#!/bin/bash [ -f /var/lib/whonix-libvirt/install.done ] && exit 0 ## Copyright (C) 2019 - 2020 ENCRYPTED SUPPORT LP ## See the file COPYING for copying conditions. set -x set -e ## {{ Taken from qemu-system-common.postinst. # Add the kvm group unless it's already there if ! getent group kvm >/dev/null; then addgroup --quiet --system kvm || true fi ## }} Taken from qemu-system-common.postinst. ## {{ Taken from libvirt-bin.postinst. if ! getent group libvirt >/dev/null; then addgroup --system libvirt fi ## }} Taken from libvirt-bin.postinst. ## Existence of user "user" is not guaranteed at this point. ## XXX: Or is it? grep -q ^kvm /etc/group || addgroup user kvm grep -q ^libvirt /etc/group || addgroup user libvirt ## Create shared directory and adjust permissions [ -d /mnt/gateway-shared ] || mkdir --parents /mnt/gateway-shared [ -d /mnt/workstation-shared ] || mkdir --parents /mnt/workstation-shared chmod 1777 /mnt/gateway-shared chmod 1777 /mnt/workstation-shared ## TODO: proper error handling. '|| true' can probably be removed. virsh -c qemu:///system net-autostart "default" || true virsh -c qemu:///system net-start "default" || true virsh -c qemu:///system net-define "/usr/local/share/whonix-libvirt/xml/Whonix-External.xml" || true virsh -c qemu:///system net-define "/usr/local/share/whonix-libvirt/xml/Whonix-Internal.xml" || true virsh -c qemu:///system net-autostart "Whonix-External" || true virsh -c qemu:///system net-start "Whonix-External" || true virsh -c qemu:///system net-autostart "Whonix-Internal" || true virsh -c qemu:///system net-start "Whonix-Internal" || true ## Doing the following in a temporary directory to avoid modified files should ## this be interrupted in the middle. temp_dir="$(mktemp --directory)" cp -r /usr/local/share/whonix-libvirt/xml "$temp_dir" if virsh capabilities | grep "" ; then true "OK: found KVM" else ## replace the 'kvm' domain type with 'qemu' search="" replace="" str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Gateway.xml" str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Workstation.xml" search="" replace="" str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Gateway.xml" str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Workstation.xml" ## https://forums.whonix.org/t/whonix-host-operating-system/3931/251 search="" replace="" str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Gateway.xml" str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Workstation.xml" ## https://forums.whonix.org/t/whonix-host-operating-system/3931/284 search="1" replace="" str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Gateway.xml" ## https://forums.whonix.org/t/whonix-host-operating-system/3931/284 search="1" replace="" str_replace "$search" "$replace" "$temp_dir/xml/Whonix-Workstation.xml" fi test -f "$temp_dir/xml/Whonix-Gateway.xml" test -f "$temp_dir/xml/Whonix-Workstation.xml" virsh -c qemu:///system define "$temp_dir/xml/Whonix-Gateway.xml" || true virsh -c qemu:///system define "$temp_dir/xml/Whonix-Workstation.xml" || true virt-xml "Whonix-Gateway" --add-device --filesystem source=/mnt/gateway-shared,target=shared,type=mount,accessmode=mapped || true virt-xml "Whonix-Workstation" --add-device --filesystem source=/mnt/workstation-shared,target=shared,type=mount,accessmode=mapped || true mkdir --parents /var/lib/whonix-libvirt touch /var/lib/whonix-libvirt/install.done