : exit 1 fi # ------------------------------------------------------------------------------ # Mount system mount points # ------------------------------------------------------------------------------ for fs in /dev /dev/pts /proc /sys /run; do mount -B $fs "${INSTALLDIR}/$fs"; done # ------------------------------------------------------------------------------ # Execute any template flavor or sub flavor 'pre' scripts # ------------------------------------------------------------------------------ buildStep "$0" "pre" if ! [ -f "${INSTALLDIR}/tmp/.prepared_groups" ]; then # ------------------------------------------------------------------------------ # Cleanup function # ------------------------------------------------------------------------------ function cleanup() { error "Install groups error and umount" rm -f "${INSTALLDIR}/usr/sbin/policy-rc.d" umount_kill "${INSTALLDIR}" || : exit 1 } trap cleanup ERR trap cleanup EXIT # ------------------------------------------------------------------------------ # Set up a temporary policy-rc.d to prevent apt from starting services # on package installation # ------------------------------------------------------------------------------ cat > "${INSTALLDIR}/usr/sbin/policy-rc.d" <> "${INSTALLDIR}/etc/pam.d/common-session" # ------------------------------------------------------------------------------ # Add debian security repository # ------------------------------------------------------------------------------ debug "Adding debian-security repository." source="deb http://security.debian.org ${DEBIANVERSION}/updates main" if ! grep -r -q "$source" "${INSTALLDIR}/etc/apt/sources.list"*; then touch "${INSTALLDIR}/etc/apt/sources.list" echo "$source" >> "${INSTALLDIR}/etc/apt/sources.list" fi source="deb-src http://security.debian.org ${DEBIANVERSION}/updates main" if ! grep -r -q "$source" "${INSTALLDIR}/etc/apt/sources.list"*; then touch "${INSTALLDIR}/etc/apt/sources.list" echo "$source" >> "${INSTALLDIR}/etc/apt/sources.list" fi # ------------------------------------------------------------------------------ # Upgrade system # ------------------------------------------------------------------------------ debug "Upgrading system" chroot "${INSTALLDIR}" apt-get update true "${stout}" DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \ chroot "${INSTALLDIR}" apt-get ${APT_GET_OPTIONS} dist-upgrade # ------------------------------------------------------------------------------ # Configure keyboard # ------------------------------------------------------------------------------ debug "Setting keyboard layout" chroot "${INSTALLDIR}" debconf-set-selections < "${INSTALLDIR}/etc/apt/preferences.d/qubes_sysvinit" <> "${INSTALLDIR}/etc/apt/sources.list" fi chroot ${INSTALLDIR} apt-get update DEBIAN_FRONTEND=noninteractive DEBCONF_NONINTERACTIVE_SEEN=true \ chroot ${INSTALLDIR} apt-get ${APT_GET_OPTIONS} -t wheezy-backports install init-system-helpers fi # ------------------------------------------------------------------------------ # Cleanup # ------------------------------------------------------------------------------ # Remove temporary policy layer so services can start normally in the # deployed template. rm -f "${INSTALLDIR}/usr/sbin/policy-rc.d" touch "${INSTALLDIR}/tmp/.prepared_groups" trap - ERR EXIT trap # Kill all processes and umount all mounts within ${INSTALLDIR}, # but not ${INSTALLDIR} itself (extra '/' prevents ${INSTALLDIR} from being # umounted itself) umount_kill "${INSTALLDIR}/" || : fi # ------------------------------------------------------------------------------ # Execute any template flavor or sub flavor 'post' scripts # ------------------------------------------------------------------------------ buildStep "$0" "post"