Commit Graph

267 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
7978e17aeb
Merge remote-tracking branch 'origin/pr/145'
* origin/pr/145: (119 commits)
  qvm-template: fix downloading template for install
  tests: add tests for other qvm-template functions
  tests: improve TestProcess behavior
  tests: add tests for qvm-template reinstall/up/downgrade when nothing needs to be done
  tests: fix mock return values of get_dl_list when testing `qvm-template reinstall`
  qvm-template: update comments to reflect e424c7d
  qvm-template: only ask for confirmation during install if something is being done
  tests: add more tests re. install, remove, and get_keys_for_repos
  qvm-template: test != 1 instead of == 0 for template-dummy feature
  tests: fix tests for verify_rpm involving incorrect template names
  tests: add tests for qvm-template remove
  tests: some more for qvm-template
  qvm-template: mute pylint complains about typing.NamedTuple
  tests: qvm-template-postprocess - template.conf handling
  qvm-template-postprocess: fix allowed features list
  qvm-template-postprocess: extract config handling into separate function
  qvm-template-postprocess: treat missing appmenus files as warnings only
  qvm-template: default confirm to 'n'
  qvm-template: verify template package signature directly at download
  qvm-template: improve error reporting
  ...
2021-04-01 20:23:46 +02:00
Marek Marczykowski-Górecki
9020f2e1fd
qvm-template: fix downloading template for install
Donwload a template into a cache dir, not into default of `qvm-template
download` (current directory).
2021-04-01 01:48:29 +02:00
WillyPillow
d1ce8d3a95
tests: add tests for other qvm-template functions 2021-03-02 15:14:08 +08:00
WillyPillow
64e9c24054
tests: improve TestProcess behavior
- Have it actually write to the given stdout handle.
- Return the return code for `poll` instead of returning `None`, so that
the process is observed to terminate.
2021-03-02 15:12:23 +08:00
WillyPillow
4083b74284
tests: add tests for qvm-template reinstall/up/downgrade when nothing needs to be done 2021-02-21 02:19:43 +08:00
WillyPillow
a9d03d199b
tests: fix mock return values of get_dl_list when testing qvm-template reinstall 2021-02-21 02:13:16 +08:00
WillyPillow
764a56ade1
tests: add more tests re. install, remove, and get_keys_for_repos 2021-02-20 11:03:39 +08:00
WillyPillow
33d205c1dd
tests: fix tests for verify_rpm involving incorrect template names 2021-02-20 09:56:36 +08:00
WillyPillow
ed3e368673
tests: add tests for qvm-template remove 2021-02-20 09:46:56 +08:00
Marek Marczykowski-Górecki
e00f35b9c3
tests: some more for qvm-template
QubesOS/qubes-issues#
2021-02-19 23:06:07 +01:00
Marek Marczykowski-Górecki
b86408a36d
tests: qvm-template-postprocess - template.conf handling 2021-02-19 15:10:16 +01:00
Marek Marczykowski-Górecki
e424c7df9c
qvm-template: verify template package signature directly at download
Make the download() function save the package into a temporary space and
move to the target location only after checking the signature. This is
safer option than requiring all callers to explicitly verify the
signature. Also, make the download() function verify if the template
name inside the package matches what was requested.
Especially, make `qvm-template download` action verify the signature
too.

On `qvm-template install` avoid checking the signature again for
downloaded packages, by passing extra argument to the verify_rpm()
function. But still verify signature of packages loaded from disk.
2021-02-18 21:43:57 +01:00
Marek Marczykowski-Górecki
8795668233
qvm-template-postprocess: do not generate appmenus twice
Skip initial generate, as it's done before actual menu entries are
extracted from the template. But do call it if we aren't going to
extract menu entries initially - it will create just "settings" menu
entry.
2021-02-07 03:35:16 +01:00
Marek Marczykowski-Górecki
b7446afe3b
qvm-template: use key specified in the repo definition if possible
This makes the package verified against _only_ the key specified in the
repo config, not all the trusted keys.
If repo does not specify a key, use the default one (change this to a
single file, instead of the whole directory). Existing 'gpgkey' entry
pointing at non-existing file will result in an error.
2021-02-07 03:35:16 +01:00
Marek Marczykowski-Górecki
4f9757ca88
qvm-template: by default list only latest available template
But add --all-versions option to get all the available versions.
2021-02-07 03:35:16 +01:00
Marek Marczykowski-Górecki
6980e7ba14
Store template repo configuration in /etc
This way it's easier to permanently enable repos.
2021-02-06 16:03:40 +01:00
Marek Marczykowski-Górecki
f1424812b0
qvm-template: improve install lock
Use fcntl.flock() instead of just file existence check, so it won't fail
on a stale lock file. While at it, move locking to a function decorator,
to de-clutter the install function a bit. This will allow reducing
indentation level, but don't do it yet, to make the patch readable.

Move lock testing into a separate test, and remove it from install
tests.

QubesOS/qubes-issues#2534
2021-02-06 16:03:39 +01:00
Marek Marczykowski-Górecki
f3954fb225
qvm-template: download templates to a temporary directory
Avoid risk of conflicting downloads to the same directory, reusing
partial downloads, leaving broken files etc. Move template package out
of temporary directory only after its verified.

QubesOS/qubes-issues#2534
2021-02-06 16:03:38 +01:00
Marek Marczykowski-Górecki
f3f6750a3f
qvm-template: call rpmkeys --checksig for signature verification
RPM API is confusing and it's easy to get it wrong when verifying
package signatures.
Call 'rpmkeys --checksig' which is more rebust here - RPM authors should
know how to use their API.

QubesOS/qubes-issues#2534
2021-02-06 16:03:38 +01:00
Marek Marczykowski-Górecki
0f42fd0580
tests: restoring a backup bigger than available space in /var/tmp
This test uses three tricks to test /var/tmp space monitoring:
1. Creates a big uncompressed backup (2GB file instead of few bytes)
2. Mount small tmpfs over /var/tmp (650MB - minimal space that should
   not deadlock the restore)
3. Artificially slow down data processing by adding sleep()

QubesOS/qubes-issues#4791
2021-01-05 04:50:59 +01:00
Marek Marczykowski-Górecki
af13c198be
tests: fix preparing multi-part disk volume
Storing encrypted filename into f_name shadowed unencrypted source file
name.
2021-01-05 04:46:12 +01:00
Marek Marczykowski-Górecki
25a6a305c8
tests: avoid 'xrandr' call
Don't rely on tool existence, nor on a specific monitor layout in test
env.
2020-12-02 04:31:31 +01:00
Marek Marczykowski-Górecki
6f39533a65
tools/qvm-run: do not check if DispVM is paused before starting it
DispVM is created on start, so it can't be paused - it doesn't exist
yet.

Fixes: 4a6b5db "qvm-run will unpause paused VMs by defaults"
2020-10-24 16:41:22 +02:00
WillyPillow
1671b4216f
qvm-template: Add tests for download function and fix minor bugs 2020-10-04 03:05:14 +08:00
WillyPillow
63f488f64c
qvm-template: Mock print_table in tests for consistent output 2020-09-15 01:09:45 +08:00
WillyPillow
20443d5c6f
qvm-template: Add tests for functions list_templates and search 2020-09-15 00:25:49 +08:00
WillyPillow
dc26ba0ebf
qvm-template: Add tests for qrexec_repoquery and get_dl_list 2020-09-09 03:04:37 +08:00
WillyPillow
161ff01d7d
qvm-template: Fix compatibility with Python 3.6 in tests 2020-09-07 02:12:03 +08:00
WillyPillow
3fac2097eb
qvm-template: Add partial tests for qrexec_repoquery 2020-09-07 01:52:56 +08:00
WillyPillow
5e1e0daa5c
Make TestProcess.communicate return str instead of IO object 2020-09-07 01:18:59 +08:00
WillyPillow
3f75e6e49e
qvm-template: Add tests for qrexec_payload 2020-09-07 00:41:03 +08:00
WillyPillow
89895038b5
qvm-template: Fix date formats to "%Y-%m-%d %H:%M:%S" 2020-09-06 23:57:42 +08:00
WillyPillow
205eee4d80
qvm-template: Fix timezone issues by storing timezone explictly in features 2020-09-05 01:51:45 +08:00
WillyPillow
757bb33329
Add stubs for rpm module and initial tests for qvm-template install 2020-09-04 01:56:15 +08:00
WillyPillow
fbf6c4e3c3
Merge remote-tracking branch 'origin/master' into qvm-template 2020-08-31 01:53:15 +08:00
WillyPillow
4199a9a222
qvm-template: Fix qvm_template_postprocess tests 2020-08-31 01:48:31 +08:00
Marta Marczykowska-Górecka
fe583cd88e
Make incorrect label name error more descriptive
Instead of unintuitive Value Error now we have dedicated QubesLabelNotFoundError.
2020-08-13 20:21:46 +02:00
Marek Marczykowski-Górecki
6e91fba942
Merge remote-tracking branch 'origin/pr/157'
* origin/pr/157:
  qvm-run will unpause paused VMs by defaults
2020-08-11 18:42:35 +02:00
Marek Marczykowski-Górecki
b04a14685c
Merge branch 'paranoid-restore'
* paranoid-restore:
  backup/restore: make error reporting work also for StandaloneVM based DispVM
  backup/restore: better error detection for --paranoid-mode
  doc: document 'tag-created-vm-with' feature
  tests: add paranoid backup restore unit tests
  tests: remove extra empty lines
  tests: extend run_service mockup for pre-recorded output
  rpm: add BR: python3-lxml and python3-xcffib
  backup/restore: add option for unattended restore and extracting log
  tools: remove obsolete _want_app argument
  Add "paranoid restore" mode
  rpm/deb: add dependency on scrypt
  utils: add simple locking primitive
  backup/restore: use qfile-unpacker in a VM, request disk space monitoring
  backup/restore: option for alternative qrexec service
  backup/restore: improve error message about restoring tags
  backup/restore: distinguish dom0 by name
2020-08-07 02:55:27 +02:00
Marta Marczykowska-Górecka
4a6b5dbae2
qvm-run will unpause paused VMs by defaults
If qvm-run is run with the autostart option (true by default), it will
also unpause paused VMs.

