Commit Graph

680 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
af13c198be
tests: fix preparing multi-part disk volume
Storing encrypted filename into f_name shadowed unencrypted source file
name.
2021-01-05 04:46:12 +01:00
Marek Marczykowski-Górecki
93608658a9
backup: throttle backup extracting if there is not enough disk space
Instead of failing the restore process, pause data extracting, until
already extracted data gets processed.
This commit implements this for local tar extraction. Extracting data
received from a VM is handled in qfile-(dom0-)unpacker, which also has
similar feature, turned on in 6338b936e2.

Fixes QubesOS/qubes-issues#4791
2021-01-05 04:46:12 +01:00
Marek Marczykowski-Górecki
10d4381c14
backup: check if there is enough disk space available to restore
Avoid failing restore after potentially lengthy processing - check
available space first.

This will be even more important after adding waiting for free space -
then if there won't be enough free space, the process will deadlock.

QubesOS/qubes-issues#4791
2021-01-05 03:33:21 +01:00
Marek Marczykowski-Górecki
16ff6d0552
backup: cleanup retrieve_proc on failure 2021-01-05 03:32:21 +01:00
Marek Marczykowski-Górecki
d906fbc4bb
backup: add function parameter for override temp directory
This will be useful for tests.

QubesOS/qubes-issues#
2021-01-05 03:31:09 +01:00
Marek Marczykowski-Górecki
25a6a305c8
tests: avoid 'xrandr' call
Don't rely on tool existence, nor on a specific monitor layout in test
env.
2020-12-02 04:31:31 +01:00
Marek Marczykowski-Górecki
6f39533a65
tools/qvm-run: do not check if DispVM is paused before starting it
DispVM is created on start, so it can't be paused - it doesn't exist
yet.

