From a1d40fde7894cbdb212c2a3e2f27ace25c62c3c9 Mon Sep 17 00:00:00 2001 From: deeplow Date: Wed, 21 Jun 2023 11:09:18 +0300 Subject: [PATCH] Create an RPM for Qubes Allow creating an RPM package that is to be installed specifically on Qubes. This package has the following extra properties from our regular RPM packages: 1. Make `python3-magic`, `libreoffice` and `tesseract` requirements for installing Dangerzone, since the conversion takes place in a disposable qube that needs these packages. 2. Ignore the container.tar.gz file, if it exists. 3. Add our RPC calls under `/etc/qubes-rpc` --- install/linux/build-rpm.py | 28 +++++++++++++++++++++++++++- setup.py | 36 +++++++++++++++++++++++++----------- 2 files changed, 52 insertions(+), 12 deletions(-) diff --git a/install/linux/build-rpm.py b/install/linux/build-rpm.py index 5d7cba4..a7f423b 100755 --- a/install/linux/build-rpm.py +++ b/install/linux/build-rpm.py @@ -1,5 +1,6 @@ #!/usr/bin/env python3 # -*- coding: utf-8 -*- +import argparse import inspect import os import shutil @@ -17,6 +18,12 @@ with open(os.path.join(root, "share", "version.txt")) as f: def main(): + parser = argparse.ArgumentParser() + parser.add_argument( + "--qubes", action="store_true", help="Build RPM package for a Qubes OS system" + ) + args = parser.parse_args() + build_path = os.path.join(root, "build") dist_path = os.path.join(root, "dist") @@ -26,9 +33,28 @@ def main(): if os.path.exists(dist_path): shutil.rmtree(dist_path) + if args.qubes: + print("> Building for a Qubes system") + os.environ["QUBES_TARGET"] = "1" + + # Server and Client package requirements are bundled together since + # we assume the server and client qubes are installed on the same + # template + platform_dependant_packages = ",".join( + [ + # Server package requirements + "python3-magic", + "libreoffice", + # Client package requirements + "tesseract", # FIXME add other languages + ] + ) + else: + platform_dependant_packages = "podman" + print("* Building RPM package") subprocess.run( - "python3 setup.py bdist_rpm --requires='podman,python3-pyside2,python3-appdirs,python3-click,python3-pyxdg,python3-colorama'", + f"python3 setup.py bdist_rpm --requires='{platform_dependant_packages},python3-pyside2,python3-appdirs,python3-click,python3-pyxdg,python3-colorama'", shell=True, cwd=root, check=True, diff --git a/setup.py b/setup.py index 98656fd..9634ddf 100644 --- a/setup.py +++ b/setup.py @@ -7,15 +7,39 @@ import setuptools with open("share/version.txt") as f: version = f.read().strip() +qubes_target = os.environ.get("QUBES_TARGET") == "1" +if qubes_target: + print("Target: Qubes OS") + def file_list(path): files = [] for filename in os.listdir(path): if os.path.isfile(os.path.join(path, filename)): + if qubes_target and filename.endswith("container.tar.gz"): + continue # ignore container when building a Qubes package files.append(os.path.join(path, filename)) return files +def data_files_list(): + data_files = [ + ( + "share/applications", + ["install/linux/press.freedom.dangerzone.desktop"], + ), + ( + "share/icons/hicolor/64x64/apps", + ["install/linux/press.freedom.dangerzone.png"], + ), + ("share/dangerzone", file_list("share")), + ] + if qubes_target: + # Qubes RPC policy + data_files.append(("/etc/qubes-rpc/", ["qubes/dz.Convert"])) + return data_files + + setuptools.setup( name="dangerzone", version=version, @@ -35,17 +59,7 @@ It uses container technology to convert the documents within a secure sandbox.\ "dangerzone.gui", "dangerzone.isolation_provider", ], - data_files=[ - ( - "share/applications", - ["install/linux/press.freedom.dangerzone.desktop"], - ), - ( - "share/icons/hicolor/64x64/apps", - ["install/linux/press.freedom.dangerzone.png"], - ), - ("share/dangerzone", file_list("share")), - ], + data_files=data_files_list(), classifiers=[ "Programming Language :: Python", "Intended Audience :: End Users/Desktop",