Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4,386 Commits 1 Branch 0 Tags 15 MiB
0b7145f67d
Commit Graph

345 Commits

Author SHA1 Message Date
Marek Marczykowski
c7a832a279 NetVM, AppVM, ProxyVM from single template - VM side 
Modify VM packages to:
- do not conflicts
- starts services if its VM type need it

Added core-proxyvm (firewall) and core-commonvm (common parts) packages.
 2011-03-11 01:38:04 +01:00
Rafal Wojtczuk
f263aa6b7c Moved vchan and u2mfn code to core. 2011-03-08 12:24:47 +01:00
Marek Marczykowski
bef584c248 Restore rev 1 in core-dom0.spec 2011-03-06 14:06:24 +01:00
Tomasz Sterna
167c30aa6e Start xend and xenstored during package installation 2011-03-06 14:06:24 +01:00
Rafal Wojtczuk
b98dffc965 qrexec* tools, initial version 2011-03-04 16:32:58 +01:00
Marek Marczykowski
e104f82e36 Update TemplateVM with running AppVM: part 1 
snapshot and origin device type for xen
 2011-02-26 03:42:55 +01:00
Rafal Wojtczuk
b3511c678a Use "conflict" instead of "requires gui" in rpm spec. 2010-11-18 14:33:18 +01:00
Joanna Rutkowska
1e7c66337c Require gui-dom0 >= 1.1.13 that knows it doesn't own /var/{log,run}/qubes dirs 2010-10-06 14:16:27 +02:00
Rafal Wojtczuk
28880cae52 Merged triggers. 2010-10-06 13:08:17 +02:00
Rafal Wojtczuk
1f5300da85 Move /var/log/qubes and /var/run/qubes to qubes-core rpm from qubes-gui 
Because /var/log/qubes is used in qubes-core %post. While at it, do the same with
/var/run/qubes.
 2010-10-06 11:00:52 +02:00
Rafal Wojtczuk
7c1babe8aa Do not error when qvm-get-default-netvm returns empty string. 
It happens when installing qubes-core-dom0 for the first time.
 2010-10-06 10:55:32 +02:00
Joanna Rutkowska
28e1f962e5 core dom0 rpm: restart qubes_netvm only when using netvm in Dom0 
If we use a separate netvm, then core update in Dom0 doesn't really change the networking,
worse, if we restarted netvm it would get another XID, which would break our DispVM savefile.

One day we should fix it!
 2010-10-04 17:51:01 +02:00
Joanna Rutkowska
bbe085711d Restart qubes_core after Xen update 
This is needed to re-set qubes permissions on some Xen sockets
 2010-10-04 15:25:58 +02:00
Joanna Rutkowska
e1c0aa6eef dom0 rpm: start/stop qubes services for install/update 2010-10-04 14:21:14 +02:00
Rafal Wojtczuk
28fbb48845 Attach/detach pci devices from netvm upon resume/suspend 2010-09-30 18:22:26 +02:00
Rafal Wojtczuk
acac39ec41 rpmbuild wants pyo files in %files 2010-09-27 17:41:03 +02:00
Rafal Wojtczuk
90e3f4ffd8 Add reset_vm_configs.py script 2010-09-27 16:58:02 +02:00
Joanna Rutkowska
67537316cb core-dom0.rpm: Always do %post, not only when installing for the 1st time 2010-09-23 12:42:43 +02:00
Rafal Wojtczuk
0217dba40e Completed dvm->setupdvm name transition 2010-09-22 10:24:57 +02:00
Rafal Wojtczuk
e13e5027c3 qubes_dvm init.d script 
We want to set up a default dvm if needed at boot time; for this,
the default netvm must have been already started. Therefore, we
need a qubes_dvm script, that executes after qubes_netvm.
 2010-09-21 21:46:11 +02:00
Joanna Rutkowska
71baae50cb Merge branch 'ticket4' of git://qubes-os.org/rafal/core 2010-09-17 17:30:36 +02:00
Rafal Wojtczuk
e1de26f79a Require NetworkManager >= 0.8.1-1 
Unfortunately, config files layout changes with NM version; therefore
require >= 0.8.1-1.
This should also prevent NM from messing with VIF interfaces on suspend/resume.
 2010-09-17 15:16:01 +02:00
Joanna Rutkowska
9b8c018bc2 Merge branch 'qmemman' of git://qubes-os.org/rafal/core 2010-09-13 15:05:13 +02:00
Rafal Wojtczuk
1239643c73 Tell Network Manager to keep hands off vif interfaces 
...somehow indirectly, by specifying the mac; unfortunately I do not
see any other way.
 2010-09-07 13:18:08 +02:00
Rafal Wojtczuk
31e7e96056 Switch to routed VM network (instead of bridging) 
No headache from layer 2 attacks.
 2010-09-06 17:07:42 +02:00
Rafal Wojtczuk
64e8013dc2 Unify dom0 and netvm sysconfig/iptables 
Plus:
- dedicated chain for DNAT to nameservers
- prevent intervm networking. Can be conveniently overriden in necessary cases
by inserting ACCEPT clauses (per VM, probably) at the top of FORWARD
 2010-09-06 15:10:01 +02:00
Rafal Wojtczuk
1c337db989 qmemman: make meminfo-writer a C program 2010-09-03 16:23:09 +02:00
Rafal Wojtczuk
62487c0f1e Memory management across VMs, first release 2010-08-30 11:40:19 +02:00
Rafal Wojtczuk
4cf0a61858 Before restoring DVM, check for available xen memory 
As we already do xm mem-set 0 800 in qubes_core, this is a
correct check. Now, there should be no errors from qubes_restore
in normal circumstances.
 2010-07-27 16:08:09 +02:00
Rafal Wojtczuk
aa894b5700 qvm-create-default-dvm script 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
d46bf2a270 Pathnames cleanup 
Move internal scripts to /usr/lib/qubes plus a couple of similar.
 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
0c0f34ba9b DVM: manage savefiles 
Instead of hardcoded savefile name, use a symlink in
/var/run/qubes. Tools should set this symlink to a correct
savefile. Also, test whether the savefile is older than the
template root.img.
 2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
793b7b2596 Quick VM restore support 2010-07-21 12:56:21 +02:00
Joanna Rutkowska
c8ef500588 Pause/Unpause all running VMs on system suspend/resume 
This is to fix the VM lockup problem on HT processors that
occured after S3 resume (see ticket #52).

