Drop ubuntu-touch hooks

sil2100/enable-universe-none
Dimitri John Ledkov 6 years ago
parent 44fd9ba9fd
commit a7631ad0f5

1
debian/changelog vendored

@ -3,6 +3,7 @@ livecd-rootfs (2.588) UNRELEASED; urgency=medium
* Drop ubuntu-desktop-next configs
* Drop ubuntu-desktop-next hooks
* Drop ubuntu-touch configs
* Drop ubuntu-touch hooks
-- Dimitri John Ledkov <xnox@ubuntu.com> Thu, 30 May 2019 12:00:40 +0100

@ -1,315 +0,0 @@
#!/bin/sh -eu
ERRCNT=""
# Known good post-debootstrap values
passwd_bootstrap="8c7663019ac545a6ba9a6021dd54b129"
shadow_bootstrap="021bea180cc9e71a34519d1212092954"
group_bootstrap="4a1be7f950a839f44708bb0919339ff9"
gshadow_bootstrap="e75f449f2327bc7e4c306a73e04d8815"
# Current post-debootstrap values
passwd_hash=$(set -- $(md5sum /etc/passwd) && echo $1)
shadow_hash=$(set -- $(cat /etc/shadow | sed "s/:.*:0:99999:/:0:99999:/g" | md5sum) && echo $1)
group_hash=$(set -- $(md5sum /etc/group) && echo $1)
gshadow_hash=$(set -- $(md5sum /etc/gshadow) && echo $1)
# /etc/passwd
if [ "$passwd_bootstrap" = "$passwd_hash" ]; then
cat > /etc/passwd <<EOF
root:x:0:0:root:/root:/bin/bash
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
games:x:5:60:games:/usr/games:/usr/sbin/nologin
man:x:6:12:man:/var/cache/man:/usr/sbin/nologin
lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin
mail:x:8:8:mail:/var/mail:/usr/sbin/nologin
news:x:9:9:news:/var/spool/news:/usr/sbin/nologin
uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin
proxy:x:13:13:proxy:/bin:/usr/sbin/nologin
www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin
backup:x:34:34:backup:/var/backups:/usr/sbin/nologin
list:x:38:38:Mailing List Manager:/var/list:/usr/sbin/nologin
irc:x:39:39:ircd:/var/run/ircd:/usr/sbin/nologin
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/usr/sbin/nologin
nobody:x:65534:65534:nobody:/nonexistent:/usr/sbin/nologin
syslog:x:100:103::/home/syslog:/bin/false
usermetrics:x:101:104:User Metrics:/var/lib/usermetrics:/bin/false
messagebus:x:102:106::/var/run/dbus:/bin/false
clickpkg:x:103:107::/nonexistent:/bin/false
dnsmasq:x:104:65534:dnsmasq,,,:/var/lib/misc:/bin/false
sshd:x:105:65534::/var/run/sshd:/usr/sbin/nologin
rtkit:x:106:109:RealtimeKit,,,:/proc:/bin/false
whoopsie:x:107:110::/nonexistent:/bin/false
lightdm:x:108:111:Light Display Manager:/var/lib/lightdm:/bin/false
lxc-dnsmasq:x:109:114:LXC dnsmasq,,,:/var/lib/lxc:/bin/false
pulse:x:110:115:PulseAudio daemon,,,:/var/run/pulse:/bin/false
system:x:1000:1000:system,,,:/nonexistent:/bin/false
radio:x:1001:1001:radio,,,:/nonexistent:/bin/false
systemd-timesync:x:111:113:systemd Time Synchronization,,,:/run/systemd:/bin/false
systemd-network:x:112:117:systemd Network Management,,,:/run/systemd/netif:/bin/false
systemd-resolve:x:113:118:systemd Resolver,,,:/run/systemd/resolve:/bin/false
systemd-bus-proxy:x:114:119:systemd Bus Proxy,,,:/run/systemd:/bin/false
nm-openvpn:x:115:120:NetworkManager OpenVPN,,,:/var/lib/openvpn/chroot:/bin/false
dhcpd:x:116:122::/var/run:/bin/false
EOF
else
echo "/etc/passwd post-debootstrap hash doesn't match record" >&2
echo "The output below might help to resolve the issue" >&2
cat /etc/passwd
echo "passwd md5sum: $passwd_hash" >&2
ERRCNT=1
fi
# /etc/shadow
if [ "$shadow_bootstrap" = "$shadow_hash" ]; then
cat > /etc/shadow <<EOF
root:*:16329:0:99999:7:::
daemon:*:16329:0:99999:7:::
bin:*:16329:0:99999:7:::
sys:*:16329:0:99999:7:::
sync:*:16329:0:99999:7:::
games:*:16329:0:99999:7:::
man:*:16329:0:99999:7:::
lp:*:16329:0:99999:7:::
mail:*:16329:0:99999:7:::
news:*:16329:0:99999:7:::
uucp:*:16329:0:99999:7:::
proxy:*:16329:0:99999:7:::
www-data:*:16329:0:99999:7:::
backup:*:16329:0:99999:7:::
list:*:16329:0:99999:7:::
irc:*:16329:0:99999:7:::
gnats:*:16329:0:99999:7:::
nobody:*:16329:0:99999:7:::
syslog:*:16329:0:99999:7:::
usermetrics:*:16329:0:99999:7:::
messagebus:*:16329:0:99999:7:::
clickpkg:*:16329:0:99999:7:::
dnsmasq:*:16329:0:99999:7:::
sshd:*:16329:0:99999:7:::
rtkit:*:16329:0:99999:7:::
whoopsie:*:16329:0:99999:7:::
lightdm:*:16329:0:99999:7:::
