From bc3a5057327c82a1d44fff706cb9b5365475e6e7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= Date: Sat, 16 Mar 2019 17:22:56 +0100 Subject: [PATCH] Put 'qubes.py' installclass as separate source and fix missing_features handling See https://github.com/QubesOS/qubes-anaconda/pull/1#pullrequestreview-212568606 --- 0001-add-Qubes-installclass.patch | 89 ---------- ...patch => 0001-add-Qubes-post-scripts.patch | 4 +- ... => 0002-remove-other-installclasses.patch | 4 +- ...-network-by-ignoring-any-present-nic.patch | 4 +- 0004-Set-default-hostname-to-dom0.patch | 36 ---- ...etup-from-graphical-and-text-interfa.patch | 4 +- ...ig-setup-by-removing-non-xen-options.patch | 4 +- ...patch => 0006-set-default-grub-theme.patch | 4 +- ...can_dual_boot-and-can_update-to-grub.patch | 4 +- ...-efimgr-specify-root-util.getSysroot.patch | 4 +- ...make-encrypted-partitions-by-default.patch | 38 ---- ... 0009-generate-xen-efi-configuration.patch | 4 +- ...le-to-work-with-reduced-dependencies.patch | 4 +- ...rnel-parameters-as-default-for-insta.patch | 4 +- ...ll-instead-of-grubby-to-regenerate-i.patch | 4 +- ...gular-expression-determining-Release.patch | 4 +- ...ng-initramfs-start-up-due-to-missing.patch | 4 +- ...-Disable-the-NTP-configuration-spoke.patch | 4 +- ...Qubes-dependencies-on-network-filesy.patch | 4 +- ...rameter-and-allow-boot-encryption-an.patch | 4 +- ... 0018-add-console-none-Xen-parameter.patch | 4 +- ...mem-min-1024M-to-default-xen-cmdline.patch | 4 +- ...m-to-4GB-to-limit-its-overhead-on-bi.patch | 4 +- ...p-NTP-installation-and-setup-in-dom0.patch | 45 ----- ...patch => 0021-disable-iommu-for-IGFX.patch | 4 +- ...-Qubes-OS-hardware-required-features.patch | 21 ++- ...artitioning-scheme-to-LVM-Thin-Provi.patch | 41 ----- ...> 0023-generate-proper-extlinux.conf.patch | 4 +- ...ash-when-no-target-disk-is-available.patch | 4 +- ...user-configuration-spoke-for-QubesOS.patch | 4 +- ...-user-is-created-at-installation-tim.patch | 4 +- ...k-add-user-to-wheel-and-qubes-groups.patch | 4 +- ...xen.efi-upgraded-during-each-install.patch | 4 +- ...-latest-version-is-placed-as-xen.efi.patch | 4 +- ...efault-scheme-in-custom-partitioning.patch | 4 +- 0030-lock-root-account-by-default.patch | 38 ---- ...h => 0031-Fix-macOS-EFI-Installation.patch | 4 +- 0031-add-option-to-lock-root-account.patch | 163 ------------------ ...lume-argument-when-booting-from-btrf.patch | 4 +- ...ption-for-dom0-filesystems-by-defaul.patch | 4 +- ...ode-scan-to-default-Xen-command-line.patch | 4 +- ...oid-adding-duplicated-kernel-entries.patch | 4 +- ...036-mark-qubes-user-name-as-reserved.patch | 4 +- ...t-off-xen-option-during-installation.patch | 4 +- ...-specific-code-for-Fedora-21-version.patch | 4 +- ...abort-installation-on-X-startup-fail.patch | 4 +- ...0040-fix-encryption-passphrase-check.patch | 4 +- ...ober.patch => 0041-disable-os-prober.patch | 4 +- anaconda.spec | 91 +++++----- qubes.py | 92 ++++++++++ 50 files changed, 227 insertions(+), 587 deletions(-) delete mode 100644 0001-add-Qubes-installclass.patch rename 0002-add-Qubes-post-scripts.patch => 0001-add-Qubes-post-scripts.patch (97%) rename 0003-remove-other-installclasses.patch => 0002-remove-other-installclasses.patch (99%) rename 0005-Disable-network-by-ignoring-any-present-nic.patch => 0003-Disable-network-by-ignoring-any-present-nic.patch (92%) delete mode 100644 0004-Set-default-hostname-to-dom0.patch rename 0006-remove-network-setup-from-graphical-and-text-interfa.patch => 0004-remove-network-setup-from-graphical-and-text-interfa.patch (99%) rename 0007-fix-grub-config-setup-by-removing-non-xen-options.patch => 0005-fix-grub-config-setup-by-removing-non-xen-options.patch (92%) rename 0009-set-default-grub-theme.patch => 0006-set-default-grub-theme.patch (94%) rename 0010-add-options-can_dual_boot-and-can_update-to-grub.patch => 0007-add-options-can_dual_boot-and-can_update-to-grub.patch (91%) rename 0011-efimgr-specify-root-util.getSysroot.patch => 0008-efimgr-specify-root-util.getSysroot.patch (92%) delete mode 100644 0008-make-encrypted-partitions-by-default.patch rename 0012-generate-xen-efi-configuration.patch => 0009-generate-xen-efi-configuration.patch (98%) rename 0013-fix-dracut-module-to-work-with-reduced-dependencies.patch => 0010-fix-dracut-module-to-work-with-reduced-dependencies.patch (96%) rename 0014-use-installer-kernel-parameters-as-default-for-insta.patch => 0011-use-installer-kernel-parameters-as-default-for-insta.patch (96%) rename 0015-use-kernel-install-instead-of-grubby-to-regenerate-i.patch => 0012-use-kernel-install-instead-of-grubby-to-regenerate-i.patch (96%) rename 0016-Fix-a-regular-expression-determining-Release.patch => 0013-Fix-a-regular-expression-determining-Release.patch (92%) rename 0017-Do-not-fail-during-initramfs-start-up-due-to-missing.patch => 0014-Do-not-fail-during-initramfs-start-up-due-to-missing.patch (93%) rename 0018-Disable-the-NTP-configuration-spoke.patch => 0015-Disable-the-NTP-configuration-spoke.patch (99%) rename 0019-drop-useless-on-Qubes-dependencies-on-network-filesy.patch => 0016-drop-useless-on-Qubes-dependencies-on-network-filesy.patch (94%) rename 0021-add-skip_grub-parameter-and-allow-boot-encryption-an.patch => 0017-add-skip_grub-parameter-and-allow-boot-encryption-an.patch (95%) rename 0023-add-console-none-Xen-parameter.patch => 0018-add-console-none-Xen-parameter.patch (92%) rename 0024-add-dom0_mem-min-1024M-to-default-xen-cmdline.patch => 0019-add-dom0_mem-min-1024M-to-default-xen-cmdline.patch (93%) rename 0025-limit-dom0-maxmem-to-4GB-to-limit-its-overhead-on-bi.patch => 0020-limit-dom0-maxmem-to-4GB-to-limit-its-overhead-on-bi.patch (94%) delete mode 100644 0020-skip-NTP-installation-and-setup-in-dom0.patch rename 0026-disable-iommu-for-IGFX.patch => 0021-disable-iommu-for-IGFX.patch (96%) rename 0027-check-for-Qubes-OS-hardware-required-features.patch => 0022-check-for-Qubes-OS-hardware-required-features.patch (83%) delete mode 100644 0022-switch-default-partitioning-scheme-to-LVM-Thin-Provi.patch rename 0028-generate-proper-extlinux.conf.patch => 0023-generate-proper-extlinux.conf.patch (96%) rename 0029-don-t-crash-when-no-target-disk-is-available.patch => 0024-don-t-crash-when-no-target-disk-is-available.patch (96%) rename 0032-Modify-user-configuration-spoke-for-QubesOS.patch => 0025-Modify-user-configuration-spoke-for-QubesOS.patch (99%) rename 0033-Make-sure-that-a-user-is-created-at-installation-tim.patch => 0026-Make-sure-that-a-user-is-created-at-installation-tim.patch (98%) rename 0034-check-add-user-to-wheel-and-qubes-groups.patch => 0027-check-add-user-to-wheel-and-qubes-groups.patch (94%) rename 0035-xen.efi-upgraded-during-each-install.patch => 0028-xen.efi-upgraded-during-each-install.patch (96%) rename 0036-make-sure-the-latest-version-is-placed-as-xen.efi.patch => 0029-make-sure-the-latest-version-is-placed-as-xen.efi.patch (95%) rename 0037-fix-default-scheme-in-custom-partitioning.patch => 0030-fix-default-scheme-in-custom-partitioning.patch (94%) delete mode 100644 0030-lock-root-account-by-default.patch rename 0038-Fix-macOS-EFI-Installation.patch => 0031-Fix-macOS-EFI-Installation.patch (99%) delete mode 100644 0031-add-option-to-lock-root-account.patch rename 0039-use-proper-subvolume-argument-when-booting-from-btrf.patch => 0032-use-proper-subvolume-argument-when-booting-from-btrf.patch (95%) rename 0040-enable-discard-option-for-dom0-filesystems-by-defaul.patch => 0033-enable-discard-option-for-dom0-filesystems-by-defaul.patch (97%) rename 0041-Add-ucode-scan-to-default-Xen-command-line.patch => 0034-Add-ucode-scan-to-default-Xen-command-line.patch (96%) rename 0042-avoid-adding-duplicated-kernel-entries.patch => 0035-avoid-adding-duplicated-kernel-entries.patch (93%) rename 0043-mark-qubes-user-name-as-reserved.patch => 0036-mark-qubes-user-name-as-reserved.patch (93%) rename 0044-add-smt-off-xen-option-during-installation.patch => 0037-add-smt-off-xen-option-during-installation.patch (96%) rename 0045-update-Qubes-specific-code-for-Fedora-21-version.patch => 0038-update-Qubes-specific-code-for-Fedora-21-version.patch (96%) rename 0046-abort-installation-on-X-startup-fail.patch => 0039-abort-installation-on-X-startup-fail.patch (96%) rename 0047-fix-encryption-passphrase-check.patch => 0040-fix-encryption-passphrase-check.patch (93%) rename 0048-disable-os-prober.patch => 0041-disable-os-prober.patch (92%) create