Fixes: 4a6b5db "qvm-run will unpause paused VMs by defaults"
2020-10-24 16:41:22 +02:00
Marta Marczykowska-Górecka
fa396a6da9
Better error reporting in qvm_start
When user provides incorrect image name/path, the tool
will now inform what's wrong.
2020-10-07 20:44:32 +02:00
WillyPillow
1671b4216f
qvm-template: Add tests for download function and fix minor bugs 2020-10-04 03:05:14 +08:00
Marek Marczykowski-Górecki
07dfe826f7
qvm-device: improve error message on invalid device type
Fixes QubesOS/qubes-issues#6057
2020-09-16 13:34:56 +02:00
WillyPillow
5f03640467
qvm-template: Fix broken indention 2020-09-15 01:30:57 +08:00
WillyPillow
63f488f64c
qvm-template: Mock print_table in tests for consistent output 2020-09-15 01:09:45 +08:00
WillyPillow
20443d5c6f
qvm-template: Add tests for functions list_templates and search 2020-09-15 00:25:49 +08:00
WillyPillow
7facc7d35f
qvm-template: Fix minor bugs
* Incomprehensive spec filtering in `list_templates`
* Type error of `install_time` in `list_templates`
* Incorrect version comparision in `search`
2020-09-15 00:23:06 +08:00
WillyPillow
dc26ba0ebf
qvm-template: Add tests for qrexec_repoquery and get_dl_list 2020-09-09 03:04:37 +08:00
WillyPillow
b9f1d4c633
qvm-template: Make pylint happy 2020-09-07 02:12:22 +08:00
WillyPillow
161ff01d7d
qvm-template: Fix compatibility with Python 3.6 in tests 2020-09-07 02:12:03 +08:00
WillyPillow
554459ef42
qvm-template: Fix compatibility with Python 3.6 2020-09-07 01:53:43 +08:00
WillyPillow
3fac2097eb
qvm-template: Add partial tests for qrexec_repoquery 2020-09-07 01:52:56 +08:00
WillyPillow
5e1e0daa5c
Make TestProcess.communicate return str instead of IO object 2020-09-07 01:18:59 +08:00
WillyPillow
3f75e6e49e
qvm-template: Add tests for qrexec_payload 2020-09-07 00:41:03 +08:00
WillyPillow
89895038b5
qvm-template: Fix date formats to "%Y-%m-%d %H:%M:%S" 2020-09-06 23:57:42 +08:00
WillyPillow
f8032b0f5a
Revert "qvm-template: Fix compatibility with Python 3.6"
This reverts commit 199996e7b8.
2020-09-05 02:25:26 +08:00
WillyPillow
199996e7b8
qvm-template: Fix compatibility with Python 3.6 2020-09-05 02:06:53 +08:00
WillyPillow
205eee4d80
qvm-template: Fix timezone issues by storing timezone explictly in features 2020-09-05 01:51:45 +08:00
WillyPillow
5a1e1b7fdd
qvm-template: Update docs for --updatevm 2020-09-04 01:59:28 +08:00
WillyPillow
757bb33329
Add stubs for rpm module and initial tests for qvm-template install 2020-09-04 01:56:15 +08:00
WillyPillow
3a42564af2
qvm-template: Make pylint happy 2020-08-31 02:22:39 +08:00
WillyPillow
fbf6c4e3c3
Merge remote-tracking branch 'origin/master' into qvm-template 2020-08-31 01:53:15 +08:00
WillyPillow
4199a9a222
qvm-template: Fix qvm_template_postprocess tests 2020-08-31 01:48:31 +08:00
WillyPillow
6b3858314d
qvm-template: Improve help message for --upgrades 2020-08-30 02:54:43 +08:00
WillyPillow
d65d3c741a
qvm-template: Replace "template-install-time" with "template-installtime" for consistency 2020-08-30 02:01:19 +08:00
WillyPillow
32a38c7183
qvm-template: Eliminate use of lsb_release 2020-08-30 01:58:25 +08:00
WillyPillow
2e06e300e6
qvm-template: Tweak machine-readable output format. 2020-08-26 01:31:33 +08:00
WillyPillow
6efd85afba
qvm-template: Initial manpage. 2020-08-25 23:00:08 +08:00
WillyPillow
e9e198cc10
qvm-template: Make sure that template-dummy is set and used properly. 2020-08-25 01:43:11 +08:00
Marek Marczykowski-Górecki
e6186239ef
Make pylint happy
- fix super-with-arguments
- ignore raise-missing-from - too many intentional usages
2020-08-23 03:31:39 +02:00
WillyPillow
55a3982bf6
qvm-template: Add option to disable download progress bar. 2020-08-19 02:00:19 +08:00
WillyPillow
d09695658f
qvm-template: Add support for JSON output. 2020-08-19 01:59:51 +08:00
WillyPillow
c6d5ac7c8c
qvm-template: Add option to specify RPM keyring location. 2020-08-14 14:27:36 +08:00
WillyPillow
3314500a83
qvm-template: Add purge operation. 2020-08-14 11:38:30 +08:00
Marta Marczykowska-Górecka
fe583cd88e
Make incorrect label name error more descriptive
Instead of unintuitive Value Error now we have dedicated QubesLabelNotFoundError.
2020-08-13 20:21:46 +02:00
Marek Marczykowski-Górecki
6e91fba942
Merge remote-tracking branch 'origin/pr/157'
* origin/pr/157:
  qvm-run will unpause paused VMs by defaults
2020-08-11 18:42:35 +02:00
Marek Marczykowski-Górecki
a7748d8cdf
Merge remote-tracking branch 'origin/pr/156'
* origin/pr/156:
  Added more resilience to missing permissions to utils
2020-08-11 18:41:55 +02:00
Marek Marczykowski-Górecki
7425a5359b
Cleanup Admin API denial reporting
Rename QubesDaemonNoResponseError to more intuitive
QubesDaemonAccessError (keep legacy name still working).
Use QubesPropertyAccessError whenever the access is about @property -
this makes it easy to use `getattr` to use default value instead.

