tools/qvm_template_postprocess: set vm.features['qrexec']

Enable 'qrexec' VM feature to wait for qrexec initialization - it is required to call qubes.PostInstall service. If VM start fails, assume there is no qrexec and drop that feature.
2017-06-14 04:23:24 +02:00 · 2017-06-14 04:23:24 +02:00 · 9dd659d60f
commit 9dd659d60f
parent 64f7eecf58
2 changed files with 32 additions and 21 deletions
--- a/qubesadmin/tests/tools/qvm_template_postprocess.py
+++ b/qubesadmin/tests/tools/qvm_template_postprocess.py
@ -238,6 +238,8 @@ class TC_00_qvm_template_postprocess(qubesadmin.tests.QubesTestCase):
            ('test-vm', 'admin.vm.property.Set', 'netvm', b'')] = b'0\0'
        self.app.expected_calls[
            ('test-vm', 'admin.vm.property.Reset', 'netvm', None)] = b'0\0'
+        self.app.expected_calls[
+            ('test-vm', 'admin.vm.feature.Set', 'qrexec', b'True')] = b'0\0'
        self.app.expected_calls[
            ('test-vm', 'admin.vm.Start', None, None)] = b'0\0'
        self.app.expected_calls[
@ -284,6 +286,8 @@ class TC_00_qvm_template_postprocess(qubesadmin.tests.QubesTestCase):
            ('test-vm', 'admin.vm.property.Set', 'netvm', b'')] = b'0\0'
        self.app.expected_calls[
            ('test-vm', 'admin.vm.property.Reset', 'netvm', None)] = b'0\0'
+        self.app.expected_calls[
+            ('test-vm', 'admin.vm.feature.Set', 'qrexec', b'True')] = b'0\0'
        self.app.expected_calls[
            ('test-vm', 'admin.vm.Start', None, None)] = b'0\0'
        self.app.expected_calls[
--- a/qubesadmin/tools/qvm_template_postprocess.py
+++ b/qubesadmin/tools/qvm_template_postprocess.py
@ -168,29 +168,36 @@ def post_install(args):
    if not args.skip_start:
        # just created, so no need to save previous value - we know what it was
        vm.netvm = None
-        vm.start()
+        # temporarily enable qrexec feature - so vm.start() will wait for it;
+        # if start fails, rollback it
+        vm.features['qrexec'] = True
        try:
-            vm.run_service_for_stdio('qubes.PostInstall')
-        except qubesadmin.exc.QubesVMError:
-            vm.log.error('qubes.PostInstall service failed')
-        vm.shutdown()
-        if have_events:
-            try:
-                # pylint: disable=no-member
-                qubesadmin.events.utils.wait_for_domain_shutdown(vm,
-                    qubesadmin.config.defaults['shutdown_timeout'])
-            except qubesadmin.exc.QubesVMShutdownTimeout:
-                vm.kill()
-            asyncio.get_event_loop().close()
+            vm.start()
+        except qubesadmin.exc.QubesException:
+            del vm.features['qrexec']
        else:
-            timeout = qubesadmin.config.defaults['shutdown_timeout']
-            while timeout >= 0:
-                if vm.is_halted():
-                    break
-                time.sleep(1)
-                timeout -= 1
-            if not vm.is_halted():
-                vm.kill()
+            try:
+                vm.run_service_for_stdio('qubes.PostInstall')
+            except qubesadmin.exc.QubesVMError:
+                vm.log.error('qubes.PostInstall service failed')
+            vm.shutdown()
+            if have_events:
+                try:
+                    # pylint: disable=no-member
+                    qubesadmin.events.utils.wait_for_domain_shutdown(vm,
+                        qubesadmin.config.defaults['shutdown_timeout'])
+                except qubesadmin.exc.QubesVMShutdownTimeout:
+                    vm.kill()
+                asyncio.get_event_loop().close()
+            else:
+                timeout = qubesadmin.config.defaults['shutdown_timeout']
+                while timeout >= 0:
+                    if vm.is_halted():
+                        break
+                    time.sleep(1)
+                    timeout -= 1
+                if not vm.is_halted():
+                    vm.kill()

        vm.netvm = qubesadmin.DEFAULT