lxc-dnsmasq:!:16329:0:99999:7:::
pulse:*:16329:0:99999:7:::
system:!:16329:0:99999:7:::
radio:!:16329:0:99999:7:::
systemd-timesync:*:16372:0:99999:7:::
systemd-network:*:16372:0:99999:7:::
systemd-resolve:*:16372:0:99999:7:::
systemd-bus-proxy:*:16372:0:99999:7:::
nm-openvpn:*:16909:0:99999:7:::
dhcpd:*:16925:0:99999:7:::
EOF
else
echo "/etc/shadow post-debootstrap hash doesn't match record" >&2
echo "The output below might help to resolve the issue" >&2
cat /etc/shadow
echo "shadow md5sum: $shadow_hash" >&2
ERRCNT=1
fi
# /etc/group
if [ "$group_bootstrap" = "$group_hash" ]; then
cat > /etc/group <<EOF
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:syslog
tty:x:5:
disk:x:6:
lp:x:7:
mail:x:8:
news:x:9:
uucp:x:10:
man:x:12:
proxy:x:13:
kmem:x:15:
dialout:x:20:
fax:x:21:
voice:x:22:
cdrom:x:24:
floppy:x:25:
tape:x:26:
sudo:x:27:
audio:x:1005:
dip:x:30:
www-data:x:33:
backup:x:34:
operator:x:37:
list:x:38:
irc:x:39:
src:x:40:
gnats:x:41:
shadow:x:42:
utmp:x:43:
video:x:44:
sasl:x:45:
plugdev:x:46:
staff:x:50:
games:x:60:
users:x:100:
nogroup:x:65534:
netdev:x:101:
crontab:x:102:
syslog:x:103:
usermetrics:x:104:
systemd-journal:x:105:
messagebus:x:106:
clickpkg:x:107:
ssh:x:108:
rtkit:x:109:
whoopsie:x:110:
lightdm:x:111:
nopasswdlogin:x:112:
bluetooth:x:1002:
lxc-dnsmasq:x:114:
pulse:x:115:
pulse-access:x:116:
system:x:1000:
radio:x:1001:
gps:x:1021:
android_net:x:3003:
android_net2:x:3004:
android_net3:x:3002:
android_graphics:x:1003:
android_input:x:1004:
sdcard_rw:x:1015:
android_media:x:1013:
android_nvram:x:9997:
android_cache:x:2001:
systemd-timesync:x:113:
systemd-network:x:117:
systemd-resolve:x:118:
systemd-bus-proxy:x:119:
input:x:121:
nm-openvpn:x:120:
dhcpd:x:122:
EOF
else
echo "/etc/group post-debootstrap hash doesn't match record" >&2
echo "The output below might help to resolve the issue" >&2
cat /etc/group
echo "group md5sum: $group_hash" >&2
ERRCNT=1
fi
# /etc/gshadow
if [ "$gshadow_bootstrap" = "$gshadow_hash" ]; then
cat > /etc/gshadow <<EOF
root:*::
daemon:*::
bin:*::
sys:*::
adm:*::syslog
tty:*::
disk:*::
lp:*::
mail:*::
news:*::
uucp:*::
man:*::
proxy:*::
kmem:*::
dialout:*::
fax:*::
voice:*::
cdrom:*::
floppy:*::
tape:*::
sudo:*::
audio:*::pulse
dip:*::
www-data:*::
backup:*::
operator:*::
list:*::
irc:*::
src:*::
gnats:*::
shadow:*::
utmp:*::
video:*::
sasl:*::
plugdev:*::
staff:*::
games:*::
users:*::
nogroup:*::
netdev:!::
crontab:!::
syslog:!::
usermetrics:!::
systemd-journal:!::
messagebus:!::
clickpkg:!::
ssh:!::
rtkit:!::
whoopsie:!::
lightdm:!::
nopasswdlogin:!::
bluetooth:!::
lxc-dnsmasq:!::
pulse:!::
pulse-access:!::
system:!::
radio:!::
gps:!::
android_net:!::
android_net2:!::
android_net3:!::
android_graphics:!::
android_input:!::
sdcard_rw:!::
android_media:!::
android_nvram:!::
android_cache:!::
systemd-timesync:!::
systemd-network:!::
systemd-resolve:!::
systemd-bus-proxy:!::
input:!::
nm-openvpn:!::
dhcpd:!::
EOF
else
echo "/etc/gshadow post-debootstrap hash doesn't match record" >&2
echo "The output below might help to resolve the issue" >&2
cat /etc/gshadow
echo "gshadow md5sum: $gshadow_hash" >&2
ERRCNT=1
fi
if [ -n "$ERRCNT" ]; then
echo "There were changes to the password database," >&2
echo "please adjust the values in the livecd-rootfs source in the file:" >&2
echo "live-build/ubuntu-touch/hooks/00-uid-gid-fix.chroot_early" >&2
echo >&2
echo "Please check also if a maintainer script of the package" >&2
echo "that added these entries perhaps created a home directory and," >&2
echo "if needed, add code for creation of it to the above hook" >&2
exit 1
fi
# Create some missing directories
mkdir -p /var/lib/lightdm
chown lightdm:lightdm /var/lib/lightdm
chmod 750 /var/lib/lightdm
mkdir -p /var/lib/usermetrics
chown usermetrics:usermetrics /var/lib/usermetrics
chmod 750 /var/lib/usermetrics
echo "adjusting ownership of /var/log" >&2
chown root:syslog /var/log
ls -ln /var | grep log >&2
# Record the current state for later comparison
for file in /etc/passwd /etc/shadow /etc/group /etc/gshadow; do
rm -f ${file}-
cp ${file} ${file}.orig
done

