From 7fbeacc81b85321e5ada833f90bdd1427650e4d0 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Sat, 14 Jul 2012 15:12:41 +0200
Subject: [PATCH 01/12] dom0/core: remove appmenus when removing NetVM (#627)

---
 dom0/qvm-core/qubes.py | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/dom0/qvm-core/qubes.py b/dom0/qvm-core/qubes.py
index ba7b9747..f6615157 100755
--- a/dom0/qvm-core/qubes.py
+++ b/dom0/qvm-core/qubes.py
@@ -1892,6 +1892,15 @@ class QubesNetVm(QubesVm):
         if not self.internal:
             self.create_appmenus (verbose, source_template=source_template)
 
+    def remove_from_disk(self):
+        if dry_run:
+            return
+
+        if not self.internal:
+            self.remove_appmenus()
+        super(QubesNetVm, self).remove_from_disk()
+
+
 class QubesProxyVm(QubesNetVm):
     """
     A class that represents a ProxyVM, ex FirewallVM. A child of QubesNetVM.

From d156a815d2cbedd59aec0ecab905d694af7d0606 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Sat, 14 Jul 2012 15:55:46 +0200
Subject: [PATCH 02/12] dom0/dom0-updates: remove updates-pending flag after
 update installation

---
 dom0/qvm-tools/qubes-dom0-update | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/dom0/qvm-tools/qubes-dom0-update b/dom0/qvm-tools/qubes-dom0-update
index 6ff8603f..fc1cc62e 100755
--- a/dom0/qvm-tools/qubes-dom0-update
+++ b/dom0/qvm-tools/qubes-dom0-update
@@ -1,6 +1,8 @@
 #!/bin/bash
 
 UPDATEVM=`qubes-prefs --get updatevm`
+UPDATES_STAT_FILE=/var/lib/qubes/updates/dom0-updates-available
+
 if [ -z "$UPDATEVM" ]; then
     echo "UpdateVM not set, exiting"
     exit 1
@@ -97,6 +99,7 @@ elif [ -f /var/lib/qubes/updates/repodata/repomd.xml ]; then
             yum $YUM_OPTS update
         fi
     fi
+    yum -q check-updates && rm $UPDATES_STAT_FILE
 else
     echo "No updates avaliable" >&2
 fi

From 08888fcf7a937872bbfe2372c50c215e65679a3d Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Sat, 14 Jul 2012 16:07:35 +0200
Subject: [PATCH 03/12] dom0/core: remove duplicated remove_from_disk
 definition

---
 dom0/qvm-core/qubes.py | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/dom0/qvm-core/qubes.py b/dom0/qvm-core/qubes.py
index f6615157..c3927e11 100755
--- a/dom0/qvm-core/qubes.py
+++ b/dom0/qvm-core/qubes.py
@@ -1532,13 +1532,6 @@ class QubesVm(object):
 
         xc.domain_unpause(self.get_xid())
 
-    def remove_from_disk(self):
-        if dry_run:
-            return
-
-
-        shutil.rmtree (self.dir_path)
-
     def get_xml_attrs(self):
         attrs = {}
         attrs_config = self._get_attrs_config()

From 2b5ce31eeb42af24084d5da1b5949556c6e3cc03 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Sat, 14 Jul 2012 22:54:23 +0200
Subject: [PATCH 04/12] dom0+vm/qrexec-services: pass remote domain via env
 variable not argument

Most qrexec services doesn't use remote domain name, as policy is enforced
earlier. So pass it in way that will allow use of generic command as qrexec
service.
---
 qrexec/qubes_rpc_multiplexer | 3 ++-
 qubes_rpc/qfile-unpacker.c   | 8 +++++++-
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/qrexec/qubes_rpc_multiplexer b/qrexec/qubes_rpc_multiplexer
index 8f03137a..89cdbed7 100755
--- a/qrexec/qubes_rpc_multiplexer
+++ b/qrexec/qubes_rpc_multiplexer
@@ -5,8 +5,9 @@ if ! [ $# = 2 ] ; then
 	exit 1
 fi
 CFG_FILE=$QUBES_RPC/"$1"
+export QREXEC_REMOTE_DOMAIN="$2"
 if [ -s "$CFG_FILE" ] ; then
-	exec $(cat "$CFG_FILE") "$2"
+	exec $(cat "$CFG_FILE")
 	echo "$0: failed to execute handler for" "$1" >&2
 	exit 1
 fi
diff --git a/qubes_rpc/qfile-unpacker.c b/qubes_rpc/qfile-unpacker.c
index eaa5c067..dd0a510d 100644
--- a/qubes_rpc/qfile-unpacker.c
+++ b/qubes_rpc/qfile-unpacker.c
@@ -51,13 +51,19 @@ int main(int argc, char ** argv)
 	char *incoming_dir;
 	int pipefds[2];
 	int uid;
+	char *remote_domain;
 
 	pipe(pipefds);
 
 	uid = prepare_creds_return_uid("user");
 
+	remote_domain = getenv("QREXEC_REMOTE_DOMAIN");
+	if (!remote_domain) {
+		gui_fatal("Cannot get remote domain name");
+		exit(1);
+	}
 	mkdir(INCOMING_DIR_ROOT, 0700);
-	asprintf(&incoming_dir, "%s/from-%s", INCOMING_DIR_ROOT, argv[1]);
+	asprintf(&incoming_dir, "%s/from-%s", INCOMING_DIR_ROOT, remote_domain);
 	mkdir(incoming_dir, 0700);
 	if (chdir(incoming_dir))
 		gui_fatal("Error chdir to %s", incoming_dir); 

From 7e3ffabd78f88eb5b85c4ed717ed9ea23cbc1837 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Sat, 14 Jul 2012 22:59:32 +0200
Subject: [PATCH 05/12] dom0+vm: execute qrexec service as shell script

This will allow to pass quoted arguments and some variable expansion. Basically
one-line shell command service can be embeded in the configuration.
In previus version use of "command path with spaces" whould result in try to
execute '"command' with arguments 'path', 'with' and 'spaces"'.
---
 qrexec/qubes_rpc_multiplexer | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/qrexec/qubes_rpc_multiplexer b/qrexec/qubes_rpc_multiplexer
index 89cdbed7..191be91b 100755
--- a/qrexec/qubes_rpc_multiplexer
+++ b/qrexec/qubes_rpc_multiplexer
@@ -7,7 +7,7 @@ fi
 CFG_FILE=$QUBES_RPC/"$1"
 export QREXEC_REMOTE_DOMAIN="$2"
 if [ -s "$CFG_FILE" ] ; then
-	exec $(cat "$CFG_FILE")
+	exec /bin/sh "$CFG_FILE"
 	echo "$0: failed to execute handler for" "$1" >&2
 	exit 1
 fi

From 15d5a1205dc6947c0f94b1ff8d2d479949a02aa9 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Sat, 14 Jul 2012 22:58:15 +0200
Subject: [PATCH 06/12] vm: simplify qubes.VMShell service

Now additional wrapper not required to skip cmdline argument
---
 qubes_rpc/qubes.VMShell | 2 +-
 qubes_rpc/vm-shell      | 3 ---
 rpm_spec/core-vm.spec   | 3 +--
 3 files changed, 2 insertions(+), 6 deletions(-)
 delete mode 100755 qubes_rpc/vm-shell

