#!/bin/bash # -*-mode: sh; tab-width: 8; coding: utf-8-unix -*- # # rc.local # # This script is executed at the end of each multiuser runlevel. # Make sure that the script will "exit 0" on success or any other # value on error. . /usr/local/etc/local.d/local.bash chmod 775 /usr/local/sbin/*sh /usr/local/bin/*sh export PATH=$PATH:/usr/local/bin:/usr/local/sbin grep -q root=/dev/vda /proc/cmdline PROXY_IS_VDA=$? if [ $PROXY_IS_VDA -eq 0 ] ; then /usr/local/sbin/proxy_whonix_lib.bash proxy_vda_config fi # Host and Vda [ -d /etc/apt ] && \ local_manual_stop_services openvpn exim4 apt-daily-upgrade udisks2 \ sdwdate tb-updater-first-boot lvm2-monitor # BEGIN ANSIBLE MANAGED BLOCK base initctl if [ ! -e /dev/initctl -a -e /run/initctl ] ; then ln -s /run/initctl /dev/initctl elif [ ! -e /dev/initctl ] ; then mknod -m=0600 /dev/initctl p fi # END ANSIBLE MANAGED BLOCK base initctl # BEGIN ANSIBLE MANAGED BLOCK base ( cd /var/tmp && rm -rf ansible-local-* Temp-* ssh-* pulse-* .xfsm-ICE-* ) # END ANSIBLE MANAGED BLOCK base # sh "/var/local/etc/local.d/testforge.start" # redis # WARNING you have Transparent Huge Pages (THP) support enabled in your kernel. This will create latency and memory usage issues with Redis. To fix this issue run the command 'echo never > /sys/kernel/mm/transparent_hugepage/enabled' as root, and add it to your /etc/rc.local in order to retain the setting after a reboot. Redis must be restarted after THP is disabled. #? echo never > /sys/kernel/mm/transparent_hugepage/enabled if false;then # failsafe but independent of whether wlan exists [ -f /usr/local/sbin/proxy_whonix_host_libvirt.bash ] && \ sh /usr/local/sbin/proxy_whonix_host_libvirt.bash proxy_whonix_libvirt_start if ! /usr/local/sbin/proxy_whonix_host.bash config ; then echo WARN: Whonix-Host.rc proxy_whonix_host.bash config failed $? fi if ! /usr/local/sbin/proxy_whonix_host.bash start ; then echo WARN: Whonix-Host.rc proxy_whonix_host.bash start failed $? fi if ! /usr/local/sbin/proxy_whonix_host.bash test ; then echo WARN: Whonix-Host.rc proxy_whonix_host.bash test failed $? fi fi exit 0 # BEGIN ANSIBLE MANAGED BLOCK update lati_unix.yml text local_systemd_stop_services display-manager # END ANSIBLE MANAGED BLOCK update lati_unix.yml text # BEGIN ANSIBLE MANAGED BLOCK update lati_unix.yml fstab for eltin h i j o q v q w l ; do [ -d /mnt/$elt/tmp ] || mount /mnt/$elt done exit 0 # END ANSIBLE MANAGED BLOCK update lati_unix.yml fstab # BEGIN ANSIBLE MANAGED BLOCK update lati_unix.yml mask # local_manual_stop_services SYSTEMD_STOP_AND_MASK=" debug-shell.service systemd-backlight@.service phpsessionclean.service phpsessionclean.timer apt-daily-upgrade.service apt-daily-upgrade.timer dbus-org.freedesktop.nm-dispatcher.service tb-updater-first-boot.service openvpn.service systemd-backlight@.service systemd-backlight@backlight.service vboxadd-service.service vboxautostart-service.service vboxballoonctrl-service.service vboxdrv.service vboxweb-service.service " # /usr/local/etc/local.d/local.bash local_systemd_stop_and_mask $SYSTEMD_STOP_AND_MASK for file in /usr/local/etc/systemd/*.mask ; do cat $file | /usr/local/etc/local.d/local.bash local_systemd_stop_and_mask done # END ANSIBLE MANAGED BLOCK update lati_unix.yml mask /var/local/bin/harden_dbus_neuter.bash which brightnessctl 2>/dev/null >/dev/null && brightnessctl set 90% # BEGIN ANSIBLE MANAGED BLOCK update /usr/local/etc/local.d/local.bash local_disable_lid # END ANSIBLE MANAGED BLOCK update # BEGIN ANSIBLE MANAGED BLOCK update local_disable_lid /usr/local/etc/local.d/local.bash local_disable_lid # END ANSIBLE MANAGED BLOCK update local_disable_lid # BEGIN ANSIBLE MANAGED BLOCK base lati_unix.yml mask ROLE=base for file in /usr/local/etc/systemd/$ROLE.mask ; do cat $file | /usr/local/etc/local.d/local.bash local_systemd_stop_and_mask done # END ANSIBLE MANAGED BLOCK base lati_unix.yml mask # BEGIN ANSIBLE MANAGED BLOCK gpgkey lati_unix.yml mask ROLE=gpgkey for file in /usr/local/etc/systemd/$ROLE.mask ; do cat $file | /usr/local/etc/local.d/local.bash local_systemd_stop_and_mask done # END ANSIBLE MANAGED BLOCK gpgkey lati_unix.yml mask # BEGIN ANSIBLE MANAGED BLOCK hostvms lati_unix.yml mask ROLE=hostvms for file in /usr/local/etc/systemd/$ROLE.mask ; do cat $file | /usr/local/etc/local.d/local.bash local_systemd_stop_and_mask done # END ANSIBLE MANAGED BLOCK hostvms lati_unix.yml mask # BEGIN ANSIBLE MANAGED BLOCK privacy lati_unix.yml mask ROLE=privacy for file in /usr/local/etc/systemd/$ROLE.mask ; do cat $file | /usr/local/etc/local.d/local.bash local_systemd_stop_and_mask done # END ANSIBLE MANAGED BLOCK privacy lati_unix.yml mask # BEGIN ANSIBLE MANAGED BLOCK proxy lati_unix.yml mask ROLE=proxy for file in /usr/local/etc/systemd/$ROLE.mask ; do cat $file | /usr/local/etc/local.d/local.bash local_systemd_stop_and_mask done # END ANSIBLE MANAGED BLOCK proxy lati_unix.yml mask # BEGIN ANSIBLE MANAGED BLOCK testforge lati_unix.yml mask ROLE=testforge for file in /usr/local/etc/systemd/$ROLE.mask ; do cat $file | /usr/local/etc/local.d/local.bash local_systemd_stop_and_mask done # END ANSIBLE MANAGED BLOCK testforge lati_unix.yml mask