@ -1,47 +0,0 @@
#!/bin/sh -x
USER=phablet
GECOS=Ubuntu
UGID=32011
echo "I: creating default user $USER"
adduser --gecos $GECOS --disabled-login $USER --uid $UGID
echo "I: set user $USER password to blank"
passwd -d $USER
adduser --gecos system --no-create-home --disabled-login --disabled-password system --uid 1000
adduser --gecos radio --no-create-home --disabled-login --disabled-password radio --uid 1001
# Enable libnss-extrusers
sed -i 's/^group:.*compat/\0 extrausers/' /etc/nsswitch.conf
sed -i 's/^passwd:.*compat/\0 extrausers/' /etc/nsswitch.conf
sed -i 's/^shadow:.*compat/\0 extrausers/' /etc/nsswitch.conf
# Move user from /etc to extrausers location
grep "^$USER" /etc/group >> /var/lib/extrausers/group
grep "^$USER" /etc/passwd >> /var/lib/extrausers/passwd
grep "^$USER" /etc/shadow >> /var/lib/extrausers/shadow
grep "^$USER" /etc/gshadow >> /var/lib/extrausers/gshadow
chmod 0644 /var/lib/extrausers/group
chmod 0644 /var/lib/extrausers/passwd
chmod 0640 /var/lib/extrausers/shadow
chmod 0640 /var/lib/extrausers/gshadow
chown root:shadow /var/lib/extrausers/shadow
chown root:shadow /var/lib/extrausers/gshadow
sed -i "/^$USER/d" /etc/group
sed -i "/^$USER/d" /etc/passwd
sed -i "/^$USER/d" /etc/shadow
sed -i "/^$USER/d" /etc/gshadow
touch /var/lib/extrausers/subuid
touch /var/lib/extrausers/subgid
# Prevent the system user from being presented in the greeter by bumping MIN_UID
sed -i 's/^\(UID_MIN\s\+\).*/\11002/g' /etc/login.defs
mkdir -p /home/$USER/Music
mkdir -p /home/$USER/Pictures
mkdir -p /home/$USER/Videos
mkdir -p /home/$USER/Downloads
mkdir -p /home/$USER/Documents
chown -R $UGID:$UGID /home/$USER