diff --git a/qubes_rpc/qubes.VMShell b/qubes_rpc/qubes.VMShell
index 7ca3b5e5..01dca2d7 100644
--- a/qubes_rpc/qubes.VMShell
+++ b/qubes_rpc/qubes.VMShell
@@ -1 +1 @@
-/usr/lib/qubes/vm-shell
\ No newline at end of file
+/bin/bash
diff --git a/qubes_rpc/vm-shell b/qubes_rpc/vm-shell
deleted file mode 100755
index d06e3986..00000000
--- a/qubes_rpc/vm-shell
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-# just ignore the cmdline argument (the remote vm name)
-exec /bin/bash
diff --git a/rpm_spec/core-vm.spec b/rpm_spec/core-vm.spec
index f24c679b..e73cdb8d 100644
--- a/rpm_spec/core-vm.spec
+++ b/rpm_spec/core-vm.spec
@@ -156,7 +156,7 @@ install qubes_rpc/wrap_in_html_if_url.sh $RPM_BUILD_ROOT/usr/lib/qubes
 install qubes_rpc/qvm-copy-to-vm.kde $RPM_BUILD_ROOT/usr/lib/qubes
 install qubes_rpc/qvm-copy-to-vm.gnome $RPM_BUILD_ROOT/usr/lib/qubes
 install qubes_rpc/{vm-file-editor,qfile-agent,qopen-in-vm,qfile-unpacker} $RPM_BUILD_ROOT/usr/lib/qubes
-install qubes_rpc/{vm-shell,qrun-in-vm} $RPM_BUILD_ROOT/usr/lib/qubes
+install qubes_rpc/qrun-in-vm $RPM_BUILD_ROOT/usr/lib/qubes
 install qubes_rpc/sync-ntp-clock $RPM_BUILD_ROOT/usr/lib/qubes
 install qubes_rpc/prepare-suspend $RPM_BUILD_ROOT/usr/lib/qubes
 install -d $RPM_BUILD_ROOT/%{kde_service_dir}
@@ -419,7 +419,6 @@ rm -rf $RPM_BUILD_ROOT
 /usr/lib/qubes/serial.conf
 /usr/lib/qubes/setup_ip
 /usr/lib/qubes/vm-file-editor
-/usr/lib/qubes/vm-shell
 /usr/lib/qubes/wrap_in_html_if_url.sh
 /usr/lib/yum-plugins/yum-qubes-hooks.py*
 /usr/sbin/qubes_firewall

From 1c096ec65cd8dbde6a8190626bb6e96fb0a34c46 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Sat, 14 Jul 2012 23:07:01 +0200
Subject: [PATCH 07/12] vm: implement qubes.GetAppmenus to reduce code
 duplication

As one-liner services are now real one-line, just do it.
---
 misc/qubes_trigger_sync_appmenus.sh | 2 +-
 qubes_rpc/qubes.GetAppmenus         | 2 ++
 rpm_spec/core-vm.spec               | 3 ++-
 3 files changed, 5 insertions(+), 2 deletions(-)
 create mode 100644 qubes_rpc/qubes.GetAppmenus

diff --git a/misc/qubes_trigger_sync_appmenus.sh b/misc/qubes_trigger_sync_appmenus.sh
index 5390c2d2..e848ea34 100755
--- a/misc/qubes_trigger_sync_appmenus.sh
+++ b/misc/qubes_trigger_sync_appmenus.sh
@@ -3,5 +3,5 @@
 UPDATEABLE=`/usr/bin/xenstore-read qubes_vm_updateable`
 
