Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
2,308 Commits 1 Branch 0 Tags 20 MiB
11243a51d3
Commit Graph

2308 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marek Marczykowski
eb5ba60da7 vm/spec: force legacy iptables services 2013-02-12 01:38:30 +01:00
Marek Marczykowski
22a0d391c2 vm: revert /etc/yum.conf exclude config 
Upgrade of kernel is suppressed by qubes-vm-kernel-placeholder package.
Excluding xorg packages makes more problems than goods (e.g. unable to
install dummy driver, block fedora bugfixes).
 2013-02-12 01:38:30 +01:00
Marek Marczykowski
0936152e12 vm/systemd: disable NetworkManager-wait-online when NM inactive 2013-02-12 01:38:30 +01:00
Marek Marczykowski
e14ce10da6 dom0/core: treat 'halting' VM still as running 
This is especially important for qvm-shutdown --wait - to wait for VM
really shut down.
 2013-02-12 01:38:30 +01:00
Marek Marczykowski
268cbfdc84 vm: require net-tools 
Needed to setup network in VM
 2013-02-12 01:38:30 +01:00
Marek Marczykowski
c78128490d vm/systemd: break dependency loop 
qubes-misc-post provides /rw/home, required by NetworkManager, so do not
try start it after network.target
 2013-02-12 01:38:29 +01:00
Marek Marczykowski
7264576364 vm/systemd: change Names= to Alias= 
As recommended by systemd manual page.
 2013-02-12 01:38:29 +01:00
Marek Marczykowski
fb7fb432c9 dom0/systemd: delay netvm startup after qmemman is ready. 2013-02-12 01:38:29 +01:00
Marek Marczykowski
07d7957caa dom0: install PolicyKit allow-all rules 
Same purpose as sudo rule - the user already can do almost all
administrative tasks and access all VMs data, so do disable annoying
password prompt (eg at system shutdown), which do not add any real
security layer.
 2013-02-12 01:38:29 +01:00
Marek Marczykowski
1579340802 vm: move polkit configs from qubes-gui-vm package 2013-02-12 01:38:29 +01:00
Marek Marczykowski
d2dc386997 vm/kernel-placeholder: update provided version 
Some fc18 packages requires >3.5 kernel, so update kernel-placeholder
appropriate (according to newest available package in unstable
repository).
 2013-02-12 01:38:29 +01:00
Marek Marczykowski
c94058cac4 dom0/qvm-tools: check if VM is running before shutdown/kill 2013-02-07 11:38:06 +01:00
Marek Marczykowski
fdd4078624 dom0/core: minor comment adjustment 2013-02-07 11:31:28 +01:00
Marek Marczykowski
c631b0b632 dom0/core: fix race in QubesVm.is_outdated() 2013-02-07 11:31:06 +01:00
Marek Marczykowski
ce268730d4 version 2.1.11 2013-01-27 00:22:09 +01:00
Marek Marczykowski
5c3a3b8e32 Merge remote-tracking branch 'joanna/master' 2013-01-27 00:21:09 +01:00
Marek Marczykowski
b8ccfd6e2e dom0/init: implement systemd unit files 
They cover standard init.d scripts when system have systemd, so can be placed
both in one package.
 2013-01-27 00:04:40 +01:00
Marek Marczykowski
fb36ce40d6 dom0/udev: allow only one xenstore-write at the time 
This apparently causes deadlocks when many xenstore-write (one for each block
device) called at the same time.
 2013-01-27 00:02:30 +01:00
Marek Marczykowski
f72dabba87 dom0/dispvm: do not fail when qvm-create-default-dvm called as root 2013-01-27 00:01:56 +01:00
Marek Marczykowski
56d0af3059 dom0/core: fix handling ProxyVM netvm set to None 2013-01-27 00:01:23 +01:00
Marek Marczykowski
70afd03440 dom0/updates: fix error reporting 
Pass full path to dom0updates_fatal, otherwise wrong package will not be removed.
 2013-01-26 23:59:54 +01:00
Marek Marczykowski
d99ebe043c dom0/updates: add groups definition from fc18 2013-01-26 23:58:44 +01:00
Marek Marczykowski
4f71c5aeda dom0/init: create /var/run/qubes at startup and set permissions 
If /var/run is on tmpfs (which is the case in fc18), its subdirs must be
recreated at each reboot. As we already have script for similar things, just
extend it.
Also make /proc/xen/xenbus user-accessible for xenstore reads/writes.
 2013-01-25 10:58:32 +01:00
Marek Marczykowski
5de6f5ad10 dom0/core: get timezone from /etc/localtime symlink 
Fedora 18 doesn't have /etc/sysconfig/clock. Instead have /etc/localtime
symlinked to real timezone (instead of hardlinked like before), so now it is
easy to get destination TZ name.
 2013-01-25 03:10:12 +01:00
Marek Marczykowski
75fc222545 dom0/dracut: support new dracut module interface 2013-01-25 03:09:18 +01:00
Marek Marczykowski
acbdccbd61 makefile: support dom0 different than fc13 2013-01-25 03:07:16 +01:00
Marek Marczykowski
24b4e5efd0 dom0: use any python2, not explicit python2.6 
Especially allow python 2.7 (fc18).
 2013-01-23 06:28:07 +01:00
Marek Marczykowski
7363f477dc dom0/core: when starting NetVM from other VM.start() pass the start() parameters 2013-01-23 06:27:03 +01:00
Marek Marczykowski
f3aab44798 dom0/core: fix qubes.xml load code (clockvm setting) 2013-01-23 02:04:34 +01:00
Marek Marczykowski
82f3092803 dom0/qvm-backup-restore: adjust for new QubesVmCollection API 2013-01-22 00:34:13 +01:00
Marek Marczykowski
ae56b17a19 dom0/qvm-tools: adjust for new QubesVmCollection API 2013-01-22 00:33:35 +01:00
Marek Marczykowski
3da1795e72 dom0/core: preserve VM label at VM clone 2013-01-22 00:31:18 +01:00
Marek Marczykowski
8600ea07b8 dom0/core: shutdown right VM (based on XID) in case of failed qrexec startup 
The user can restart the VM in the meantime (especially when first startup
failed). Basing here on name will kill the new one VM instead of dead one.
 2013-01-19 18:05:57 +01:00
Marek Marczykowski
52e16037f2 dom0/core: new QubesVmCollection.add_new_vm function 
Generic function to add new VM of any type. Old add_*vm marked as depreciated.
 2013-01-17 01:29:32 +01:00
Marek Marczykowski
84e85c6a9a dom0/core: major rework of QubesVmCollection class 
No longer individual QubesVm attributes hardcoded in QubesVmCollection
(qubes.xml load). Now it is integrated to QubesVm attributes machinery. Also
QubesVmCollection have no longer hardcoded supported VM types - this will
greatly improve code extension possibilities.