@ -1,104 +0,0 @@
#!/bin/sh -x
USER=phablet
DEFGROUPS="tty,sudo,adm,dialout,cdrom,plugdev,audio,dip,video,gps,radio,bluetooth,android_net,android_net2,android_net3,android_graphics,android_input,sdcard_rw,android_media,android_nvram,android_cache"
/bin/egrep -i "^audio:" /etc/group
if [ $? -eq 0 ]; then
# Needed to change group id as audio is already created by ubuntu
echo "User audio exists in /etc/group, changing gid to be android compatible"
groupmod -g 1005 audio
else
echo "User audio does not exists in /etc/group must create"
groupadd -g 1005 audio
fi
/bin/egrep -i "^gps:" /etc/group
if [ $? -eq 0 ]; then
echo "User gps exists in /etc/group"
else
echo "User gps does not exist in /etc/group -- must create"
groupadd -g 1021 gps
fi
/bin/egrep -i "^radio:" /etc/group
if [ $? -eq 0 ]; then
echo "User radio exists in /etc/group"
else
echo "User radio does not exist in /etc/group -- must create"
groupadd -g 1001 radio
fi
/bin/egrep -i "^bluetooth:" /etc/group
if [ $? -eq 0 ]; then
echo "User bluetooth exists in /etc/group changing ID to 1002"
groupmod -g 1002 bluetooth
else
echo "User bluetooth does not exist in /etc/group -- must create"
groupadd -g 1002 bluetooth
fi
/bin/egrep -i "^android_net:" /etc/group
if [ $? -eq 0 ]; then
echo "User android_net exists in /etc/group"
else
echo "User android_net does not exist in /etc/group -- must create"
groupadd -g 3003 android_net
fi
/bin/egrep -i "^android_net2:" /etc/group
if [ $? -eq 0 ]; then
echo "User android_net2 exists in /etc/group"
else
echo "User android_net2 does not exist in /etc group -- must create"
groupadd -g 3004 android_net2
fi
/bin/egrep -i "^android_net3:" /etc/group
if [ $? -eq 0 ]; then
echo "User android_net3 exists in /etc/group"
else
echo "User android_net3 does not exist in /etc group -- must create"
groupadd -g 3002 android_net3
fi
/bin/egrep -i "^android_graphics:" /etc/group
if [ $? -eq 0 ]; then
echo "User android_graphics exists in /etc/group"
else
echo "User android_graphics does not exist in /etc group -- must create"
groupadd -g 1003 android_graphics
fi
/bin/egrep -i "^android_input:" /etc/group
if [ $? -eq 0 ]; then
echo "User android_input exists in /etc/group"
else
echo "User android_input does not exist in /etc group -- must create"
groupadd -g 1004 android_input
fi
/bin/egrep -i "^sdcard_rw:" /etc/group
if [ $? -eq 0 ]; then
echo "User sdcard_rw exists in /etc/group"
else
echo "User sdcard_rw does not exist in /etc group -- must create"
groupadd -g 1015 sdcard_rw
fi
/bin/egrep -i "^android_media:" /etc/group
if [ $? -eq 0 ]; then
echo "User android_media exists in /etc/group"
else
echo "User android_media does not exist in /etc group -- must create"
groupadd -g 1013 android_media
fi
/bin/egrep -i "^android_nvram:" /etc/group
if [ $? -eq 0 ]; then
echo "User android_nvram exists in /etc/group"
else
echo "User android_nvram does not exist in /etc group -- must create"
groupadd -g 9997 android_nvram
fi
/bin/egrep -i "^android_cache:" /etc/group
if [ $? -eq 0 ]; then
echo "User android_cache exists in /etc/group"
else
echo "User android_cache does not exist in /etc group -- must create"
groupadd -g 2001 android_cache
fi
echo "I: add $USER to ($DEFGROUPS) groups"
usermod -a -G ${DEFGROUPS} ${USER}

