-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Mon, Apr 17, 2017 at 10:02:00PM +0000, Patrick Schleizer wrote: > Hi! :) > > You want a hook exactly between mount-dirs.sh and bind-dirs.sh? > > Chris Laprise: > > My suggestion would be to put the activation of qubes/init/bind-dirs.sh > > under a separate systemd service. > > That would be nice, but may be hard to not break things.
I'm worrying the same thing. (...) > > Alternately, mount-dirs.sh could have > > a hook that points to a specific user script in /etc. > > User script sounds a bit limited. What about something a little more > flexible? > > Untested pseudo code: > > if [ -d /etc/qubes/mount-dirs-post.d ]; then > run-parts /etc/qubes/mount-dirs-post.d > fi IMO this is the way to go. In addition to your VM hardening scripts, this could be used also for some /rw initialization, beyond /etc/skel. AFAIR there was a need for similar thing to copy Tor Browser there. As for implementation - do we want it in /etc, /usr/lib, or both (so files in /etc could override /usr/lib)? But having both means we can't use run-parts :( - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJY9T3oAAoJENuP0xzK19csOBcH/2o4kcg7xOBQuhlGzXrsTDUU QNzrdzBRn6glM6mR0vv5cELSDE9EI9QcRI0uPWoETGBtD2nHHWgLRAq9gK8SwAso 4ySrBo3QvkozAMrAM7YISrOo4IGnwuCnPbTvv3j8hZb71CpC/J7jXnDjfF3pj9ZT 9a7oMudbnT1lRZ+xELx8yIQRKQhE6kk4cTRlMPSoVbOlxNUtH8Ajsq4Mn8dO2eQQ HnWdBEW93PLU73fQyvCCnsvywgTaJOV/c4eKeLEvaYUFME+C0sHaD5CPOCzgdftx T3RHmbxUMDdQG1WWvLoLEixdYmM9Yon/5hAI2XGbOOkfOsgiplKbfEuCHTUBwhI= =aaTK -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20170417221255.GJ1486%40mail-itl. For more options, visit https://groups.google.com/d/optout.
