Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core

dom0/aux-tools/qubes-dom0-updates.cron

@@ -4,6 +4,7 @@
 LOCAL_USER=`users | sed -e 's/root *//' | cut -d' ' -f 1`
 PIDFILE=/var/run/qubes/dom0-update-notification.pid
 NOTIFY_ICON=/usr/share/qubes/icons/dom0-update-avail.svg
+UPDATES_STAT_FILE=/var/lib/qubes/updates/dom0-updates-available
 
 # Do not allow multiple instances
 [ -r $PIDFILE ] && kill -0 `cat $PIDFILE` && exit 0
@@ -13,7 +14,7 @@ echo $$ > $PIDFILE
 trap "rm $PIDFILE" EXIT
 
 # If no updates available - exit here
-qubes-dom0-updates --check-only && exit
+qubes-dom0-update --check-only >/dev/null && exit
 RETCODE=$?
 
 if [ "$RETCODE" -ne 100 ]; then
@@ -26,6 +27,9 @@ if [ -z "$LOCAL_USER" ]; then
     exit 1
 fi
 
+# Touch stat file for qubes-manager
+touch $UPDATES_STAT_FILE
+
 # Notify about updates using system tray
 zenity --notification --window-icon=$NOTIFY_ICON --text="Qubes dom0 updates available."
 
@@ -33,3 +37,6 @@ zenity --question --title="Qubes Dom0 updates" \
       --text="There are updates for dom0 available, do you want to download them now?" || exit 0
 
 su -c "DISPLAY=:0 qubes-dom0-update --gui" $LOCAL_USER
+
+# Check if user installed updates
+yum -q check-updates && rm $UPDATES_STAT_FILE

dom0/aux-tools/qubes-notify-updates

@@ -24,6 +24,7 @@ import os.path
 import sys
 import subprocess
 import shutil
+import grp
 from datetime import datetime
 from qubes.qubes import QubesVmCollection
 from qubes.qubes import updates_stat_file
@@ -46,6 +47,9 @@ def main():
         print >> sys.stderr, 'Domain ' + source + ' does not exists (?!)'
         exit(1)
 
+    os.umask(0002)
+    qubes_gid = grp.getgrnam('qubes').gr_gid
+    
     update_count = sys.stdin.readline(128).strip()
     if not update_count.isdigit():
         print >> sys.stderr, 'Domain ' + source + ' sent invalid number of updates: ' + update_count
@@ -55,6 +59,7 @@ def main():
         update_f = open(source_vm.dir_path + '/' + updates_stat_file, "w")
         update_f.write(update_count)
         update_f.close()
+        os.chown(source_vm.dir_path + '/' + updates_stat_file, -1, qubes_gid)
     elif source_vm.template is not None:
         # Hint about updates availability in template
         # If template is running - it will notify about updates itself
@@ -72,6 +77,7 @@ def main():
             update_f = open(stat_file, "w")
             update_f.write(update_count)
             update_f.close()
+            os.chown(stat_file, -1, qubes_gid)
         else:
             print >> sys.stderr, 'Ignoring notification of no updates'
 

dom0/qvm-core/qubes.py

@@ -840,6 +840,9 @@ class QubesVm(object):
                 "{0}/qubes-block-devices".format(domain_path),
                 '')
 
+        xs.write('', "{0}/qubes-debug-mode".format(domain_path),
+                str(int(self.debug)))
+
         # Fix permissions
         xs.set_permissions('', '{0}/device'.format(domain_path),
                 [{ 'dom': xid }])
@@ -1700,7 +1703,6 @@ class QubesNetVm(QubesVm):
         attrs_config['label']['default'] = default_servicevm_label
         attrs_config['vcpus']['default'] = default_servicevm_vcpus
         attrs_config['memory']['default'] = 200
-        attrs_config['maxmem']['eval'] = 'self.memory'
         
         # New attributes
         attrs_config['netid'] = { 'save': 'str(self.netid)', 'order': 30 }

vm-systemd/qubes-sysinit.sh

@@ -61,3 +61,11 @@ if [ -n "$timezone" ]; then
     echo "# Clock configuration autogenerated based on Qubes dom0 settings" > /etc/sysconfig/clock
     echo "ZONE=\"$timezone\"" >> /etc/sysconfig/clock
 fi
+
+# Prepare environment for other services
+echo > /var/run/qubes-service-environment
+
+debug_mode=`$XS_READ qubes-debug-mode 2> /dev/null`
+if [ -n "$debug_mode" -a "$debug_mode" -gt 0 ]; then
+    echo "GUI_OPTS=-vv" >> /var/run/qubes-service-environment
+fi