@ -1,15 +0,0 @@
#!/bin/sh
set -e
set -x
mkdir -p /etc/writable
touch /etc/writable/machine-info
for f in timezone localtime machine-info hostname whoopsie; do
if [ -e /etc/$f ]; then
echo "I: Moving /etc/$f to /etc/writable/"
mv /etc/$f /etc/writable/$f
fi
echo "I: Linking /etc/$f to /etc/writable/"
ln -s writable/$f /etc/$f
done

@ -1,9 +0,0 @@
#! /bin/sh
set -e
echo "creating mtab and modules dir" >&2
ln -sf /proc/mounts /etc/mtab
mkdir -p /lib/modules
mkdir -p /lib/firmware
mkdir -p /userdata

@ -1,15 +0,0 @@
#!/bin/bash
echo "Adding admin group policy to NM system service"
sed -i 's/<policy user="root">/<policy group="sudo">\n\t\t\t\t<allow send_destination="org.freedesktop.NetworkManager"\/>\n\t\t\t\t<allow send_interface="org.freedesktop.NetworkManager"\/>\n\t\t\t\t<allow send_interface="org.freedesktop.NetworkManager.SecretAgent"\/>\n\t\t<\/policy>\n\t\t<policy user="root">/g' /etc/dbus-1/system.d/org.freedesktop.NetworkManager.conf
mkdir -p /etc/polkit-1/localauthority/50-local.d
cat > /etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla << EOF
[indicator-network-service]
Identity=unix-group:sudo
Action=org.freedesktop.NetworkManager.*
ResultAny=yes
ResultInactive=no
ResultActive=yes
EOF

@ -1,24 +0,0 @@
#!/bin/bash
echo "I: setting up initial environment for Touch..."
echo "HOSTNAME=android
TERM=linux
ANDROID_CACHE=/cache
LOOP_MOUNTPOINT=/mnt/obb
ASEC_MOUNTPOINT=/mnt/asec
ANDROID_PROPERTY_WORKSPACE=8,49152
ANDROID_ASSETS=/system/app
ANDROID_BOOTLOGO=1
LD_LIBRARY_PATH=/vendor/lib:/system/lib
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
ANDROID_DATA=/data
QT_SELECT=qt5
SHLVL=1
MKSH=/system/bin/sh
ANDROID_ROOT=/system
EXTERNAL_STORAGE=/mnt/sdcard
LANG=en_US.UTF-8
LANGUAGE=en_US:en
FLASH_KERNEL_SKIP=true
QT_IM_MODULE=maliitphablet" > /etc/environment

@ -1,10 +0,0 @@
#! /bin/sh
set -e
echo "Updating upower configuration..."
sed -i 's/^UsePercentageForPolicy=.*/UsePercentageForPolicy=true/' /etc/UPower/UPower.conf
sed -i 's/^CriticalPowerAction=.*/CriticalPowerAction=PowerOff/' /etc/UPower/UPower.conf

@ -1,9 +0,0 @@
#!/bin/sh
set -e
echo "Splitting out custom tarball"
rm -f binary/boot/custom.dir
mkdir -p binary/boot/custom.dir/system
mv binary/boot/filesystem.dir/custom binary/boot/custom.dir/system/custom

