Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/smoku/core into spring-merge

Browse Source
This commit is contained in:
Rafal Wojtczuk 2011-03-28 17:28:24 +02:00
commit df9549a7db
5 changed files with 40 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
common/qubes_fix_nm_conf.sh
View File

@ -3,6 +3,8 @@ FILE=/etc/NetworkManager/NetworkManager.conf
VIFMAC=mac:fe:ff:ff:ff:ff:ff VIFMAC=mac:fe:ff:ff:ff:ff:ff
if ! grep -q ^plugins.*keyfile $FILE ; then if ! grep -q ^plugins.*keyfile $FILE ; then
sed -i 's/^plugins.*$/&,keyfile/' $FILE sed -i 's/^plugins.*$/&,keyfile/' $FILE
fi
if ! grep -q '^\[keyfile\]$' $FILE ; then
echo '[keyfile]' >> $FILE echo '[keyfile]' >> $FILE
fi fi
if ! grep -q ^unmanaged-devices $FILE ; then if ! grep -q ^unmanaged-devices $FILE ; then

15
dom0/init.d/qubes_setupdvm
View File

@ -30,8 +30,21 @@ start()
if ! [ -f $ROOT ] ; then create_neeed=1 ; fi if ! [ -f $ROOT ] ; then create_neeed=1 ; fi
if [ $ROOT -nt $DEFAULT ] ; then create_neeed=1 ; fi if [ $ROOT -nt $DEFAULT ] ; then create_neeed=1 ; fi
if [ $create_neeed = 1 ] ; then if [ $create_neeed = 1 ] ; then
echo Creating the default DVM. This may take up to 2 minutes... MSG="Creating default DVM. This may take up to 2 minutes..."
echo " $MSG"
if [ -x /usr/bin/plymouth ]; then
/usr/bin/plymouth message --text="$MSG"
/usr/bin/plymouth pause-progress
fi
qvm-create-default-dvm --default-template --default-script qvm-create-default-dvm --default-template --default-script
DVMDIR="/var/lib/qubes/appvms/`qvm-get-default-template`-dvm"
/bin/chown -R root.qubes "$DVMDIR"
/bin/chmod -R ug=rwX,o=rX "$DVMDIR"
if [ -x /usr/bin/plymouth ]; then
/usr/bin/plymouth message --text=""
/usr/bin/plymouth unpause-progress
fi
success
return return
fi fi
if [ -f /var/lib/qubes/dvmdata/dont_use_shm ] ; then if [ -f /var/lib/qubes/dvmdata/dont_use_shm ] ; then

2
dom0/qvm-core/qubes.py
View File

@ -1340,7 +1340,7 @@ class QubesProxyVm(QubesNetVm):
iptables += "-A FORWARD -i vif{0}.0 -j {1}\n".format(xid, default_action) iptables += "-A FORWARD -i vif{0}.0 -j {1}\n".format(xid, default_action)
iptables += "#End of VM rules\n" iptables += "#End of VM rules\n"
iptables += "-A FORWARD -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT\n" iptables += "-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT\n"
iptables += "-A FORWARD -j DROP\n" iptables += "-A FORWARD -j DROP\n"
iptables += "COMMIT" iptables += "COMMIT"

1
proxyvm/bin/qubes_netwatcher
View File

@ -18,6 +18,7 @@ while true; do
/sbin/service qubes_firewall stop /sbin/service qubes_firewall stop
/sbin/service qubes_firewall start /sbin/service qubes_firewall start
CURR_NETCFG="$NETCFG" CURR_NETCFG="$NETCFG"
/usr/bin/xenstore-write qubes_netvm_external_ip "$CURR_NETCFG"
fi fi
/usr/bin/xenstore-watch /local/domain/$NET_DOMID/qubes_netvm_external_ip /usr/bin/xenstore-watch /local/domain/$NET_DOMID/qubes_netvm_external_ip

6
rpm_spec/core-netvm.spec
View File

@ -68,6 +68,12 @@ cp ../common/vif-route-qubes $RPM_BUILD_ROOT/etc/xen/scripts
%post %post
# Create NetworkManager configuration if we do not have it
if ! [ -e /etc/NetworkManager/NetworkManager.conf ]; then
echo '[main]' > /etc/NetworkManager/NetworkManager.conf
echo 'plugins = keyfile' >> /etc/NetworkManager/NetworkManager.conf
echo '[keyfile]' >> /etc/NetworkManager/NetworkManager.conf
fi
/usr/lib/qubes/qubes_fix_nm_conf.sh /usr/lib/qubes/qubes_fix_nm_conf.sh
chkconfig --add qubes_core_netvm || echo "WARNING: Cannot add service qubes_core!" chkconfig --add qubes_core_netvm || echo "WARNING: Cannot add service qubes_core!"