Merge remote-tracking branch 'origin/pr/378'

* origin/pr/378:
  Enhance qvm-console-dispvm and admin.vm.Console
This commit is contained in:
Marek Marczykowski-Górecki 2020-12-01 06:29:02 +01:00
commit 4417f252c0
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724
2 changed files with 32 additions and 16 deletions

View File

@ -1,22 +1,21 @@
#!/bin/bash #!/bin/bash --
set -euo pipefail
lock="/var/run/qubes/$QREXEC_REQUESTED_TARGET.terminal.lock" lock="/run/qubes/$QREXEC_REQUESTED_TARGET.terminal.lock"
# use temporary file, because env variables deal poorly with \0 inside # use temporary file, because env variables deal poorly with \0 inside
tmpfile=$(mktemp) tmpfile=$(mktemp)
trap "rm -f $tmpfile" EXIT trap 'rm -f -- "$tmpfile"' EXIT
qubesd-query -e \ # exit if qubesd returned an error
if ! qubesd-query -e --fail -- \
"$QREXEC_REMOTE_DOMAIN" \ "$QREXEC_REMOTE_DOMAIN" \
"admin.vm.Console" \ "admin.vm.Console" \
"$QREXEC_REQUESTED_TARGET" \ "$QREXEC_REQUESTED_TARGET" \
"$1" >$tmpfile ${1+"$1"} >"$tmpfile"; then
cat -- "$tmpfile"
# exit if qubesd returned an error (not '0\0')
if [ "$(head -c 2 $tmpfile | xxd -p)" != "3000" ]; then
cat "$tmpfile"
exit 1 exit 1
fi fi
path=$(tail -c +3 "$tmpfile") path=$(tail -c +3 -- "$tmpfile")
# Create an exclusive lock to ensure that multiple qubes cannot access to the same socket # Create an exclusive lock to ensure that multiple qubes cannot access to the same socket
# In the case of multiple qrexec calls it returns a specific exit code # In the case of multiple qrexec calls it returns a specific exit code

View File

@ -1,22 +1,39 @@
#!/bin/bash #!/bin/bash --
set -eu
print_usage() { print_usage() {
cat >&2 << USAGE cat >&2 << USAGE
Usage: $0 vmname Usage: $0 [--autostart] [--] vmname
Connects to VM console throught DispVM using the qubes.ShowInTerminal RPC service. Connects to VM console throught DispVM using the qubes.ShowInTerminal RPC service.
With --autostart, start the VM first.
USAGE USAGE
} }
if [ $# -lt 1 ]; then do_start=false
if [[ $# -ge 2 ]] && [[ "$1" = '--autostart' ]]; then
do_start=:
shift
fi
if [[ $# -eq 2 ]] && [[ "$1" = '--' ]]; then
shift
elif [ $# -ne 1 ]; then
print_usage print_usage
exit 1 exit 1
fi fi
QREXEC_REQUESTED_TARGET="$1" QREXEC_REQUESTED_TARGET="$1"
qvm-check --quiet --running "$QREXEC_REQUESTED_TARGET" > /dev/null 2>&1 || { echo "Error: domain '$QREXEC_REQUESTED_TARGET' does not exist or is not running"; exit 1; } [[ "$QREXEC_REQUESTED_TARGET" =~ ^[A-Za-z][A-Za-z0-9_-]*$ ]] || { printf 'Invalid qube name %q\n' "$QREXEC_REQUESTED_TARGET">&2; exit 1; }
DISPVM="$(qvm-prefs "$QREXEC_REQUESTED_TARGET" management_dispvm)" if "$do_start"; then
msg='cannot be started'
qvm-start --skip-if-running -- "$QREXEC_REQUESTED_TARGET"
else
msg='is not running'
qvm-check --quiet --running -- "$QREXEC_REQUESTED_TARGET"
fi > /dev/null 2>&1 || { echo "Error: domain '$QREXEC_REQUESTED_TARGET' does not exist or $msg">&2; exit 1; }
[[ "x$DISPVM" == "x" ]] && { echo "Error: cannot determine management DispVM to use"; exit 1; } DISPVM="$(qvm-prefs -- "$QREXEC_REQUESTED_TARGET" management_dispvm)"
[[ "x$DISPVM" == "x" ]] && { echo "Error: cannot determine management DispVM of domain '$QREXEC_REQUESTED_TARGET'">&2; exit 1; }
sudo qvm-run -p --localcmd="QREXEC_REQUESTED_TARGET=$QREXEC_REQUESTED_TARGET QREXEC_REMOTE_DOMAIN=dom0 /etc/qubes-rpc/admin.vm.Console" --service --dispvm="$DISPVM" -- qubes.ShowInTerminal sudo qvm-run -p --localcmd="QREXEC_REQUESTED_TARGET=$QREXEC_REQUESTED_TARGET QREXEC_REMOTE_DOMAIN=dom0 /etc/qubes-rpc/admin.vm.Console" --service --dispvm="$DISPVM" -- qubes.ShowInTerminal