@ -1,81 +0,0 @@
#!/bin/sh
set -e
echo "Setting up click packages"
CLICKARCH=$(dpkg --print-architecture)
click_uri=http://archive-team.internal/click_packages
if [ "$CLICKARCH" = "arm64" ]; then
# FIXME: this is temporary. Since right now we can't have arm64 clicks in the store
# (before implementing fat-packages), we need to fetch the arm64 click list from a
# different place
click_list=$click_uri/click_list.arm64
click_install_flags="--allow-unauthenticated"
else
click_list=$click_uri/click_list
click_install_flags=""
fi
click_db=/usr/share/click/preinstalled
click_db_custom=/custom/click
mkdir -p -m 755 "$click_db"
chown clickpkg:clickpkg "$click_db"
# some of these get installed to /custom/click
mkdir -p -m 755 "$click_db_custom"
chown clickpkg:clickpkg "$click_db_custom"
tmpdir="$(mktemp -d)"
cleanup () { rm -rf "$tmpdir"; }
trap cleanup EXIT
wget --no-verbose -O "$tmpdir/click_list" "$click_list"
for package in $(cat "$tmpdir/click_list")
do
if echo $package | egrep -q "_$CLICKARCH.click|_all.click|_unknown.click|_multi.click"; then
echo "Setting up $package"
wget --no-verbose -O "$tmpdir/$package" "$click_uri/$package"
# FIXME: first attempt, a hard-coded list of the packages that go to
# the custom tarball
case $package in
com.ubuntu.developer.webapps.webapp-amazon_*|\
com.ubuntu.developer.webapps.webapp-ebay_*|\
com.ubuntu.developer.webapps.webapp-facebook_*|\
com.ubuntu.developer.webapps.webapp-gmail_*|\
com.ubuntu.developer.webapps.webapp-twitter_*|\
com.ubuntu.scopes.youtube_*|\
com.ubuntu.dropping-letters_*|\
com.ubuntu.filemanager_*|\
com.ubuntu.reminders_*|\
com.ubuntu.shorts_*|\
com.ubuntu.sudoku_*|\
com.ubuntu.terminal_*|\
com.ubuntu.calendar_*|\
navigator.costales_*|\
dekko.dekkoproject_*)
roots="$click_db_custom"
;;
*)
roots="$click_db"
;;
esac
for root in $roots; do
if [ "$root" = "$click_db_custom" ]; then
# FIXME: there is no good way to stop click from
# deduplicating things when installing the same package in
# multiple databases; the best we can do is to temporarily
# pretend that the core database does not exist
mv /etc/click/databases/10_core.conf \
/etc/click/databases/10_core.conf.tmp
fi
click install --force-missing-framework --root="$root" --all-users $click_install_flags \
"$tmpdir/$package"
if [ "$root" = "$click_db_custom" ]; then
mv /etc/click/databases/10_core.conf.tmp \
/etc/click/databases/10_core.conf
fi
done
fi
done

@ -1,16 +0,0 @@
#!/bin/sh
# make sure the phablet user is in the autopilot group
# (the user is not available when the package postinst
# adds all users of the sudo group to the autopilot one
# so we re-run the package configuration now
echo "making sure phablet user is in the autopilot group"
for pkg in python-autopilot python3-autopilot; do
if dpkg-query -W -f '${Status}\n' "$pkg" 2>/dev/null | \
grep -q ' installed$'; then
dpkg-reconfigure "$pkg"
break
fi
done

@ -1,7 +0,0 @@
#!/bin/sh
echo "I: making libhybris the default alternatives for @DEB_HOST_MULTIARCH@_egl_conf"
update-alternatives --set @DEB_HOST_MULTIARCH@_egl_conf /usr/lib/@DEB_HOST_MULTIARCH@/libhybris-egl/ld.so.conf
# ldconfig needs to be run immediately as we're changing /etc/ld.so.conf.d/ with alternatives.
LDCONFIG_NOTRIGGER=y ldconfig

@ -1,55 +0,0 @@
#!/bin/sh
FEATURES=/var/cache/apparmor/.features
echo "I: precompiling click apparmor policies"
/sbin/apparmor_parser -v -M ${FEATURES} -Q --write-cache --cache-loc=/var/cache/apparmor/ `find /var/lib/apparmor/profiles/ -maxdepth 1 -type f -not -path '*/\.*'`
echo "I: precompiling deb apparmor policies"
/sbin/apparmor_parser -v -M ${FEATURES} -Q --write-cache --cache-loc=/etc/apparmor.d/cache/ `find /etc/apparmor.d/ -maxdepth 1 -type f -not -path '*/\.*'`
echo "I: precompiling custom click apparmor policies"
mkdir -p /custom/cache/apparmor
/sbin/apparmor_parser -v -M ${FEATURES} -Q --write-cache --cache-loc=/custom/cache/apparmor/ `find /var/lib/apparmor/profiles/ -maxdepth 1 -type f -not -path '*/\.*'`
#get the apparmor manifests and profiles
mkdir -p /custom/lib/apparmor/clicks
mkdir -p /custom/lib/apparmor/profiles
for manifest in /var/lib/apparmor/clicks/*; do
# FIXME: if this code survives for very long, it should probably be
# rewritten using click's Python bindings
pkgdir="$(click pkgdir "$manifest")"
manifest_real="$(readlink -f "$manifest")"
manifest_tail="${manifest_real#$pkgdir}"
# Does this package exist in the custom tarball? If so, move its
# profiles there (if it only exists in custom) or copy them (if it
# also exists in core).
version="${pkgdir##*/}"
pkgdir_noversion="${pkgdir%/*}"
name="${pkgdir_noversion##*/}"
profile="$(basename "$manifest" .json)"
if [ -d "/custom/click/$name/$version" ]; then
# Clone into custom.
ln -nsf "/custom/click/$name/$version$manifest_tail" "/custom/lib/apparmor/clicks/${manifest##*/}"
cp -a "/var/lib/apparmor/profiles/click_$profile" /custom/lib/apparmor/profiles/
if [ -d "/usr/share/click/preinstalled/$name/$version" ]; then
# Ensure that the version in the rootfs points to
# the core database.
ln -nsf "/usr/share/click/preinstalled/$name/$version$manifest_tail" "$manifest"
else
# Remove from the rootfs.
rm -f "$manifest"
rm -f "/var/lib/apparmor/profiles/click_$profile"
rm -f "/var/cache/apparmor/click_$profile"
fi
else
# Remove from custom.
rm -f "/custom/cache/apparmor/click_$profile"
fi
done
ls -l /custom/cache/apparmor/
echo "I: touching cache files to sanitize possible timestamp issues"
touch /custom/cache/apparmor/*
ls -l /custom/cache/apparmor/

@ -1,11 +0,0 @@
#!/bin/bash
# remove-documentation: Remove unnecessary documentation to reduce disk usage
#
# Author: Alex Chiang <achiang@canonical.com>
# Date : November 9, 2010
echo "Removing documentation..."
find /usr/share/doc -depth -type f ! -name copyright|xargs rm || true
find /usr/share/doc -empty|xargs rmdir || true
rm -rf /usr/share/man /usr/share/groff /usr/share/info /usr/share/lintian /usr/share/linda /var/cache/man

@ -1,9 +0,0 @@
#!/bin/sh
# remove-lists: Remove all apt lists for space as our apport does not need them
#
# Author: Łukasz 'sil2100' Zemczak <achiang@canonical.com>
# Date : September 22, 2015
echo "Removing /var/lib/apt/lists/* from the binary"
find binary/boot/filesystem.dir/var/lib/apt/lists/ -type f | xargs rm -f

