From 24adc1a8fca3bd06083171752221da87b44500cf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Tue, 27 May 2025 21:49:53 +0200 Subject: [PATCH 1/3] archlinux: /proc/xen is not relevant anymore /etc/fstab is (was) overriden by builder-archlinux anyway, so it was a dead code already. --- archlinux/PKGBUILD.install | 3 --- 1 file changed, 3 deletions(-) diff --git a/archlinux/PKGBUILD.install b/archlinux/PKGBUILD.install index 5e1c81638..326cbce5c 100644 --- a/archlinux/PKGBUILD.install +++ b/archlinux/PKGBUILD.install @@ -34,9 +34,6 @@ pre_install() { cp /etc/fstab /var/lib/qubes/fstab.orig fi - # Add qubes core related fstab entries - echo "xen /proc/xen xenfs defaults 0 0" >> /etc/fstab - usermod -L root usermod -L user } From 66c561ebc02a779b35ee15df2e28de8f3e86b266 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Wed, 28 May 2025 01:52:07 +0200 Subject: [PATCH 2/3] archlinux: install qubes version of /etc/fstab Install it as /etc/fstab, and replace the original in post-install hook, but only if it wasn't qubes one already. This way, user modifications are not overridden. QubesOS/qubes-issues#9975 --- archlinux/PKGBUILD.in | 8 ++++++++ archlinux/PKGBUILD.install | 6 ++++-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/archlinux/PKGBUILD.in b/archlinux/PKGBUILD.in index 8e89b2f6e..34f4b81ac 100644 --- a/archlinux/PKGBUILD.in +++ b/archlinux/PKGBUILD.in @@ -100,6 +100,14 @@ package_qubes-vm-core() { make -C qubes-rpc/kde DESTDIR="$pkgdir" install make -C qubes-rpc/nautilus DESTDIR="$pkgdir" install make -C qubes-rpc/thunar DESTDIR="$pkgdir" install + make -C filesystem DESTDIR="$pkgdir" install + + # Adjust fstab for Arch + mv "$pkgdir/etc/fstab" "$pkgdir/etc/fstab.qubes" + echo " +# This MUST be a ramfs, not a tmpfs! The data here is incredibly sensitive +# (allows root access) and must not be leaked to disk. +tmpfs /etc/pacman.d/gnupg/private-keys-v1.d ramfs defaults,noexec,nosuid,nodev,mode=600 0 0" >> "$pkgdir/etc/fstab.qubes" # Install systemd script allowing to automount /lib/modules install -m 644 "archlinux/PKGBUILD.qubes-ensure-lib-modules.service" "${pkgdir}/usr/lib/systemd/system/qubes-ensure-lib-modules.service" diff --git a/archlinux/PKGBUILD.install b/archlinux/PKGBUILD.install index 326cbce5c..448036524 100644 --- a/archlinux/PKGBUILD.install +++ b/archlinux/PKGBUILD.install @@ -85,8 +85,10 @@ update_qubesconfig() { mount /usr/local || : fi - # Fix fstab update to core-agent-linux 4.0.33 - grep -F -q "/rw/usrlocal" /etc/fstab || sed "/\/rw\/home/a\/rw\/usrlocal \/usr\/local none noauto,bind,defaults 0 0" -i /etc/fstab + # Install qubes version of fstab + if ! grep -q dmroot /etc/fstab; then + cp -f /etc/fstab.qubes /etc/fstab + fi #/usr/lib/qubes/update-proxy-configs # Archlinux pacman configuration is handled in update_finalize From aff3c5cb7016327cfc9364bf3e18d8d78a623f1c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Wed, 28 May 2025 01:53:16 +0200 Subject: [PATCH 3/3] archlinux: remove static /home and /usr/local entries Custom persist update removed those entries from /etc/fstab file as packaged, but Arch package was "special" and didn't used this file before. Apply the update in post-update hook. Fixes: 6e7bed01 "custom-persist: systemd mount units ..." Fixes QubesOS/qubes-issues#9975 --- archlinux/PKGBUILD.install | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/archlinux/PKGBUILD.install b/archlinux/PKGBUILD.install index 448036524..f45497f01 100644 --- a/archlinux/PKGBUILD.install +++ b/archlinux/PKGBUILD.install @@ -90,6 +90,15 @@ update_qubesconfig() { cp -f /etc/fstab.qubes /etc/fstab fi + # Fix fstab update to core-agent-linux 4.3.19 + if grep -q '/rw/home\|/rw/usrlocal' /etc/fstab; then + sed -i \ + -e '/# Template Binds/d' \ + -e '/\/rw\/home/d' \ + -e '/\/rw\/usrlocal/d' \ + /etc/fstab + fi + #/usr/lib/qubes/update-proxy-configs # Archlinux pacman configuration is handled in update_finalize