 if [ "$UPDATEABLE" = "True" ]; then
-    /usr/lib/qubes/qrexec_client_vm dom0 qubes.SyncAppMenus /bin/grep -H = /usr/share/applications/*.desktop
+    /usr/lib/qubes/qrexec_client_vm dom0 qubes.SyncAppMenus /bin/sh /etc/qubes_rpc/qubes.GetAppmenus
 fi
diff --git a/qubes_rpc/qubes.GetAppmenus b/qubes_rpc/qubes.GetAppmenus
new file mode 100644
index 00000000..cada68ca
--- /dev/null
+++ b/qubes_rpc/qubes.GetAppmenus
@@ -0,0 +1,2 @@
+shopt -s nullglob
+/bin/grep -H = /usr/share/applications/*.desktop /usr/local/share/applications/*.desktop 2> /dev/null
diff --git a/rpm_spec/core-vm.spec b/rpm_spec/core-vm.spec
index e73cdb8d..9509403f 100644
--- a/rpm_spec/core-vm.spec
+++ b/rpm_spec/core-vm.spec
@@ -163,7 +163,7 @@ install -d $RPM_BUILD_ROOT/%{kde_service_dir}
 install -m 0644 qubes_rpc/{qvm-copy.desktop,qvm-dvm.desktop} $RPM_BUILD_ROOT/%{kde_service_dir}
 install -d $RPM_BUILD_ROOT/etc/qubes_rpc
 install -m 0644 qubes_rpc/{qubes.Filecopy,qubes.OpenInVM,qubes.VMShell,qubes.SyncNtpClock} $RPM_BUILD_ROOT/etc/qubes_rpc
-install -m 0644 qubes_rpc/{qubes.SuspendPre,qubes.SuspendPost} $RPM_BUILD_ROOT/etc/qubes_rpc
+install -m 0644 qubes_rpc/{qubes.SuspendPre,qubes.SuspendPost,qubes.GetAppmenus} $RPM_BUILD_ROOT/etc/qubes_rpc
 
 install qrexec/qrexec_agent $RPM_BUILD_ROOT/usr/lib/qubes
 install qrexec/qrexec_client_vm $RPM_BUILD_ROOT/usr/lib/qubes
@@ -371,6 +371,7 @@ rm -rf $RPM_BUILD_ROOT
 %dir /etc/qubes_rpc
 /etc/qubes_rpc/qubes.Filecopy
 /etc/qubes_rpc/qubes.OpenInVM
+/etc/qubes_rpc/qubes.GetAppmenus
 /etc/qubes_rpc/qubes.VMShell
 /etc/qubes_rpc/qubes.SyncNtpClock
 /etc/qubes_rpc/qubes.SuspendPre

From 1009b1a46d999cca40d2acbbec614c24263a59db Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Sat, 14 Jul 2012 23:09:04 +0200
Subject: [PATCH 08/12] dom0/qvm-sync-appmenus: use qubes.GetAppmenus service

---
 dom0/qvm-tools/qvm-sync-appmenus | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dom0/qvm-tools/qvm-sync-appmenus b/dom0/qvm-tools/qvm-sync-appmenus
index fa9db396..fef07274 100755
--- a/dom0/qvm-tools/qvm-sync-appmenus
+++ b/dom0/qvm-tools/qvm-sync-appmenus
@@ -62,7 +62,7 @@ def get_appmenus(xid):
             raise QubesException("Line count limit exceeded")
     else:
         p = subprocess.Popen ([qrexec_client_path, '-d', str(xid),
-                'user:grep -H = /usr/share/applications/*.desktop'], stdout=subprocess.PIPE)
+                'user:QUBESRPC qubes.GetAppmenus dom0'], stdout=subprocess.PIPE)
         while appmenus_line_count > 0:
             line = p.stdout.readline(appmenus_line_size)
             if line == "":

From b6b50b6fea212798ce6d6657a354c2ae2887ea9a Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Sun, 15 Jul 2012 00:09:52 +0200
Subject: [PATCH 09/12] dom0/appmenus: Rename dir entry for ServiceVMs (#627)

---
 dom0/aux-tools/create_apps_for_appvm.sh      | 7 +++++--
 dom0/misc/qubes-servicevm.directory.template | 5 +++++
 rpm_spec/core-dom0.spec                      | 2 ++
 3 files changed, 12 insertions(+), 2 deletions(-)
 create mode 100644 dom0/misc/qubes-servicevm.directory.template

diff --git a/dom0/aux-tools/create_apps_for_appvm.sh b/dom0/aux-tools/create_apps_for_appvm.sh
index 0b6e53dd..0624162f 100755
--- a/dom0/aux-tools/create_apps_for_appvm.sh
+++ b/dom0/aux-tools/create_apps_for_appvm.sh
@@ -45,10 +45,13 @@ if [ "$SRCDIR" != "none" ]; then
     /usr/lib/qubes/convert_apptemplate2vm.sh /usr/share/qubes/qubes-appmenu-select.desktop $APPSDIR $VMNAME $VMDIR
 