mode 100644 qubes.py diff --git a/0001-add-Qubes-installclass.patch b/0001-add-Qubes-installclass.patch deleted file mode 100644 index 3bb7c8c..0000000 --- a/0001-add-Qubes-installclass.patch +++ /dev/null @@ -1,89 +0,0 @@ -From 52527e5a60b1b1f174226c85c5671dffa0891cbd Mon Sep 17 00:00:00 2001 -From: Tomasz Sterna -Date: Fri, 19 Oct 2018 08:02:11 +0200 -Subject: [PATCH] add Qubes installclass - ---- - pyanaconda/installclasses/qubes.py | 70 ++++++++++++++++++++++++++++++ - 1 file changed, 70 insertions(+) - create mode 100644 pyanaconda/installclasses/qubes.py - -diff --git a/pyanaconda/installclasses/qubes.py b/pyanaconda/installclasses/qubes.py -new file mode 100644 -index 000000000..84afaf046 ---- /dev/null -+++ b/pyanaconda/installclasses/qubes.py -@@ -0,0 +1,70 @@ -+# -+# qubes.py -+# -+# Copyright (C) 2011 Invisible Things Lab All rights reserved. -+# -+# This program is free software; you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation; either version 2 of the License, or -+# (at your option) any later version. -+# -+# This program is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+# -+# You should have received a copy of the GNU General Public License -+# along with this program. If not, see . -+# -+ -+from pyanaconda.installclass import BaseInstallClass -+from pyanaconda.product import * -+from pyanaconda.core.i18n import N_ -+import pyanaconda.platform -+ -+from blivet.size import Size -+from pyanaconda.platform import platform -+ -+ -+class InstallClass(BaseInstallClass): -+ # name has underscore used for mnemonics, strip if you dont need it -+ id = "qubes" -+ name = N_("Qubes") -+ _description = N_("The default installation of %s is a minimal install. " -+ "You can optionally select a different set of software " -+ "now.") -+ _descriptionFields = (productName,) -+ sortPriority = 20000 -+ hidden = 0 -+ efi_dir = 'qubes' -+ _l10n_domain = "anaconda" -+ installUpdates = False -+ -+ bootloaderTimeoutDefault = 5 -+ -+ tasks = [(N_("Minimal"), ["base", "base-x", "qubes"])] -+ -+ help_placeholder = "QubesPlaceholder.html" -+ help_placeholder_with_links = "QubesPlaceholderWithLinks.html" -+ -+ def configure(self, anaconda): -+ BaseInstallClass.configure(self, anaconda) -+ self.setDefaultPartitioning(anaconda.storage) -+ -+ def setDefaultPartitioning(self, storage): -+ BaseInstallClass.setDefaultPartitioning(self, storage) -+ for autoreq in storage.autopart_requests: -+ if autoreq.mountpoint == "/": -+ autoreq.max_size = None -+ autoreq.required_space = Size("10GiB") -+ if autoreq.mountpoint == "/home": -+ storage.autopart_requests.remove(autoreq) -+ if autoreq.mountpoint == "/boot/efi": -+ autoreq.max_size = Size("500MiB") -+ if autoreq.mountpoint == "/boot" and \ -+ isinstance(platform, pyanaconda.platform.EFI): -+ # xen.efi don't need /boot -+ storage.autopart_requests.remove(autoreq) -+ -+ def __init__(self): -+ BaseInstallClass.__init__(self) --- -2.17.2 - diff --git a/0002-add-Qubes-post-scripts.patch b/0001-add-Qubes-post-scripts.patch similarity index 97% rename from 0002-add-Qubes-post-scripts.patch rename to 0001-add-Qubes-post-scripts.patch index a502765..7fa7254 100644 --- a/0002-add-Qubes-post-scripts.patch +++ b/0001-add-Qubes-post-scripts.patch @@ -1,4 +1,4 @@ -From 9a7550ffb0523a28b2076e286f84cb843c21843c Mon Sep 17 00:00:00 2001 +From 72a8a9c79279cb057f4500c01c8d41cbefcf7adf Mon Sep 17 00:00:00 2001 From: Tomasz Sterna Date: Fri, 19 Oct 2018 08:02:11 +0200 Subject: [PATCH] add Qubes post-scripts @@ -81,5 +81,5 @@ index 7d78d4bc3..ad2f6497d 100644 +dist_postscripts_DATA = 40-qubes-alt-kernels.ks 50-qubes.ks 60-systemd-preset.ks 80-setfilecons.ks 90-copy-screenshots.ks 99-copy-logs.ks MAINTAINERCLEANFILES = Makefile.in -- -2.17.2 +2.20.1 diff --git a/0003-remove-other-installclasses.patch b/0002-remove-other-installclasses.patch similarity index 99% rename from 0003-remove-other-installclasses.patch rename to 0002-remove-other-installclasses.patch index 848395e..84c7e69 100644 --- a/0003-remove-other-installclasses.patch +++ b/0002-remove-other-installclasses.patch @@ -1,4 +1,4 @@ -From 25b40d68bd329e00f458b822dc8a91e6c12bbe54 Mon Sep 17 00:00:00 2001 +From e964308da024c6d2a1d80fc9d776d46ffd7d96c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= Date: Fri, 19 Oct 2018 08:02:11 +0200 @@ -604,5 +604,5 @@ index 152e8efe2..000000000 - - super().configurePayload(payload) -- -2.17.2 +2.20.1 diff --git a/0005-Disable-network-by-ignoring-any-present-nic.patch b/0003-Disable-network-by-ignoring-any-present-nic.patch similarity index 92% rename from 0005-Disable-network-by-ignoring-any-present-nic.patch rename to 0003-Disable-network-by-ignoring-any-present-nic.patch index 8577ee4..15efc0c 100644 --- a/0005-Disable-network-by-ignoring-any-present-nic.patch +++ b/0003-Disable-network-by-ignoring-any-present-nic.patch @@ -1,4 +1,4 @@ -From 3eef6b6122a55971c46ec701998a84b234d8029c Mon Sep 17 00:00:00 2001 +From 91358bb7092f3c6d7ddbe5a2f22d87be96da0d5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= Date: Sun, 3 Feb 2019 18:42:58 +0100 @@ -32,5 +32,5 @@ index ede89427b..203cd418d 100644 def nm_activated_devices(): -- -2.17.2 +2.20.1 diff --git a/0004-Set-default-hostname-to-dom0.patch b/0004-Set-default-hostname-to-dom0.patch deleted file mode 100644 index dcd0118..0000000 --- a/0004-Set-default-hostname-to-dom0.patch +++ /dev/null @@ -1,36 +0,0 @@ -From cccf0ff9b51d71ea6d5cb4e10934252f3d8542c3 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= - -Date: Sun, 3 Feb 2019 18:42:36 +0100 -Subject: [PATCH] Set default hostname to 'dom0' - ---- - pyanaconda/installclasses/qubes.py | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/pyanaconda/installclasses/qubes.py b/pyanaconda/installclasses/qubes.py -index 84afaf046..e22099c3c 100644 ---- a/pyanaconda/installclasses/qubes.py -+++ b/pyanaconda/installclasses/qubes.py -@@ -18,6 +18,7 @@ - # - - from pyanaconda.installclass import BaseInstallClass -+from pyanaconda.modules.common.constants.services import NETWORK - from pyanaconda.product import * - from pyanaconda.core.i18n import N_ - import pyanaconda.platform -@@ -51,6 +52,10 @@ class InstallClass(BaseInstallClass): - BaseInstallClass.configure(self, anaconda) - self.setDefaultPartitioning(anaconda.storage) - -+ # Default Hostname -+ network_proxy = NETWORK.get_proxy() -+ network_proxy.SetHostname('dom0') -+ - def setDefaultPartitioning(self, storage): - BaseInstallClass.setDefaultPartitioning(self, storage) - for autoreq in storage.autopart_requests: --- -2.17.2 - diff --git a/0006-remove-network-setup-from-graphical-and-text-interfa.patch b/0004-remove-network-setup-from-graphical-and-text-interfa.patch similarity index 99% rename from 0006-remove-network-setup-from-graphical-and-text-interfa.patch rename to 0004-remove-network-setup-from-graphical-and-text-interfa.patch index 20427e2..5d76186 100644 --- a/0006-remove-network-setup-from-graphical-and-text-interfa.patch +++ b/0004-remove-network-setup-from-graphical-and-text-interfa.patch @@ -1,4 +1,4 @@ -From 94779f49aaaf3d6abae9104b31ab7e6aeb10ff16 Mon Sep 17 00:00:00 2001 +From 630658cdf824acb218012e7a403ebf356596cd90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= Date: Sun, 3 Feb 2019 18:52:38 +0100 @@ -2264,5 +2264,5 @@ index ece87a00d..000000000 - # save this back to network data, this will be applied in upper layer - pass -- -2.17.2 +2.20.1 diff --git a/0007-fix-grub-config-setup-by-removing-non-xen-options.patch b/0005-fix-grub-config-setup-by-removing-non-xen-options.patch similarity index 92% rename from 0007-fix-grub-config-setup-by-removing-non-xen-options.patch rename to 0005-fix-grub-config-setup-by-removing-non-xen-options.patch index 8749b88..0c05311 100644 --- a/0007-fix-grub-config-setup-by-removing-non-xen-options.patch +++ b/0005-fix-grub-config-setup-by-removing-non-xen-options.patch @@ -1,4 +1,4 @@ -From ded9785ae746514a651cfec261d2935161a142bc Mon Sep 17 00:00:00 2001 +From e69c3148caf82cdc4ef736348c2aea39200ce40e Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Fri, 19 Oct 2018 08:02:11 +0200 Subject: [PATCH] fix grub config setup by removing non-xen options @@ -22,5 +22,5 @@ index c6f67976e..16116d4df 100644 if self.default is not None: # find the index of the default image -- -2.17.2 +2.20.1 diff --git a/0009-set-default-grub-theme.patch b/0006-set-default-grub-theme.patch similarity index 94% rename from 0009-set-default-grub-theme.patch