#!/bin/sh
#
#  This script sets up the /etc/apt/sources.list for APT, and it disables
# TLS where appropriate.
#
# Steve
# --
# http://www.steve.org.uk/


prefix=$1


#
#  Source our common functions
#
if [ -e /usr/lib/xen-tools/common.sh ]; then
    . /usr/lib/xen-tools/common.sh
else
    . ./hooks/common.sh
fi


#
# Log our start
#
logMessage Script $0 starting


#
# You'll probably need DNS to run "apt-get update".
#
cp /etc/resolv.conf ${prefix}/etc


#
# Attempt to auto-magically detect the use of a Proxy for apt-get, and
# replicate that setup in our new guest.
#
#
#  Process any of the present apt-conf setup lines.
#
for i in /etc/apt/apt.conf /etc/apt/apt.conf.d/* ; do 

    #
    # If the file exists.  (Need this in case the literal glob fails.)
    #
    if [ -e $i ] ; then

        #
        # Save the matching line(s) to the proxy guess file.
        #
        logMessage The use of a proxy detected.
        grep -i HTTP::Proxy $i >> ${prefix}/etc/apt/apt.conf.d/proxy-guess
    fi
done



#
# Setup the sources.list file for new installations of Debian GNU/Linux.
#
cat <<E_O_APT > ${prefix}/etc/apt/sources.list
#
#  /etc/apt/sources.list
#


#
# ${dist}
#
deb     ${mirror}     ${dist} main contrib non-free
deb-src ${mirror}     ${dist} main contrib non-free

E_O_APT


#
#  If the host system has security support then enable that here too.
#
if ( grep ^deb.*security.debian.org /etc/apt/sources.list >/dev/null 2>/dev/null ) ; then

    cat <<E_O_APT >> ${prefix}/etc/apt/sources.list
# 
#  Security updates
# 
deb     http://security.debian.org/ ${dist}/updates  main contrib non-free
deb-src http://security.debian.org/ ${dist}/updates  main contrib non-free
E_O_APT

else
    cat <<E_O_APT >> ${prefix}/etc/apt/sources.list
# 
#  Security updates - Uncomment to enable.
# 
# deb     http://security.debian.org/ ${dist}/updates  main contrib non-free
# deb-src http://security.debian.org/ ${dist}/updates  main contrib non-free
E_O_APT

fi
    
#
#  Now that the sources have been setup make sure the system is up to date.
#
chroot ${prefix} /usr/bin/apt-get update



#
# For sid or etch systems we install libc6-xen
#
# For sarge we don't have that option, so we disable TLS.
#
if [ "`uname -m`" = "x86_64" ]; then

    logMessage "Ignoring TLS since we're a 64 bit host."

else

    case "${dist}" in
        etch|lenny|sid)
            logMessage "Installing xen-aware libc6"
    
            installDebianPackage ${prefix} libc6-xen
            ;;
        *)
            logMessage "Disabling TLS"
            mv ${prefix}/lib/tls ${prefix}/lib/tls.disabled
            mkdir ${prefix}/lib/tls
            ;;
    esac
fi



#
#  Log our finish
#
logMessage Script $0 finished
