Commit Graph

137 Commits

Author SHA1 Message Date
GammaSQ
b848625428
added tests for shortcuts 2018-12-08 12:38:26 +01:00
Marek Marczykowski-Górecki
5fe6ffc04c
tools/qvm-create: reject --root-{move,copy}-from with template-based qubes
Fixes QubesOS/qubes-issues#4424
2018-12-08 00:44:18 +01:00
Marek Marczykowski-Górecki
bee55a3bce
tools/qvm-device: allow detaching all devices
QubesOS/qubes-issues#4530
2018-12-08 00:44:18 +01:00
Marek Marczykowski-Górecki
4b00ef7ec7
tools/qvm-run: fix error reporting on qvm-run -n on halted qube
Fixes QubesOS/qubes-issues#4476
2018-12-08 00:44:18 +01:00
Marek Marczykowski-Górecki
9acce13a35
tools: fix qvm-run --pass-io --localcmd=... vmname command
qubes.VMShell service, used by qvm-run, expects the command on the first
input line. Previously, when --localcmd was used, the command wasn't
written anywhere and the local command was connected directly to
qubes.VMShell service. And the first line of its output was interpreted
as a command.

Fix this by starting the local command separately, after sending the
command to qubes.VMShell service.

While at it, unify handling shell command and service calls in the process.
vm.run_service(..., localcmd= ) isn't that useful in general case,
because for qubes.VMShell the caller first need to send the command
before starting local process. Since the qvm-run tool needs to implement
manual starting localcmd anyway, don't use localcmd= run_service's
argument at all to unify calling methods.

There is slight behavior change: previously localcmd was started only
after establishing service connection (for example only if qrexec policy
allows), now it is started in all the cases.

Fixes QubesOS/qubes-issues#4040
2018-12-08 00:44:02 +01:00
Marek Marczykowski-Górecki
e6202d496d
tests/tools: improve qvm-run tests
Fix most FD/process leaks, make qvm-run --passio tests working (as much
as possible).
2018-12-07 23:55:03 +01:00
Marek Marczykowski-Górecki
67897e3f9f
Copy application menu on VM clone
The qubesd daemon have no information about clone source - from that
side it looks like a new VM.  This means application menu is created as
for a new VM.
To fix this re-initialize menu with --source option as part of the clone
operation. It will copy both list of available applications (if
applicable) and selected applications.

This fixes both qvm-clone case and rename.

Fixes QubesOS/qubes-issues#3902
Fixes QubesOS/qubes-issues#4124
2018-10-29 05:27:05 +01:00
Marek Marczykowski-Górecki
5078d75aa3
tools/qvm-create: fix handling invalid label 2018-10-18 03:24:24 +02:00
Marek Marczykowski-Górecki
759fafea63
tools/qvm-create: properly create template-based StandaloneVM
By definition StandaloneVM is not linked to the template. Creating one
from a template is a clone operation. It's already possible using
qvm-clone tool, but it's logical to do that using qvm-create tool too.
This was the case in R3.2 too.

While adding this special case, skip cloning private volume, to preserve
behaviour of TemplateBaseVMs which do not inherit private volume either.

Fixes QubesOS/qubes-issues#3793
2018-10-18 03:24:15 +02:00
Patrik Hagara
4cd513757b
qvm-ls: add filtering by domain power state 2018-10-10 20:06:35 +02:00
Marek Marczykowski-Górecki
045bad13e7
tools/qvm-create: resize root volume if needed before imporing data
If file to be imported is larger than the default root volume, resize
the volume first. It might be also a good idea to shrink it when needed,
but currently the backend refuse it.

Fixes QubesOS/qubes-issues#3422
2018-09-05 04:29:36 +02:00
Patrik Hagara
cd4424235b
qvm-ls: add filtering by tags 2018-08-26 22:08:32 +02:00
Marek Marczykowski-Górecki
584bd052ed
Adjust shell input for Windows shell, for qvm-run tool
Windows shell (cmd.exe) use '&' as a separator for multiple commands in
the same line.