rename to 0006-set-default-grub-theme.patch index aeab375..2e4f72c 100644 --- a/0009-set-default-grub-theme.patch +++ b/0006-set-default-grub-theme.patch @@ -1,4 +1,4 @@ -From b290143039511a579d0ab8a8d0dd8218c4c56f0b Mon Sep 17 00:00:00 2001 +From baf1fa8ed259a138f3fd84a0c7fcca60734158fc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:11 +0200 @@ -31,5 +31,5 @@ index 16116d4df..2a4167913 100644 def _encrypt_password(self): -- -2.17.2 +2.20.1 diff --git a/0010-add-options-can_dual_boot-and-can_update-to-grub.patch b/0007-add-options-can_dual_boot-and-can_update-to-grub.patch similarity index 91% rename from 0010-add-options-can_dual_boot-and-can_update-to-grub.patch rename to 0007-add-options-can_dual_boot-and-can_update-to-grub.patch index 9a1f7e8..0fdda26 100644 --- a/0010-add-options-can_dual_boot-and-can_update-to-grub.patch +++ b/0007-add-options-can_dual_boot-and-can_update-to-grub.patch @@ -1,4 +1,4 @@ -From ffda6c114ddae4dd9c7f177957f2f991cd723620 Mon Sep 17 00:00:00 2001 +From 4457a283f9cb54db9e96ea99b9028f02d884fa8a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= Date: Fri, 19 Oct 2018 08:02:11 +0200 @@ -22,5 +22,5 @@ index 2a4167913..8ecdc7a2f 100644 # requirements for boot devices stage2_device_types = ["partition", "mdarray", "lvmlv"] -- -2.17.2 +2.20.1 diff --git a/0011-efimgr-specify-root-util.getSysroot.patch b/0008-efimgr-specify-root-util.getSysroot.patch similarity index 92% rename from 0011-efimgr-specify-root-util.getSysroot.patch rename to 0008-efimgr-specify-root-util.getSysroot.patch index a39265e..a2901cc 100644 --- a/0011-efimgr-specify-root-util.getSysroot.patch +++ b/0008-efimgr-specify-root-util.getSysroot.patch @@ -1,4 +1,4 @@ -From 2450e1372b77eec57ad48476c2953d23a81a889e Mon Sep 17 00:00:00 2001 +From 4f640ed09a9c66562f26e4d315699161aad426b0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= Date: Fri, 19 Oct 2018 08:02:11 +0200 @@ -23,5 +23,5 @@ index 8ecdc7a2f..69f5c6595 100644 raise BootLoaderError("failed to remove old efi boot entry. This is most likely a kernel or firmware bug.") -- -2.17.2 +2.20.1 diff --git a/0008-make-encrypted-partitions-by-default.patch b/0008-make-encrypted-partitions-by-default.patch deleted file mode 100644 index 7db5d63..0000000 --- a/0008-make-encrypted-partitions-by-default.patch +++ /dev/null @@ -1,38 +0,0 @@ -From ed4646b020bc8a5e4f538ce0669192f9f1d1d361 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= - -Date: Fri, 26 Oct 2018 19:53:07 +0200 -Subject: [PATCH] make encrypted partitions by default - ---- - pyanaconda/installclasses/qubes.py | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/pyanaconda/installclasses/qubes.py b/pyanaconda/installclasses/qubes.py -index e22099c3c..2337dacbf 100644 ---- a/pyanaconda/installclasses/qubes.py -+++ b/pyanaconda/installclasses/qubes.py -@@ -18,7 +18,8 @@ - # - - from pyanaconda.installclass import BaseInstallClass --from pyanaconda.modules.common.constants.services import NETWORK -+from pyanaconda.modules.common.constants.objects import AUTO_PARTITIONING -+from pyanaconda.modules.common.constants.services import NETWORK, STORAGE - from pyanaconda.product import * - from pyanaconda.core.i18n import N_ - import pyanaconda.platform -@@ -56,6 +57,10 @@ class InstallClass(BaseInstallClass): - network_proxy = NETWORK.get_proxy() - network_proxy.SetHostname('dom0') - -+ # Make encrypted partitions by default -+ auto_part_proxy = STORAGE.get_proxy(AUTO_PARTITIONING) -+ auto_part_proxy.SetEncrypted(True) -+ - def setDefaultPartitioning(self, storage): - BaseInstallClass.setDefaultPartitioning(self, storage) - for autoreq in storage.autopart_requests: --- -2.17.2 - diff --git a/0012-generate-xen-efi-configuration.patch b/0009-generate-xen-efi-configuration.patch similarity index 98% rename from 0012-generate-xen-efi-configuration.patch rename to 0009-generate-xen-efi-configuration.patch index 7e8bfb0..3b46bed 100644 --- a/0012-generate-xen-efi-configuration.patch +++ b/0009-generate-xen-efi-configuration.patch @@ -1,4 +1,4 @@ -From 11108d2dda9e993664a15c4ff5900c6e690ac28c Mon Sep 17 00:00:00 2001 +From 4988f1e62822b1ac1df84c5e5640e34e6f9c988a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:12 +0200 @@ -113,5 +113,5 @@ index 69f5c6595..1c01bfe4c 100644 platform.PPC: GRUB2, platform.IPSeriesPPC: IPSeriesGRUB2, -- -2.17.2 +2.20.1 diff --git a/0013-fix-dracut-module-to-work-with-reduced-dependencies.patch b/0010-fix-dracut-module-to-work-with-reduced-dependencies.patch similarity index 96% rename from 0013-fix-dracut-module-to-work-with-reduced-dependencies.patch rename to 0010-fix-dracut-module-to-work-with-reduced-dependencies.patch index 24f2b41..041bf51 100644 --- a/0013-fix-dracut-module-to-work-with-reduced-dependencies.patch +++ b/0010-fix-dracut-module-to-work-with-reduced-dependencies.patch @@ -1,4 +1,4 @@ -From 5b9cc9ff10910266b1920ab61c25b301661bcdbb Mon Sep 17 00:00:00 2001 +From 859e596a0d155eba7c577c74fc8d46029403a549 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:12 +0200 @@ -56,5 +56,5 @@ index fa1455f8b..8fce64aed 100755 # create the repodir and isodir that anaconda will look for mkdir -p $repodir $isodir -- -2.17.2 +2.20.1 diff --git a/0014-use-installer-kernel-parameters-as-default-for-insta.patch b/0011-use-installer-kernel-parameters-as-default-for-insta.patch similarity index 96% rename from 0014-use-installer-kernel-parameters-as-default-for-insta.patch rename to 0011-use-installer-kernel-parameters-as-default-for-insta.patch index 9b63177..d388074 100644 --- a/0014-use-installer-kernel-parameters-as-default-for-insta.patch +++ b/0011-use-installer-kernel-parameters-as-default-for-insta.patch @@ -1,4 +1,4 @@ -From 87c119fcb7c8448014d56bbedddbd7f9fa8bacc5 Mon Sep 17 00:00:00 2001 +From a98ba275162937a56f7ca1ee5428b00de883677a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:12 +0200 @@ -52,5 +52,5 @@ index 1c01bfe4c..972617033 100644 arg = flags.cmdline.get(opt) -- -2.17.2 +2.20.1 diff --git a/0015-use-kernel-install-instead-of-grubby-to-regenerate-i.patch b/0012-use-kernel-install-instead-of-grubby-to-regenerate-i.patch similarity index 96% rename from 0015-use-kernel-install-instead-of-grubby-to-regenerate-i.patch rename to 0012-use-kernel-install-instead-of-grubby-to-regenerate-i.patch index 0918919..3b788fb 100644 --- a/0015-use-kernel-install-instead-of-grubby-to-regenerate-i.patch +++ b/0012-use-kernel-install-instead-of-grubby-to-regenerate-i.patch @@ -1,4 +1,4 @@ -From a106ffa0c62485768450b160f174b7f146751199 Mon Sep 17 00:00:00 2001 +From 5990cce6eb095f72d62e0cc174c80cf30152021a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Sat, 10 Nov 2018 13:11:46 +0100 @@ -42,5 +42,5 @@ index cc3538142..3b2cc6db6 100644 # hostonly is not sensible for disk image installations # using /dev/disk/by-uuid/ is necessary due to disk image naming -- -2.17.2 +2.20.1 diff --git a/0016-Fix-a-regular-expression-determining-Release.patch b/0013-Fix-a-regular-expression-determining-Release.patch similarity index 92% rename from 0016-Fix-a-regular-expression-determining-Release.patch rename to 0013-Fix-a-regular-expression-determining-Release.patch index 3096d2a..57e9c03 100644 --- a/0016-Fix-a-regular-expression-determining-Release.patch +++ b/0013-Fix-a-regular-expression-determining-Release.patch @@ -1,4 +1,4 @@ -From 0a146c50741a84e4bc68b4c6b703292755fc9b00 Mon Sep 17 00:00:00 2001 +From 8868d17ef223f21fa26acb1365f224bd901f9595 Mon Sep 17 00:00:00 2001 From: "M. Vefa Bicakci" Date: Sat, 10 Nov 2018 13:17:29 +0100 Subject: [PATCH] Fix a regular expression determining Release @@ -22,5 +22,5 @@ index 2c043d037..8bebe91d7 100644 AS_IF([test $ANACONDA_RELEASE], [AC_SUBST(PACKAGE_RELEASE, $ANACONDA_RELEASE)], -- -2.17.2 +2.20.1 diff --git a/0017-Do-not-fail-during-initramfs-start-up-due-to-missing.patch b/0014-Do-not-fail-during-initramfs-start-up-due-to-missing.patch similarity index 93% rename from 0017-Do-not-fail-during-initramfs-start-up-due-to-missing.patch rename to 0014-Do-not-fail-during-initramfs-start-up-due-to-missing.patch index 150936f..af331bb 100644 --- a/0017-Do-not-fail-during-initramfs-start-up-due-to-missing.patch +++ b/0014-Do-not-fail-during-initramfs-start-up-due-to-missing.patch @@ -1,4 +1,4 @@ -From 44b4ed9fcfcd03fa8340d175c73adb79abdc8488 Mon Sep 17 00:00:00 2001 +From b64c82d43d5d25fefe5fb16d3d925d356c6527a3 Mon Sep 17 00:00:00 2001 From: "M. Vefa Bicakci" Date: Fri, 19 Oct 2018 08:02:12 +0200 Subject: [PATCH] Do not fail during initramfs start-up due to missing url-lib @@ -29,5 +29,5 @@ index 7bc97393b..39fa0ce0d 100755 # inst.ks.sendmac: send MAC addresses in HTTP headers if getargbool 0 kssendmac inst.ks.sendmac; then -- -2.17.2 +2.20.1 diff --git a/0018-Disable-the-NTP-configuration-spoke.patch b/0015-Disable-the-NTP-configuration-spoke.patch similarity index 99% rename from 0018-Disable-the-NTP-configuration-spoke.patch rename to 0015-Disable-the-NTP-configuration-spoke.patch index c72afcd..89794ed 100644 --- a/0018-Disable-the-NTP-configuration-spoke.patch +++ b/0015-Disable-the-NTP-configuration-spoke.patch @@ -1,4 +1,4 @@ -From 710f613984fbb3aac8d0f41011cd8389223bd87c Mon Sep 17 00:00:00 2001 +From 60c26ff61bdb45c4fb17b116041b04d217814997 Mon Sep 17 00:00:00 2001 From: "M. Vefa Bicakci" Date: Fri, 19 Oct 2018 08:02:12 +0200 Subject: [PATCH] Disable the NTP configuration spoke @@ -727,5 +727,5 @@ index 93594e2d5..e5a1970c2 100644 - else: - self.clear_info() -- -2.17.2 +2.20.1 diff --git a/0019-drop-useless-on-Qubes-dependencies-on-network-filesy.patch b/0016-drop-useless-on-Qubes-dependencies-on-network-filesy.patch similarity index 94% rename from 0019-drop-useless-on-Qubes-dependencies-on-network-filesy.patch rename to 0016-drop-useless-on-Qubes-dependencies-on-network-filesy.patch index 7010f96..64cb3a6 100644 --- a/0019-drop-useless-on-Qubes-dependencies-on-network-filesy.patch +++ b/0016-drop-useless-on-Qubes-dependencies-on-network-filesy.patch @@ -1,4 +1,4 @@ -From 36b403547833310a93b9c7ffb3735d0871940b89 Mon Sep 17 00:00:00 2001 +From b5671d087a21b1095f77d2f6fccd7391fb7899e5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:12 +0200 @@ -27,5 +27,5 @@ index ac007f791..175ed6d13 100644 ksmodule = "pykickstart" kscategories = (UserWarning, SyntaxWarning, DeprecationWarning) -- -2.17.2 +2.20.1 diff --git a/0021-add-skip_grub-parameter-and-allow-boot-encryption-an.patch b/0017-add-skip_grub-parameter-and-allow-boot-encryption-an.patch similarity index 95% rename from 0021-add-skip_grub-parameter-and-allow-boot-encryption-an.patch rename to 0017-add-skip_grub-parameter-and-allow-boot-encryption-an.patch index 2d8f7da..704ad3c 100644 --- a/0021-add-skip_grub-parameter-and-allow-boot-encryption-an.patch +++ b/0017-add-skip_grub-parameter-and-allow-boot-encryption-an.patch @@ -1,4 +1,4 @@ -From 3e16ba90e7a47d1df97458a576e69eed7140891b Mon Sep 17 00:00:00 2001 +From 511713f531d7ab4497d71e03eac82381b07627a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= Date: Sat, 10 Nov 2018 17:15:33 +0100 @@ -37,5 +37,5 @@ index 972617033..db5a934a5 100644 # # grub-related conveniences -- -2.17.2 +2.20.1 diff --git a/0023-add-console-none-Xen-parameter.patch b/0018-add-console-none-Xen-parameter.patch similarity index 92% rename from 0023-add-console-none-Xen-parameter.patch rename to 0018-add-console-none-Xen-parameter.patch index fa1c920..18c5b12 100644 --- a/0023-add-console-none-Xen-parameter.patch +++ b/0018-add-console-none-Xen-parameter.patch @@ -1,4 +1,4 @@ -From a13a1f3eba9c63e0a5daa8cadd7889df23b950fd Mon Sep 17 00:00:00 2001 +From 0f7cc3192020f420331dcf23c108fe18184f6479 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:12 +0200 @@ -21,5 +21,5 @@ index db5a934a5..2a095c1eb 100644 defaults.write("GRUB_THEME=\"/boot/grub2/themes/qubes/theme.txt\"\n") defaults.close() -- -2.17.2 +2.20.1 diff --git a/0024-add-dom0_mem-min-1024M-to-default-xen-cmdline.patch b/0019-add-dom0_mem-min-1024M-to-default-xen-cmdline.patch similarity index 93% rename from 0024-add-dom0_mem-min-1024M-to-default-xen-cmdline.patch rename to 0019-add-dom0_mem-min-1024M-to-default-xen-cmdline.patch index 6f29a9b..fa772b7 100644 --- a/0024-add-dom0_mem-min-1024M-to-default-xen-cmdline.patch +++ b/0019-add-dom0_mem-min-1024M-to-default-xen-cmdline.patch @@ -1,4 +1,4 @@ -From fcb4a0ed87194c71848884ef84c5dd848bb52bcf Mon Sep 17 00:00:00 2001 +From 40c79679b5d098250a093204110ed01cadc3c8a0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:12 +0200 @@ -25,5 +25,5 @@ index 2a095c1eb..f32f32e61 100644 defaults.write("GRUB_THEME=\"/boot/grub2/themes/qubes/theme.txt\"\n") defaults.close() -- -2.17.2 +2.20.1 diff --git a/0025-limit-dom0-maxmem-to-4GB-to-limit-its-overhead-on-bi.patch b/0020-limit-dom0-maxmem-to-4GB-to-limit-its-overhead-on-bi.patch similarity index 94% rename from 0025-limit-dom0-maxmem-to-4GB-to-limit-its-overhead-on-bi.patch rename to 0020-limit-dom0-maxmem-to-4GB-to-limit-its-overhead-on-bi.patch index a813bc4..c02a46b 100644 --- a/0025-limit-dom0-maxmem-to-4GB-to-limit-its-overhead-on-bi.patch +++ b/0020-limit-dom0-maxmem-to-4GB-to-limit-its-overhead-on-bi.patch @@ -1,4 +1,4 @@ -From ee716399c360bb032db0b2814ddd762dc5d7997e Mon Sep 17 00:00:00 2001 +From 5bd0830c4ecdcae57f253202188e0bf22bcd2328 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:12 +0200 @@ -26,5 +26,5 @@ index f32f32e61..59c392cd2 100644 defaults.write("GRUB_THEME=\"/boot/grub2/themes/qubes/theme.txt\"\n") defaults.close() -- -2.17.2 +2.20.1 diff --git a/0020-skip-NTP-installation-and-setup-in-dom0.patch b/0020-skip-NTP-installation-and-setup-in-dom0.patch deleted file mode 100644 index f6abdb9..0000000 --- a/0020-skip-NTP-installation-and-setup-in-dom0.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 4b2817c06b1ec90ae0183a411ba3900e6d20be9d Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= - -Date: Fri, 28 Dec 2018 13:28:26 +0100 -Subject: [PATCH] skip NTP installation and setup in dom0 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Dom0 has no direct network access, to this doesn't make sense anyway. - -Fixes QubesOS/qubes-issues#2110 - -Rework of previous work done by Marek Marczykowski-Górecki (marmarek). ---- - pyanaconda/installclasses/qubes.py | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/pyanaconda/installclasses/qubes.py b/pyanaconda/installclasses/qubes.py -index 2337dacbf..794e2e45b 100644 ---- a/pyanaconda/installclasses/qubes.py -+++ b/pyanaconda/installclasses/qubes.py -@@ -19,7 +19,7 @@ - - from pyanaconda.installclass import BaseInstallClass - from pyanaconda.modules.common.constants.objects import AUTO_PARTITIONING --from pyanaconda.modules.common.constants.services import NETWORK, STORAGE -+from pyanaconda.modules.common.constants.services import NETWORK, STORAGE, TIMEZONE - from pyanaconda.product import * - from pyanaconda.core.i18n import N_ - import pyanaconda.platform -@@ -61,6 +61,10 @@ class InstallClass(BaseInstallClass): - auto_part_proxy = STORAGE.get_proxy(AUTO_PARTITIONING) - auto_part_proxy.SetEncrypted(True) - -+ # Make disabled NTP by default -+ timezone_proxy = TIMEZONE.get_proxy() -+ timezone_proxy.SetNTPEnabled(False) -+ - def setDefaultPartitioning(self, storage): - BaseInstallClass.setDefaultPartitioning(self, storage) - for autoreq in storage.autopart_requests: --- -2.17.2 - diff --git a/0026-disable-iommu-for-IGFX.patch b/0021-disable-iommu-for-IGFX.patch similarity index 96% rename from 0026-disable-iommu-for-IGFX.patch rename to 0021-disable-iommu-for-IGFX.patch index 951202c..1f71a4f 100644 --- a/0026-disable-iommu-for-IGFX.patch +++ b/0021-disable-iommu-for-IGFX.patch @@ -1,4 +1,4 @@ -From 25e121baadc01972cae9f3277fd1f7aca0fc198b Mon Sep 17 00:00:00 2001 +From 724b128fb3f0f86abafdbf012df46336896517f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:12 +0200 @@ -40,5 +40,5 @@ index 59c392cd2..f5e95abdf 100644 image.kernel, image.device.fstab_spec, -- -2.17.2 +2.20.1 diff --git a/0027-check-for-Qubes-OS-hardware-required-features.patch b/0022-check-for-Qubes-OS-hardware-required-features.patch similarity index 83% rename from 0027-check-for-Qubes-OS-hardware-required-features.patch rename to 0022-check-for-Qubes-OS-hardware-required-features.patch index dc8d332..c68a76d 100644 --- a/0027-check-for-Qubes-OS-hardware-required-features.patch +++ b/0022-check-for-Qubes-OS-hardware-required-features.patch @@ -1,4 +1,4 @@ -From 1ca6e326230ac62e9fe9517e4b61034f2a6bed5e Mon Sep 17 00:00:00 2001 +From 2ac37f7a5387571f8ed14d6689d62a73687cf1ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= Date: Sat, 10 Nov 2018 19:10:07 +0100 @@ -9,8 +9,8 @@ Warn if the hardware lacks features required for proper Qubes OS operation. Rework based on previous commits 696bd4c, 63043751a, 7489992dd, 3791fd7 and f6bfe11ab. --- pyanaconda/core/constants.py | 6 ++++-- - pyanaconda/core/util.py | 26 ++++++++++++++++++++++---- - 2 files