Qubes/core-admin-client
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
959 Commits 1 Branch 0 Tags 3.3 MiB
5cf08b5b03
Commit Graph

382 Commits

Author SHA1 Message Date
WillyPillow
757bb33329
Add stubs for rpm module and initial tests for qvm-template install 2020-09-04 01:56:15 +08:00
WillyPillow
3a42564af2
qvm-template: Make pylint happy 2020-08-31 02:22:39 +08:00
WillyPillow
fbf6c4e3c3
Merge remote-tracking branch 'origin/master' into qvm-template 2020-08-31 01:53:15 +08:00
WillyPillow
6b3858314d
qvm-template: Improve help message for --upgrades 2020-08-30 02:54:43 +08:00
WillyPillow
d65d3c741a
qvm-template: Replace "template-install-time" with "template-installtime" for consistency 2020-08-30 02:01:19 +08:00
WillyPillow
32a38c7183
qvm-template: Eliminate use of lsb_release 2020-08-30 01:58:25 +08:00
WillyPillow
2e06e300e6
qvm-template: Tweak machine-readable output format. 2020-08-26 01:31:33 +08:00
WillyPillow
6efd85afba
qvm-template: Initial manpage. 2020-08-25 23:00:08 +08:00
WillyPillow
e9e198cc10
qvm-template: Make sure that template-dummy is set and used properly. 2020-08-25 01:43:11 +08:00
Marek Marczykowski-Górecki
e6186239ef
Make pylint happy 
- fix super-with-arguments
- ignore raise-missing-from - too many intentional usages
 2020-08-23 03:31:39 +02:00
WillyPillow
55a3982bf6
qvm-template: Add option to disable download progress bar. 2020-08-19 02:00:19 +08:00
WillyPillow
d09695658f
qvm-template: Add support for JSON output. 2020-08-19 01:59:51 +08:00
WillyPillow
c6d5ac7c8c
qvm-template: Add option to specify RPM keyring location. 2020-08-14 14:27:36 +08:00
WillyPillow
3314500a83
qvm-template: Add purge operation. 2020-08-14 11:38:30 +08:00
Marek Marczykowski-Górecki
6e91fba942
Merge remote-tracking branch 'origin/pr/157' 
* origin/pr/157:
  qvm-run will unpause paused VMs by defaults
 2020-08-11 18:42:35 +02:00
WillyPillow
b7a603b9fe
qvm-template: Slight improvements to package verification. 2020-08-10 01:30:31 +08:00
WillyPillow
ed8fca6494
qvm-template: Fix type hints. 2020-08-08 15:31:25 +08:00
WillyPillow
6c873cdf39
qvm-template-postprocess: Make pylint happy. 2020-08-08 14:57:22 +08:00
WillyPillow
8ee0d639b8
qvm-template: Add confirmation for dangerous operations; verify signatures once instead of twice by returning header after verification. 2020-08-08 14:39:29 +08:00
WillyPillow
87c08c9941
qvm-template: Fix missing args for install operations. 2020-08-07 23:40:38 +08:00
WillyPillow
42a741cac5
qvm-template: Remove default 'repo_files' entry if other entries have been specified by the user. 2020-08-07 15:02:53 +08:00
WillyPillow
c523d78d59
qvm-template: Initial implementation of repolist. 2020-08-07 14:48:08 +08:00
WillyPillow
ba7b113206
qvm-template: Replace newlines in machine-readable output. 2020-08-07 02:14:37 +08:00
WillyPillow
ed35802ca2
qvm-template: Tidy up code responsible for output in {info,list} operations. 2020-08-07 02:11:35 +08:00
Marta Marczykowska-Górecka
4a6b5dbae2
qvm-run will unpause paused VMs by defaults 
If qvm-run is run with the autostart option (true by default), it will
also unpause paused VMs.

