From fd710119c271a9a4209a3b09481761cce129ef2f Mon Sep 17 00:00:00 2001 From: dr460nf1r3 Date: Mon, 5 Apr 2021 20:52:56 +0200 Subject: [PATCH] Add pacman-init service to have less issues with untrusted keys --- PKGBUILD | 2 +- etc/systemd/system/etc-pacman.d-gnupg.mount | 8 ++++ etc/systemd/system/pacman-init.service | 16 +++++++ garuda-common-settings.install | 46 +++++++++++---------- 4 files changed, 49 insertions(+), 23 deletions(-) create mode 100644 etc/systemd/system/etc-pacman.d-gnupg.mount create mode 100644 etc/systemd/system/pacman-init.service diff --git a/PKGBUILD b/PKGBUILD index d3bc3ca..c13d399 100644 --- a/PKGBUILD +++ b/PKGBUILD @@ -2,7 +2,7 @@ # Maintainer: Librewish pkgname=garuda-common-settings -pkgver=1.2.1 +pkgver=1.2.2 pkgrel=1 arch=('any') url="https://gitlab.com/garuda-linux/themes-and-settings/settings/$pkgname" diff --git a/etc/systemd/system/etc-pacman.d-gnupg.mount b/etc/systemd/system/etc-pacman.d-gnupg.mount new file mode 100644 index 0000000..4eab551 --- /dev/null +++ b/etc/systemd/system/etc-pacman.d-gnupg.mount @@ -0,0 +1,8 @@ +[Unit] +Description=Temporary /etc/pacman.d/gnupg directory + +[Mount] +What=tmpfs +Where=/etc/pacman.d/gnupg +Type=tmpfs +Options=mode=0755 diff --git a/etc/systemd/system/pacman-init.service b/etc/systemd/system/pacman-init.service new file mode 100644 index 0000000..22776a3 --- /dev/null +++ b/etc/systemd/system/pacman-init.service @@ -0,0 +1,16 @@ +[Unit] +Description=Initializes Pacman keyring +Wants=haveged.service +After=haveged.service +Requires=etc-pacman.d-gnupg.mount +After=etc-pacman.d-gnupg.mount + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/usr/bin/pacman-key --init +ExecStart=/usr/bin/pacman-key --populate chaotic +ExecStart=/usr/bin/pacman-key --populate archlinux + +[Install] +WantedBy=multi-user.target diff --git a/garuda-common-settings.install b/garuda-common-settings.install index 1f320c1..caf875e 100644 --- a/garuda-common-settings.install +++ b/garuda-common-settings.install @@ -7,38 +7,40 @@ msg() { } post_install() { - systemctl enable haveged - systemctl enable systemd-swap - systemctl enable irqbalance - systemctl enable nohang-desktop - systemctl enable memavaild - systemctl enable prelockd systemctl enable ananicy - systemctl enable preload - systemctl enable grub-btrfs.path - systemctl enable fstrim.timer - systemctl enable btrfs-scrub.timer - systemctl enable btrfs-defrag.timer systemctl enable btrfs-balance.timer + systemctl enable btrfs-defrag.timer + systemctl enable btrfs-scrub.timer systemctl enable btrfs-trim.timer + systemctl enable fstrim.timer + systemctl enable grub-btrfs.path + systemctl enable haveged + systemctl enable irqbalance + systemctl enable memavaild + systemctl enable nohang-desktop + systemctl enable pacman-init + systemctl enable preload + systemctl enable prelockd + systemctl enable systemd-swap } post_upgrade() { msg "Attempting to enable services..." - systemctl is-active haveged >/dev/null || systemctl enable haveged - systemctl is-active systemd-swap >/dev/null || systemctl enable systemd-swap - systemctl is-active irqbalance >/dev/null || systemctl enable irqbalance - systemctl is-active nohang-desktop >/dev/null || systemctl enable nohang-desktop - systemctl is-active memavaild >/dev/null || systemctl enable memavaild - systemctl is-active prelockd >/dev/null || systemctl enable prelockd systemctl is-active ananicy >/dev/null || systemctl enable ananicy - systemctl is-active preload >/dev/null || systemctl enable preload - systemctl is-active grub-btrfs.path >/dev/null || systemctl enable grub-btrfs.path - systemctl is-active fstrim.timer >/dev/null || systemctl enable fstrim.timer - systemctl is-active btrfs-scrub.timer >/dev/null || systemctl enable btrfs-scrub.timer - systemctl is-active btrfs-defrag.timer >/dev/null || systemctl enable btrfs-defrag.timer systemctl is-active btrfs-balance.timer >/dev/null || systemctl enable btrfs-balance.timer + systemctl is-active btrfs-defrag.timer >/dev/null || systemctl enable btrfs-defrag.timer + systemctl is-active btrfs-scrub.timer >/dev/null || systemctl enable btrfs-scrub.timer systemctl is-active btrfs-trim.timer >/dev/null || systemctl enable btrfs-trim.timer + systemctl is-active fstrim.timer >/dev/null || systemctl enable fstrim.timer + systemctl is-active grub-btrfs.path >/dev/null || systemctl enable grub-btrfs.path + systemctl is-active haveged >/dev/null || systemctl enable haveged + systemctl is-active irqbalance >/dev/null || systemctl enable irqbalance + systemctl is-active memavaild >/dev/null || systemctl enable memavaild + systemctl is-active nohang-desktop >/dev/null || systemctl enable nohang-desktop + systemctl is-active pacman-init >/dev/null || systemctl enable pacman-init + systemctl is-active preload >/dev/null || systemctl enable preload + systemctl is-active prelockd >/dev/null || systemctl enable prelockd + systemctl is-active systemd-swap >/dev/null || systemctl enable systemd-swap echo "" msg "Updating font cache..."