Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
bc723b8755
core-admin/qubes-rpc/admin.vm.Console

24 lines
714 B
Plaintext
Raw Normal View History

Add qubes.ShowTerminal service
2019-04-30 11:23:23 +02:00
#!/bin/bash
lock="/var/run/qubes/$QREXEC_REQUESTED_TARGET.terminal.lock"
api/admin: make admin.vm.Console call go through qubesd Ask qubesd for admin.vm.Console call. This allows to intercept it with admin-permission event. While at it, extract tty path extraction to python, where libvirt domain object is already available. Fixes QubesOS/qubes-issues#5030
2019-06-09 18:03:18 +02:00
# use temporary file, because env variables deal poorly with \0 inside
tmpfile=$(mktemp)
trap "rm -f $tmpfile" EXIT
qubesd-query -e \
"$QREXEC_REMOTE_DOMAIN" \
"admin.vm.Console" \
"$QREXEC_REQUESTED_TARGET" \
"$1" >$tmpfile
# exit if qubesd returned an error (not '0\0')
if [ "$(head -c 2 $tmpfile | xxd -p)" != "3000" ]; then
cat "$tmpfile"
exit 1
fi
path=$(tail -c +3 "$tmpfile")
admin.vm.Console: check if requested VM exists/is_running
2019-05-11 12:11:31 +02:00
Add qubes.ShowTerminal service
2019-04-30 11:23:23 +02:00
# Create an exclusive lock to ensure that multiple qubes cannot access to the same socket
# In the case of multiple qrexec calls it returns a specific exit code
api/admin: make admin.vm.Console call go through qubesd Ask qubesd for admin.vm.Console call. This allows to intercept it with admin-permission event. While at it, extract tty path extraction to python, where libvirt domain object is already available. Fixes QubesOS/qubes-issues#5030
2019-06-09 18:03:18 +02:00
sudo flock -n -E 200 -x "$lock" socat - OPEN:"$path"
Reference in New Issue Copy Permalink