%post

CREATE_USERNAME=liveuser

# FIXME: this script should go away unless we are going to support read-only media
cat > /etc/rc.d/init.d/livesys << EOF
#!/bin/bash
#
# live: Init script for live image
#
# chkconfig: 345 00 99
# description: Init script for live image.

. /etc/init.d/functions

if ! strstr "\`cat /proc/cmdline\`" liveimg || [ "\$1" != "start" ]; then
    exit 0
fi

if [ -e /.liveimg-configured ] ; then
    configdone=1
fi

exists() {
    which \$1 >/dev/null 2>&1 || return
    \$*
}

touch /.liveimg-configured

# mount live image
if [ -b \`readlink -f /dev/live\` ]; then
   mkdir -p /mnt/live
   mount -o ro /dev/live /mnt/live 2>/dev/null || mount /dev/live /mnt/live
fi

livedir="LiveOS"
for arg in \`cat /proc/cmdline\` ; do
  if [ "\${arg##live_dir=}" != "\${arg}" ]; then
    livedir=\${arg##live_dir=}
    return
  fi
done

# enable swaps unless requested otherwise
swaps=\`blkid -t TYPE=swap -o device\`
if ! strstr "\`cat /proc/cmdline\`" noswap && [ -n "\$swaps" ] ; then
  for s in \$swaps ; do
    action "Enabling swap partition \$s" swapon \$s
  done
fi
if ! strstr "\`cat /proc/cmdline\`" noswap && [ -f /mnt/live/\${livedir}/swap.img ] ; then
  action "Enabling swap file" swapon /mnt/live/\${livedir}/swap.img
fi

mountPersistentHome() {
  # support label/uuid
  if [ "\${homedev##LABEL=}" != "\${homedev}" -o "\${homedev##UUID=}" != "\${homedev}" ]; then
    homedev=\`/sbin/blkid -o device -t "\$homedev"\`
  fi

  # if we're given a file rather than a blockdev, loopback it
  if [ "\${homedev##mtd}" != "\${homedev}" ]; then
    # mtd devs don't have a block device but get magic-mounted with -t jffs2
    mountopts="-t jffs2"
  elif [ ! -b "\$homedev" ]; then
    loopdev=\`losetup -f\`
    if [ "\${homedev##/mnt/live}" != "\${homedev}" ]; then
      action "Remounting live store r/w" mount -o remount,rw /mnt/live
    fi
    losetup \$loopdev \$homedev
    homedev=\$loopdev
  fi

  # if it's encrypted, we need to unlock it
  if [ "\$(/lib/udev/vol_id -t \$homedev 2>/dev/null)" = "crypto_LUKS" ]; then
    echo
    echo "Setting up encrypted /home device"
    plymouth ask-for-password --command="cryptsetup luksOpen \$homedev EncHome"
    homedev=/dev/mapper/EncHome
  fi

  # and finally do the mount
  mount \$mountopts \$homedev /home
  # if we have /home under what's passed for persistent home, then
  # we should make that the real /home.  useful for mtd device on $CREATE_USERNAME
  if [ -d /home/home ]; then mount --bind /home/home /home ; fi
  [ -x /sbin/restorecon ] && /sbin/restorecon /home
  if [ -d /home/$CREATE_USERNAME ]; then USERADDARGS="-M" ; fi
}

findPersistentHome() {
  for arg in \`cat /proc/cmdline\` ; do
    if [ "\${arg##persistenthome=}" != "\${arg}" ]; then
      homedev=\${arg##persistenthome=}
      return
    fi
  done
}

if strstr "\`cat /proc/cmdline\`" persistenthome= ; then
  findPersistentHome
elif [ -e /mnt/live/\${livedir}/home.img ]; then
  homedev=/mnt/live/\${livedir}/home.img
fi

# if we have a persistent /home, then we want to go ahead and mount it
if ! strstr "\`cat /proc/cmdline\`" nopersistenthome && [ -n "\$homedev" ] ; then
  action "Mounting persistent /home" mountPersistentHome
fi

# make it so that we don't do writing to the overlay for things which
# are just tmpdirs/caches
mount -t tmpfs -o mode=0755 varcacheyum /var/cache/yum
mount -t tmpfs tmp /tmp
mount -t tmpfs vartmp /var/tmp
[ -x /sbin/restorecon ] && /sbin/restorecon /var/cache/yum /tmp /var/tmp >/dev/null 2>&1

if [ -n "\$configdone" ]; then
  exit 0
fi

# add soas user with no passwd
/usr/sbin/useradd -m -c "SoaS user" -G audio,wheel $CREATE_USERNAME
/usr/bin/passwd -d $CREATE_USERNAME
chown -R $CREATE_USERNAME:$CREATE_USERNAME /home/$CREATE_USERNAME

