From 960367c09cd71097d9b274292438b326f5daf1bd Mon Sep 17 00:00:00 2001
From: Unit 193 <unit193@unit193.net>
Date: Sat, 19 Dec 2020 20:51:59 -0500
Subject: d/p/policy.d_no_autostart.patch, d/install, d/policy-rc.d: Re-write
 how we set up policy-rc.d, using bind mounts.

---
 debian/install                             |  1 +
 debian/patches/policy.d_no_autostart.patch | 51 ++++++++----------------------
 debian/policy-rc.d                         |  3 ++
 3 files changed, 17 insertions(+), 38 deletions(-)
 create mode 100644 debian/install
 create mode 100755 debian/policy-rc.d

diff --git a/debian/install b/debian/install
new file mode 100644
index 0000000..0e29011
--- /dev/null
+++ b/debian/install
@@ -0,0 +1 @@
+debian/policy-rc.d usr/share/arch-install-scripts/
diff --git a/debian/patches/policy.d_no_autostart.patch b/debian/patches/policy.d_no_autostart.patch
index 3c968ec..e748045 100644
--- a/debian/patches/policy.d_no_autostart.patch
+++ b/debian/patches/policy.d_no_autostart.patch
@@ -1,46 +1,21 @@
-Description: Setup and teardown policy.d, to not autostart applications in the chroot
+Description: Set up policy.d to not autostart services in the chroot
 Author: Unit 193 <unit193@debian.org>
-Origin: vendor
 Forwarded: not-needed
-Last-Update: 2018-01-28
+Last-Update: 2020-12-19
 
-Index: arch-install-scripts/common
-===================================================================
---- arch-install-scripts.orig/common
-+++ arch-install-scripts/common
-@@ -77,10 +77,18 @@ chroot_maybe_add_mount() {
-   fi
- }
- 
-+chroot_policyd() {
-+  cat << EOF > "$1/usr/sbin/policy-rc.d"
-+#!/bin/sh
-+exit 101
-+EOF
-+  chmod +x "$1/usr/sbin/policy-rc.d"
-+}
-+
- chroot_setup() {
-   CHROOT_ACTIVE_MOUNTS=()
-   [[ $(trap -p EXIT) ]] && die '(BUG): attempting to overwrite existing EXIT trap'
--  trap 'chroot_teardown' EXIT
-+  trap "chroot_teardown $1" EXIT
- 
-   chroot_add_mount proc "$1/proc" -t proc -o nosuid,noexec,nodev &&
-   chroot_add_mount sys "$1/sys" -t sysfs -o nosuid,noexec,nodev,ro &&
-@@ -91,6 +99,7 @@ chroot_setup() {
+---
+ common |    3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/common	2020-12-19 20:05:37.304917253 -0500
++++ b/common	2020-12-19 20:05:37.296917325 -0500
+@@ -90,7 +90,8 @@
+   chroot_add_mount devpts "$1/dev/pts" -t devpts -o mode=0620,gid=5,nosuid,noexec &&
    chroot_add_mount shm "$1/dev/shm" -t tmpfs -o mode=1777,nosuid,nodev &&
    chroot_add_mount /run "$1/run" --bind &&
-   chroot_add_mount tmp "$1/tmp" -t tmpfs -o mode=1777,strictatime,nodev,nosuid
-+  chroot_policyd "$1"
+-  chroot_add_mount tmp "$1/tmp" -t tmpfs -o mode=1777,strictatime,nodev,nosuid
++  chroot_add_mount tmp "$1/tmp" -t tmpfs -o mode=1777,strictatime,nodev,nosuid &&
++  chroot_add_mount /usr/share/arch-install-scripts/policy-rc.d "$1/usr/sbin/policy-rc.d" --bind
  }
  
  chroot_teardown() {
-@@ -98,6 +107,7 @@ chroot_teardown() {
-     umount "${CHROOT_ACTIVE_MOUNTS[@]}"
-   fi
-   unset CHROOT_ACTIVE_MOUNTS
-+  rm -f "$1/usr/sbin/policy-rc.d"
- }
- 
- try_cast() (
diff --git a/debian/policy-rc.d b/debian/policy-rc.d
new file mode 100755
index 0000000..105ba3d
--- /dev/null
+++ b/debian/policy-rc.d
@@ -0,0 +1,3 @@
+#!/bin/sh
+# Prevent invoke-rc.d from starting services.
+exit 101
-- 
cgit v1.2.3