fixes QubesOS/qubes-issues#5967
 2020-08-05 20:49:38 +02:00
WillyPillow
336b5c68c1
qvm-template: Initial support for machine-readable listings. 2020-08-06 02:42:05 +08:00
WillyPillow
7b6fa39d1c
qvm-template: More docstrings. 2020-08-06 02:05:57 +08:00
Marek Marczykowski-Górecki
7d6cb655f8
backup/restore: add option for unattended restore and extracting log 
Allow running unattended, with qvm-backup-restore --passphrase-file.
This require few modifications:
 - copy the passphrase file into the DisposableVM (that VM knows the
         passphrase anyway, so there is no extra data leak)
 - close the terminal when operation finishes

Closing the terminal would eliminate almost all the feedback (operation
log, errors, warnings etc), so write it into a file in DisposableVM and
later extract it and show on the stdout. Similar to qvm-run, color it
red as a content coming from a VM.

QubesOS/qubes-issues#5310
 2020-08-05 04:37:44 +02:00
Marek Marczykowski-Górecki
e9120e3196
tools: remove obsolete _want_app argument 
It was copied from core-admin but it doesn't make sense here (there is
no loading of qubes.xml).
 2020-08-04 04:06:53 +02:00
Marek Marczykowski-Górecki
cc71dd5876
Add "paranoid restore" mode 
Having Admin API, it is possible to do this properly now:
 - create DisposableVM
 - assign it proper permissions to create VMs and control those created
   VMs
 - run restore process inside
 - cleanup DisposableVM afterwards

Since the RestoreInDisposableVM class contains de facto reverse parser
for qvm-backup-restore command line, add a test that will spot when it
gets out of sync.

This feature depends on modifications in various other components,
including:
 - linux-utils and core-agent-linux for update qfile-unpacker
 - core-admin for qrexec policy modification

QubesOS/qubes-issues#5310
 2020-08-04 04:06:53 +02:00
Marek Marczykowski-Górecki
db1d4b5d48
backup/restore: option for alternative qrexec service 
Allow setting alternative qrexec service to retrieve backup content. The
service API is slightly different than the default one: it will get only
list of files/directories to extract on its stdin, but not backup
location. The latter could be provided as a service argument, or using
other out-of-band mechanism.
This will be useful for paranoid backup restore mode, to take away
control over location/command from sandboxed qvm-backup-restore process.