# allow sudo for CREATE_USERNAME user
echo "%wheel ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers

# don't start yum-updatesd for livecd boots
chkconfig --level 345 yum-updatesd off 2>/dev/null

# turn off mdmonitor by default
chkconfig --level 345 mdmonitor off 2>/dev/null

# turn off setroubleshoot on the live image to preserve resources
chkconfig --level 345 setroubleshoot off 2>/dev/null

# don't do packagekit checking by default
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t string /apps/gnome-packagekit/frequency_get_updates never >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t string /apps/gnome-packagekit/frequency_get_upgrades never >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t string /apps/gnome-packagekit/frequency_refresh_cache never >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/notify_available false >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/notify_distro_upgrades false >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/enable_check_firmware false >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/enable_check_hardware false >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/enable_codec_helper false >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/enable_font_helper false >/dev/null
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool /apps/gnome-packagekit/enable_mime_type_helper false >/dev/null


# don't start cron/at as they tend to spawn things which are
# disk intensive that are painful on a live image
chkconfig --level 345 crond off 2>/dev/null
chkconfig --level 345 atd off 2>/dev/null
chkconfig --level 345 anacron off 2>/dev/null
chkconfig --level 345 readahead_early off 2>/dev/null
chkconfig --level 345 readahead_later off 2>/dev/null

# Stopgap fix for RH #217966; should be fixed in HAL instead
touch /media/.hal-mtab

# workaround clock syncing on shutdown that we don't want (#297421)
sed -i -e 's/hwclock/no-such-hwclock/g' /etc/rc.d/init.d/halt

# and hack so that we eject the cd on shutdown if we're using a CD...
if strstr "\`cat /proc/cmdline\`" CDLABEL= ; then
  cat >> /sbin/halt.local << FOE
#!/bin/bash
# we want to eject the cd on halt, but let's also try to avoid
# io errors due to not being able to get files...
cat /sbin/halt > /dev/null
cat /sbin/reboot > /dev/null
/usr/sbin/eject -p -m \$(readlink -f /dev/live) >/dev/null 2>&1
echo "Please remove the CD from your drive and press Enter to finish restarting"
read -t 30 < /dev/console
FOE
chmod +x /sbin/halt.local
fi

EOF




# workaround hal starting late
cat > /etc/rc.d/init.d/livesys-late << EOF
#!/bin/bash
#
# live: Late init script for live image
#
# chkconfig: 345 99 01
# description: Late init script for live image.

. /etc/init.d/functions

if ! strstr "\`cat /proc/cmdline\`" liveimg || [ "\$1" != "start" ] || [ -e /.liveimg-late-configured ] ; then
    exit 0
fi

exists() {
    which \$1 >/dev/null 2>&1 || return
    \$*
}

touch /.liveimg-late-configured

# read some variables out of /proc/cmdline
for o in \`cat /proc/cmdline\` ; do
    case \$o in
    ks=*)
        ks="\${o#ks=}"
        ;;
    xdriver=*)
        xdriver="--set-driver=\${o#xdriver=}"
        ;;
    esac
done

# this is a bad hack to work around #460581 for the geode
# purely to help move testing along for now
if [ \`grep -c Geode /proc/cpuinfo\` -ne 0 ]; then
  cat > /etc/X11/xorg.conf <<FOE
Section "ServerLayout"
	Identifier     "Default Layout"
	Screen      0  "Screen0" 0 0
	InputDevice    "Keyboard0" "CoreKeyboard"
EndSection

Section "InputDevice"
# keyboard added by rhpxl
	Identifier  "Keyboard0"
	Driver      "kbd"
	Option	    "XkbModel" "pc105"
	Option	    "XkbLayout" "us"
EndSection

Section "Monitor"
	Identifier  "Monitor0"
	HorizSync   30-67
	VertRefresh 48-52
	DisplaySize 152 114
	Mode "1200x900"
		DotClock 57.275
		HTimings 1200 1208 1216 1240
		VTimings 900 905 908 912
		Flags    "-HSync" "-VSync"
	EndMode
EndSection

Section "Device"
	Identifier  "Videocard0"
	Driver      "amd"
	VendorName  "Advanced Micro Devices, Inc."
	BoardName   "AMD Geode GX/LX"

	Option     "AccelMethod" "EXA"
	Option     "NoCompression" "true"
        Option     "MigrationHeuristic" "greedy"
	Option     "PanelGeometry" "1200x900"
EndSection

Section "Screen"
	Identifier "Screen0"
	Device     "Videocard0"
	Monitor    "Monitor0"
	DefaultDepth 16
	SubSection "Display"
		Depth   16
		Modes   "1200x900"
	EndSubSection
EndSection
FOE

echo "Xft.dpi: 150" > /home/$CREATE_USERNAME/.Xresources

fi

# if liveinst or textinst is given, start anaconda
if strstr "\`cat /proc/cmdline\`" liveinst ; then
   plymouth --quit
   /usr/sbin/liveinst \$ks
fi
if strstr "\`cat /proc/cmdline\`" textinst ; then
   plymouth --quit
   /usr/sbin/liveinst --text \$ks
fi

# configure X, allowing user to override xdriver
if [ -n "\$xdriver" ]; then
   exists system-config-display --noui --reconfig --set-depth=24 \$xdriver
fi