QubesOS/qubes-issues#5811
2020-08-11 02:06:42 +02:00
WillyPillow
b7a603b9fe
qvm-template: Slight improvements to package verification. 2020-08-10 01:30:31 +08:00
WillyPillow
ed8fca6494
qvm-template: Fix type hints. 2020-08-08 15:31:25 +08:00
WillyPillow
6c873cdf39
qvm-template-postprocess: Make pylint happy. 2020-08-08 14:57:22 +08:00
WillyPillow
8ee0d639b8
qvm-template: Add confirmation for dangerous operations; verify signatures once instead of twice by returning header after verification. 2020-08-08 14:39:29 +08:00
WillyPillow
87c08c9941
qvm-template: Fix missing args for install operations. 2020-08-07 23:40:38 +08:00
WillyPillow
42a741cac5
qvm-template: Remove default 'repo_files' entry if other entries have been specified by the user. 2020-08-07 15:02:53 +08:00
WillyPillow
c523d78d59
qvm-template: Initial implementation of repolist. 2020-08-07 14:48:08 +08:00
Marek Marczykowski-Górecki
b04a14685c
Merge branch 'paranoid-restore'
* paranoid-restore:
  backup/restore: make error reporting work also for StandaloneVM based DispVM
  backup/restore: better error detection for --paranoid-mode
  doc: document 'tag-created-vm-with' feature
  tests: add paranoid backup restore unit tests
  tests: remove extra empty lines
  tests: extend run_service mockup for pre-recorded output
  rpm: add BR: python3-lxml and python3-xcffib
  backup/restore: add option for unattended restore and extracting log
  tools: remove obsolete _want_app argument
  Add "paranoid restore" mode
  rpm/deb: add dependency on scrypt
  utils: add simple locking primitive
  backup/restore: use qfile-unpacker in a VM, request disk space monitoring
  backup/restore: option for alternative qrexec service
  backup/restore: improve error message about restoring tags
  backup/restore: distinguish dom0 by name
2020-08-07 02:55:27 +02:00
Marek Marczykowski-Górecki
c75aeb400a
backup/restore: make error reporting work also for StandaloneVM based DispVM
If management dispvm is based on a StandaloneVM not a AppVM, then there
is just one level of templates, not two.

QubesOS/qubes-issues#4670
2020-08-07 02:12:39 +02:00
WillyPillow
ba7b113206
qvm-template: Replace newlines in machine-readable output. 2020-08-07 02:14:37 +08:00
WillyPillow
ed35802ca2
qvm-template: Tidy up code responsible for output in {info,list} operations. 2020-08-07 02:11:35 +08:00
Marta Marczykowska-Górecka
4a6b5dbae2
qvm-run will unpause paused VMs by defaults
If qvm-run is run with the autostart option (true by default), it will
also unpause paused VMs.

fixes QubesOS/qubes-issues#5967
2020-08-05 20:49:38 +02:00
WillyPillow
336b5c68c1
qvm-template: Initial support for machine-readable listings. 2020-08-06 02:42:05 +08:00
WillyPillow
7b6fa39d1c
qvm-template: More docstrings. 2020-08-06 02:05:57 +08:00
Marta Marczykowska-Górecka
37f0641c26
Added more resilience to missing permissions to utils
vm_dependencies function will now no longer throw an exception
when encountering rejection for property_is_default method.
2020-08-05 17:05:27 +02:00
Marek Marczykowski-Górecki
1660a1cbf6
backup/restore: better error detection for --paranoid-mode
Xterm doesn't preserve exit code of the process running inside. This
means, the whole xterm always exits with 0, even if qvm-backup-restore
failed.
Fix this by printing the exit code at the end to the log and then extract
that last line from the log on the calling side. This way we can also
distinguish whether qvm-backup-restore or xterm failed.
2020-08-05 05:06:54 +02:00
Marek Marczykowski-Górecki
852b689984
tests: add paranoid backup restore unit tests 2020-08-05 05:06:53 +02:00
Marek Marczykowski-Górecki
bf7b6225e3
tests: remove extra empty lines 2020-08-05 04:37:45 +02:00
Marek Marczykowski-Górecki
7fb90e0233
tests: extend run_service mockup for pre-recorded output
And also handle input written if just stdin.flush() is called but not
stdin.close().
2020-08-05 04:37:45 +02:00
Marek Marczykowski-Górecki
7d6cb655f8
backup/restore: add option for unattended restore and extracting log
Allow running unattended, with qvm-backup-restore --passphrase-file.
This require few modifications:
 - copy the passphrase file into the DisposableVM (that VM knows the
         passphrase anyway, so there is no extra data leak)
 - close the terminal when operation finishes