changed, 26 insertions(+), 6 deletions(-) + pyanaconda/core/util.py | 29 +++++++++++++++++++++++++---- + 2 files changed, 29 insertions(+), 6 deletions(-) diff --git a/pyanaconda/core/constants.py b/pyanaconda/core/constants.py index ece934648..161e5575a 100644 @@ -30,10 +30,10 @@ index ece934648..161e5575a 100644 # Password type diff --git a/pyanaconda/core/util.py b/pyanaconda/core/util.py -index 6106671c8..90e1231d6 100644 +index 6106671c8..7043bcc24 100644 --- a/pyanaconda/core/util.py +++ b/pyanaconda/core/util.py -@@ -989,10 +989,28 @@ def detect_unsupported_hardware(install_class): +@@ -989,10 +989,31 @@ def detect_unsupported_hardware(install_class): return [] # Check TAINT_HARDWARE_UNSUPPORTED @@ -45,7 +45,7 @@ index 6106671c8..90e1231d6 100644 + xl_info = subprocess.check_output(['xl', 'info']) + xl_dmesg = subprocess.check_output(['xl', 'dmesg']) + except subprocess.CalledProcessError: -+ status = 'xl call failed' ++ warnings.append('Unable to check hardware support: xl call failed') + else: + missing_features = [] + for line in xl_info.splitlines(): @@ -54,18 +54,21 @@ index 6106671c8..90e1231d6 100644 + missing_features.append('HVM/VT-x/AMD-V') + if b'hvm_directio' not in line: + missing_features.append('IOMMU/VT-d/AMD-Vi') ++ + if b'HVM: Hardware Assisted Paging (HAP) detected' not in xl_dmesg: + missing_features.append('HAP/SLAT/EPT/RVI') ++ + # slightly different wording for Intel and AMD + if b'Intel VT-d Interrupt Remapping enabled' not in xl_dmesg \ + and b'Interrupt remapping enabled' not in xl_dmesg: + missing_features.append('Interrupt Remapping') -+ status = ', '.join(missing_features) + -+ warnings.append(WARNING_HARDWARE_UNSUPPORTED % {'features': status}) ++ if missing_features: ++ status = ', '.join(missing_features) ++ warnings.append(WARNING_HARDWARE_UNSUPPORTED % {'features': status}) # Check TAINT_SUPPORT_REMOVED if not install_class.detect_support_removed: -- -2.17.2 +2.20.1 diff --git a/0022-switch-default-partitioning-scheme-to-LVM-Thin-Provi.patch b/0022-switch-default-partitioning-scheme-to-LVM-Thin-Provi.patch deleted file mode 100644 index 17236b9..0000000 --- a/0022-switch-default-partitioning-scheme-to-LVM-Thin-Provi.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 1b4d396c768520647b54bc74978fa58f2813e061 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= - -Date: Fri, 28 Dec 2018 13:35:56 +0100 -Subject: [PATCH] switch default partitioning scheme to LVM Thin Provisioning -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Rework of previous work done by Marek Marczykowski-Górecki (marmarek). - -QubesOS/qubes-issues#2412 ---- - pyanaconda/installclasses/qubes.py | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/pyanaconda/installclasses/qubes.py b/pyanaconda/installclasses/qubes.py -index 794e2e45b..debdc0f42 100644 ---- a/pyanaconda/installclasses/qubes.py -+++ b/pyanaconda/installclasses/qubes.py -@@ -23,6 +23,7 @@ from pyanaconda.modules.common.constants.services import NETWORK, STORAGE, TIMEZ - from pyanaconda.product import * - from pyanaconda.core.i18n import N_ - import pyanaconda.platform -+from pykickstart.constants import AUTOPART_TYPE_LVM_THINP - - from blivet.size import Size - from pyanaconda.platform import platform -@@ -61,6 +62,9 @@ class InstallClass(BaseInstallClass): - auto_part_proxy = STORAGE.get_proxy(AUTO_PARTITIONING) - auto_part_proxy.SetEncrypted(True) - -+ # Make LVM Thin the default for autopart -+ auto_part_proxy.SetType(AUTOPART_TYPE_LVM_THINP) -+ - # Make disabled NTP by default - timezone_proxy = TIMEZONE.get_proxy() - timezone_proxy.SetNTPEnabled(False) --- -2.17.2 - diff --git a/0028-generate-proper-extlinux.conf.patch b/0023-generate-proper-extlinux.conf.patch similarity index 96% rename from 0028-generate-proper-extlinux.conf.patch rename to 0023-generate-proper-extlinux.conf.patch index 427efc9..4ef0f75 100644 --- a/0028-generate-proper-extlinux.conf.patch +++ b/0023-generate-proper-extlinux.conf.patch @@ -1,4 +1,4 @@ -From d961592683f93143cf072b8da5b1688f19ddfe9e Mon Sep 17 00:00:00 2001 +From cfbbfb341a129b6ad9e02bec0c2af58300242986 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:12 +0200 @@ -39,5 +39,5 @@ index f5e95abdf..26426717c 100644 "initrd": image.initrd, "args": args, -- -2.17.2 +2.20.1 diff --git a/0029-don-t-crash-when-no-target-disk-is-available.patch b/0024-don-t-crash-when-no-target-disk-is-available.patch similarity index 96% rename from 0029-don-t-crash-when-no-target-disk-is-available.patch rename to 0024-don-t-crash-when-no-target-disk-is-available.patch index 4a9d9b1..508fe28 100644 --- a/0029-don-t-crash-when-no-target-disk-is-available.patch +++ b/0024-don-t-crash-when-no-target-disk-is-available.patch @@ -1,4 +1,4 @@ -From 81827f56243be3a5ab30cc8062c3a8e469643f6c Mon Sep 17 00:00:00 2001 +From 367fa07e6e999af82f9d422909c104842e86ab29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:12 +0200 @@ -42,5 +42,5 @@ index d3e96af7d..73d5a6b64 100644 return self.success -- -2.17.2 +2.20.1 diff --git a/0032-Modify-user-configuration-spoke-for-QubesOS.patch b/0025-Modify-user-configuration-spoke-for-QubesOS.patch similarity index 99% rename from 0032-Modify-user-configuration-spoke-for-QubesOS.patch rename to 0025-Modify-user-configuration-spoke-for-QubesOS.patch index e3d38a3..a091f7a 100644 --- a/0032-Modify-user-configuration-spoke-for-QubesOS.patch +++ b/0025-Modify-user-configuration-spoke-for-QubesOS.patch @@ -1,4 +1,4 @@ -From 6a326cb1e4b3b37820cde6294e40e77e88e6d097 Mon Sep 17 00:00:00 2001 +From 36fe6206a6dc0b61d10e550354d1e315d1795e52 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= Date: Wed, 26 Dec 2018 17:09:45 +0100 @@ -426,5 +426,5 @@ index 572cacd0a..2591960f3 100644 # with emptyok == False the empty password check become unwaivable #if not self.checker.policy.emptyok: -- -2.17.2 +2.20.1 diff --git a/0033-Make-sure-that-a-user-is-created-at-installation-tim.patch b/0026-Make-sure-that-a-user-is-created-at-installation-tim.patch similarity index 98% rename from 0033-Make-sure-that-a-user-is-created-at-installation-tim.patch rename to 0026-Make-sure-that-a-user-is-created-at-installation-tim.patch index ab1272c..c5156ce 100644 --- a/0033-Make-sure-that-a-user-is-created-at-installation-tim.patch +++ b/0026-Make-sure-that-a-user-is-created-at-installation-tim.patch @@ -1,4 +1,4 @@ -From f6a22d1c1ce439b943a7fe9f2b77d4897df944b1 Mon Sep 17 00:00:00 2001 +From f4737cd0799a0d06a7da49802f8c3b8920fbfe0f Mon Sep 17 00:00:00 2001 From: "M. Vefa Bicakci" Date: Fri, 19 Oct 2018 08:02:12 +0200 Subject: [PATCH] Make sure that a user is created at installation time @@ -93,5 +93,5 @@ index b336cce86..261377553 100644 @property def status(self): -- -2.17.2 +2.20.1 diff --git a/0034-check-add-user-to-wheel-and-qubes-groups.patch b/0027-check-add-user-to-wheel-and-qubes-groups.patch similarity index 94% rename from 0034-check-add-user-to-wheel-and-qubes-groups.patch rename to 0027-check-add-user-to-wheel-and-qubes-groups.patch index a06e879..f4cedbf 100644 --- a/0034-check-add-user-to-wheel-and-qubes-groups.patch +++ b/0027-check-add-user-to-wheel-and-qubes-groups.patch @@ -1,4 +1,4 @@ -From 86b492420824588b75c4bba7d5c9838db625b6bb Mon Sep 17 00:00:00 2001 +From d4f85af5d7a96a8c621c243ce8ca32568745dad0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= Date: Fri, 19 Oct 2018 08:02:12 +0200 @@ -29,5 +29,5 @@ index 7493459fd..81c41578f 100644 # If the user name is not set, no user will be created. if self._user.name: -- -2.17.2 +2.20.1 diff --git a/0035-xen.efi-upgraded-during-each-install.patch b/0028-xen.efi-upgraded-during-each-install.patch similarity index 96% rename from 0035-xen.efi-upgraded-during-each-install.patch rename to 0028-xen.efi-upgraded-during-each-install.patch index 0350116..8486484 100644 --- a/0035-xen.efi-upgraded-during-each-install.patch +++ b/0028-xen.efi-upgraded-during-each-install.patch @@ -1,4 +1,4 @@ -From e27f0bfd6a797e7c8021d86f607d5f39aa1da72f Mon Sep 17 00:00:00 2001 +From 4d85922e919ea010a52833de8802a16b26102903 Mon Sep 17 00:00:00 2001 From: Freddie Rice Date: Fri, 19 Oct 2018 08:02:12 +0200 Subject: [PATCH] xen.efi upgraded during each install @@ -34,5 +34,5 @@ index 26426717c..a6b461ae7 100644 "-d", boot_disk.path, "-p", boot_part_num, "-l", -- -2.17.2 +2.20.1 diff --git a/0036-make-sure-the-latest-version-is-placed-as-xen.efi.patch b/0029-make-sure-the-latest-version-is-placed-as-xen.efi.patch similarity