     if [ "$VMTYPE" = "vm-templates" ]; then
-        /usr/lib/qubes/convert_dirtemplate2vm.sh /usr/share/qubes/qubes-templatevm.directory.template $APPSDIR/$VMNAME-vm.directory $VMNAME $VMDIR
+        DIR_TEMPLATE=/usr/share/qubes/qubes-templatevm.directory.template
+    elif [ "$VMTYPE" = "servicevms" ]; then
+        DIR_TEMPLATE=/usr/share/qubes/qubes-servicevm.directory.template
     else
-        /usr/lib/qubes/convert_dirtemplate2vm.sh /usr/share/qubes/qubes-vm.directory.template $APPSDIR/$VMNAME-vm.directory $VMNAME $VMDIR
+        DIR_TEMPLATE=/usr/share/qubes/qubes-vm.directory.template
     fi
+    /usr/lib/qubes/convert_dirtemplate2vm.sh $DIR_TEMPLATE $APPSDIR/$VMNAME-vm.directory $VMNAME $VMDIR
 fi
 
 echo "--> Adding Apps to the Menu..."
diff --git a/dom0/misc/qubes-servicevm.directory.template b/dom0/misc/qubes-servicevm.directory.template
new file mode 100644
index 00000000..74ce62f3
--- /dev/null
+++ b/dom0/misc/qubes-servicevm.directory.template
@@ -0,0 +1,5 @@
+[Desktop Entry]
+Encoding=UTF-8
+Type=Directory
+Name=ServiceVM: %VMNAME%
+Icon=%VMDIR%/icon.png
diff --git a/rpm_spec/core-dom0.spec b/rpm_spec/core-dom0.spec
index ef927c00..fa40e4c1 100644
--- a/rpm_spec/core-dom0.spec
+++ b/rpm_spec/core-dom0.spec
@@ -157,6 +157,7 @@ mkdir -p $RPM_BUILD_ROOT/usr/share/qubes/icons
 cp icons/*.png $RPM_BUILD_ROOT/usr/share/qubes/icons
 cp misc/qubes-vm.directory.template $RPM_BUILD_ROOT/usr/share/qubes/
 cp misc/qubes-templatevm.directory.template $RPM_BUILD_ROOT/usr/share/qubes/
+cp misc/qubes-servicevm.directory.template $RPM_BUILD_ROOT/usr/share/qubes/
 cp misc/qubes-dispvm.directory $RPM_BUILD_ROOT/usr/share/qubes/
 cp misc/qubes-dispvm-firefox.desktop $RPM_BUILD_ROOT/usr/share/qubes/
 cp misc/qubes-appmenu-select.desktop $RPM_BUILD_ROOT/usr/share/qubes/
@@ -370,6 +371,7 @@ fi
 /usr/share/qubes/icons/*.png
 /usr/share/qubes/qubes-vm.directory.template
 /usr/share/qubes/qubes-templatevm.directory.template
+/usr/share/qubes/qubes-servicevm.directory.template
 /usr/share/qubes/qubes-dispvm.directory
 /usr/share/qubes/qubes-dispvm-firefox.desktop
 /usr/share/qubes/qubes-appmenu-select.desktop

From 712d1228943d664ad24792c36adee4eb66064514 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Sun, 15 Jul 2012 19:48:36 +0200
Subject: [PATCH 10/12] dom0: fix block-cleaner daemon

---
 dom0/aux-tools/block_cleaner_daemon.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dom0/aux-tools/block_cleaner_daemon.py b/dom0/aux-tools/block_cleaner_daemon.py
index 76154759..75b549dc 100755
--- a/dom0/aux-tools/block_cleaner_daemon.py
+++ b/dom0/aux-tools/block_cleaner_daemon.py
@@ -35,7 +35,7 @@ def handle_vbd_state(path):
             vm_xid = path_components[6]
             vm_dev = path_components[7]
             if vm_xid in domain_list:
-                subprocess.call('xl', 'block-detach', vm_xid, vm_dev)
+                subprocess.call(['xl', 'block-detach', vm_xid, vm_dev])
 
 def main():
 

