Commit Graph

348 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
8aede943cc
qvm-template: add copyright header 2021-02-06 16:03:38 +01:00
Marek Marczykowski-Górecki
aeeb3daa80
qvm-template: handle template extraction failure
QubesOS/qubes-issues#2534
2021-02-06 16:03:38 +01:00
Marek Marczykowski-Górecki
f3954fb225
qvm-template: download templates to a temporary directory
Avoid risk of conflicting downloads to the same directory, reusing
partial downloads, leaving broken files etc. Move template package out
of temporary directory only after its verified.

QubesOS/qubes-issues#2534
2021-02-06 16:03:38 +01:00
Marek Marczykowski-Górecki
f3f6750a3f
qvm-template: call rpmkeys --checksig for signature verification
RPM API is confusing and it's easy to get it wrong when verifying
package signatures.
Call 'rpmkeys --checksig' which is more rebust here - RPM authors should
know how to use their API.

QubesOS/qubes-issues#2534
2021-02-06 16:03:38 +01:00
Marek Marczykowski-Górecki
b500462abb
qvm-template: use UpdateVM by default
Do not hardcode sys-firewall
2021-02-06 16:03:37 +01:00
WillyPillow
1671b4216f
qvm-template: Add tests for download function and fix minor bugs 2020-10-04 03:05:14 +08:00
WillyPillow
5f03640467
qvm-template: Fix broken indention 2020-09-15 01:30:57 +08:00
WillyPillow
7facc7d35f
qvm-template: Fix minor bugs
* Incomprehensive spec filtering in `list_templates`
* Type error of `install_time` in `list_templates`
* Incorrect version comparision in `search`
2020-09-15 00:23:06 +08:00
WillyPillow
b9f1d4c633
qvm-template: Make pylint happy 2020-09-07 02:12:22 +08:00
WillyPillow
554459ef42
qvm-template: Fix compatibility with Python 3.6 2020-09-07 01:53:43 +08:00
WillyPillow
3fac2097eb
qvm-template: Add partial tests for qrexec_repoquery 2020-09-07 01:52:56 +08:00
WillyPillow
89895038b5
qvm-template: Fix date formats to "%Y-%m-%d %H:%M:%S" 2020-09-06 23:57:42 +08:00
WillyPillow
f8032b0f5a
Revert "qvm-template: Fix compatibility with Python 3.6"
This reverts commit 199996e7b8.
2020-09-05 02:25:26 +08:00
WillyPillow
199996e7b8
qvm-template: Fix compatibility with Python 3.6 2020-09-05 02:06:53 +08:00
WillyPillow
205eee4d80
qvm-template: Fix timezone issues by storing timezone explictly in features 2020-09-05 01:51:45 +08:00
WillyPillow
5a1e1b7fdd
qvm-template: Update docs for --updatevm 2020-09-04 01:59:28 +08:00
WillyPillow
757bb33329
Add stubs for rpm module and initial tests for qvm-template install 2020-09-04 01:56:15 +08:00
WillyPillow
3a42564af2
qvm-template: Make pylint happy 2020-08-31 02:22:39 +08:00
WillyPillow
fbf6c4e3c3
Merge remote-tracking branch 'origin/master' into qvm-template 2020-08-31 01:53:15 +08:00
WillyPillow
6b3858314d
qvm-template: Improve help message for --upgrades 2020-08-30 02:54:43 +08:00
WillyPillow
d65d3c741a
qvm-template: Replace "template-install-time" with "template-installtime" for consistency 2020-08-30 02:01:19 +08:00
WillyPillow
32a38c7183
qvm-template: Eliminate use of lsb_release 2020-08-30 01:58:25 +08:00
WillyPillow
2e06e300e6
qvm-template: Tweak machine-readable output format. 2020-08-26 01:31:33 +08:00
WillyPillow
6efd85afba
qvm-template: Initial manpage. 2020-08-25 23:00:08 +08:00
WillyPillow
e9e198cc10
qvm-template: Make sure that template-dummy is set and used properly. 2020-08-25 01:43:11 +08:00
Marek Marczykowski-Górecki
e6186239ef
Make pylint happy
- fix super-with-arguments
- ignore raise-missing-from - too many intentional usages
2020-08-23 03:31:39 +02:00
WillyPillow
55a3982bf6
qvm-template: Add option to disable download progress bar. 2020-08-19 02:00:19 +08:00
WillyPillow
d09695658f
qvm-template: Add support for JSON output. 2020-08-19 01:59:51 +08:00
WillyPillow
c6d5ac7c8c
qvm-template: Add option to specify RPM keyring location. 2020-08-14 14:27:36 +08:00
WillyPillow
3314500a83
qvm-template: Add purge operation. 2020-08-14 11:38:30 +08:00
Marek Marczykowski-Górecki
6e91fba942
Merge remote-tracking branch 'origin/pr/157'
* origin/pr/157:
  qvm-run will unpause paused VMs by defaults
2020-08-11 18:42:35 +02:00
WillyPillow
b7a603b9fe
qvm-template: Slight improvements to package verification. 2020-08-10 01:30:31 +08:00
WillyPillow
ed8fca6494
qvm-template: Fix type hints. 2020-08-08 15:31:25 +08:00
WillyPillow
6c873cdf39
qvm-template-postprocess: Make pylint happy. 2020-08-08 14:57:22 +08:00
WillyPillow
8ee0d639b8
qvm-template: Add confirmation for dangerous operations; verify signatures once instead of twice by returning header after verification. 2020-08-08 14:39:29 +08:00
WillyPillow
87c08c9941
qvm-template: Fix missing args for install operations. 2020-08-07 23:40:38 +08:00
WillyPillow
42a741cac5
qvm-template: Remove default 'repo_files' entry if other entries have been specified by the user. 2020-08-07 15:02:53 +08:00
WillyPillow
c523d78d59
qvm-template: Initial implementation of repolist. 2020-08-07 14:48:08 +08:00
WillyPillow
ba7b113206
qvm-template: Replace newlines in machine-readable output. 2020-08-07 02:14:37 +08:00
WillyPillow
ed35802ca2
qvm-template: Tidy up code responsible for output in {info,list} operations. 2020-08-07 02:11:35 +08:00
Marta Marczykowska-Górecka
4a6b5dbae2
qvm-run will unpause paused VMs by defaults
If qvm-run is run with the autostart option (true by default), it will
also unpause paused VMs.

