linux-qubasis
linux oasis port as a qubes template
git clone https://9o.is/git/linux-qubasis.git
commit b3b23afedb266dfee01463910e716c2ac43135fe parent 6bf9d4e71c4fb93b3b99fd609c0aa36f73d2185c Author: Jul <jul@9o.is> Date: Sat, 22 Nov 2025 05:19:15 -0500 remove ninja directory Diffstat:
| D | ninja/fspec.sh | | | 32 | -------------------------------- |
| D | ninja/qubes-fspec.sh | | | 72 | ------------------------------------------------------------------------ |
| D | ninja/qubes-install.sh | | | 88 | ------------------------------------------------------------------------------- |
3 files changed, 0 insertions(+), 192 deletions(-)
diff --git a/ninja/fspec.sh b/ninja/fspec.sh @@ -1,32 +0,0 @@ -set -eu - -hostdir=out/host - -out="$1" -path="$2" -type="$3" -mode="$4" -uid="$5" -gid="$6" -src="${7-}" - -case $type in - reg) - printf '%s\ntype=reg\nmode=%s\nuid=%s\ngid=%s\nsource=%s\n\n' \ - "$path" "$mode" "$uid" "$gid" "$src" > $out.tmp - $hostdir/fspec-hash <$out.tmp > $out - rm -f $out.tmp - ;; - sym) - printf '%s\ntype=sym\nmode=%s\nuid=%s\ngid=%s\ntarget=%s\n\n' \ - "$path" "$mode" "$uid" "$gid" "$src" > $out - ;; - dir) - printf '%s\ntype=dir\nmode=%s\nuid=%s\ngid=%s\n\n' \ - "$path" "$mode" "$uid" "$gid" > $out - ;; - *) - printf "error: unknown fspec type '$type'" >&2 - exit 1 - ;; -esac diff --git a/ninja/qubes-fspec.sh b/ninja/qubes-fspec.sh @@ -1,72 +0,0 @@ -set -eu - -template=$1 -path=$2 -tar=$3 - -# Don't forget to add the following policies to dom0. Replace "{vm}" with the -# name of the this vm, and tag the template vms with "build-client". VMs tagged -# with build-client should have rpc /etc/qubes-rpc/oasis.FspecUpdate that -# extracts the archive. -# -# admin.vm.CurrentState * {vm} @tag:build-client allow target=dom0 -# admin.vm.Shutdown * {vm} @tag:build-client allow target=dom0 -# build.FspecUpdate +{path} {vm} @tag:build-client allow - -error() { - printf "Failed installing qubes fspec '%s': %s\n" "$template" "$*" - exit 1 -} - -set_running() { - set -- $(qrexec-client-vm $template admin.vm.CurrentState </dev/null | xargs -0) - status=${1-1} - - if [ $status -ne 0 ]; then - error "current state request: $status $*" - fi - - shift - - for val in $*; do - case $val in - power_state=*) - val=${val#power_state=} - if [ "$val" = 'Running' ]; then - running=true - else - running=false - fi - ;; - esac - done - - if [ ! "${running-}" ]; then - error "current state response missing power_state: $*" - fi -} - -update() { - zstd -d --stdout $tar | qrexec-client-vm $template build.FspecUpdate+$path 1>/dev/null 2>&1 - status=$? - - if [ $status -ne 0 ]; then - error "update: $status" - fi -} - -shutdown() { - set -- $(qrexec-client-vm $template admin.vm.Shutdown </dev/null | xargs -0) - status=${1-1} - - if [ $status -ne 0 ]; then - error "shutdown request: $*" - fi -} - -set_running -update - -if ! $running; then - shutdown -fi diff --git a/ninja/qubes-install.sh b/ninja/qubes-install.sh @@ -1,88 +0,0 @@ -set -eu - -hostdir=out/host - -template=$1 -label=$2 -size=$3 -tar=$4 - -tmpdir=$(mktemp -d) -mnt=$tmpdir/mnt -img=$tmpdir/root.img -loop= - -# Don't forget to add the following policies to dom0. Replace "{vm}" with the -# name of the this vm. -# -# admin.vm.Create.TemplateVM * {vm} dom0 allow target=dom0 -# admin.vm.volume.ImportWithSize +root {vm} @tag:created-by-{vm} allow target=dom0 - -trap cleanup EXIT - -cleanup() { - set +e - sudo umount $mnt 2>/dev/null - rm -rf $tmpdir - - if [ $loop ]; then - sudo losetup -d $loop 2>/dev/null - fi -} - -error() { - printf "Failed installing qubes template '%s': %s\n" "$template" "$*" - exit 1 -} - -create_image() { - count=$(( $size / (128 * 1024) )) - dd if=/dev/zero of=$img bs=128k count=$count >/dev/null 2>&1 - mke2fs -t ext4 $img >/dev/null 2>&1 - - loop=$(losetup --find) - sudo losetup $loop $img - mkdir -p $mnt - sudo mount $loop $mnt - - zstd -d --stdout $tar | sudo $hostdir/pax -r -p e -s ",^[^/]*,$mnt," - - sudo umount $mnt - sudo losetup -d $loop - fsck.ext4 -vf $img -} - -create_template() { - set -- $(printf "name=$template label=$label" | - qrexec-client-vm dom0 admin.vm.Create.TemplateVM | xargs -0) - - status=${1-1} - shift 2 - errmsg="${*-}" - - if [ $status -eq 0 ]; then - return - fi - - case "$errmsg" in - *'already exists') return;; - *) error "create template: $errmsg";; - esac -} - -import_volume() { - set -- $({ - printf '%s\n' "$(stat -c%s $img)" - cat $img - } | qrexec-client-vm $template admin.vm.volume.ImportWithSize+root | xargs -0) - - status=${1-1} - - if [ $status -ne 0 ]; then - error "volume import: $*" - fi -} - -create_template -create_image -import_volume