From 3c05789a11d8f1969883cb2720461b238692bdd6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= Date: Sun, 2 Apr 2023 15:43:03 +0200 Subject: [PATCH 1/2] Rework Archlinux packaging --- archlinux/PKGBUILD | 154 -------------------------------- archlinux/PKGBUILD.in | 201 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 201 insertions(+), 154 deletions(-) delete mode 100644 archlinux/PKGBUILD create mode 100644 archlinux/PKGBUILD.in diff --git a/archlinux/PKGBUILD b/archlinux/PKGBUILD deleted file mode 100644 index 65733bbd5..000000000 --- a/archlinux/PKGBUILD +++ /dev/null @@ -1,154 +0,0 @@ -pkgname=(qubes-vm-core qubes-vm-networking qubes-vm-keyring qubes-vm-passwordless-root) -pkgver=$(cat version) || exit 1 -pkgrel=16 -epoch= -pkgdesc="The Qubes core files for installation inside a Qubes VM." -arch=("x86_64") -url="http://qubes-os.org/" -license=('GPL') -groups=() -makedepends=(gcc make pkg-config qubes-vm-utils qubes-libvchan qubes-db-vm qubes-vm-xen libx11 python python-setuptools lsb-release pandoc shared-mime-info desktop-file-utils) -checkdepends=() -provides=() -conflicts=() -replaces=() -backup=() -options=() -changelog= - -source=( - PKGBUILD.qubes-ensure-lib-modules.service PKGBUILD.qubes-update-desktop-icons.hook - PKGBUILD-qubes-pacman-options.conf - PKGBUILD-qubes-repo-4.2.conf - PKGBUILD-keyring-keys - PKGBUILD-keyring-trusted - PKGBUILD-keyring-revoked -) - -noextract=() -md5sums=(SKIP) - -build() { - for source in autostart-dropins applications-dropins app-menu qubes-rpc misc package-managers passwordless-root Makefile vm-init.d vm-systemd network init version doc setup.py qubesagent boot; do - # shellcheck disable=SC2154 - ln -sf "../$source" "$srcdir" - done - - # Fix for network tools paths - sed 's:/sbin/ip:ip:g' -i network/* - sed 's:/bin/grep:grep:g' -i network/* - - # Fix for archlinux sbindir - sed 's:/usr/sbin/ntpdate:/usr/bin/ntpdate:g' -i qubes-rpc/sync-ntp-clock - - for dir in qubes-rpc misc; do - make -C "$dir" - done -} - -#This package provides: -# * qubes rpc scripts -# * core linux tools and scripts -# * core systemd services and drop-ins -# * basic network functionality (setting IP address, DNS, default gateway) -package_qubes-vm-core() { - local release - [[ "$pkgver" =~ ^([0-9]+)\.([0-9]+)($|\.) ]] || { - echo 'invalid $pkgver'>&2 - exit 1 - } - conflicts=('pulseaudio-qubes<4.2.0') - release=${BASH_REMATCH[1]}.${BASH_REMATCH[2]} - depends=(qubes-vm-utils python python-xdg ntp iproute2 - gnome-packagekit graphicsmagick fakeroot notification-daemon dconf - zenity qubes-libvchan qubes-db-vm haveged python-gobject - python-dbus xdg-utils notification-daemon gawk sed procps-ng librsvg - socat pacman-contrib parted - # Block updating if there is a major python update as the python API will be in the wrong PYTHONPATH - 'python<3.11' - ) - optdepends=(gnome-keyring gnome-settings-daemon python-caja python-nautilus gpk-update-viewer qubes-vm-networking qubes-vm-keyring) - install=PKGBUILD.install - - - install -D -m 0644 -- boot/grub.qubes "$pkgdir/etc/default/grub.qubes" - # shellcheck disable=SC2154 - make install-corevm DESTDIR="$pkgdir" SBINDIR=/usr/bin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib SYSTEM_DROPIN_DIR=/usr/lib/systemd/system USER_DROPIN_DIR=/usr/lib/systemd/user DIST=archlinux - make -C app-menu install DESTDIR="$pkgdir" install LIBDIR=/usr/lib SYSLIBDIR=/usr/lib - make -C misc install DESTDIR="$pkgdir" install LIBDIR=/usr/lib SYSLIBDIR=/usr/lib - make -C qubes-rpc DESTDIR="$pkgdir" install - make -C qubes-rpc/caja DESTDIR="$pkgdir" install - make -C qubes-rpc/kde DESTDIR="$pkgdir" install - make -C qubes-rpc/nautilus DESTDIR="$pkgdir" install - make -C