From 8e694e2e1c0091a69b93b7e169cb19db27f693d7 Mon Sep 17 00:00:00 2001 From: Patrick Pacher Date: Tue, 2 Nov 2021 16:21:07 +0100 Subject: [PATCH] Add generated artifacts for PKGBUILD --- PKGBUILD | 55 ++++++++++++++++ arch.install | 178 +++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 233 insertions(+) create mode 100644 PKGBUILD create mode 100644 arch.install diff --git a/PKGBUILD b/PKGBUILD new file mode 100644 index 0000000..3ded317 --- /dev/null +++ b/PKGBUILD @@ -0,0 +1,55 @@ +# Maintainer: Safing ICS Technologies +# +# Application Firewall: Block Mass Surveillance - Love Freedom +# The Portmaster enables you to protect your data on your device. You +# are back in charge of your outgoing connections: you choose what data +# you share and what data stays private. Read more on docs.safing.io. +# +pkgname=portmaster-bin +pkgver=0.7.0 +pkgrel=1 +pkgdesc='Application Firewall: Block Mass Surveillance - Love Freedom' +arch=('x86_64') +url='https://safing.io/portmaster' +license=('AGPL3') +depends=('libnetfilter_queue') +makedepends=('imagemagick') # for convert +optdepends=('libappindicator-gtk3: for systray indicator') +options=('!strip') +provides=('portmaster') +conflicts=('portmaster') +install=arch.install +source=("portmaster-start::https://updates.safing.io/linux_amd64/start/portmaster-start_v${pkgver//./-}" + 'portmaster.desktop' + 'portmaster_notifier.desktop' + 'portmaster_logo.png' + "portmaster.service") +noextract=('portmaster-start') +sha256sums=('6ade636aaf2b608f251972fd98b25a8020b301023a6377e5275de5195a132e7f' + '7b0c03e4552dd86caeff2d628b13346cfe70a646af11abac6555e348e46c28da' + '490b586f185218fdd947e8f12aa2dc412d78d89c8ce9b8ef5a75cb2e5ffb94ae' + 'ecb02625952594af86d3b53762363c1e227c2b9604fc9c9423682fc87a92a957' + 'ab64bed0d7300b21a5d594fc94cf491e7782febf5faf90cd18ffe00b9fd9144b') + +prepare() { + for res in 16 32 48 96 128 ; do + local iconpath="${srcdir}/icons/${res}x${res}/" + mkdir -p "${iconpath}" ; + convert ./portmaster_logo.png -resize "${res}x${res}" "${iconpath}/portmaster.png" ; + done +} + +package() { + install -Dm 0755 "${srcdir}/portmaster-start" "${pkgdir}/opt/safing/portmaster/portmaster-start" + install -Dm 0644 "${srcdir}/portmaster.desktop" "${pkgdir}/opt/safing/portmaster/portmaster.desktop" + install -Dm 0644 "${srcdir}/portmaster_notifier.desktop" "${pkgdir}/opt/safing/portmaster/portmaster_notifier.desktop" + install -dm 0755 "${pkgdir}/etc/xdg/autostart" + ln -s "/opt/safing/portmaster/portmaster_notifier.desktop" "${pkgdir}/etc/xdg/autostart/portmaster_notifier.desktop" + install -Dm 0644 "${srcdir}/portmaster.service" "${pkgdir}/opt/safing/portmaster/portmaster.service" + install -Dm 0644 "${srcdir}/icons/32x32/portmaster.png" "${pkgdir}/usr/share/pixmaps/portmaster.png" + install -Dm 0644 "${srcdir}/icons/16x16/portmaster.png" "${pkgdir}/usr/share/icons/hicolor/16x16/apps/portmaster.png" + install -Dm 0644 "${srcdir}/icons/32x32/portmaster.png" "${pkgdir}/usr/share/icons/hicolor/32x32/apps/portmaster.png" + install -Dm 0644 "${srcdir}/icons/48x48/portmaster.png" "${pkgdir}/usr/share/icons/hicolor/48x48/apps/portmaster.png" + install -Dm 0644 "${srcdir}/icons/96x96/portmaster.png" "${pkgdir}/usr/share/icons/hicolor/96x96/apps/portmaster.png" + install -Dm 0644 "${srcdir}/icons/128x128/portmaster.png" "${pkgdir}/usr/share/icons/hicolor/128x128/apps/portmaster.png" +} diff --git a/arch.install b/arch.install new file mode 100644 index 0000000..7d8d45e --- /dev/null +++ b/arch.install @@ -0,0 +1,178 @@ +post_install() { + log() { + echo "$@" + } + # + # Prepares systemd support by creating a symlink for the .service file + # and enabling/disabling certain features of our .service unit based on + # the available systemd version. + # + installSystemdSupport() { + local changed="False" + if command -V systemctl >/dev/null 2>&1; then + local systemd_version="$(systemctl --version | head -1 | sed -n 's/systemd \([0-9]*\).*/\1/p')" + # not all distros have migrated /lib to /usr/lib yet but all that + # have provide a symlink from /lib -> /usr/lib so we just prefix with + # /lib here. + ln -s /opt/safing/portmaster/portmaster.service /lib/systemd/system/portmaster.service 2>/dev/null >&2 ||: + + # rhel/centos8 does not yet have ProtectKernelLogs available + if [ "${systemd_version}" -lt 244 ]; then + sed -i "s/^ProtectKernelLogs/#ProtectKernelLogs/g" /opt/safing/portmaster/portmaster.service ||: + changed="True" + fi + + # SystemCallFilter groups are added in 231 so make sure we comment it out + if [ "${systemd_version}" -lt 231 ]; then + sed -i "s/^SystemCall/#SystemCall/g" /opt/safing/portmaster/portmaster.service ||: + changed="True" + fi + + if [ "${changed}" = "True" ] && [ "$1" = "upgrade" ]; then + systemctl daemon-reload ||: + fi + + log "Configuring portmaster.service to launch at boot" + systemctl enable portmaster.service ||: + fi + } + # + # install .desktop files, either using desktop-file-install when available + # or