Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

core: fix firewall update code

Browse Source 
Do not load qubes.xml again, it can cause race conditions between two
instances of the same VM objects.
Especially when VM is starting ProxyVM to which it is connected,
firewall rules could not be loaded.
This commit is contained in:
Marek Marczykowski-Górecki 2015-01-15 03:27:21 +01:00
parent c489a81dfa
commit 52334bc414
1 changed files with 5 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
core-modules/000QubesVm.py
View File

@ -1638,16 +1638,13 @@ class QubesVm(object):
print >> sys.stderr, "--> Setting Qubes DB info for the VM..." print >> sys.stderr, "--> Setting Qubes DB info for the VM..."
self.create_xenstore_entries(xid) self.create_xenstore_entries(xid)
qvm_collection = QubesVmCollection()
qvm_collection.lock_db_for_reading()
qvm_collection.load()
qvm_collection.unlock_db()
if verbose: if verbose:
print >> sys.stderr, "--> Updating firewall rules..." print >> sys.stderr, "--> Updating firewall rules..."
for vm in qvm_collection.values(): netvm = self.netvm
if vm.is_proxyvm() and vm.is_running(): while netvm is not None:
vm.write_iptables_xenstore_entry() if netvm.is_proxyvm() and netvm.is_running():
netvm.write_iptables_xenstore_entry()
netvm = netvm.netvm
# fire hooks # fire hooks
for hook in self.hooks_start: for hook in self.hooks_start: