Qubes/core-admin-client
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

tools/qvm_template_postprocess: set vm.features['qrexec']

Browse Source 
Enable 'qrexec' VM feature to wait for qrexec initialization - it is
required to call qubes.PostInstall service. If VM start fails, assume
there is no qrexec and drop that feature.
This commit is contained in:
Marek Marczykowski-Górecki 2017-06-14 04:23:24 +02:00
parent 64f7eecf58
commit 9dd659d60f
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724
2 changed files with 32 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
qubesadmin/tests/tools/qvm_template_postprocess.py
View File

@ -238,6 +238,8 @@ class TC_00_qvm_template_postprocess(qubesadmin.tests.QubesTestCase):
('test-vm', 'admin.vm.property.Set', 'netvm', b'')] = b'0\0' ('test-vm', 'admin.vm.property.Set', 'netvm', b'')] = b'0\0'
self.app.expected_calls[ self.app.expected_calls[
('test-vm', 'admin.vm.property.Reset', 'netvm', None)] = b'0\0' ('test-vm', 'admin.vm.property.Reset', 'netvm', None)] = b'0\0'
self.app.expected_calls[
('test-vm', 'admin.vm.feature.Set', 'qrexec', b'True')] = b'0\0'
self.app.expected_calls[ self.app.expected_calls[
('test-vm', 'admin.vm.Start', None, None)] = b'0\0' ('test-vm', 'admin.vm.Start', None, None)] = b'0\0'
self.app.expected_calls[ self.app.expected_calls[
@ -284,6 +286,8 @@ class TC_00_qvm_template_postprocess(qubesadmin.tests.QubesTestCase):
('test-vm', 'admin.vm.property.Set', 'netvm', b'')] = b'0\0' ('test-vm', 'admin.vm.property.Set', 'netvm', b'')] = b'0\0'
self.app.expected_calls[ self.app.expected_calls[
('test-vm', 'admin.vm.property.Reset', 'netvm', None)] = b'0\0' ('test-vm', 'admin.vm.property.Reset', 'netvm', None)] = b'0\0'
self.app.expected_calls[
('test-vm', 'admin.vm.feature.Set', 'qrexec', b'True')] = b'0\0'
self.app.expected_calls[ self.app.expected_calls[
('test-vm', 'admin.vm.Start', None, None)] = b'0\0' ('test-vm', 'admin.vm.Start', None, None)] = b'0\0'
self.app.expected_calls[ self.app.expected_calls[

49
qubesadmin/tools/qvm_template_postprocess.py
View File

@ -168,29 +168,36 @@ def post_install(args):
if not args.skip_start: if not args.skip_start:
# just created, so no need to save previous value - we know what it was # just created, so no need to save previous value - we know what it was
vm.netvm = None vm.netvm = None
vm.start() # temporarily enable qrexec feature - so vm.start() will wait for it;
# if start fails, rollback it
vm.features['qrexec'] = True
try: try:
vm.run_service_for_stdio('qubes.PostInstall') vm.start()
except qubesadmin.exc.QubesVMError: except qubesadmin.exc.QubesException:
vm.log.error('qubes.PostInstall service failed') del vm.features['qrexec']
vm.shutdown()
if have_events:
try:
# pylint: disable=no-member
qubesadmin.events.utils.wait_for_domain_shutdown(vm,
qubesadmin.config.defaults['shutdown_timeout'])
except qubesadmin.exc.QubesVMShutdownTimeout:
vm.kill()
asyncio.get_event_loop().close()
else: else:
timeout = qubesadmin.config.defaults['shutdown_timeout'] try:
while timeout >= 0: vm.run_service_for_stdio('qubes.PostInstall')
if vm.is_halted(): except qubesadmin.exc.QubesVMError:
break vm.log.error('qubes.PostInstall service failed')
time.sleep(1) vm.shutdown()
timeout -= 1 if have_events:
if not vm.is_halted(): try:
vm.kill() # pylint: disable=no-member
qubesadmin.events.utils.wait_for_domain_shutdown(vm,
qubesadmin.config.defaults['shutdown_timeout'])
except qubesadmin.exc.QubesVMShutdownTimeout:
vm.kill()
asyncio.get_event_loop().close()
else:
timeout = qubesadmin.config.defaults['shutdown_timeout']
while timeout >= 0:
if vm.is_halted():
break
time.sleep(1)
timeout -= 1
if not vm.is_halted():
vm.kill()
vm.netvm = qubesadmin.DEFAULT vm.netvm = qubesadmin.DEFAULT