Fixes QubesOS/qubes-issues#4165
2018-07-30 18:31:04 +02:00
Marta Marczykowska-Górecka
47b4e86736
Added test for qvm-remove dependency reporting 2018-07-20 01:35:00 +02:00
Marek Marczykowski-Górecki
4d61407f5d
Add 'gui-emulated' feature
Add an explicit method for forcing emulated VGA output. Previously it
was possible only by removing `gui` feature (setting it to false had a
different effect), or enabling debug mode.
Using lack of a feature as a third state was a bad idea.

QubesOS/qubes-issues#3585
2018-07-16 04:25:56 +02:00
Marek Marczykowski-Górecki
95ce30a9e3
qvm-start-gui: fix handlign rpc-clipboard feature
Pass -Q option to both stubdoman's gui daemon and actual VM's gui
daemon.

QubesOS/qubes-issues#3585
2018-07-11 23:39:37 +02:00
jimtahu
d1455ce6c3
Add test of qvm_prefs for specal case "None" 2018-06-13 23:38:25 -05:00
Peter Gerber
00fbfdd77a
tools/qvm-firewall: add dst4 and dst6 as synonyms for dsthost 2018-05-03 00:49:43 +02:00
Peter Gerber
ed9b42d5b4
tools/qvm-firewall: Show EXPIRE column in list output 2018-04-30 21:30:52 +02:00
Marek Marczykowski-Górecki
ab79bd2a44
tools/qvm-firewall: make 'list' a default action 2018-04-30 04:16:23 +02:00
Marek Marczykowski-Górecki
7f79075088
tools/qvm-firewall: add 'expire' rule support 2018-04-30 04:13:45 +02:00
Marek Marczykowski-Górecki
90df051f4f
tools/qvm-pool: add --set to modify pool properties
Fixes QubesOS/qubes-issues#3256
2018-04-13 00:26:25 +02:00
Marek Marczykowski-Górecki
efae2dfd38
Merge branch 'template-postprocess-fail'
* template-postprocess-fail:
  qvm-template-postprocess: do not remove VM on failed reinstall
  qvm-template-postprocess: resize volume only when needed
2018-03-20 19:22:33 +01:00
Marek Marczykowski-Górecki
70b15c2eae
qvm-volume: refuse to shrink volume unless --force option is used
Right now Admin API backend will refuse to shrink volume anyway, but
we're planning to relax this restriction. Make sure the client side
(qvm-volume tool here, GUI VM settings already have this in place) will
employ appropriate safety check.

QubesOS/qubes-issues#3725
2018-03-20 17:53:36 +01:00
Marek Marczykowski-Górecki
562137c36d
qvm-template-postprocess: resize volume only when needed
If needs to be extended - do it before import. If needs to be reduced -
after. This way, if data import fails for any reason, previous data
won't be destroyed (truncated).
Also, convert error on shrinking volume to a warning, as it doesn't break
the template (just leave it with bigger disk than needed). Currently all
storage pool implementations refuse to shrink a volume (but it may
change in the future).

QubesOS/qubes-issues#3169
2018-03-19 20:47:15 +01:00
Marek Marczykowski-Górecki
034e9b3a24
qvm-volume: add 'info' and 'config' actions
This allows to get and set volumes properties.

Fixes QubesOS/qubes-issues#3256
2018-03-18 23:38:10 +01:00
Marek Marczykowski-Górecki
b1237bfe1f
tests: add tests for various 'qvm-prefs vm pref' cases 2018-03-04 03:43:07 +01:00
Rusty Bird
78571898da
qvm-backup: let backup core handle default VM selection
This takes the include_in_backups property into account, and does not
omit dom0.
2018-02-23 02:09:06 +00:00
Rusty Bird
2d8bade8b2
qvm-backup-restore: really pass options 2018-02-23 02:09:04 +00:00
Marek Marczykowski-Górecki
3d4f626515
Merge remote-tracking branch 'qubesos/pr/51'
* qubesos/pr/51:
  qvm-run: wait for X11 in --dispvm --gui case
  vm/DispVM: use 'qrexec_timeout' also for call connection timeout
2018-01-15 03:23:54 +01:00
Rusty Bird
c83deccdd3
qvm-run: wait for X11 in --dispvm --gui case
'qvm-run --dispvm' cannot easily make a separate qubes.WaitForSession
call. Instead, if --gui is active, pass the new WaitForSession argument
to qubes.VMShell, which will do the equivalent.