qubes-rpc/thunar DESTDIR="$pkgdir" install - - # Install systemd script allowing to automount /lib/modules - install -m 644 "$srcdir/PKGBUILD.qubes-ensure-lib-modules.service" "${pkgdir}/usr/lib/systemd/system/qubes-ensure-lib-modules.service" - - # Install pacman hook to update desktop icons - mkdir -p "${pkgdir}/usr/share/libalpm/hooks/" - install -m 644 "$srcdir/PKGBUILD.qubes-update-desktop-icons.hook" "${pkgdir}/usr/share/libalpm/hooks/qubes-update-desktop-icons.hook" - - # Install pacman.d drop-ins (at least 1 drop-in must be installed or pacman will fail) - mkdir -p -m 0755 "${pkgdir}/etc/pacman.d" - install -m 644 "$srcdir/PKGBUILD-qubes-pacman-options.conf" "${pkgdir}/etc/pacman.d/10-qubes-options.conf" - echo "Installing repository for release ${release}" - install -m 644 "$srcdir/PKGBUILD-qubes-repo-${release}.conf" "${pkgdir}/etc/pacman.d/99-qubes-repository-${release}.conf.disabled" - - # Install upgrade check scripts - install -m 0755 "$srcdir/package-managers/upgrades-installed-check" "${pkgdir}/usr/lib/qubes/" - install -m 0755 "$srcdir/package-managers/upgrades-status-notify" "${pkgdir}/usr/lib/qubes/" - - # Archlinux specific: enable autologin on tty1 - mkdir -p "$pkgdir/etc/systemd/system/getty@tty1.service.d/" - cat < "$pkgdir/etc/systemd/system/getty@tty1.service.d/autologin.conf" -[Service] -ExecStart= -ExecStart=-/sbin/agetty -o '-f -p -- \\u' --keep-baud 115200,38400,9600 %I linux -EOF - - # Archlinux packaging guidelines: /var/run is a symlink to a tmpfs. Don't create it - rm -rf "$pkgdir/var/run" -} - -#This package provides: -# * proxy service used by TemplateVMs to download updates -# * qubes-firewall service (FirewallVM) -# -#Integration of NetworkManager for Qubes VM: -# * make connections config persistent -# * adjust DNS redirections when needed -# * show/hide NetworkManager applet icon -# -package_qubes-vm-networking() { - pkgdesc="Qubes OS tools allowing to use a Qubes VM as a NetVM/ProxyVM" - depends=(qubes-vm-core qubes-vm-utils python iproute2 - qubes-db-vm networkmanager iptables tinyproxy nftables - conntrack-tools - ) - install=PKGBUILD-networking.install - - # shellcheck disable=SC2154 - make -C network install DESTDIR="$pkgdir" SBINDIR=/usr/bin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib SYSTEM_DROPIN_DIR=/usr/lib/systemd/system USER_DROPIN_DIR=/usr/lib/systemd/user DIST=archlinux - make install-netvm DESTDIR="$pkgdir" SBINDIR=/usr/bin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib SYSTEM_DROPIN_DIR=/usr/lib/systemd/system USER_DROPIN_DIR=/usr/lib/systemd/user DIST=archlinux - -} - -package_qubes-vm-keyring() { - pkgdesc="Qubes OS Binary Repository Activation package and Keyring" - install=PKGBUILD-keyring.install - - # Install keyring (will be activated through the .install file) - install -dm755 "${pkgdir}/usr/share/pacman/keyrings/" - install -m0644 PKGBUILD-keyring-keys "${pkgdir}/usr/share/pacman/keyrings/qubesos-vm.gpg" - install -m0644 PKGBUILD-keyring-trusted "${pkgdir}/usr/share/pacman/keyrings/qubesos-vm-trusted" - install -m0644 PKGBUILD-keyring-revoked "${pkgdir}/usr/share/pacman/keyrings/qubesos-vm-revoked" - -} - -package_qubes-vm-passwordless-root() { - pkgdesc="Qubes OS Passwordless root access from normal user" - make -C passwordless-root install DESTDIR="$pkgdir" SBINDIR=/usr/bin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib SYSTEM_DROPIN_DIR=/usr/lib/systemd/system USER_DROPIN_DIR=/usr/lib/systemd/user DIST=archlinux -} - -# vim:set ts=2 sw=2 et: diff --git a/archlinux/PKGBUILD.in b/archlinux/PKGBUILD.in new file mode 100644 index 000000000..091560f09 --- /dev/null +++ b/archlinux/PKGBUILD.in @@ -0,0 +1,201 @@ +# Maintainer: Frédéric Pierret (fepitre) + +pkgname=(qubes-vm-core qubes-vm-networking qubes-vm-keyring qubes-vm-passwordless-root) +pkgver=@VERSION@ +pkgrel=@REL@ +pkgdesc="The Qubes core files for installation inside a Qubes VM." +arch=("x86_64") +url="http://qubes-os.org/" +license=('GPL') +makedepends=( + gcc + make + pkg-config + libx11 + python + python-setuptools + lsb-release + pandoc + shared-mime-info + desktop-file-utils + qubes-vm-utils + qubes-libvchan + qubes-db-vm + qubes-vm-xen +) +_pkgnvr="${pkgname}-${pkgver}-${pkgrel}" +source=("${_pkgnvr}.tar.gz") +sha256sums=(SKIP) + +build() { + cd "${_pkgnvr}" + + # Fix for network tools paths + sed 's:/sbin/ip:ip:g' -i network/* + sed 's:/bin/grep:grep:g' -i network/* + + # Fix for archlinux sbindir + sed 's:/usr/sbin/ntpdate:/usr/bin/ntpdate:g' -i qubes-rpc/sync-ntp-clock + + for dir in qubes-rpc misc; do + make -C "$dir" + done +} + +#This package provides: +# * qubes rpc scripts +# * core linux tools and scripts +# * core systemd services and drop-ins +# * basic network functionality (setting IP address, DNS, default gateway) +package_qubes-vm-core() { + local release + [[ "$pkgver" =~ ^([0-9]+)\.([0-9]+)($|\.) ]] || { + echo 'invalid $pkgver'>&2 + exit 1 + } + conflicts=('pulseaudio-qubes<4.2.0') + release=${BASH_REMATCH[1]}.${BASH_REMATCH[2]} + depends=( + qubes-vm-utils + qubes-libvchan + qubes-db-vm + python + python-xdg + ntp + iproute2 + gnome-packagekit + graphicsmagick + fakeroot + notification-daemon + dconf + zenity + haveged + python-gobject + python-dbus + xdg-utils + notification-daemon + gawk + sed + procps-ng + librsvg + socat + pacman-contrib + parted + # Block updating if there is a major python update as the python API will be in the wrong PYTHONPATH + 'python<3.11' + ) + optdepends=(gnome-keyring gnome-settings-daemon python-caja python-nautilus gpk-update-viewer qubes-vm-networking qubes-vm-keyring) + install="archlinux/PKGBUILD.install" + + cd "${_pkgnvr}" + + install -D -m 0644 -- "boot/grub.qubes" "${pkgdir}/etc/default/grub.qubes" + # shellcheck disable=SC2154 + make install-corevm DESTDIR="$pkgdir" SBINDIR=/usr/bin LIBDIR=/usr/lib SYSLIBDIR=/usr/lib SYSTEM_DROPIN_DIR=/usr/lib/systemd/system USER_DROPIN_DIR=/usr/lib/systemd/user DIST=archlinux + make -C app-menu install DESTDIR="$pkgdir" install LIBDIR=/usr/lib SYSLIBDIR=/usr/lib + make -C misc install DESTDIR="$pkgdir" install LIBDIR=/usr/lib SYSLIBDIR=/usr/lib + make -C qubes-rpc DESTDIR="$pkgdir" install + make -C qubes-rpc/caja DESTDIR="$pkgdir" install + make -C qubes-rpc/kde DESTDIR="$pkgdir" install + make -C qubes-rpc/nautilus DESTDIR="$pkgdir" install + make -C qubes-rpc/thunar DESTDIR="$pkgdir" install + + # Install systemd script allowing to automount /lib/modules + install -m 644 "archlinux/PKGBUILD.qubes-ensure-lib-modules.service" "${pkgdir}/usr/lib/systemd/system/qubes-ensure-lib-modules.service" + + # Install pacman hook to update desktop icons + mkdir -p "${pkgdir}/usr/share/libalpm/hooks/" + install -m 644 "archlinux/PKGBUILD.qubes-update-desktop-icons.hook" "${pkgdir}/usr/share/libalpm/hooks/qubes-update-desktop-icons.hook" + + # Install pacman.d drop-ins (at least 1 drop-in must be installed or pacman will fail) + mkdir -p -m 0755 "${pkgdir}/etc/pacman.d" + install -m 644 "archlinux/PKGBUILD-qubes-pacman-options.conf" "${pkgdir}/etc/pacman.d/10-qubes-options.conf" + echo "Installing repository for release ${release}" + install -m 644 "archlinux/PKGBUILD-qubes-repo-${release}.conf" "${pkgdir}/etc/pacman.d/99-qubes-repository-${release}.conf.disabled" + + # Install upgrade check scripts + install -m 0755 "package-managers/upgrades-installed-check" "${pkgdir}/usr/lib/qubes/" + install -m 0755 "package-managers/upgrades-status-notify" "${pkgdir}/usr/lib/qubes/" + + # Archlinux specific: enable autologin on tty1 + mkdir -p "$pkgdir/etc/systemd/system/getty@tty1.service.d/" + cat < "$pkgdir/etc/systemd/system/getty@tty1.service.d/autologin.conf" +[Service] +ExecStart= +ExecStart=-/sbin/agetty -o '-f -p -- \\u' --keep-baud 115200,38400,9600 %I linux +EOF + + # Archlinux packaging guidelines: /var/run is a symlink to a tmpfs. Don't create it + rm -rf "$pkgdir/var/run" +} + +#This package provides: +# * proxy service used by TemplateVMs to download updates +# * qubes-firewall service (FirewallVM) +# +#Integration of NetworkManager for Qubes VM: +# * make connections config persistent +# * adjust DNS redirections when needed +# * show/hide NetworkManager applet icon +# +package_qubes-vm-networking() { + pkgdesc="Qubes OS tools allowing to use a Qubes VM as a NetVM/ProxyVM" + depends=( + qubes-vm-core + qubes-vm-utils + qubes-db-vm + python + iproute2 + networkmanager + iptables + tinyproxy + nftables + conntrack-tools + ) + install="archlinux/PKGBUILD-networking.install" + + cd "${_pkgnvr}" + # shellcheck disable=SC2154 + make -C network install \ + DESTDIR="$pkgdir" \ + SBINDIR=/usr/bin \ + LIBDIR=/usr/lib \ + SYSLIBDIR=/usr/lib \ + SYSTEM_DROPIN_DIR=/usr/lib/systemd/system \ + USER_DROPIN_DIR=/usr/lib/systemd/user \ + DIST=archlinux + make install-netvm \ + DESTDIR="$pkgdir" \ + SBINDIR=/usr/bin \ + LIBDIR=/usr/lib \ + SYSLIBDIR=/usr/lib \ + SYSTEM_DROPIN_DIR=/usr/lib/systemd/system \ + USER_DROPIN_DIR=/usr/lib/systemd/user \ + DIST=archlinux +} + +package_qubes-vm-keyring() { + pkgdesc="Qubes OS Binary Repository Activation package and Keyring" + install="archlinux/PKGBUILD-keyring.install" + + cd "${_pkgnvr}" + # Install keyring (will be activated through the .install file) + install -dm755 "${pkgdir}/usr/share/pacman/keyrings/" + install -m0644 "archlinux/PKGBUILD-keyring-keys" "${pkgdir}/usr/share/pacman/keyrings/qubesos-vm.gpg" + install -m0644 "archlinux/PKGBUILD-keyring-trusted" "${pkgdir}/usr/share/pacman/keyrings/qubesos-vm-trusted" + install -m0644 "archlinux/PKGBUILD-keyring-revoked" "${pkgdir}/usr/share/pacman/keyrings/qubesos-vm-revoked" +} + +package_qubes-vm-passwordless-root() { + pkgdesc="Qubes OS Passwordless root access from normal user" + + cd "${_pkgnvr}" + make -C passwordless-root install \ + DESTDIR="$pkgdir" \ + SBINDIR=/usr/bin \ + LIBDIR=/usr/lib \ + SYSLIBDIR=/usr/lib \ + SYSTEM_DROPIN_DIR=/usr/lib/systemd/system \ + USER_DROPIN_DIR=/usr/lib/systemd/user \ + DIST=archlinux +} From 0cd524020214c98c5587957d1414a251d52b8fbf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= Date: Tue, 25 Apr 2023 15:47:28 +0200 Subject: [PATCH 2/2] archlinux: support for new packaging in legacy builder --- Makefile.builder | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/Makefile.builder b/Makefile.builder index 3cd0b584f..bde3f8310 100644 --- a/Makefile.builder +++ b/Makefile.builder @@ -20,4 +20,17 @@ source-debian-quilt-copy-in: fi -$(shell $(ORIG_SRC)/debian-quilt $(ORIG_SRC)/series-debian$(series_ext)-vm.conf $(CHROOT_DIR)/$(DIST_SRC)/debian/patches) +# Support for new packaging +ifneq ($(filter $(DISTRIBUTION), archlinux),) +VERSION := $(file <$(ORIG_SRC)/$(DIST_SRC)/version) +GIT_TARBALL_NAME ?= qubes-vm-core-$(VERSION)-1.tar.gz +SOURCE_COPY_IN := source-archlinux-copy-in + +source-archlinux-copy-in: PKGBUILD = $(CHROOT_DIR)/$(DIST_SRC)/$(ARCH_BUILD_DIRS)/PKGBUILD +source-archlinux-copy-in: + cp $(PKGBUILD).in $(CHROOT_DIR)/$(DIST_SRC)/PKGBUILD + sed -i "s/@VERSION@/$(VERSION)/g" $(CHROOT_DIR)/$(DIST_SRC)/PKGBUILD + sed -i "s/@REL@/1/g" $(CHROOT_DIR)/$(DIST_SRC)/PKGBUILD +endif + # vim: filetype=make