index 95% rename from 0036-make-sure-the-latest-version-is-placed-as-xen.efi.patch rename to 0029-make-sure-the-latest-version-is-placed-as-xen.efi.patch index b28546c..fed002d 100644 --- a/0036-make-sure-the-latest-version-is-placed-as-xen.efi.patch +++ b/0029-make-sure-the-latest-version-is-placed-as-xen.efi.patch @@ -1,4 +1,4 @@ -From d1fb92cfd21d8b4bbf93608ee740e0e47b834783 Mon Sep 17 00:00:00 2001 +From 769e58324a6508a642a3f9b0b84801922e74fe58 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:12 +0200 @@ -30,5 +30,5 @@ index a6b461ae7..8f06088d0 100644 "-d", boot_disk.path, "-p", boot_part_num, "-l", -- -2.17.2 +2.20.1 diff --git a/0037-fix-default-scheme-in-custom-partitioning.patch b/0030-fix-default-scheme-in-custom-partitioning.patch similarity index 94% rename from 0037-fix-default-scheme-in-custom-partitioning.patch rename to 0030-fix-default-scheme-in-custom-partitioning.patch index 3caae69..f63ffa8 100644 --- a/0037-fix-default-scheme-in-custom-partitioning.patch +++ b/0030-fix-default-scheme-in-custom-partitioning.patch @@ -1,4 +1,4 @@ -From 044718d7de3d7eef5f92560bbd3f44b468844a58 Mon Sep 17 00:00:00 2001 +From b7d75145b1040e27e156e482eaa8d01a4423e904 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:12 +0200 @@ -34,5 +34,5 @@ index 161e5575a..41b7b613e 100644 # Is the default autopart type selected? AUTOPART_TYPE_DEFAULT = -1 -- -2.17.2 +2.20.1 diff --git a/0030-lock-root-account-by-default.patch b/0030-lock-root-account-by-default.patch deleted file mode 100644 index 71675cf..0000000 --- a/0030-lock-root-account-by-default.patch +++ /dev/null @@ -1,38 +0,0 @@ -From b52811b3ad6278f3ed721c2b3a08e542ad0f9e32 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= - -Date: Sat, 10 Nov 2018 19:17:45 +0100 -Subject: [PATCH] lock root account by default - ---- - pyanaconda/installclasses/qubes.py | 7 ++++++- - 1 file changed, 6 insertions(+), 1 deletion(-) - -diff --git a/pyanaconda/installclasses/qubes.py b/pyanaconda/installclasses/qubes.py -index debdc0f42..8f4ced67f 100644 ---- a/pyanaconda/installclasses/qubes.py -+++ b/pyanaconda/installclasses/qubes.py -@@ -19,7 +19,7 @@ - - from pyanaconda.installclass import BaseInstallClass - from pyanaconda.modules.common.constants.objects import AUTO_PARTITIONING --from pyanaconda.modules.common.constants.services import NETWORK, STORAGE, TIMEZONE -+from pyanaconda.modules.common.constants.services import NETWORK, STORAGE, TIMEZONE, USERS - from pyanaconda.product import * - from pyanaconda.core.i18n import N_ - import pyanaconda.platform -@@ -69,6 +69,11 @@ class InstallClass(BaseInstallClass): - timezone_proxy = TIMEZONE.get_proxy() - timezone_proxy.SetNTPEnabled(False) - -+ # Make locked root account by default -+ users_proxy = USERS.get_proxy() -+ users_proxy.SetRootAccountLocked(True) -+ -+ - def setDefaultPartitioning(self, storage): - BaseInstallClass.setDefaultPartitioning(self, storage) - for autoreq in storage.autopart_requests: --- -2.17.2 - diff --git a/0038-Fix-macOS-EFI-Installation.patch b/0031-Fix-macOS-EFI-Installation.patch similarity index 99% rename from 0038-Fix-macOS-EFI-Installation.patch rename to 0031-Fix-macOS-EFI-Installation.patch index 5915922..3d76db4 100644 --- a/0038-Fix-macOS-EFI-Installation.patch +++ b/0031-Fix-macOS-EFI-Installation.patch @@ -1,4 +1,4 @@ -From 72b6ed9d7fb5518487c7975e9a62ffa3998a5f39 Mon Sep 17 00:00:00 2001 +From 4a4720eebca2bc2201d35e3d641d2b20f78be2ab Mon Sep 17 00:00:00 2001 From: Eric Duncan Date: Fri, 19 Oct 2018 08:02:13 +0200 Subject: [PATCH] Fix macOS EFI Installation @@ -270,5 +270,5 @@ index 8f06088d0..ddfcae7ea 100644 # Inherit abstract methods from BootLoader # pylint: disable=abstract-method -- -2.17.2 +2.20.1 diff --git a/0031-add-option-to-lock-root-account.patch b/0031-add-option-to-lock-root-account.patch deleted file mode 100644 index 80a8924..0000000 --- a/0031-add-option-to-lock-root-account.patch +++ /dev/null @@ -1,163 +0,0 @@ -From 48e636a33cbd83fbde93ae4c68c116e28c407815 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= - -Date: Tue, 25 Dec 2018 21:46:38 +0100 -Subject: [PATCH] add option to lock root account - -Not only default setting, so one could leave account locked if entered -password setting spoke. ---- - pyanaconda/installclasses/qubes.py | 1 - - pyanaconda/ui/gui/spokes/root_password.glade | 24 +++++++++++++++---- - pyanaconda/ui/gui/spokes/root_password.py | 25 ++++++++++++++------ - 3 files changed, 38 insertions(+), 12 deletions(-) - -diff --git a/pyanaconda/installclasses/qubes.py b/pyanaconda/installclasses/qubes.py -index 8f4ced67f..8cb701258 100644 ---- a/pyanaconda/installclasses/qubes.py -+++ b/pyanaconda/installclasses/qubes.py -@@ -73,7 +73,6 @@ class InstallClass(BaseInstallClass): - users_proxy = USERS.get_proxy() - users_proxy.SetRootAccountLocked(True) - -- - def setDefaultPartitioning(self, storage): - BaseInstallClass.setDefaultPartitioning(self, storage) - for autoreq in storage.autopart_requests: -diff --git a/pyanaconda/ui/gui/spokes/root_password.glade b/pyanaconda/ui/gui/spokes/root_password.glade -index 64f4c926f..0d61ea31c 100644 ---- a/pyanaconda/ui/gui/spokes/root_password.glade -+++ b/pyanaconda/ui/gui/spokes/root_password.glade -@@ -1,5 +1,5 @@ - -- -+ - - - -@@ -40,6 +40,22 @@ - - False - vertical -+ -+ -+ Lock root account -+ True -+ True -+ False -+ start -+ True -+ -+ -+ -+ False -+ True -+ 0 -+ -+ - - - True -@@ -81,7 +97,7 @@ - False - - -- -+ - - - Password -@@ -101,7 +117,7 @@ - - True - -- -+ - - - Confirm Password -@@ -175,7 +191,7 @@ - - False - True -- 0 -+ 1 - - - -diff --git a/pyanaconda/ui/gui/spokes/root_password.py b/pyanaconda/ui/gui/spokes/root_password.py -index e6a4020a3..d6792ab1c 100644 ---- a/pyanaconda/ui/gui/spokes/root_password.py -+++ b/pyanaconda/ui/gui/spokes/root_password.py -@@ -72,6 +72,7 @@ class PasswordSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler) - self._password_confirmation_entry = self.builder.get_object("password_confirmation_entry") - self._password_bar = self.builder.get_object("password_bar") - self._password_label = self.builder.get_object("password_label") -+ self._lock = self.builder.get_object("lock") - - # set state based on kickstart - # NOTE: this will stop working once the module supports multiple kickstart commands -@@ -141,11 +142,15 @@ class PasswordSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler) - - def refresh(self): - # focus on the password field if password was not kickstarted -- if not self.password_kickstarted: -+ if not self.password_kickstarted or not self._lock.get_active(): - self.password_entry.grab_focus() - -- # rerun checks so that we have a correct status message, if any -- self.checker.run_checks() -+ self._lock.set_active(self._users_module.proxy.IsRootAccountLocked) -+ self.on_lock_clicked(self._lock) -+ -+ if not self._lock.get_active(): -+ # rerun checks so that we have a correct status message, if any -+ self.checker.run_checks() - - @property - def status(self): -@@ -154,7 +159,7 @@ class PasswordSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler) - reconfig_mode = self._services_module.proxy.SetupOnBoot == constants.SETUP_ON_BOOT_RECONFIG - # reconfig mode currently allows re-enabling a locked root account if - # user sets a new root password -- if reconfig_mode: -+ if reconfig_mode and not self._lock.get_active(): - return _("Disabled, set password to enable.") - else: - return _("Root account is disabled.") -@@ -177,7 +182,7 @@ class PasswordSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler) - self._users_module.proxy.SetRootpwKickstarted(False) - self.password_kickstarted = False - -- self._users_module.proxy.SetRootAccountLocked(False) -+ self._users_module.proxy.SetRootAccountLocked(self._lock.get_active()) - - if not pw: - self._users_module.proxy.ClearRootPassword() -@@ -213,7 +218,7 @@ class PasswordSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler) - unwaivable_check_failed = not self._confirm_check.result.success - - # set appropriate status bar message -- if not error_message: -+ if not error_message or self._lock.get_active(): - # all is fine, just clear the message - self.clear_info() - elif not self.password and not self.password_confirmation: -@@ -297,7 +302,13 @@ class PasswordSpoke(FirstbootSpokeMixIn, NormalSpoke, GUISpokeInputCheckHandler) - - def on_back_clicked(self, button): - # the GUI spoke input check handler handles the