The unit tests have been copied (in slightly adapted form) from commit
a620f02e2a

Fixes QubesOS/qubes-issues#3012
Closes QubesOS/qubes-core-admin-client#49
2018-01-14 18:36:46 +00:00
Marek Marczykowski-Górecki
c98b33bcd6
vm/DispVM: use 'qrexec_timeout' also for call connection timeout
When calling a service in DispVM, the connection is established only
after session is ready (if required for given service). qrexec-client by
default use 5s here, which is too low depending on hardware. Use
'qrexec_timeout' property here for DispVM case.

Fixes QubesOS/qubes-issues#3012
2018-01-14 18:36:24 +00:00
Marek Marczykowski-Górecki
080b563ae2
tools/qvm-ls: add --raw-list option for compatibility with R3.2
There was an option to list just VM names, useful for scripting.
Preserve that for compatibility.
2018-01-12 05:29:39 +01:00
Marek Marczykowski-Górecki
0533703ddf
tools/qvm-ls: allow list only selected VMs
Restore possibility to list only some VMs, by naming them on command
line.
2018-01-12 05:29:39 +01:00
Marek Marczykowski-Górecki
51a89a9e77
Merge remote-tracking branch 'qubesos/pr/44'
* qubesos/pr/44:
  Fix style else-return
  tests: update qvm-template-process and qvm-remove tests
  Add --force to manpage.
  Avoid cloning installed_by_rpm
  Print vm list before prompt
  Use --force instead of --yes
  Toggle installed_by_rpm in template tool
  Fix error message grammar
  Add --yes option and confirm prompt.
2018-01-06 14:54:32 +01:00
Marek Marczykowski-Górecki
75a433f07a
tests: update qvm-template-process and qvm-remove tests 2018-01-06 03:40:51 +01:00
Marek Marczykowski-Górecki
917df5a8c5
tools/qvm-ls: fix handling columns with underscore
Mangling column type was inconsistent, resulting in
KeyError('VIRT_MODE').
2017-12-29 03:24:22 +01:00
Marek Marczykowski-Górecki
8ebcb438dd
tests: update tests for fixed verify_only handling 2017-12-10 22:39:19 +01:00
Marek Marczykowski-Górecki
01114e828b
tests: fix tests after dropping unnecessary admin.label.List call 2017-12-05 22:56:37 +01:00
Marek Marczykowski-Górecki
7bcab46f96
tools/qvm-shutdown: fix handling shutdown timeout for multiple VMs
When some VM timeout on shutdown, the tool will try to kill all of them,
but at this point some of them may be already powered off (not all
hanged during shutdown, but only some). Handle this
situation instead of crashing. And add appropriate test.
2017-10-28 22:40:24 +02:00
Marek Marczykowski-Górecki
8981e71b88
tools: fix handling qvm-run --no-autostart
Fixes QubesOS/qubes-issues#3083
2017-10-19 14:55:33 +02:00
Marek Marczykowski-Górecki
0187588531
tools: adjust qvm-start message and logic, update tests
QubesOS/qubes-issues#3130
2017-10-08 18:17:03 +02:00
Marek Marczykowski-Górecki
559cc9b0d6
tools/qvm-start: fix starting a VM with cdrom image
1. Output of `losetup` command contains `\n` - strip it.
2. Provide read-only option - if device info hasn't propagated to qubesd
yet, it will not be set automatically.