QubesOS/qubes-issues#5310
 2020-08-04 04:06:30 +02:00
WillyPillow
41cf9f948e
qvm-template: Partially include docstrings and type hints. 2020-08-04 02:51:36 +08:00
WillyPillow
69cd285810
qvm-template: Defer qrexec calls so that they can be omitted if exceptions are raised. 2020-08-04 01:40:59 +08:00
WillyPillow
e482b9eb0f
qvm-template: Use "vm.features.get" instead of explicit membership check. 2020-08-04 01:38:52 +08:00
WillyPillow
582c87644d
qvm-template: Use repo file from qubes-repo-templates. 2020-08-04 01:35:14 +08:00
WillyPillow
bf0635218a
qvm-template: Better args parsing: Use subparsers and complain about unknown args if the operation is not "remove". 2020-08-04 01:34:14 +08:00
WillyPillow
377e2a77ff
qvm-template: Check that template is managed by qvm-template before accessing relevant features. 2020-08-01 03:21:31 +08:00
WillyPillow
5319e7a41a
qvm-template: Fix typo. 2020-08-01 03:06:04 +08:00
WillyPillow
a9a19428f3
qvm-template: Check that template spec is not "---". 2020-08-01 03:05:21 +08:00
WillyPillow
40e7304f17
qvm-template: Make pylint happy. 2020-08-01 02:56:59 +08:00
WillyPillow
3d0a39523b
qvm-template: Reorder functions. 2020-08-01 02:40:27 +08:00
WillyPillow
233e411c2f
qvm-template: Switch to namedtuples and other slight cleanup. 2020-08-01 02:24:29 +08:00
WillyPillow
3ada7af0eb
qvm-template: {reinstall,{up,down}grade}: Better handling and checks for existing version. 2020-07-31 01:27:40 +08:00
WillyPillow
90e4f65bea
qvm-template*: Add option to specify pool to store created VM. 2020-07-29 20:55:56 +08:00
WillyPillow
ef59a658f4 qvm-template: Make pylint happy by changing "license" to "licence". 2020-07-29 20:55:02 +08:00
WillyPillow
f960ed4726 qvm-template: Add --refresh option and allow DNF cache to be used. 2020-07-29 20:55:02 +08:00
WillyPillow
8aa9ab9e89 qvm-template: Remove downloaded file if the download is interrupted. 2020-07-29 20:55:02 +08:00
WillyPillow
88ee572cac qvm-template: Incorporate additional metadata in qubes.TemplateSearch. 2020-07-29 20:55:02 +08:00
WillyPillow
421dd74dd2 Check number of fields for qubes.TemplateSearch output. 2020-07-29 20:55:02 +08:00
WillyPillow
5e76bdb5f1 Revamp "qvm-template search" and finish TODOs. 2020-07-29 20:55:02 +08:00
WillyPillow
37a72ecebf Print error messages if qubes.TemplateSearch fails. 2020-07-29 20:55:02 +08:00
WillyPillow
e6392ba4ec Add lock-file functionality for qvm-template install. 2020-07-29 20:55:02 +08:00
WillyPillow
c573faa9c0 Initial implementation for "qvm-template search". 2020-07-29 20:55:02 +08:00
WillyPillow
d656554822 Initial implementation for "qvm-template info". 2020-07-29 20:55:02 +08:00
WillyPillow
51324da24d Allow <package-spec>-like arguments for the list operation. 2020-07-29 20:55:02 +08:00
WillyPillow
41323d004f Support for {reinstall,downgrade,upgrade} operations. 
Requires QubesOS/qubes-issues#5946 to be resolved.
 2020-07-29 20:55:02 +08:00
WillyPillow
faef52e61a Fix pylint warnings. 2020-07-29 20:55:02 +08:00
WillyPillow
8a4b5e683a Add suffix for unverified RPMs. 2020-07-29 20:55:02 +08:00
WillyPillow
addb677506 Check for newlines in qrexec arguments & improve error handling. 2020-07-29 20:55:02 +08:00
WillyPillow
73eb4cd08c Use tqdm for progress bar. 2020-07-29 20:55:02 +08:00
WillyPillow
3d42c988f0 Various cleanup and improvements. 
- `qvm-template list`: show template state
- `qvm-template list`: only call qubes.TemplateSearch once
- `qvm-template list`: use `qubesadmin.tools.print_table()` instead of own implementation
- `qvm-template download`: custom progress bar
- Use `run_service` instead of own implementation
- Remove some erroneous/redundant lines
 2020-07-29 20:55:02 +08:00
WillyPillow
0e8e8d98de Better way of detecting VM. 2020-07-29 20:55:02 +08:00
WillyPillow
b634c7c785 Initial commit of qvm-template. 
Refer to <https://gist.github.com/WillyPillow/61ee5f48b7c5b7cc90c9fd2ec5c1b20d>
for previous revisions.
 2020-07-29 20:55:02 +08:00
WillyPillow
bab8e699d7 Change "whitelist" to "menu-items" in qvm-features for clarity. 2020-07-29 20:55:02 +08:00
WillyPillow
e8ba117c26 Allow virt_mode other than pv. 2020-07-29 20:55:02 +08:00
WillyPillow
eda68cce6d Verify values of boolean flags in template config. 2020-07-29 20:55:02 +08:00
WillyPillow
6c7360f25c Separate whitelist entries with spaces instead of newlines. 2020-07-29 20:55:02 +08:00
WillyPillow
9d9ee6a4b7 Initial support for qvm-template. 2020-07-29 20:55:02 +08:00
Paweł Marczewski
624e4e32fb
Add qubes-guivm-session utility 
To be used in an xsession file (/usr/share/xsessions).
 2020-07-29 12:11:03 +02:00
Paweł Marczewski
c6be7ca5cc
qvm-start-daemon: allow --watch without --all 
Allow specifying VM names to look for.
 2020-07-29 11:35:32 +02:00
Paweł Marczewski
cb7f191bd2
qvm-start-daemon: convert to async/await syntax 2020-07-29 11:27:19 +02:00
Marek Marczykowski-Górecki
4da218c332
Merge remote-tracking branch 'origin/pr/149' 
* origin/pr/149:
  Add admin.vm.volume.Clear call (QubesOS/qubes-issues#5946)
 2020-07-16 04:05:38 +02:00
Marek Marczykowski-Górecki
b99e45f081
Merge remote-tracking branch 'origin/pr/146' 
* origin/pr/146:
  Added dynamic X keyboard event monitoring to qvm_start_daemon.py