fixes QubesOS/qubes-issues#5967
2020-08-05 20:49:38 +02:00
Marek Marczykowski-Górecki
1660a1cbf6
backup/restore: better error detection for --paranoid-mode
Xterm doesn't preserve exit code of the process running inside. This
means, the whole xterm always exits with 0, even if qvm-backup-restore
failed.
Fix this by printing the exit code at the end to the log and then extract
that last line from the log on the calling side. This way we can also
distinguish whether qvm-backup-restore or xterm failed.
2020-08-05 05:06:54 +02:00
Marek Marczykowski-Górecki
852b689984
tests: add paranoid backup restore unit tests 2020-08-05 05:06:53 +02:00
Marek Marczykowski-Górecki
bf7b6225e3
tests: remove extra empty lines 2020-08-05 04:37:45 +02:00
Marek Marczykowski-Górecki
7fb90e0233
tests: extend run_service mockup for pre-recorded output
And also handle input written if just stdin.flush() is called but not
stdin.close().
2020-08-05 04:37:45 +02:00
Marek Marczykowski-Górecki
f16f14b020
utils: fix encoding '+' for qubes.VMExec
'+' in an argument needs to be encoded too, otherwise it is interpreted
as arguments separator.
2020-08-04 22:17:04 +02:00
Marek Marczykowski-Górecki
cc71dd5876
Add "paranoid restore" mode
Having Admin API, it is possible to do this properly now:
 - create DisposableVM
 - assign it proper permissions to create VMs and control those created
   VMs
 - run restore process inside
 - cleanup DisposableVM afterwards

Since the RestoreInDisposableVM class contains de facto reverse parser
for qvm-backup-restore command line, add a test that will spot when it
gets out of sync.

This feature depends on modifications in various other components,
including:
 - linux-utils and core-agent-linux for update qfile-unpacker
 - core-admin for qrexec policy modification

QubesOS/qubes-issues#5310
2020-08-04 04:06:53 +02:00
Marek Marczykowski-Górecki
db1d4b5d48
backup/restore: option for alternative qrexec service
Allow setting alternative qrexec service to retrieve backup content. The
service API is slightly different than the default one: it will get only
list of files/directories to extract on its stdin, but not backup
location. The latter could be provided as a service argument, or using
other out-of-band mechanism.
This will be useful for paranoid backup restore mode, to take away
control over location/command from sandboxed qvm-backup-restore process.

QubesOS/qubes-issues#5310
2020-08-04 04:06:30 +02:00
Marek Marczykowski-Górecki
114f6fb250
backup/restore: improve error message about restoring tags
Before reporting a tag as not restored, verify if it really wasn't
restored. Generally created-by-* tags cannot be created manually. But
when restoring a backup in dom0, created-by-dom0 tag is added, which in
many cases will match what want to be restored.

Adjust tests to check this too.
2020-08-04 04:06:29 +02:00
Marek Marczykowski-Górecki
b7eca976b5
tests: use asynctest some more
Instead of hoping normal Mock will work (which does not on Python 3.8).
2020-08-03 04:55:46 +02:00
Paweł Marczewski
cb7f191bd2
qvm-start-daemon: convert to async/await syntax 2020-07-29 11:27:19 +02:00