Closing the terminal would eliminate almost all the feedback (operation
log, errors, warnings etc), so write it into a file in DisposableVM and
later extract it and show on the stdout. Similar to qvm-run, color it
red as a content coming from a VM.

QubesOS/qubes-issues#5310
2020-08-05 04:37:44 +02:00
Marek Marczykowski-Górecki
f16f14b020
utils: fix encoding '+' for qubes.VMExec
'+' in an argument needs to be encoded too, otherwise it is interpreted
as arguments separator.
2020-08-04 22:17:04 +02:00
Marek Marczykowski-Górecki
e9120e3196
tools: remove obsolete _want_app argument
It was copied from core-admin but it doesn't make sense here (there is
no loading of qubes.xml).
2020-08-04 04:06:53 +02:00
Marek Marczykowski-Górecki
cc71dd5876
Add "paranoid restore" mode
Having Admin API, it is possible to do this properly now:
 - create DisposableVM
 - assign it proper permissions to create VMs and control those created
   VMs
 - run restore process inside
 - cleanup DisposableVM afterwards

Since the RestoreInDisposableVM class contains de facto reverse parser
for qvm-backup-restore command line, add a test that will spot when it
gets out of sync.

This feature depends on modifications in various other components,
including:
 - linux-utils and core-agent-linux for update qfile-unpacker
 - core-admin for qrexec policy modification

QubesOS/qubes-issues#5310
2020-08-04 04:06:53 +02:00
Marek Marczykowski-Górecki
81559d139c
utils: add simple locking primitive
Standard python locking modules do not provide detection if lock-holding
process is still alive. Add a simple wrapper around fcntl.lockf that do
just that.
2020-08-04 04:06:30 +02:00
Marek Marczykowski-Górecki
6338b936e2
backup/restore: use qfile-unpacker in a VM, request disk space monitoring
Make it possible to use qvm-backup-restore in a VM. This commit is about
accessing backup itself, when stored in another VM. This involve using
qfile-unpacker instead of qfile-dom0-unpacker and also requesting disk
space monitoring, as a VM probably won't have enough space to hold the
whole backup at once.

QubesOS/qubes-issues#4791
QubesOS/qubes-issues#5310
2020-08-04 04:06:30 +02:00
Marek Marczykowski-Górecki
db1d4b5d48
backup/restore: option for alternative qrexec service
Allow setting alternative qrexec service to retrieve backup content. The
service API is slightly different than the default one: it will get only
list of files/directories to extract on its stdin, but not backup
location. The latter could be provided as a service argument, or using
other out-of-band mechanism.
This will be useful for paranoid backup restore mode, to take away
control over location/command from sandboxed qvm-backup-restore process.

QubesOS/qubes-issues#5310
2020-08-04 04:06:30 +02:00
Marek Marczykowski-Górecki
114f6fb250
backup/restore: improve error message about restoring tags
Before reporting a tag as not restored, verify if it really wasn't
restored. Generally created-by-* tags cannot be created manually. But
when restoring a backup in dom0, created-by-dom0 tag is added, which in
many cases will match what want to be restored.