Fixes QubesOS/qubes-issues#1396
Fixes QubesOS/qubes-issues#4294
 2020-07-15 15:34:07 +02:00
Marta Marczykowska-Górecka
1446a6d7ee
Added dynamic X keyboard event monitoring to qvm_start_daemon.py 
Update keyboard_layout property whenever guivm's layout changes, instead of
only at the start.

requires QubesOS/qubes-core-admin#350

references QubesOS/qubes-issues#1396
references QubesOS/qubes-issues#4294
 2020-07-15 14:04:25 +02:00
Marek Marczykowski-Górecki
6f335800b0
Wrap too long line 2020-07-15 14:01:29 +02:00
Marek Marczykowski-Górecki
470514d0dc
Merge remote-tracking branch 'origin/pr/144' 
* origin/pr/144:
  Clean up the guid-conf file on domain stop
  Generate qubes-guid options based on features
 2020-07-15 14:00:31 +02:00
WillyPillow
455542ac7f
Add admin.vm.volume.Clear call (QubesOS/qubes-issues#5946) 2020-07-14 01:48:19 +08:00
Paweł Marczewski
7616a8913a
Clean up the guid-conf file on domain stop 2020-06-29 12:20:23 +02:00
Paweł Marczewski
3540f04a42
Generate qubes-guid options based on features 
Allow configuring options per VM or globally per GuiVM. The
qvm-start-daemon program reads the options from VM features, and
generates a configuration file for qubes-guid.

Requires QubesOS/qubes-gui-daemon#47 (customizing the configuration
file).
 2020-06-29 12:01:09 +02:00
Frédéric Pierret (fepitre)
f89c4cad56
qvm-start-daemon: common_guid_args is now a staticmethod 2020-06-26 12:18:59 +02:00
Frédéric Pierret (fepitre)
92e87b122e
Handle KDE with specific arg/desktop file 2020-06-24 10:51:39 +02:00
Marek Marczykowski-Górecki
ae39c75867
Merge remote-tracking branch 'origin/pr/140' 
* origin/pr/140:
  use function to determine pacat domid
  connect to PA in stubdom if audio-model enabled run pacat in low latency mode by default
 2020-06-20 05:01:59 +02:00
Marek Marczykowski-Górecki
9d6b7257c4
tools/qvm-start-daemon: reduce required permissions to sys-gui itself 
Do not require permission to list sys-gui itself just to get keyboard
layout. Listing itself is not sensitive (sys-gui knows it exists), but
it will make other tools request its properties, which may not be
desirable.
 2020-06-16 15:58:57 +02:00
Dmitry Fedorov
d99045f05e
use function to determine pacat domid 2020-05-31 21:11:33 +03:00
Dmitry Fedorov
ec90829695
connect to PA in stubdom if audio-model enabled 
run pacat in low latency mode by default
 2020-05-29 12:07:38 +03:00
Marek Marczykowski-Górecki
b1453953f9
Merge remote-tracking branch 'origin/pr/139' 
* origin/pr/139:
  Added a safeguard for invalid firewall rules
 2020-05-27 04:18:20 +02:00
Marek Marczykowski-Górecki
c081ed8c82
Enable caching in qvm-ls and qvm-prefs 
Both tools issue a large number of Admin API calls and greatly benefit
from a cache filled with a single per-vm Admin API call
(admin.vm.property.GetAll). In case of qvm-ls, this also saves multiple
admin.vm.CurrentState calls (power state is given in the admin.vm.List
response too).