by just copying the files into /usr/share/applications. + # + if command -V desktop-file-install >/dev/null 2>&1; then + desktop-file-install /opt/safing/portmaster/portmaster.desktop ||: + desktop-file-install /opt/safing/portmaster/portmaster_notifier.desktop ||: + elif [ -d /usr/share/applications ]; then + cp /opt/safing/portmaster/portmaster.desktop /usr/share/applications 2>/dev/null ||: + cp /opt/safing/portmaster/portmaster_notifier.desktop /usr/share/applications 2>/dev/null ||: + fi + + installSystemdSupport + + # + # Fix selinux permissions for portmaster-start + # + if command -V getenforce >/dev/null 2>&1; then + chcon -t bin_t /opt/safing/portmaster/portmaster-start + fi + + # + # Prepare the installation directory tree + # + /opt/safing/portmaster/portmaster-start --data /opt/safing/portmaster clean-structure + + # + # Finally, trigger downloading modules. As this requires internet access + # it is more likely to fail and is thus the last thing we do. + # + if [ "${skip_downloads}" = "True" ]; then + log "Downloading of Portmaster modules skipped!" + log "Please run '/opt/safing/portmaster/portmaster-start --data /opt/safing/portmaster update' manually.\n" + return + fi + log "Downloading portmaster modules. This may take a while ..." + /opt/safing/portmaster/portmaster-start --data /opt/safing/portmaster update --update-agent "${download_agent}" 2>/dev/null >/dev/null || ( + log "Failed to download modules" + log "Please run '/opt/safing/portmaster/portmaster-start --data /opt/safing/portmaster update' manually.\n" + ) +} + +post_upgrade() { + log() { + echo "$@" + } + # + # Prepares systemd support by creating a symlink for the .service file + # and enabling/disabling certain features of our .service unit based on + # the available systemd version. + # + installSystemdSupport() { + local changed="False" + if command -V systemctl >/dev/null 2>&1; then + local systemd_version="$(systemctl --version | head -1 | sed -n 's/systemd \([0-9]*\).*/\1/p')" + # not all distros have migrated /lib to /usr/lib yet but all that + # have provide a symlink from /lib -> /usr/lib so we just prefix with + # /lib here. + ln -s /opt/safing/portmaster/portmaster.service /lib/systemd/system/portmaster.service 2>/dev/null >&2 ||: + + # rhel/centos8 does not yet have ProtectKernelLogs available + if [ "${systemd_version}" -lt 244 ]; then + sed -i "s/^ProtectKernelLogs/#ProtectKernelLogs/g" /opt/safing/portmaster/portmaster.service ||: + changed="True" + fi + + # SystemCallFilter groups are added in 231 so make sure we comment it out + if [ "${systemd_version}" -lt 231 ]; then + sed -i "s/^SystemCall/#SystemCall/g" /opt/safing/portmaster/portmaster.service ||: + changed="True" + fi + + if [ "${changed}" = "True" ] && [ "$1" = "upgrade" ]; then + systemctl daemon-reload ||: + fi + + log "Configuring portmaster.service to launch at boot" + systemctl enable portmaster.service ||: + fi + } + # + # As of 0.4.0 portmaster-control has been renamed to portmaster-start + # and is not placed in /usr/bin anymore. Unfortunately, the postrm script + # of the old installer does not get rid of portmaster-control so we should + # take care during an upgrade. + # + rm /usr/bin/portmaster-control 2>/dev/null >&2 ||: + + # + # If there's already a /var/lib/portmaster installation we're going to move + # configs and databases and remove the complete directory + # The preinstall.sh already checked that /var/lib/portmaster/updates MUST NOT + # exist so we should be safe to touch the databases here. + # + if [ -d /var/lib/portmaster ]; then + if [ ! -d /opt/safing/portmaster/config.json ]; then + log "Migrating from previous installation at /var/lib/portmaster to /opt/safing/portmaster ..." + mv /var/lib/portmaster/databases /opt/safing/portmaster/databases ||: + mv /var/lib/portmaster/config.json /opt/safing/portmaster/config.json ||: + fi + log "Removing previous installation directory at /var/lib/portmaster" + rm -r /var/lib/portmaster 2>/dev/null >&2 ||: + fi + +} + +pre_remove() { + log() { + echo "$@" + } + # stop the portmaster service and disable it if it's enabled. + if command -V systemctl >/dev/null 2>&1; then + if (systemctl -q is-active portmaster.service); then + log "Stopping portmaster.service" + systemctl stop portmaster.service ||: + fi + if (systemctl -q is-enabled portmaster.service); then + log "Disabling portmaster.service to launch at boot" + systemctl disable portmaster.service ||: + fi + fi +} + +post_remove() { + log() { + echo "$@" + } + rm -rf /opt/safing/portmaster/updates ||: + + # file is marked as a ghost on RPM system so it might have + # been automatically deleted by the package manager. + rm /lib/systemd/system/portmaster.service 2>/dev/null >&2 ||: + rm /usr/share/applications/portmaster.desktop 2>/dev/null >&2 ||: + rm /usr/share/applications/portmaster_notifier.desktop 2>/dev/null >&2 ||: + + if [ "$1" = "purge" ]; then + rm -rf /opt/safing/portmaster ||: + fi + +}