From 6366db0ab64660f71114e5b73d96609814038023 Mon Sep 17 00:00:00 2001 From: Rafal Wojtczuk Date: Wed, 6 Jul 2011 14:44:40 +0200 Subject: [PATCH] qrexec: adjust updates fetching to the new qrexec api --- common/qubes_download_dom0_updates.sh | 2 +- dom0/aux-tools/qubes-receive-updates | 72 ++++++++++++++++++++++ dom0/aux-tools/qubes.ReceiveUpdates | 1 + dom0/aux-tools/qubes.ReceiveUpdates.policy | 1 + rpm_spec/core-dom0.spec | 4 ++ 5 files changed, 79 insertions(+), 1 deletion(-) create mode 100755 dom0/aux-tools/qubes-receive-updates create mode 100644 dom0/aux-tools/qubes.ReceiveUpdates create mode 100644 dom0/aux-tools/qubes.ReceiveUpdates.policy diff --git a/common/qubes_download_dom0_updates.sh b/common/qubes_download_dom0_updates.sh index cb771a38..df67b92c 100755 --- a/common/qubes_download_dom0_updates.sh +++ b/common/qubes_download_dom0_updates.sh @@ -67,4 +67,4 @@ else fi # qvm-copy-to-vm works only from user -su -c "qvm-copy-to-vm @dom0updates $DOM0_UPDATES_DIR/packages/*.rpm" user +su -c "/usr/lib/qubes/qrexec_client_vm dom0 qubes.ReceiveUpdates /usr/lib/qubes/qfile-agent $DOM0_UPDATES_DIR/packages/*.rpm" user diff --git a/dom0/aux-tools/qubes-receive-updates b/dom0/aux-tools/qubes-receive-updates new file mode 100755 index 00000000..614a11ff --- /dev/null +++ b/dom0/aux-tools/qubes-receive-updates @@ -0,0 +1,72 @@ +#!/usr/bin/python2.6 +# +# The Qubes OS Project, http://www.qubes-os.org +# +# Copyright (C) 2010 Rafal Wojtczuk +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. +# +# +import os +import sys +import subprocess +import shutil +import glob +from qubes.qubes import QubesVmCollection + +updates_dir = "/var/lib/qubes/updates" +updates_rpm_dir = updates_dir + "/rpm" + +def dom0updates_fatal(msg): + print >> sys.stderr, msg + shutil.rmtree(updates_rpm_dir) + exit(1) + +def handle_dom0updates(updatevm): + source=os.getenv("QREXEC_REMOTE_DOMAIN") + if source != updatevm.name: + print >> sys.stderr, 'Domain ' + source + ' not allowed to send dom0 updates' + exit(1) + # Clean old packages + if os.path.exists(updates_rpm_dir): + shutil.rmtree(updates_rpm_dir) + subprocess.check_call(["/usr/lib/qubes/qfile-dom0-unpacker", os.getlogin(), updates_rpm_dir]) + # Verify received files + for f in os.listdir(updates_rpm_dir): + if glob.fnmatch.fnmatch(f, "*.rpm"): + p = subprocess.Popen (["/bin/rpm", "-K", updates_rpm_dir + "/" + f], + stdout=subprocess.PIPE) + output = p.communicate()[0] + if p.returncode != 0: + dom0updates_fatal('Error while verifing %s signature: %s' % (f, output)) + if output.find("pgp") < 0: + dom0updates_fatal('Domain ' + source + ' sent not signed rpm: ' + f) + else: + dom0updates_fatal('Domain ' + source + ' sent unexpected file: ' + f) + # After updates received - create repo metadata + subprocess.check_call(["/usr/bin/createrepo", "-q", "/var/lib/qubes/updates"]) + exit(0) + +def main(): + + qvm_collection = QubesVmCollection() + qvm_collection.lock_db_for_reading() + qvm_collection.load() + qvm_collection.unlock_db() + + updatevm = qvm_collection.get_updatevm_vm() + handle_dom0updates(updatevm) + +main() diff --git a/dom0/aux-tools/qubes.ReceiveUpdates b/dom0/aux-tools/qubes.ReceiveUpdates new file mode 100644 index 00000000..71343239 --- /dev/null +++ b/dom0/aux-tools/qubes.ReceiveUpdates @@ -0,0 +1 @@ +/usr/lib/qubes/qubes-receive-updates diff --git a/dom0/aux-tools/qubes.ReceiveUpdates.policy b/dom0/aux-tools/qubes.ReceiveUpdates.policy new file mode 100644 index 00000000..74f80450 --- /dev/null +++ b/dom0/aux-tools/qubes.ReceiveUpdates.policy @@ -0,0 +1 @@ +anyvm dom0 allow diff --git a/rpm_spec/core-dom0.spec b/rpm_spec/core-dom0.spec index 63bc86d7..3d77dfa8 100644 --- a/rpm_spec/core-dom0.spec +++ b/rpm_spec/core-dom0.spec @@ -98,6 +98,7 @@ cp ../qrexec/qrexec_daemon $RPM_BUILD_ROOT/usr/lib/qubes/ cp ../qrexec/qrexec_client $RPM_BUILD_ROOT/usr/lib/qubes/ cp ../qrexec/qrexec_policy $RPM_BUILD_ROOT/usr/lib/qubes/ cp aux-tools/qfile-dom0-unpacker $RPM_BUILD_ROOT/usr/lib/qubes/ +cp aux-tools/qubes-receive-updates $RPM_BUILD_ROOT/usr/lib/qubes/ mkdir -p $RPM_BUILD_ROOT/etc/qubes_rpc/policy cp ../appvm/qubes.Filecopy.policy $RPM_BUILD_ROOT/etc/qubes_rpc/policy/qubes.Filecopy @@ -105,6 +106,8 @@ cp ../appvm/qubes.OpenInVM.policy $RPM_BUILD_ROOT/etc/qubes_rpc/policy/qubes.Ope cp qubes.SyncAppMenus.policy $RPM_BUILD_ROOT/etc/qubes_rpc/policy/qubes.SyncAppMenus cp qubes.SyncAppMenus $RPM_BUILD_ROOT/etc/qubes_rpc/ cp ../qrexec/qubes_rpc_multiplexer $RPM_BUILD_ROOT/usr/lib/qubes +cp aux-tools/qubes.ReceiveUpdates.policy $RPM_BUILD_ROOT/etc/qubes_rpc/policy/qubes.ReceiveUpdates +cp aux-tools/qubes.ReceiveUpdates $RPM_BUILD_ROOT/etc/qubes_rpc/ cp restore/qvm-create-default-dvm $RPM_BUILD_ROOT/usr/bin cp restore/xenstore-watch $RPM_BUILD_ROOT/usr/bin/xenstore-watch-qubes @@ -297,6 +300,7 @@ fi /usr/lib/qubes/meminfo-writer /usr/lib/qubes/qfile-daemon-dvm* /usr/lib/qubes/sync_rpmdb_updatevm.sh +/usr/lib/qubes/qubes-receive-updates %attr(4750,root,qubes) /usr/lib/qubes/qfile-dom0-unpacker %attr(770,root,qubes) %dir /var/lib/qubes %attr(770,root,qubes) %dir /var/lib/qubes/vm-templates