QubesOS/qubes-issues#3293
 2020-05-22 19:28:51 +02:00
Marta Marczykowska-Górecka
d2f4a4533a
Added a safeguard for invalid firewall rules 
Firewall rule cannot be missing value in declaration
(e.g. 'dsthost=' is not a valid rule).

fixes QubesOS/qubes-issues#5772
 2020-05-16 12:18:13 +02:00
Marek Marczykowski-Górecki
83b1fc6c58
tools/qvm-volume import: do not retrieve old size anymore 
Since admin.vm.volume.ImportWithSize method is used now, there is no
need to retrieve old size anymore (to decide whether to resize or not).
 2020-05-10 03:57:28 +02:00
Marek Marczykowski-Górecki
65dcee424a
Make pylint happy 
New pylint reports (duplicated?) warning signature-differs in addition
to arguments-differ. Ignore this one too.
 2020-05-10 03:21:40 +02:00
Marek Marczykowski-Górecki
4971faa462
Merge remote-tracking branch 'origin/pr/118' 
* origin/pr/118:
  qvm-start-daemon: adjust pacat pid file path
  qvm-start-daemon: check if layout is parsed
  qvm-start-daemon: allow multiple options in keyboard layout
  qvm-start-daemon: improve parsing args for setting keyboard layout
  qvm-start-daemon: set keyboard-layout only for the first set layout
  gui: set keyboard layout when starting daemon
  daemon: start it for dom0 unconditionnaly
  qvm-start-daemon: ensure separate task between GUI/AUDIO
  qvm-start-daemon: allow starting only if service enabled
  Fix and improvements from Marek's comments
  Change qvm-start-gui to qvm-start-daemon for handling audio too
  Support for AudioVM
 2020-04-09 05:24:26 +02:00
Rusty Bird
f9ee7f5816
collections.Callable -> collections.abc.Callable 
"Deprecated since version 3.3, will be removed in version 3.10"
- https://docs.python.org/3/library/collections.html
 2020-04-07 21:30:54 +00:00
Frédéric Pierret (fepitre)
e87559b318
qvm-start-daemon: adjust pacat pid file path 2020-04-07 23:12:09 +02:00
Frédéric Pierret (fepitre)
e39f280405
qvm-start-daemon: check if layout is parsed 2020-03-28 17:33:04 +01:00
Frédéric Pierret (fepitre)
2e72f75611
qvm-start-daemon: allow multiple options in keyboard layout 2020-03-28 17:33:03 +01:00
Frédéric Pierret (fepitre)
023d94a0b3
qvm-start-daemon: improve parsing args for setting keyboard layout 2020-03-28 17:33:03 +01:00
Frédéric Pierret (fepitre)
c13097d458
qvm-start-daemon: set keyboard-layout only for the first set layout 2020-03-28 17:33:03 +01:00
Frédéric Pierret (fepitre)
c58e5b8eb8
gui: set keyboard layout when starting daemon 2020-03-28 17:33:03 +01:00
Frédéric Pierret (fepitre)
526c862b5d
daemon: start it for dom0 unconditionnaly 2020-03-28 17:33:03 +01:00
Frédéric Pierret (fepitre)
49957971ff
qvm-start-daemon: ensure separate task between GUI/AUDIO 2020-03-28 17:33:03 +01:00