From eeabd3b371cf6500a5f11d5e9b1b219f07626e73 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Mon, 16 Jul 2012 12:49:41 +0200
Subject: [PATCH 11/12] Revert "vm/spec: disable pam_systemd globally (#607)"
 (#626)

This reverts commit 8ec4b6963b71b95bc0cda6dd80d99bf60aa9caec.
This caused regression (#626).

Conflicts:

	rpm_spec/core-vm.spec
---
 rpm_spec/core-vm.spec | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/rpm_spec/core-vm.spec b/rpm_spec/core-vm.spec
index 9509403f..7e2b0348 100644
--- a/rpm_spec/core-vm.spec
+++ b/rpm_spec/core-vm.spec
@@ -188,13 +188,6 @@ install -D u2mfn/libu2mfn.so $RPM_BUILD_ROOT/%{_libdir}/libu2mfn.so
 %triggerin -- initscripts
 cp /usr/lib/qubes/serial.conf /etc/init/serial.conf
 
-%triggerin -- systemd
-# Disable pam_systemd - we (hopefully) don't need it, but it cause some minor
-# problems (http://wiki.qubes-os.org/trac/ticket/607)
-# /etc/pam.d/common-* are automatically (re)generated by authconfig, so its
-# modification will not be persistent -> must be done this way
-mv -f /%{_lib}/security/pam_systemd.so /%{_lib}/security/pam_systemd.so.disabled 2> /dev/null || :
-
 %post
 
 # disable some Upstart services
@@ -336,7 +329,6 @@ if [ "$1" = 0 ] ; then
     mv /var/lib/qubes/fstab.orig /etc/fstab
     mv /var/lib/qubes/removed-udev-scripts/* /etc/udev/rules.d/
     mv /var/lib/qubes/serial.orig /etc/init/serial.conf
-    mv /%{_lib}/security/pam_systemd.so.disabled /%{_lib}/security/pam_systemd.so
 fi
 
 %postun

From 5637793fae822ba02c5dc031bf4e36de81843a85 Mon Sep 17 00:00:00 2001
From: Marek Marczykowski <marmarek@invisiblethingslab.com>
Date: Mon, 16 Jul 2012 13:31:43 +0200
Subject: [PATCH 12/12] dom0/qvm-core: ignore stderr from VM commands when not
 needed for sure (#626)

pam_systemd.so has a bug, which cause spurious '...killed' output on stderr.
---
 dom0/qvm-core/qubes.py           | 29 +++++++++++++++++++++++++----
 dom0/qvm-tools/qubes-dom0-update |  2 +-
 dom0/qvm-tools/qvm-sync-clock    |  6 +++---
 3 files changed, 29 insertions(+), 8 deletions(-)

diff --git a/dom0/qvm-core/qubes.py b/dom0/qvm-core/qubes.py
index c3927e11..d66867c3 100755
--- a/dom0/qvm-core/qubes.py
+++ b/dom0/qvm-core/qubes.py
@@ -1301,9 +1301,14 @@ class QubesVm(object):
 
         return conf
 
-    def run(self, command, verbose = True, autostart = False, notify_function = None, passio = False, passio_popen = False, localcmd = None, wait = False, gui = True):
-        """command should be in form 'user:cmdline'"""
+    def run(self, command, verbose = True, autostart = False, notify_function = None, passio = False, passio_popen = False, passio_stderr=False, ignore_stderr=False, localcmd = None, wait = False, gui = True):
+        """command should be in form 'user:cmdline'
+            When passio_popen=True, popen object with stdout connected to pipe.
+            When additionally passio_stderr=True, stderr also is connected to pipe.
+            When ignore_stderr=True, stderr is connected to /dev/null.
+            """
 