Fixes QubesOS/qubes-issues#3146
2017-10-04 15:18:28 +02:00
Marek Marczykowski-Górecki
8476afc306
tools: finish 'qvm-volume revert' implementation, add tests
It wasn't aware of snapshot identifier, fix that. Also update to use
VM:VOLUME syntax, not POOL:VID.
2017-10-02 21:12:17 +02:00
Marek Marczykowski-Górecki
5e2638ab5e
tools: restore qvm-start --cdrom and similar options
Booting a VM from cdrom require attaching the device before VM startup,
which is possible only in persistent mode. But for qvm-start --cdrom
adding a cdrom only temporarily, use new update_persistence() function
to convert the assignment to temporary one.

Fixes QubesOS/qubes-issues#3055
2017-09-05 08:33:47 +02:00
Marek Marczykowski-Górecki
0fa374264f
tools: add qvm-create --help-classes
List available VM classes

QubesOS/qubes-issues#3017
2017-08-30 16:54:24 +02:00
Marek Marczykowski-Górecki
0464a3ebfc
tools: implement qvm-create --root-move-from/--root-copy-from 2017-08-30 16:54:23 +02:00
Marek Marczykowski-Górecki
596eb3d96c
tools/qvm-run: ignore --filter-esc/--no-filter-esc unless --pass-io is given
If no VM output is printed on terminal, those options doesn't make sense
anyway.

Fixes QubesOS/qubes-issues#3013
2017-08-12 14:19:41 +02:00
Marek Marczykowski-Górecki
37ae76823b
tools: add qvm-run --dispvm option
Add option to uniformly start new DispVM from either VM or Dom0. This
use DispVMWrapper, which translate it to either qrexec call to $dispvm,
or (in dom0) to appropriate Admin API call to create fresh DispVM
first.
This require abandoning registering --all and --exclude by
QubesArgumentParser, because we need to add --dispvm mutually exclusive
with those two. But actually handling those two options is still done by
QubesArgumentParser.

This also updates man page and tests.

Fixes QubesOS/qubes-issues#2974
2017-08-06 20:44:55 +02:00
Marek Marczykowski-Górecki
c4460751a9
tools/qvm-start-gui: do not start stubdomain GUI for VMs with gui-agent 2017-07-30 18:54:08 +02:00
Marek Marczykowski-Górecki
f48321dd98
Merge branch 'devel-6'
* devel-6:
  qvm-ls: fix total VM size reporting
  doc: update manpage of qvm-service
  tools: qvm-service tool
  tests: too much copy&paste
  features: serialize True as '1'
  tools/qvm-start-gui: add --force-stubdomain options
  tools/qvm-shutdown: fix help message
  tools/qvm-shutdown: drop --force option, it isn't supported anymore
2017-07-29 05:28:57 +02:00
Marek Marczykowski-Górecki
18153652f3
tools: qvm-service tool
This really use features, but keep compatibility with Qubes 3.x

Fixes QubesOS/qubes-issues#1227
2017-07-28 14:24:04 +02:00
Marek Marczykowski-Górecki
1000d7902d
tests: too much copy&paste 2017-07-28 13:56:39 +02:00
Marek Marczykowski-Górecki
0fae70be53
features: serialize True as '1'
Do the same as core-admin code.
2017-07-28 13:56:05 +02:00
Marek Marczykowski-Górecki
2d5d9d6d7d
tools: add qvm-backup tool
New qvm-backup tool can either use pre-existing backup profile
(--profile), or - when running in dom0 - can create new one based on
used options (--save-profile).

This commit add a tool itself, update its man page, and add tests for
it.

Fixes QubesOS/qubes-issues#2931
2017-07-21 03:58:18 +02:00
Marek Marczykowski-Górecki
d8af76ed60
backup: move BackupRestore class and helpers to 'restore' submodule
This breaks cyclic imports and also allow cleaner separation between
backup make and restore code.