The qvm-run command now takes additional two switches:
--pause
--unpause
 2010-07-08 12:41:29 +02:00
Joanna Rutkowska
7bb022878c Dom0: rm qubes-r1-dom0.repo created by user during installation 
We want the user to use the qubes.repo that is installed by qubes-core-dom0
 2010-07-06 16:50:31 +02:00
Joanna Rutkowska
115df6f1af Dom0: sync wallclocks in all vms upon resume from S3 sleep 
This is really a workaround, until Xen implements proper suspend/resume
mechanism for notfying DomUs about system-wide S3 sleep.

See this thread for more details:

http://lists.xensource.com/archives/html/xen-devel/2010-07/msg00037.html
 2010-07-06 16:32:50 +02:00
Joanna Rutkowska
775e01a8e4 Make dom0, appvm, netvm use different qubes.repo 2010-06-18 01:41:10 +02:00
Joanna Rutkowska
096b1b9499 core-dom0.spec: disable unnecessary services in %post 
This is only until we will have a proper installer
 2010-06-15 12:20:53 +02:00
Joanna Rutkowska
ee7756b960 rpm specs: %post cleanup 
Moved some stuff from the begging of %post sections after the
'if installing-for-the-first-time' check.
 2010-06-15 00:02:48 +02:00
Joanna Rutkowska
c95fd449b7 Do not start NetworkManager from dom0 qubes_netvm script 
Mark it for auto-start instead by the system scripts
 2010-06-11 18:34:59 +02:00
Rafal Wojtczuk
4e6e4115e2 dom0 as netvm fixes 
Use /etc/sysconfig/iptables
Replace dnsmasq with DNAT
 2010-05-31 15:23:51 +02:00
Joanna Rutkowska
34653a06b2 Enable rsyslogd in Dom0 2010-05-31 11:54:33 +02:00
Rafal Wojtczuk
c75c185179 Add qubes.repo to all qubes-core-* rpms. 2010-05-30 15:45:40 +02:00
Rafal Wojtczuk
5e02d3ebb0 Precompilation of qubes.py 
On some systems rpmbuild will not automatically precompile qubes.py, resulting
in the core-dom0 rpm bukd failure.
 2010-04-10 13:52:19 +02:00
Joanna Rutkowska
a17989470a Initial public commit. 
(c) 2010 Invisible Things Lab

Authors:
=========
Joanna Rutkowska <joanna@invisiblethingslab.com>
Rafal Wojtczuk  <rafal@invisiblethingslab.com>
 2010-04-05 20:58:57 +02:00