This commit doesn't cover QubesVmCollection.add_*vm methods (which are broken
for now because of missing "collection" argument to QubesVm constructor). This
will be done in next commit.
 2013-01-17 01:18:42 +01:00
Marek Marczykowski
bc39e05a6a dom0/core: enforce QubesHVm defaults in more elegant way 2013-01-17 01:16:51 +01:00
Marek Marczykowski
a2d387bebc dom0/core: pass all args of QubesDom0NetVm constructor to base class 2013-01-17 01:01:18 +01:00
Marek Marczykowski
623e4ab8cc dom0/core: remove unused function 2013-01-17 00:21:19 +01:00
Marek Marczykowski
73a540e5e5 dom0/core: save real netvm of DispVM 
Netvm of DispVM is based on DispVM-template settings. So save the real one
instead of assuming default netvm.
 2013-01-17 00:21:03 +01:00
Marek Marczykowski
917ccc2a4b vm/systemd: start misc-post after network 
This will ensure that /rw/config/rc.local is called after applying default
iptables rules, so it can safely modify it without the risk to be overridden
later by default ones.
 2013-01-11 23:49:46 +01:00
Marek Marczykowski
367db74378 dom0/core: fix HVM settings on upgrade 2013-01-11 16:21:25 +01:00
Marek Marczykowski
c5ae049e3b Revert "dom0/spec: fix HVM settings on upgrade" 
This reverts commit 4b44f977db.
This doesn't actually fix the problem, because in %post new qubes.py is already
installed and maxmem=memory is no longer true.
 2013-01-11 15:28:55 +01:00
Marek Marczykowski
4b44f977db dom0/spec: fix HVM settings on upgrade 
HVM should have meminfo-writer disabled by default (and now have). But existing
VMs have it already enabled so it must be fixed now. Generic HVM isn't capable
of dynamic memory management.

Previously it was forced to always have maxmem=memory but it wasn't fully
correct because someone could install Qubes agents/PV drivers including
meminfo-writer and xen-balloon even in HVM so it should be possible to turn it.
 2013-01-11 05:05:44 +01:00
Marek Marczykowski
214461f448 vm/network: create NetworkManager config link only once 2013-01-11 05:05:39 +01:00
Marek Marczykowski
2f5155437c dom0/core: disable meminfo-writer for HVM by default 2013-01-11 01:12:30 +01:00
Olivier Medoc
3d096f69af dom0/qvm-core: allow the user to select initial-memory != max-memory if meminfo-write service is enabled 2013-01-11 01:12:30 +01:00
Olivier Medoc
1f513edd2f dom0/qvm-core: implemented guiagent_installed preference for HVm 2013-01-11 01:12:29 +01:00
Olivier Medoc
9ebfd63bef dom0/qvm-core: normalized wait session code to be technology independent through the WaitForSession rpc call 2013-01-11 01:12:29 +01:00
Olivier Medoc
4fa76a5f79 core/tools: use gui notification for qvm-start 
dom0/qvm-core: propagated notify_function to qrexec
 2013-01-11 01:12:29 +01:00
Olivier Medoc
6d6c744f2c vm/qubes_rpc: implement qubes.WaitForSession 
RPC call will be used in vm.start function instead of the hardcoded echo > /tmp/qubes-session-waiter
 2013-01-11 01:12:23 +01:00