fix vm-boot-protect mode

issue #40
This commit is contained in:
Christopher Laprise 2019-08-18 15:49:10 -04:00
parent 13d5c5d2de
commit 47b42547d1
No known key found for this signature in database
GPG Key ID: 448568C8B281C952
2 changed files with 6 additions and 6 deletions

View File

@ -119,6 +119,7 @@ Some useful configurations have been supplied in /etc/default/vms:
* The service can be removed from the system with `cd Qubes-VM-hardening; sudo bash install --uninstall` * The service can be removed from the system with `cd Qubes-VM-hardening; sudo bash install --uninstall`
## Releases ## Releases
- v0.9.2 Fix vm-boot-protect mode
- v0.9.1 Optimized, fix rc order, new "wiperw" tag - v0.9.1 Optimized, fix rc order, new "wiperw" tag
- v0.9.0 Add tags and rc files, protect more home scripts, reinitialize home - v0.9.0 Add tags and rc files, protect more home scripts, reinitialize home
- v0.8.5 Fix template detection, /etc/default/vms erasure - v0.8.5 Fix template detection, /etc/default/vms erasure

View File

@ -30,7 +30,7 @@ rwbak=$rw/vm-boot-protect
errlog=/var/run/vm-protect-error errlog=/var/run/vm-protect-error
servicedir=/var/run/qubes-service servicedir=/var/run/qubes-service
defdir=/etc/default/vms defdir=/etc/default/vms
version="0.9.1" version=0.9.2
# Define sh, bash, X and desktop init scripts in /home/user # Define sh, bash, X and desktop init scripts in /home/user
# to be protected # to be protected
@ -277,11 +277,6 @@ if qsvc vm-boot-protect-root && [ $rwonly_pers = 1 ]; then
fi fi
# Keep configs invisible at runtime...
if ! is_templatevm; then
rm -rf "$defdir" $servicedir/vm-boot-tag* $servicedir/vm-boot-protect* $errlog
fi
# Remove backups if indicated # Remove backups if indicated
if [ $save_backup = 0 ]; then if [ $save_backup = 0 ]; then
chattr -R -f -i $rwbak chattr -R -f -i $rwbak
@ -294,4 +289,8 @@ if qsvc vm-boot-protect || qsvc vm-boot-protect-root; then
umount $rw umount $rw
fi fi
# Keep configs invisible at runtime...
if ! is_templatevm; then
rm -rf "$defdir" $servicedir/vm-boot-tag* $servicedir/vm-boot-protect* $errlog
fi
exit 0 exit 0