fixes QubesOS/qubes-issues#5967
2020-08-05 20:49:38 +02:00
WillyPillow
336b5c68c1
qvm-template: Initial support for machine-readable listings. 2020-08-06 02:42:05 +08:00
WillyPillow
7b6fa39d1c
qvm-template: More docstrings. 2020-08-06 02:05:57 +08:00
Marek Marczykowski-Górecki
7d6cb655f8
backup/restore: add option for unattended restore and extracting log
Allow running unattended, with qvm-backup-restore --passphrase-file.
This require few modifications:
 - copy the passphrase file into the DisposableVM (that VM knows the
         passphrase anyway, so there is no extra data leak)
 - close the terminal when operation finishes

Closing the terminal would eliminate almost all the feedback (operation
log, errors, warnings etc), so write it into a file in DisposableVM and
later extract it and show on the stdout. Similar to qvm-run, color it
red as a content coming from a VM.

QubesOS/qubes-issues#5310
2020-08-05 04:37:44 +02:00
Marek Marczykowski-Górecki
e9120e3196
tools: remove obsolete _want_app argument
It was copied from core-admin but it doesn't make sense here (there is
no loading of qubes.xml).
2020-08-04 04:06:53 +02:00
Marek Marczykowski-Górecki
cc71dd5876
Add "paranoid restore" mode
Having Admin API, it is possible to do this properly now:
 - create DisposableVM
 - assign it proper permissions to create VMs and control those created
   VMs
 - run restore process inside
 - cleanup DisposableVM afterwards

Since the RestoreInDisposableVM class contains de facto reverse parser
for qvm-backup-restore command line, add a test that will spot when it
gets out of sync.

This feature depends on modifications in various other components,
including:
 - linux-utils and core-agent-linux for update qfile-unpacker
 - core-admin for qrexec policy modification

QubesOS/qubes-issues#5310
2020-08-04 04:06:53 +02:00
Marek Marczykowski-Górecki
db1d4b5d48
backup/restore: option for alternative qrexec service
Allow setting alternative qrexec service to retrieve backup content. The
service API is slightly different than the default one: it will get only
list of files/directories to extract on its stdin, but not backup
location. The latter could be provided as a service argument, or using
other out-of-band mechanism.
This will be useful for paranoid backup restore mode, to take away
control over location/command from sandboxed qvm-backup-restore process.

QubesOS/qubes-issues#5310
2020-08-04 04:06:30 +02:00
WillyPillow
41cf9f948e
qvm-template: Partially include docstrings and type hints. 2020-08-04 02:51:36 +08:00
WillyPillow
69cd285810
qvm-template: Defer qrexec calls so that they can be omitted if exceptions are raised. 2020-08-04 01:40:59 +08:00
WillyPillow
e482b9eb0f
qvm-template: Use "vm.features.get" instead of explicit membership check. 2020-08-04 01:38:52 +08:00