Adjust tests to check this too.
2020-08-04 04:06:29 +02:00
Marek Marczykowski-Górecki
2b6b4e7954
backup/restore: distinguish dom0 by name
Getting name of QubesVM object doesn't require Admin API call that could
be not allowed by this VM

QubesOS/qubes-issues#5310
2020-08-04 04:06:29 +02:00
WillyPillow
41cf9f948e
qvm-template: Partially include docstrings and type hints. 2020-08-04 02:51:36 +08:00
WillyPillow
69cd285810
qvm-template: Defer qrexec calls so that they can be omitted if exceptions are raised. 2020-08-04 01:40:59 +08:00
WillyPillow
e482b9eb0f
qvm-template: Use "vm.features.get" instead of explicit membership check. 2020-08-04 01:38:52 +08:00
WillyPillow
582c87644d
qvm-template: Use repo file from qubes-repo-templates. 2020-08-04 01:35:14 +08:00
WillyPillow
bf0635218a
qvm-template: Better args parsing: Use subparsers and complain about unknown args if the operation is not "remove". 2020-08-04 01:34:14 +08:00
Marek Marczykowski-Górecki
b7eca976b5
tests: use asynctest some more
Instead of hoping normal Mock will work (which does not on Python 3.8).
2020-08-03 04:55:46 +02:00
WillyPillow
377e2a77ff
qvm-template: Check that template is managed by qvm-template before accessing relevant features. 2020-08-01 03:21:31 +08:00
WillyPillow
5319e7a41a
qvm-template: Fix typo. 2020-08-01 03:06:04 +08:00
WillyPillow
a9a19428f3
qvm-template: Check that template spec is not "---". 2020-08-01 03:05:21 +08:00
WillyPillow
40e7304f17
qvm-template: Make pylint happy. 2020-08-01 02:56:59 +08:00
WillyPillow
3d0a39523b
qvm-template: Reorder functions. 2020-08-01 02:40:27 +08:00
WillyPillow
233e411c2f
qvm-template: Switch to namedtuples and other slight cleanup. 2020-08-01 02:24:29 +08:00
Marek Marczykowski-Górecki
77e1e080d7
Merge remote-tracking branch 'origin/pr/154'
* origin/pr/154:
  Add qubes-guivm-session utility
  qvm-start-daemon: allow --watch without --all
  qvm-start-daemon: convert to async/await syntax
2020-07-31 00:41:27 +02:00
WillyPillow
3ada7af0eb
qvm-template: {reinstall,{up,down}grade}: Better handling and checks for existing version. 2020-07-31 01:27:40 +08:00
WillyPillow
90e4f65bea
qvm-template*: Add option to specify pool to store created VM. 2020-07-29 20:55:56 +08:00
WillyPillow
ef59a658f4 qvm-template: Make pylint happy by changing "license" to "licence". 2020-07-29 20:55:02 +08:00
WillyPillow
f960ed4726 qvm-template: Add --refresh option and allow DNF cache to be used. 2020-07-29 20:55:02 +08:00
WillyPillow
8aa9ab9e89 qvm-template: Remove downloaded file if the download is interrupted. 2020-07-29 20:55:02 +08:00
WillyPillow
88ee572cac qvm-template: Incorporate additional metadata in qubes.TemplateSearch. 2020-07-29 20:55:02 +08:00
WillyPillow
421dd74dd2 Check number of fields for qubes.TemplateSearch output. 2020-07-29 20:55:02 +08:00
WillyPillow
5e76bdb5f1 Revamp "qvm-template search" and finish TODOs. 2020-07-29 20:55:02 +08:00
WillyPillow
37a72ecebf Print error messages if qubes.TemplateSearch fails. 2020-07-29 20:55:02 +08:00
WillyPillow
e6392ba4ec Add lock-file functionality for qvm-template install. 2020-07-29 20:55:02 +08:00
WillyPillow
c573faa9c0 Initial implementation for "qvm-template search". 2020-07-29 20:55:02 +08:00
WillyPillow
d656554822 Initial implementation for "qvm-template info". 2020-07-29 20:55:02 +08:00
WillyPillow
51324da24d Allow <package-spec>-like arguments for the list operation. 2020-07-29 20:55:02 +08:00
WillyPillow
41323d004f Support for {reinstall,downgrade,upgrade} operations.
Requires QubesOS/qubes-issues#5946 to be resolved.
2020-07-29 20:55:02 +08:00