Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

dom0/core: do not reset firewall on clone_attrs

Browse Source
This commit is contained in:
Marek Marczykowski 2012-07-20 22:54:53 +02:00
parent dc95349145
commit a97458ad08
1 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
dom0/qvm-core/qubes.py
View File

@ -258,6 +258,8 @@ class QubesVm(object):
'self.template.appmenus_templates_dir if self.template is not None else None' }, 'self.template.appmenus_templates_dir if self.template is not None else None' },
"config_file_template": { "eval": "config_template_pv" }, "config_file_template": { "eval": "config_template_pv" },
"icon_path": { "eval": 'self.dir_path + "/icon.png" if self.dir_path is not None else None' }, "icon_path": { "eval": 'self.dir_path + "/icon.png" if self.dir_path is not None else None' },
# used to suppress side effects of clone_attrs
"_do_not_reset_firewall": { "eval": 'False' },
"kernels_dir": { 'eval': 'qubes_kernels_base_dir + "/" + self.kernel if self.kernel is not None else ' + \ "kernels_dir": { 'eval': 'qubes_kernels_base_dir + "/" + self.kernel if self.kernel is not None else ' + \
# for backward compatibility (or another rare case): kernel=None -> kernel in VM dir # for backward compatibility (or another rare case): kernel=None -> kernel in VM dir
'self.dir_path + "/" + default_kernels_subdir' }, 'self.dir_path + "/" + default_kernels_subdir' },
@ -396,12 +398,13 @@ class QubesVm(object):
self.netvm.post_vm_net_detach(self) self.netvm.post_vm_net_detach(self)
if new_netvm is None: if new_netvm is None:
# Set also firewall to block all traffic as discussed in #370 if not self._do_not_reset_firewall:
if os.path.exists(self.firewall_conf): # Set also firewall to block all traffic as discussed in #370
shutil.copy(self.firewall_conf, "%s/backup/%s-firewall-%s.xml" if os.path.exists(self.firewall_conf):
% (qubes_base_dir, self.name, time.strftime('%Y-%m-%d-%H:%M:%S'))) shutil.copy(self.firewall_conf, "%s/backup/%s-firewall-%s.xml"
self.write_firewall_conf({'allow': False, 'allowDns': False, % (qubes_base_dir, self.name, time.strftime('%Y-%m-%d-%H:%M:%S')))
'allowIcmp': False, 'allowYumProxy': False, 'rules': []}) self.write_firewall_conf({'allow': False, 'allowDns': False,
'allowIcmp': False, 'allowYumProxy': False, 'rules': []})
else: else:
new_netvm.connected_vms[self.qid]=self new_netvm.connected_vms[self.qid]=self
@ -1034,8 +1037,10 @@ class QubesVm(object):
'_mac', 'pcidevs', 'include_in_backups'] '_mac', 'pcidevs', 'include_in_backups']
def clone_attrs(self, src_vm): def clone_attrs(self, src_vm):
self._do_not_reset_firewall = True
for prop in self.get_clone_attrs(): for prop in self.get_clone_attrs():
setattr(self, prop, getattr(src_vm, prop)) setattr(self, prop, getattr(src_vm, prop))
self._do_not_reset_firewall = False
def clone_disk_files(self, src_vm, verbose): def clone_disk_files(self, src_vm, verbose):
if dry_run: if dry_run: