core: fix handling firewall configuration for VM clones and DispVMs (#1032)
There were two bugs: 1. Firewall configuration wasn't copied during qvm-clone (it is in separate file, so now it is included in vm.clone_disk_files). 2. Non-default firewall configuration wasn't stored in qubes.xml. This means that initially DispVM got proper configuration (inherited from calling VM), but if anything caused firewall reload (for example starting another VM), the firewall rules was cleared to default state (allow all). Fixes qubesos/qubes-issues#1032
This commit is contained in:
Marek Marczykowski-Górecki
parent
a7e08e4584
commit
1199806b5a
@ -196,7 +196,7 @@ class QubesVm(object):
|
|||||||
'backup_content', 'backup_size', 'backup_path' ]:
|
'backup_content', 'backup_size', 'backup_path' ]:
|
||||||
attrs[prop]['save'] = lambda prop=prop: str(getattr(self, prop))
|
attrs[prop]['save'] = lambda prop=prop: str(getattr(self, prop))
|
||||||
# Simple paths
|
# Simple paths
|
||||||
for prop in ['conf_file']:
|
for prop in ['conf_file', 'firewall_conf']:
|
||||||
attrs[prop]['save'] = \
|
attrs[prop]['save'] = \
|
||||||
lambda prop=prop: self.relative_path(getattr(self, prop))
|
lambda prop=prop: self.relative_path(getattr(self, prop))
|
||||||
attrs[prop]['save_skip'] = \
|
attrs[prop]['save_skip'] = \
|
||||||
@ -1246,6 +1246,9 @@ class QubesVm(object):
|
|||||||
print >> sys.stderr, "--> Copying icon: {0} -> {1}".format(src_vm.icon_path, self.icon_path)
|
print >> sys.stderr, "--> Copying icon: {0} -> {1}".format(src_vm.icon_path, self.icon_path)
|
||||||
shutil.copy(src_vm.icon_path, self.icon_path)
|
shutil.copy(src_vm.icon_path, self.icon_path)
|
||||||
|
|
||||||
|
if src_vm.has_firewall():
|
||||||
|
self.write_firewall_conf(src_vm.get_firewall_conf())
|
||||||
|
|
||||||
# Make sure that we have UUID allocated
|
# Make sure that we have UUID allocated
|
||||||
self._update_libvirt_domain()
|
self._update_libvirt_domain()
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user