@ -1,55 +0,0 @@
#!/bin/sh -eu
ERRCNT=""
passwd_hash=$(set -- $(md5sum /etc/passwd) && echo $1)
shadow_hash=$(set -- $(cat /etc/shadow | sed "s/:.*:0:99999:/:0:99999:/g" | md5sum) && echo $1)
group_length=$(cat /etc/group | wc -l)
gshadow_length=$(cat /etc/gshadow | wc -l)
passwd_orig_hash=$(set -- $(md5sum /etc/passwd.orig) && echo $1)
shadow_orig_hash=$(set -- $(cat /etc/shadow.orig | sed "s/:.*:0:99999:/:0:99999:/g" | md5sum) && echo $1)
group_orig_length=$(cat /etc/group.orig | wc -l)
gshadow_orig_length=$(cat /etc/gshadow.orig | wc -l)
if [ "$passwd_hash" != "$passwd_orig_hash" ]; then
echo "/etc/passwd has changed during setup." >&2
echo "The new /etc/passwd md5sum is: $passwd_hash" >&2
diff -Nrup /etc/passwd.orig /etc/passwd >&2 || true
ERRCNT=1
fi
if [ "$shadow_hash" != "$shadow_orig_hash" ]; then
echo "/etc/shadow has changed during setup." >&2
echo "The new /etc/shadow md5sum is: $shadow_hash" >&2
diff -Nrup /etc/shadow.orig /etc/shadow >&2 || true
ERRCNT=1
fi
if [ "$group_length" != "$group_orig_length" ]; then
echo "/etc/group has changed during setup." >&2
diff -Nrup /etc/group.orig /etc/group >&2 || true
ERRCNT=1
fi
if [ "$gshadow_length" != "$gshadow_orig_length" ]; then
echo "/etc/gshadow has changed during setup." >&2
diff -Nrup /etc/gshadow.orig /etc/gshadow >&2 || true
ERRCNT=1
fi
if [ -n "$ERRCNT" ]; then
echo "There were changes to the password database," >&2
echo "please adjust the values in the livecd-rootfs source in the file:" >&2
echo "live-build/ubuntu-touch/hooks/00-uid-gid-fix.chroot_early" >&2
echo >&2
echo "Please check also if a maintainer script of the package" >&2
echo "that added these entries perhaps created a home directory and," >&2
echo "if needed, add code for creation of it to the above hook" >&2
exit 1
fi
echo "ownership of /var/log after build:" >&2
ls -ln /var| grep log >&2
rm /etc/passwd.orig /etc/shadow.orig /etc/group.orig /etc/gshadow.orig

@ -1,10 +0,0 @@
127.0.0.1 localhost.localdomain localhost
::1 ubuntu-phablet localhost6.localdomain6 localhost6
127.0.1.1 ubuntu-phablet
# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

@ -1,3 +0,0 @@
[Seat:*]
autologin-user=phablet
greeter-allow-guest=false

@ -1,52 +0,0 @@
dbus {mask {acquire send receive
}
}
signal {mask {hup int quit ill trap abrt bus fpe kill usr1 segv usr2 pipe alrm term stkflt chld cont stop stp ttin ttou urg xcpu xfsz vtalrm prof winch io pwr sys emt lost
}
}
ptrace {mask {read trace
}
}
caps {mask {chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_module sys_rawio sys_chroot sys_ptrace sys_pacct sys_admin sys_boot sys_nice sys_resource sys_time sys_tty_config mknod lease audit_write audit_control setfcap mac_override mac_admin syslog wake_alarm epollwakeup
}
}
rlimit {mask {cpu fsize data stack core rss nproc nofile memlock as locks sigpending msgqueue nice rtprio rttime
}
}
capability {0xffffff
}
namespaces {pivot_root {yes
}
profile {yes
}
}
mount {mask {mount umount
}
}
network {af_unix {yes
}
af_mask {unspec unix inet ax25 ipx appletalk netrom bridge atmpvc x25 inet6 rose netbeui security key netlink packet ash econet atmsvc rds sna irda pppox wanpipe llc can tipc bluetooth iucv rxrpc isdn phonet ieee802154 caif alg nfc
}
}
file {mask {create read write exec append mmap_exec link lock
}
}
domain {change_profile {yes
}
change_onexec {yes
}
change_hatv {yes
}
change_hat {yes
}
}
policy {set_load {yes
}
versions {v7 {yes
}
v6 {yes
}
v5 {yes
}
}
}
Loading…
Cancel
Save