EOF

chmod 755 /etc/rc.d/init.d/livesys
/sbin/restorecon /etc/rc.d/init.d/livesys
/sbin/chkconfig --add livesys

chmod 755 /etc/rc.d/init.d/livesys-late
/sbin/restorecon /etc/rc.d/init.d/livesys-late
/sbin/chkconfig --add livesys-late



##################
# BEGIN avoid livesys script at every boot

# put /tmp on tmpfs
# FIXME: should be unnecessary
cat >> /etc/fstab <<EOF
/tmp            /tmp            tmpfs         rw          0 0
EOF

# add user CREATE_USERNAME
/usr/sbin/useradd -m -c "SoaS user" -G audio,wheel $CREATE_USERNAME
/usr/bin/passwd -d $CREATE_USERNAME
chown -R $CREATE_USERNAME:$CREATE_USERNAME /home/$CREATE_USERNAME

# allow sudo for CREATE_USERNAME user
echo "%wheel ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers

# make sure the fonts are not too big in Sugar
# FIXME: remove when http://dev.laptop.org/ticket/9331 is fixed
echo "Xft.dpi: 201" > /home/$CREATE_USERNAME/.Xresources
chown $CREATE_USERNAME:$CREATE_USERNAME /home/$CREATE_USERNAME/.Xresources

# make sure the fonts are not too big in GNOME
# FIXME: remove when http://dev.laptop.org/ticket/9331 is fixed
gconftool-2 --direct --config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t float /desktop/gnome/font_rendering/dpi 201 >/dev/null

# install activities
BUNDLES_DIR=/usr/share/sugar/bundles
ACTIVITIES_DIR=/home/$CREATE_USERNAME/Activities
chown -R $CREATE_USERNAME:$CREATE_USERNAME $BUNDLES_DIR
mkdir /home/$CREATE_USERNAME/Activities
chown -R $CREATE_USERNAME:$CREATE_USERNAME $ACTIVITIES_DIR
cd $BUNDLES_DIR
for file in *.xo; do
    su $CREATE_USERNAME -c "./install-activity.py $file"
done
rm -f install-activity.py

# execute sample content script and clean up afterwards
su $CREATE_USERNAME -c ./copy-to-datastore.py
rm -f *.pdf copy-to-datastore.py

# END avoid livesys scripts at every boot
##################


##################
# BEGIN CREATE_USERNAME .xsession

cat >> /home/$CREATE_USERNAME/.xsession <<EOF

# full debugging on
export LM_DEBUG=net
export GABBLE_DEBUG=all
export GABBLE_LOGFILE=/home/$CREATE_USERNAME/.sugar/default/logs/telepathy-gabble.log
export SALUT_DEBUG=all
export SALUT_LOGFILE=/home/$CREATE_USERNAME/.sugar/default/logs/telepathy-salut.log
export GIBBER_DEBUG=all
export PRESENCESERVICE_DEBUG=1
export SUGAR_LOGGER_LEVEL=debug

# Uncomment the following line to enable core dumps
#ulimit -c unlimited

# Uncomment the following line to debug sugar startup problems
#exec xterm

# If you drop out of this script, the normal olpc-session will proceed
# Uncomment the following line to prevent it
#exit 0

# xcompmgr is disabled in SoaS Strawberry because it is lightly tested
# and known to cause undesired visual artifacts; for example, palettes
# can fail to disappear often enough to be very annoying
#
#(sleep 5 ; xcompmgr ) &

EOF

# END olpc .xsession
##################



##################
# BEGIN Xclients setup
# FIXME: this should be unnecessary and might break things
cat >> /home/$CREATE_USERNAME/.Xclients << FOE
xsetroot -def

eval \\\$(dbus-launch --sh-syntax --exit-with-session)

RESOLUTION=\\\$(xdpyinfo | grep resolution | sed "s/.* \\([0-9][0-9]*\\)x.*/\\1/")
if [ "\\\$RESOLUTION" -gt 150 ]; then
    SUGAR_SCALING=100
else
    SUGAR_SCALING=72
fi

SUGAR_SCALING=\\\$SUGAR_SCALING sugar
FOE

chmod a+x /home/$CREATE_USERNAME/.Xclients
chown $CREATE_USERNAME:$CREATE_USERNAME /home/$CREATE_USERNAME/.Xclients
# END Xclients setup
##################



##################
# BEGIN make sugar default
cat > /home/$CREATE_USERNAME/.dmrc <<EOF
[Desktop]
Layout=olpc
Session=sugar
EOF
# END make sugar default
##################



##################
# BEGIN make /var/log/messages a+r so Log activity can see it
chmod a+r /var/log/messages
# END make /var/log/messages a+r so Log activity can see it
##################
ive

##################
# BEGIN setup services
for service in auditd cpuspeed cups dnsmasq exim firstboot iptables ip6tables irda mdmonitor netfs network nfs nfslock nscd portreserve rpcbind rpcgssd rpcidmapd ; do
    /sbin/chkconfig --level 2345 $service off
done

for service in avahi-daemon sshd ; do
    /sbin/chkconfig --level 2345 $service on
done
# something triggers prompting, so just turn it off with a big hammer
sed -i -e 's/PROMPT=yes/PROMPT=no/;' /etc/sysconfig/init
# END setup services
##################

%end