spoke exit logic for us -- if self.try_to_go_back(): -+ if self.try_to_go_back() or self._lock.get_active(): - NormalSpoke.on_back_clicked(self, button) - else: - log.info("Return to hub prevented by password checking rules.") -+ -+ def on_lock_clicked(self, lock): -+ self.password_entry.set_sensitive(not lock.get_active()) -+ self.password_confirmation_entry.set_sensitive(not lock.get_active()) -+ if not lock.get_active(): -+ self.password_entry.grab_focus() --- -2.17.2 - diff --git a/0039-use-proper-subvolume-argument-when-booting-from-btrf.patch b/0032-use-proper-subvolume-argument-when-booting-from-btrf.patch similarity index 95% rename from 0039-use-proper-subvolume-argument-when-booting-from-btrf.patch rename to 0032-use-proper-subvolume-argument-when-booting-from-btrf.patch index c4e9de1..2972b74 100644 --- a/0039-use-proper-subvolume-argument-when-booting-from-btrf.patch +++ b/0032-use-proper-subvolume-argument-when-booting-from-btrf.patch @@ -1,4 +1,4 @@ -From d0bca2e6a56797e4705cda8ddb2c72d13008b9f9 Mon Sep 17 00:00:00 2001 +From 736302e8692ba200fa59de0e02313dc6a118ba1c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:13 +0200 @@ -36,5 +36,5 @@ index ddfcae7ea..8c15c8a10 100644 config.write("ramdisk={}\n".format(image.initrd)) -- -2.17.2 +2.20.1 diff --git a/0040-enable-discard-option-for-dom0-filesystems-by-defaul.patch b/0033-enable-discard-option-for-dom0-filesystems-by-defaul.patch similarity index 97% rename from 0040-enable-discard-option-for-dom0-filesystems-by-defaul.patch rename to 0033-enable-discard-option-for-dom0-filesystems-by-defaul.patch index 8664a44..6ae2075 100644 --- a/0040-enable-discard-option-for-dom0-filesystems-by-defaul.patch +++ b/0033-enable-discard-option-for-dom0-filesystems-by-defaul.patch @@ -1,4 +1,4 @@ -From 4467e907cc8d5c1d3d3accddddecba5164acf0bf Mon Sep 17 00:00:00 2001 +From 934574c18d1d4ffe090813cceb135818f0c3d62a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:13 +0200 @@ -74,5 +74,5 @@ index 175ed6d13..85eaec799 100644 if self.mountpoint != "" and self.mountpoint[0] != '/': raise KickstartParseError(lineno=self.lineno, -- -2.17.2 +2.20.1 diff --git a/0041-Add-ucode-scan-to-default-Xen-command-line.patch b/0034-Add-ucode-scan-to-default-Xen-command-line.patch similarity index 96% rename from 0041-Add-ucode-scan-to-default-Xen-command-line.patch rename to 0034-Add-ucode-scan-to-default-Xen-command-line.patch index 3cc8e5a..3568d26 100644 --- a/0041-Add-ucode-scan-to-default-Xen-command-line.patch +++ b/0034-Add-ucode-scan-to-default-Xen-command-line.patch @@ -1,4 +1,4 @@ -From 44f0653ad790e326e110b3290944201bc0e132b4 Mon Sep 17 00:00:00 2001 +From 203e8d7748da97cbbd53cd47d19a6a199f1952fa Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Fri, 19 Oct 2018 08:02:13 +0200 Subject: [PATCH] Add ucode=scan to default Xen command line @@ -36,5 +36,5 @@ index 8c15c8a10..784d14d24 100644 image.kernel, root_args, -- -2.17.2 +2.20.1 diff --git a/0042-avoid-adding-duplicated-kernel-entries.patch b/0035-avoid-adding-duplicated-kernel-entries.patch similarity index 93% rename from 0042-avoid-adding-duplicated-kernel-entries.patch rename to 0035-avoid-adding-duplicated-kernel-entries.patch index 759f86d..0d83066 100644 --- a/0042-avoid-adding-duplicated-kernel-entries.patch +++ b/0035-avoid-adding-duplicated-kernel-entries.patch @@ -1,4 +1,4 @@ -From e43d3adb9580a5aa7d634075bc496cbe80c29bcf Mon Sep 17 00:00:00 2001 +From 3e43d418605666c785c5b2042a404bad828c903e Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Fri, 19 Oct 2018 08:02:13 +0200 Subject: [PATCH] avoid adding duplicated kernel entries @@ -27,5 +27,5 @@ index 3b2cc6db6..0486df8c9 100644 @property def rpmMacros(self): -- -2.17.2 +2.20.1 diff --git a/0043-mark-qubes-user-name-as-reserved.patch b/0036-mark-qubes-user-name-as-reserved.patch similarity index 93% rename from 0043-mark-qubes-user-name-as-reserved.patch rename to 0036-mark-qubes-user-name-as-reserved.patch index 7842730..d0f361d 100644 --- a/0043-mark-qubes-user-name-as-reserved.patch +++ b/0036-mark-qubes-user-name-as-reserved.patch @@ -1,4 +1,4 @@ -From 5c7bf8ac7699c4c01905453b29cc2bc49eccb497 Mon Sep 17 00:00:00 2001 +From 7a60d316ea32df7f9a0c25669b20a0b608a2e384 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:13 +0200 @@ -26,5 +26,5 @@ index 3db06ddad..e4ded474a 100644 return is_valid_name(name) -- -2.17.2 +2.20.1 diff --git a/0044-add-smt-off-xen-option-during-installation.patch b/0037-add-smt-off-xen-option-during-installation.patch similarity index 96% rename from 0044-add-smt-off-xen-option-during-installation.patch rename to 0037-add-smt-off-xen-option-during-installation.patch index bbaca34..481ed72 100644 --- a/0044-add-smt-off-xen-option-during-installation.patch +++ b/0037-add-smt-off-xen-option-during-installation.patch @@ -1,4 +1,4 @@ -From 6c2ee84cbce97b008bacdfd94d2d15db03969777 Mon Sep 17 00:00:00 2001 +From 223e0ad2234b6fcaaaa4b0da665e68d5ec812cfa Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Fri, 19 Oct 2018 08:02:13 +0200 Subject: [PATCH] add smt=off xen option during installation @@ -35,5 +35,5 @@ index 784d14d24..ce6121912 100644 image.kernel, root_args, -- -2.17.2 +2.20.1 diff --git a/0045-update-Qubes-specific-code-for-Fedora-21-version.patch b/0038-update-Qubes-specific-code-for-Fedora-21-version.patch similarity index 96% rename from 0045-update-Qubes-specific-code-for-Fedora-21-version.patch rename to 0038-update-Qubes-specific-code-for-Fedora-21-version.patch index 2a18fe9..89706f6 100644 --- a/0045-update-Qubes-specific-code-for-Fedora-21-version.patch +++ b/0038-update-Qubes-specific-code-for-Fedora-21-version.patch @@ -1,4 +1,4 @@ -From 1beb2552d7141a3441d0f7c36e29783d6d1d7d4d Mon Sep 17 00:00:00 2001 +From bb676efee3afc8fc88165a174b488b4041ad66cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:13 +0200 @@ -42,5 +42,5 @@ index 000000000..0f7d7dcd5 +

+ -- -2.17.2 +2.20.1 diff --git a/0046-abort-installation-on-X-startup-fail.patch b/0039-abort-installation-on-X-startup-fail.patch similarity index 96% rename from 0046-abort-installation-on-X-startup-fail.patch rename to 0039-abort-installation-on-X-startup-fail.patch index 68f45f9..a445abb 100644 --- a/0046-abort-installation-on-X-startup-fail.patch +++ b/0039-abort-installation-on-X-startup-fail.patch @@ -1,4 +1,4 @@ -From cac0d94e4df7bbebed2729a6184007d3c5f7eb08 Mon Sep 17 00:00:00 2001 +From 2607fb80f18ab63e94c786937d2850834b7d4b48 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 19 Oct 2018 08:02:13 +0200 @@ -44,5 +44,5 @@ index 6fddb2e3a..983bbe0ba 100644 if not anaconda.gui_startup_failed: do_extra_x11_actions(options.runres, gui_mode=anaconda.gui_mode) -- -2.17.2 +2.20.1 diff --git a/0047-fix-encryption-passphrase-check.patch b/0040-fix-encryption-passphrase-check.patch similarity index 93% rename from 0047-fix-encryption-passphrase-check.patch rename to 0040-fix-encryption-passphrase-check.patch index ae96883..f9b15d5 100644 --- a/0047-fix-encryption-passphrase-check.patch +++ b/0040-fix-encryption-passphrase-check.patch @@ -1,4 +1,4 @@ -From 14861d9ee6b05865e90bb93d899215f027992562 Mon Sep 17 00:00:00 2001 +From 38a6605aaf5258d099c9ae38fc207ad0d5298488 Mon Sep 17 00:00:00 2001 From: Wojtek Porczyk Date: Fri, 19 Oct 2018 08:02:13 +0200 Subject: [PATCH] fix encryption passphrase check @@ -24,5 +24,5 @@ index b57c44d9f..fb10498f6 100644 and not self._auto_part_observer.proxy.Passphrase: self.autopart_missing_passphrase = True -- -2.17.2 +2.20.1 diff --git a/0048-disable-os-prober.patch b/0041-disable-os-prober.patch similarity index 92% rename from 0048-disable-os-prober.patch rename to 0041-disable-os-prober.patch index dcde290..e0f154a 100644 --- a/0048-disable-os-prober.patch +++ b/0041-disable-os-prober.patch @@ -1,4 +1,4 @@ -From c582f6eed81836ff096c328cd77e710be084b810 Mon Sep 17 00:00:00 2001 +From a6bfe430380becd27059617d44b197064274778e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Pierret=20=28fepitre=29?