No functional change.
2017-07-21 03:54:04 +02:00
Marek Marczykowski-Górecki
c50fc21e44
tests: qvm-backup-restore tool tests
Very simple one, but also fix reporting errors detected by tests.
2017-07-21 03:54:04 +02:00
Marek Marczykowski-Górecki
3c9fb8dbac
tools/qvm-volume: fix default action handling 2017-07-21 03:10:02 +02:00
Marek Marczykowski-Górecki
ae0729fb53
storage: drop 'internal' volume property
Since external block devices use Devices API now, it isn't useful
anymore.

QubesOS/qubes-issues#2256
2017-07-21 03:10:01 +02:00
Marek Marczykowski-Górecki
756235d4f3
Change 'hvm' property to 'virt_mode'
QubesOS/qubes-issues#2912
2017-07-18 04:22:34 +02:00
Marek Marczykowski-Górecki
0c0b625a70
Merge branch 'devel-backup' 2017-07-18 01:49:37 +02:00
Marek Marczykowski-Górecki
f058c48c92
Merge branch 'devel-2-qvm-run-1'
* devel-2-qvm-run-1:
  Make pylint happy
  tools/qvm-run: fix handling EOF
  tests: mark qvm-run tests with "expected failure"
  tools/qvm-run: fix handling copying stdin to the process
2017-07-18 01:49:16 +02:00
Marek Marczykowski-Górecki
40a1769806
tests: mark qvm-run tests with "expected failure"
since qvm-run use multiprocessing.Process now, stdin sent to it is
processed in separate process and doesn't come back to
TestApp.actual_calls (self.app). Annotate tests for now, to be fixed
later.
2017-07-18 01:03:57 +02:00
Marek Marczykowski-Górecki
a91372a919
devices,features: fix bool values handling
API define False value serialized as '' and True as 'True'. Do not
serialize 0 as '' (features) or True as 'yes' (devices).
2017-07-17 20:27:35 +02:00
Marek Marczykowski-Górecki
9036103102
tests: qvm-shutdown --wait tests 2017-07-08 00:08:19 +02:00
Marek Marczykowski-Górecki
6b1c6141f6
tests/tools: add MockEventsReader
Make it easy to test things listening for events
2017-07-08 00:08:19 +02:00
Marek Marczykowski-Górecki
2052b32202
events: simplify wait_for_domain_shutdown coroutine
1. Handle timeout externally - using asyncio.wait_for.
2. Add support for waiting for multiple VMs.
2017-07-06 22:01:17 +02:00
Marek Marczykowski-Górecki
627aebf2cd
tools: remove policy handling from qvm-firewall tool
Follow the API removal

QubesOS/qubes-issues#2869
2017-07-05 14:16:30 +02:00
Marek Marczykowski-Górecki
5430e04e1c
tools: move event loop creation/closing to main function
Do not close event loop in utility function - handle it only in main().
For this reason, change appropriate functions to coroutines.

Fixes QubesOS/qubes-issues#2865
2017-06-25 20:09:10 +02:00
Marek Marczykowski-Górecki
c545c95660
tests: fix qvm-run test on travis
stdout there is not a tty, which change default value of filter_esc.
2017-06-25 13:44:17 +02:00
Marek Marczykowski-Górecki
3cf5840d7a
Merge branch 'devel-4'
* devel-4:
  tools/qvm-start-gui: multiple fixes
  vm: raise CalledProcessError instead of QubesVMError on failed service call
  events: improve handling qubesd restart
2017-06-25 13:16:50 +02:00
Marek Marczykowski-Górecki
cef80a76e4
Merge branch 'devel-3'
* devel-3:
  Implement VM clone as create + copy data+metadata
  storage: make Volumes sortable
  base: add PropertyHolder.clone_properties
  doc: minor fixes to man pages
  storage: add volume clone method
  doc: fix skel-manpage tool
  tools: add qvm-tags tool
  tags support
2017-06-25 13:16:22 +02:00
Marek Marczykowski-Górecki
64377207a8
tools/qvm-start-gui: multiple fixes
Don't start GUI daemon for given VM twice when qvm-start-gui was started
during VM startup (while waiting for qrexec startup). This is especially
common while running tests.