+        null = None
         if not self.is_running():
             if not autostart:
                 raise QubesException("VM not running")
@@ -1330,12 +1335,28 @@ class QubesVm(object):
         if passio:
             os.execv(qrexec_client_path, args)
             exit(1)
+
+        call_kwargs = {}
+        if ignore_stderr:
+            null = open("/dev/null", "w")
+            call_kwargs['stderr'] = null
+
         if passio_popen:
-            p = subprocess.Popen (args, stdout=subprocess.PIPE)
+            popen_kwargs={'stdout': subprocess.PIPE}
+            if passio_stderr:
+                popen_kwargs['stderr'] = subprocess.PIPE
+            else:
+                popen_kwargs['stderr'] = call_kwargs.get('stderr', None)
+            p = subprocess.Popen (args, **popen_kwargs)
+            if null:
+                null.close()
             return p
         if not wait:
             args += ["-e"]
-        return subprocess.call(args)
+        retcode = subprocess.call(args, **call_kwargs)
+        if null:
+            null.close()
+        return retcode
 
     def attach_network(self, verbose = False, wait = True, netvm = None):
         if dry_run:
diff --git a/dom0/qvm-tools/qubes-dom0-update b/dom0/qvm-tools/qubes-dom0-update
index fc1cc62e..6a31ad22 100755
--- a/dom0/qvm-tools/qubes-dom0-update
+++ b/dom0/qvm-tools/qubes-dom0-update
@@ -75,7 +75,7 @@ echo "Checking for dom0 updates" >&2
 # Start VM if not running already
 qvm-run -a $UPDATEVM true || exit 1
 
-/usr/lib/qubes/qrexec_client -d "$UPDATEVM" -l 'tar c /var/lib/rpm /etc/yum.repos.d /etc/yum.conf 2>/dev/null' 'user:tar x -C /var/lib/qubes/dom0-updates'
+/usr/lib/qubes/qrexec_client -d "$UPDATEVM" -l 'tar c /var/lib/rpm /etc/yum.repos.d /etc/yum.conf 2>/dev/null' 'user:tar x -C /var/lib/qubes/dom0-updates' 2> /dev/null
 
 qvm-run --pass-io $UPDATEVM "/usr/lib/qubes/qubes_download_dom0_updates.sh --doit --nogui $ALL_OPTS"
 RETCODE=$?
diff --git a/dom0/qvm-tools/qvm-sync-clock b/dom0/qvm-tools/qvm-sync-clock
index c162aa89..8066f09c 100755
--- a/dom0/qvm-tools/qvm-sync-clock
+++ b/dom0/qvm-tools/qvm-sync-clock
@@ -64,14 +64,14 @@ def main():
 
     # Ignore retcode, try even if nm-online failed - user can setup network manually
     #  on-online has timeout 30sec by default
-    net_vm.run('user:nm-online -x', verbose=verbose, wait=True)
+    net_vm.run('user:nm-online -x', verbose=verbose, wait=True, ignore_stderr=True)
 
     # Sync clock
-    if clock_vm.run('root:QUBESRPC qubes.SyncNtpClock dom0', verbose=verbose, wait=True) != 0:
+    if clock_vm.run('root:QUBESRPC qubes.SyncNtpClock dom0', verbose=verbose, wait=True, ignore_stderr=True) != 0:
         print >> sys.stderr, 'Time sync failed, aborting!'
         sys.exit(1)
     
-    p = clock_vm.run('user:date -u', verbose=verbose, passio_popen=True)
+    p = clock_vm.run('user:date -u', verbose=verbose, passio_popen=True, ignore_stderr=True)
     date_out = p.stdout.read(100)
     date_out = date_out.strip()
     if not re.match(r'^[A-Za-z]* [A-Za-z]* [ 0-9][0-9] [0-9][0-9]:[0-9][0-9]:[0-9][0-9] [A-Z]* [0-9][0-9][0-9][0-9]$', date_out):