Merge branch 'master' of git://git.qubes-os.org/marmarek/core into hvm

2012-02-27 13:30:14 +01:00 · 2012-02-27 13:30:14 +01:00 · 0e0fe6a3d9
commit 0e0fe6a3d9
parent 859c99da5c 0ca08d48b8
9 changed files with 64 additions and 15 deletions
--- a/dom0/aux-tools/qubes-dom0.modules
+++ b/dom0/aux-tools/qubes-dom0.modules
@ -1 +1 @@
-modprobe pciback
+modprobe pciback 2> /dev/null || modprobe xen-pciback
--- a/dom0/dracut/modules.d/90qubes-pciback/installkernel
+++ b/dom0/dracut/modules.d/90qubes-pciback/installkernel
@ -1,2 +1,3 @@
 #!/bin/bash
-instmods pciback
+modinfo -k $kernel pciback > /dev/null 2>&1 && instmods pciback
+modinfo -k $kernel xen-pciback > /dev/null 2>&1 && instmods xen-pciback
--- a/dom0/dracut/modules.d/90qubes-pciback/qubes-pciback.sh
+++ b/dom0/dracut/modules.d/90qubes-pciback/qubes-pciback.sh
@ -4,5 +4,5 @@
 HIDE_PCI=`lspci -mm -n | grep '^[^ ]* "02'|awk '{ ORS="";print "(" $1 ")";}'`

 # ... and hide them so that Dom0 doesn't load drivers for them
-modprobe pciback hide=$HIDE_PCI
+modprobe pciback hide=$HIDE_PCI 2> /dev/null || modprobe xen-pciback hide=$HIDE_PCI

--- a/dom0/init.d/qubes_core
+++ b/dom0/init.d/qubes_core
@ -20,7 +20,7 @@
 start()
 {
    echo -n $"Executing Qubes Core scripts:"
-    modprobe evtchn
+    modprobe evtchn 2> /dev/null || modprobe xen-evtchn
    chgrp qubes /etc/xen
    chmod 710 /etc/xen
    chgrp qubes /var/run/xenstored/*
--- a/dom0/qvm-core/qubes.py
+++ b/dom0/qvm-core/qubes.py
@ -356,6 +356,7 @@ class QubesVm(object):
            except:
                pass
            os.symlink (new_label.icon_path, self.icon_path)
+            subprocess.call(['sudo', 'xdg-icon-resource', 'forceupdate'])

    @property
    def ip(self):
@ -1003,15 +1004,21 @@ class QubesVm(object):
        )

        for rule in conf["rules"]:
+            # For backward compatibility
+            if "proto" not in rule:
+                rule["proto"] = "tcp"
            element = xml.etree.ElementTree.Element(
                    "rule",
                    address=rule["address"],
-                    port=str(rule["portBegin"]),
+                    proto=str(rule["proto"]),
            )
            if rule["netmask"] is not None and rule["netmask"] != 32:
                element.set("netmask", str(rule["netmask"]))
-            if rule["portEnd"] is not None:
+            if rule["portBegin"] is not None and rule["portBegin"] > 0:
+                element.set("port", str(rule["portBegin"]))
+            if rule["portEnd"] is not None and rule["portEnd"] > 0:
                element.set("toport", str(rule["portEnd"]))
+
            root.append(element)

        tree = xml.etree.ElementTree.ElementTree(root)
@ -1048,7 +1055,7 @@ class QubesVm(object):

            for element in root:
                rule = {}
-                attr_list = ("address", "netmask", "port", "toport")
+                attr_list = ("address", "netmask", "proto", "port", "toport")

                for attribute in attr_list:
                    rule[attribute] = element.get(attribute)
@ -1058,7 +1065,15 @@ class QubesVm(object):
                else:
                    rule["netmask"] = 32

-                rule["portBegin"] = int(rule["port"])
+                # For backward compatibility default to tcp
+                if rule["proto" is None:
+                    rule["proto"] = "tcp"
+
+                if rule["port"] is not None:
+                    rule["portBegin"] = int(rule["port"])
+                else:
+                    # backward compatibility
+                    rule["portBegin"] = 0

                if rule["toport"] is not None:
                    rule["portEnd"] = int(rule["toport"])
@ -1821,10 +1836,12 @@ class QubesProxyVm(QubesNetVm):
                if rule["netmask"] != 32:
                    iptables += "/{0}".format(rule["netmask"])

-                if rule["portBegin"] is not None and rule["portBegin"] > 0:
-                    iptables += " -p tcp --dport {0}".format(rule["portBegin"])
-                    if rule["portEnd"] is not None and rule["portEnd"] > rule["portBegin"]:
-                        iptables += ":{0}".format(rule["portEnd"])
+                if rule["proto"] is not None and rule["proto"] != "any":
+                    iptables += " -p {0}".format(rule["proto"])
+                    if rule["portBegin"] is not None and rule["portBegin"] > 0:
+                        iptables += " --dport {0}".format(rule["portBegin"])
+                        if rule["portEnd"] is not None and rule["portEnd"] > rule["portBegin"]:
+                            iptables += ":{0}".format(rule["portEnd"])

                iptables += " -j {0}\n".format(rules_action)

--- a/dom0/qvm-tools/qvm-prefs
+++ b/dom0/qvm-tools/qvm-prefs
@ -82,6 +82,7 @@ def do_list(vm):
 def set_label(vms, vm, args):
    if len (args) != 1:
        print >> sys.stderr, "Missing label name argument!"
+        exit (1)

    label = args[0]
    if label not in QubesVmLabels:
@ -91,7 +92,6 @@ def set_label(vms, vm, args):
        exit (1)

    vm.label = QubesVmLabels[label]
-    subprocess.check_call (["ln", "-sf", vm.label.icon_path, vm.icon_path])

 def set_memory(vms, vm, args):
    if len (args) != 1:
--- a/misc/RPM-GPG-KEY-qubes-1-unstable
+++ b/misc/RPM-GPG-KEY-qubes-1-unstable
@ -0,0 +1,31 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1.4.11 (GNU/Linux)
+
+mQENBE9KHjMBCADgs1Zw+Gag5MXDqAHzVfo/JSJ0q7Oj096l+/TU0/P2qpoF7sTo
+uLpDLCfOOSqil7omOKMjn6yl/73RAd4oWIRivJMQKjgD4Tk8qlLI1NrBGhEdwyLm
+SZ+7CU79HzahN8w8+l9H978obIN6S0UD36z7su42QnFmKQqT0EnD1NVZpqvq1iKC
+0o0TqhZ90QE8YqWxjnbjDkk1mX2K4iHNJJ2mS/r1+4fXqvHzcmSB+vopGGGXxNB7
+fbNM6nI9RTpPecmnfKrqKrXYfHfyaLVUFXf2xZW/V85qq70dmEPi5g3YpRCXadJ+
+wKt1uZvi4xomPCxymHooF9Fplzv9MpKVIDNlABEBAAG0J1F1YmVzIE9TIFJlbGVh
+c2UgMSBVbnN0YWJsZSBTaWduaW5nIEtleYkBPgQTAQIAKAUCT0ogagIbAwUJAeEz
+gAYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQ77E0ZaTirKEbpgf8C9zqmkqo
+u+dudzcrPPUW12FjK2WAYQd7WNYpBY4wOmvOUkvq68FUJ0mwNyjEkNhvLnrxlMqn
+Z9vraqw1m2FwIAJfmbpnvJ6LeldNj/SYbutY9Y320eQDgLDZp5Xk0w6z1+Q1RXVJ
+AkU935sXhtmVYVa4Cnk7Su6lG0Une3b5dpE90M5ewehYllqsqmtKIwqbRaBmvM6y
+QHVqOJwNNo9XK78r0dKvXigXBObqatwItM2gan2oF0dplwTD//DqjldBzZ4mgrN8
+M/SZtynfTnoV8Yw7+JlsPCHIfcIXXWqJtLhNO3LqFAG6PwJX032eHNSrT+4UWIbP
+q8Ccvhbxa7iNabkBDQRPSh4zAQgA7OyPodlWz93OuP8/Bh83dHDd1xV7tXByBDUX
+O9am5uGKybcx3V8kBqJXbefds/aem1w2MLtDG+CxDC8Gi5gfNQNeCnIw3mpnZnMU
+ZNjtXIn3VfKRyhmaHNvaNZiBzKovfjw152UuMsHfzsSMaWldj5J8oFz+eBthGJTT
+uxktijIxHiZ/9RqzJLPMBQ5qRPbpqUn9piWEGxx2c4FbqeEOzzV49rX92adBPmUJ
+KBo96vW+L6izE0RcQoTMhicbAqF+K2QUGzy0uTp5+G2V0q5HAfrCMIr1Zx93yuz0
+yQZNNLsGYGnYjrFjYiRpJRBbxerlCdGjlwnfXCk5EKRNuqr5twARAQABiQElBBgB
+AgAPBQJPSh4zAhsMBQkB4TOAAAoJEO+xNGWk4qyh33MIAIOS9A0rkmBTPZwAsdJv
+sz/J9+8AvfwMisN2sKTfEBTO8kEnSPcBZuau3JxKCGHxaPwXhGmnc9xnz/TY3JCj
+6ZUgjgQQ3iT/BJk+h6n4xom9NRw5hn4j4NeIpboC6p6JfcYzZyapUNFmAsrSjakw
+RxxpaVLb4moOfYzS7i7JqsEetBwoYAeFZoPYZpo4VH9PUPVAih6psmO/bz6Y8W+/
+tkXzViq15bwPUmDwBzX0nX0T8nQqMl85nCLDM2rVMs/lnVxfJas4QjTfzgeZOHQ6
+0ikGqwlnyWk/oUzUXFV/P7sKAXoOaMSEVHtfSxLjVH0RYsAv6SotjHwPAatrynyp
+gYY=
+=UROF
+-----END PGP PUBLIC KEY BLOCK-----
--- a/misc/qubes.repo
+++ b/misc/qubes.repo
@ -14,7 +14,7 @@ enabled=0
 [qubes-vm-unstable]
 name = Qubes OS Repository for VM (unstable)
 baseurl = http://yum.qubes-os.org/r1/unstable/vm/fc$releasever
-gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-1-primary
+gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-qubes-1-unstable
 gpgcheck = 1
 enabled=0

--- a/rpm_spec/core-dom0.spec
+++ b/rpm_spec/core-dom0.spec
@ -232,7 +232,7 @@ if ! [ -e /etc/sysconfig/network ]; then
 fi

 # Load evtchn module - xenstored needs it
-modprobe evtchn
+modprobe evtchn 2> /dev/null || modprobe xen-evtchn
 service xenstored start

 if ! [ -e /var/lib/qubes/qubes.xml ]; then