Report failed qubes.SetMonitorLayout as warning (instead of unhandled
exception).

Clear VM cache on qubesd reconnect.

Fix logging.
2017-06-21 06:01:53 +02:00
Marek Marczykowski-Górecki
bcd026d141
Implement VM clone as create + copy data+metadata
This way we don't need separate admin.vm.Clone call, which is tricky to
handler properly with policy.
A VM may not have access to all the properties and other metadata, so
add ignore_errors argument, for best-effort approach (copy what is
possible). In any case, failure of cloning VM data fails the whole
operation.
When operation fails, VM is removed.

While at it, allow to specify alternative VM class - this allows
morphing one VM into another (for example AppVM -> StandaloneVM).

Adjust qvm-clone tool and tests accordingly.

QubesOS/qubes-issues#2622
2017-06-20 01:34:18 +02:00
Marek Marczykowski-Górecki
8e5f90c273
tools: add qvm-tags tool
QubesOS/qubes-issues#2388
2017-06-20 01:34:17 +02:00
Marek Marczykowski-Górecki
9dd659d60f
tools/qvm_template_postprocess: set vm.features['qrexec']
Enable 'qrexec' VM feature to wait for qrexec initialization - it is
required to call qubes.PostInstall service. If VM start fails, assume
there is no qrexec and drop that feature.
2017-06-14 10:43:52 +02:00
Wojtek Porczyk
59eda63923 qvm-ls: hide flags (aka status), get more descriptive
Enterprise™ continues.
2017-06-08 15:03:00 +02:00
Marek Marczykowski-Górecki
2675d63579
tools: add qvm-template-postprocess
Tool to be called from template's rpm post-installation script.
2017-05-26 01:33:43 +02:00
Marek Marczykowski-Górecki
fe51e8862a
Fix qubesadmin/tests/tools/qvm_firewall.py license header 2017-05-26 00:42:48 +02:00
Marek Marczykowski-Górecki
1aab64d5b0
tests: add more test cases for qvm-start-gui 2017-05-26 00:42:46 +02:00
Marek Marczykowski-Górecki
38abd81ea8
tools: add qvm-run --service
Make it convenient wrapper around qrexec-client{-vm}, which would start
a VM, wait for user session etc.
2017-05-20 03:15:23 +02:00
Marek Marczykowski-Górecki
8686ef423a
tools/qvm-run: exit the shell after executing requested command
Since we use qubes.VMShell service now and send requested command on its
stdin, we need to terminate that shell after requested command -
otherwise the service will not terminate automatically waiting for
further input (next commands).
2017-05-18 09:54:26 +02:00
Marek Marczykowski-Górecki
ee81902979
features: fix serialization
qubesd_call expect "bytes" type. Additionally serialize false value as
empty string (which is treated by python as false value), because
otherwise would be serialized to (non-empty) string, which is true value
in python.
2017-05-18 09:48:18 +02:00
Marek Marczykowski-Górecki
2d7ca9f95e
tools/qvm-run: wait for user session unless qvm-run --no-gui is used
Avoid race condition with X server startup, especially important for
qvm-run --autostart.
2017-05-17 11:07:48 +02:00
Marek Marczykowski-Górecki
210876bd8f
tools/qvm-run: use subproces.DEVNULL instead of manually opened /dev/null 2017-05-17 11:06:56 +02:00
Marek Marczykowski-Górecki
cfc9ff2ce5
Rename Mgmt API to Admin API: methods names
QubesOS/qubes-issues#853
2017-05-12 19:36:03 +02:00
Marek Marczykowski-Górecki
4ceff0f8c0
Rename qubesmgmt to qubesadmin module
QubesOS/qubes-issues#853
2017-05-11 23:40:03 +02:00