= Date: Sat, 20 Oct 2018 11:16:05 +0200 @@ -22,5 +22,5 @@ index ce6121912..f4deb8460 100644 def _encrypt_password(self): -- -2.17.2 +2.20.1 diff --git a/anaconda.spec b/anaconda.spec index 694bc69..833ef2d 100644 --- a/anaconda.spec +++ b/anaconda.spec @@ -19,57 +19,51 @@ URL: http://fedoraproject.org/wiki/Anaconda # ./autogen.sh # make dist Source0: %{name}-%{version}.tar.bz2 +Source1: qubes.py BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -Patch0: 0001-add-Qubes-installclass.patch -Patch1: 0002-add-Qubes-post-scripts.patch -Patch2: 0003-remove-other-installclasses.patch -Patch3: 0004-Set-default-hostname-to-dom0.patch -Patch4: 0005-Disable-network-by-ignoring-any-present-nic.patch -Patch5: 0006-remove-network-setup-from-graphical-and-text-interfa.patch -Patch6: 0007-fix-grub-config-setup-by-removing-non-xen-options.patch -Patch7: 0008-make-encrypted-partitions-by-default.patch -Patch8: 0009-set-default-grub-theme.patch -Patch9: 0010-add-options-can_dual_boot-and-can_update-to-grub.patch -Patch10: 0011-efimgr-specify-root-util.getSysroot.patch -Patch11: 0012-generate-xen-efi-configuration.patch -Patch12: 0013-fix-dracut-module-to-work-with-reduced-dependencies.patch -Patch13: 0014-use-installer-kernel-parameters-as-default-for-insta.patch -Patch14: 0015-use-kernel-install-instead-of-grubby-to-regenerate-i.patch -#Patch15: 0016-Fix-a-regular-expression-determining-Release.patch -Patch16: 0017-Do-not-fail-during-initramfs-start-up-due-to-missing.patch -Patch17: 0018-Disable-the-NTP-configuration-spoke.patch -Patch18: 0019-drop-useless-on-Qubes-dependencies-on-network-filesy.patch -Patch19: 0020-skip-NTP-installation-and-setup-in-dom0.patch -Patch20: 0021-add-skip_grub-parameter-and-allow-boot-encryption-an.patch -Patch21: 0022-switch-default-partitioning-scheme-to-LVM-Thin-Provi.patch -Patch22: 0023-add-console-none-Xen-parameter.patch -Patch23: 0024-add-dom0_mem-min-1024M-to-default-xen-cmdline.patch -Patch24: 0025-limit-dom0-maxmem-to-4GB-to-limit-its-overhead-on-bi.patch -Patch25: 0026-disable-iommu-for-IGFX.patch -Patch26: 0027-check-for-Qubes-OS-hardware-required-features.patch -Patch27: 0028-generate-proper-extlinux.conf.patch -Patch28: 0029-don-t-crash-when-no-target-disk-is-available.patch -Patch29: 0030-lock-root-account-by-default.patch -Patch30: 0031-add-option-to-lock-root-account.patch -Patch31: 0032-Modify-user-configuration-spoke-for-QubesOS.patch -Patch32: 0033-Make-sure-that-a-user-is-created-at-installation-tim.patch -Patch33: 0034-check-add-user-to-wheel-and-qubes-groups.patch -Patch34: 0035-xen.efi-upgraded-during-each-install.patch -Patch35: 0036-make-sure-the-latest-version-is-placed-as-xen.efi.patch -Patch36: 0037-fix-default-scheme-in-custom-partitioning.patch -Patch37: 0038-Fix-macOS-EFI-Installation.patch -Patch38: 0039-use-proper-subvolume-argument-when-booting-from-btrf.patch -Patch39: 0040-enable-discard-option-for-dom0-filesystems-by-defaul.patch -Patch40: 0041-Add-ucode-scan-to-default-Xen-command-line.patch -Patch41: 0042-avoid-adding-duplicated-kernel-entries.patch -Patch42: 0043-mark-qubes-user-name-as-reserved.patch -Patch43: 0044-add-smt-off-xen-option-during-installation.patch -Patch44: 0045-update-Qubes-specific-code-for-Fedora-21-version.patch -Patch45: 0046-abort-installation-on-X-startup-fail.patch -Patch46: 0047-fix-encryption-passphrase-check.patch -Patch47: 0048-disable-os-prober.patch +Patch0: 0001-add-Qubes-post-scripts.patch +Patch1: 0002-remove-other-installclasses.patch +Patch2: 0003-Disable-network-by-ignoring-any-present-nic.patch +Patch3: 0004-remove-network-setup-from-graphical-and-text-interfa.patch +Patch4: 0005-fix-grub-config-setup-by-removing-non-xen-options.patch +Patch5: 0006-set-default-grub-theme.patch +Patch6: 0007-add-options-can_dual_boot-and-can_update-to-grub.patch +Patch7: 0008-efimgr-specify-root-util.getSysroot.patch +Patch8: 0009-generate-xen-efi-configuration.patch +Patch9: 0010-fix-dracut-module-to-work-with-reduced-dependencies.patch +Patch10: 0011-use-installer-kernel-parameters-as-default-for-insta.patch +Patch11: 0012-use-kernel-install-instead-of-grubby-to-regenerate-i.patch +#Patch12: 0013-Fix-a-regular-expression-determining-Release.patch +Patch13: 0014-Do-not-fail-during-initramfs-start-up-due-to-missing.patch +Patch14: 0015-Disable-the-NTP-configuration-spoke.patch +Patch15: 0016-drop-useless-on-Qubes-dependencies-on-network-filesy.patch +Patch16: 0017-add-skip_grub-parameter-and-allow-boot-encryption-an.patch +Patch17: 0018-add-console-none-Xen-parameter.patch +Patch18: 0019-add-dom0_mem-min-1024M-to-default-xen-cmdline.patch +Patch19: 0020-limit-dom0-maxmem-to-4GB-to-limit-its-overhead-on-bi.patch +Patch20: 0021-disable-iommu-for-IGFX.patch +Patch21: 0022-check-for-Qubes-OS-hardware-required-features.patch +Patch22: 0023-generate-proper-extlinux.conf.patch +Patch23: 0024-don-t-crash-when-no-target-disk-is-available.patch +Patch24: 0025-Modify-user-configuration-spoke-for-QubesOS.patch +Patch25: 0026-Make-sure-that-a-user-is-created-at-installation-tim.patch +Patch26: 0027-check-add-user-to-wheel-and-qubes-groups.patch +Patch27: 0028-xen.efi-upgraded-during-each-install.patch +Patch28: 0029-make-sure-the-latest-version-is-placed-as-xen.efi.patch +Patch29: 0030-fix-default-scheme-in-custom-partitioning.patch +Patch30: 0031-Fix-macOS-EFI-Installation.patch +Patch31: 0032-use-proper-subvolume-argument-when-booting-from-btrf.patch +Patch32: 0033-enable-discard-option-for-dom0-filesystems-by-defaul.patch +Patch33: 0034-Add-ucode-scan-to-default-Xen-command-line.patch +Patch34: 0035-avoid-adding-duplicated-kernel-entries.patch +Patch35: 0036-mark-qubes-user-name-as-reserved.patch +Patch36: 0037-add-smt-off-xen-option-during-installation.patch +Patch37: 0038-update-Qubes-specific-code-for-Fedora-21-version.patch +Patch38: 0039-abort-installation-on-X-startup-fail.patch +Patch39: 0040-fix-encryption-passphrase-check.patch +Patch40: 0041-disable-os-prober.patch # Versions of required components (done so we make sure the buildrequires # match the requires versions of things). @@ -305,6 +299,7 @@ runtime on NFS/HTTP/FTP servers or local disks. %prep %autosetup -p1 +cp %{SOURCE1} pyanaconda/installclasses/ %build autoreconf -v --install . diff --git a/qubes.py b/qubes.py new file mode 100644 index 0000000..60d54ad --- /dev/null +++ b/qubes.py @@ -0,0 +1,92 @@ +# +# qubes.py +# +# Copyright (C) 2011 Invisible Things Lab All rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +from pyanaconda.installclass import BaseInstallClass +from pyanaconda.modules.common.constants.objects import AUTO_PARTITIONING +from pyanaconda.modules.common.constants.services import NETWORK, STORAGE, TIMEZONE, USERS +from pyanaconda.product import * +from pyanaconda.core.i18n import N_ +import pyanaconda.platform +from pykickstart.constants import AUTOPART_TYPE_LVM_THINP + +from blivet.size import Size +from pyanaconda.platform import platform + + +class InstallClass(BaseInstallClass): + # name has underscore used for mnemonics, strip if you dont need it + id = "qubes" + name = N_("Qubes") + _description = N_("The default installation of %s is a minimal install. " + "You can optionally select a different set of software " + "now.") + _descriptionFields = (productName,) + sortPriority = 20000 + hidden = 0 + efi_dir = 'qubes' + _l10n_domain = "anaconda" + installUpdates = False + + bootloaderTimeoutDefault = 5 + + tasks = [(N_("Minimal"), ["base", "base-x", "qubes"])] + + help_placeholder = "QubesPlaceholder.html" + help_placeholder_with_links = "QubesPlaceholderWithLinks.html" + + def configure(self, anaconda): + BaseInstallClass.configure(self, anaconda) + self.setDefaultPartitioning(anaconda.storage) + + # Default Hostname + network_proxy = NETWORK.get_proxy() + network_proxy.SetHostname('dom0') + + # Make encrypted partitions by default + auto_part_proxy = STORAGE.get_proxy(AUTO_PARTITIONING) + auto_part_proxy.SetEncrypted(True) + + # Make LVM Thin the default for autopart + auto_part_proxy.SetType(AUTOPART_TYPE_LVM_THINP) + + # Make disabled NTP by default + timezone_proxy = TIMEZONE.get_proxy() + timezone_proxy.SetNTPEnabled(False) + + # Make locked root account by default + users_proxy = USERS.get_proxy() + users_proxy.SetRootAccountLocked(True) + + def setDefaultPartitioning(self, storage): + BaseInstallClass.setDefaultPartitioning(self, storage) + for autoreq in list(storage.autopart_requests): + if autoreq.mountpoint == "/": + autoreq.max_size = None + autoreq.required_space = Size("10GiB") + if autoreq.mountpoint == "/home": + storage.autopart_requests.remove(autoreq) + if autoreq.mountpoint == "/boot/efi": + autoreq.max_size = Size("500MiB") + if autoreq.mountpoint == "/boot" and \ + isinstance(platform, pyanaconda.platform.EFI): + # xen.efi don't need /boot + storage.autopart_requests.remove(autoreq) + + def __init__(self): + BaseInstallClass.__init__(self)