Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,053 Commits 1 Branch 0 Tags 15 MiB
1b42142e05
Commit Graph

1053 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marek Marczykowski
1b42142e05 dom0/qrexec: change qrexec startup timeout to 60s (#373) 2011-10-18 00:09:34 +02:00
Marek Marczykowski
eadd4a7128 dom0/qvm-dom0-update: fix installing new packages 
Pass all args to UpdateVM command
 2011-10-17 23:27:29 +02:00
Marek Marczykowski
99c0356bf2 dom0: set first NetVM as ClockVM 2011-10-17 23:20:21 +02:00
Marek Marczykowski
db3ab9333a dom0/qvm-shutdown: increase timeout to 60s (#373) 2011-10-17 23:14:26 +02:00
Marek Marczykowski
c43a62e0bb dom0/qvm-shutdown: implement --wait in qvm-shutdown 2011-10-17 23:14:19 +02:00
Marek Marczykowski
6219c1b7ed dom0/qvm-shutdown: catch QubesException 2011-10-17 23:13:21 +02:00
Marek Marczykowski
3063ef35b7 dom0: move NetVM shutdown sanity check code to qvm-core 2011-10-17 22:45:04 +02:00
Marek Marczykowski
e6bbc83e0b vm: use fork/close/exec for calling editor (#358) 
To make sure that path is properly passed (no shell escapes etc).
 2011-10-17 02:10:03 +02:00
Marek Marczykowski
097c5331d6 dom0: remove obsolete xenfreepages 2011-10-14 12:29:03 +02:00
Marek Marczykowski
9b3b72cc74 dom0: introduce qvm-shutdown 2011-10-14 12:01:09 +02:00
Marek Marczykowski
abcd6416fc dom0: move shutdown to qvm-core 2011-10-14 11:59:33 +02:00
Marek Marczykowski
dfd0f73e30 vm: allow fsck on /rw filesystem 2011-10-12 17:24:29 +02:00
Marek Marczykowski
fd4166fb61 version 1.7.0 2011-10-12 14:17:18 +02:00
Marek Marczykowski
ede96353af dom0/qrexec: Add always allow option in qrexec confirmation dialog (#278) 2011-10-12 00:08:28 +02:00
Marek Marczykowski
810a59b6ce dom0/qvm-backup-restore: Allow to exclude some VMs while restoring backup (#296) 2011-10-11 01:52:11 +02:00
Marek Marczykowski
65bc4f6e95 dom0/qvm-backup/restore: backup and restore also dom0 home dir (#362) 
To keep desktop environment settings (like theme, wallpaper, screensaver etc).
 2011-10-11 01:48:47 +02:00
Marek Marczykowski
20522d04ec dom0: typo fix in comment 2011-10-11 01:41:53 +02:00
Marek Marczykowski
bc47334d21 dom0: fix cleanup_vif 2011-10-10 17:11:00 +02:00
Marek Marczykowski
7cf4abb04e dom0/dom0-updates: typo fix 2011-10-10 15:34:24 +02:00
Marek Marczykowski
e1ccda362c dom0/qvm-core: release lock in VM.start() right before starting qrexec (#344) 2011-10-10 11:23:14 +02:00
Marek Marczykowski
57aec48050 dom0/qmemman: alloc at least 100MB for domain 
If domain has less than 100MB it will cause OOM very soon - this isn't enough
for non-swappable data...
 2011-10-10 11:23:13 +02:00
Marek Marczykowski
ed23b0d6a2 dom0/qvm-tools: output diagnostics to stderr instead of stdout (#276) 2011-10-10 11:23:04 +02:00
Marek Marczykowski
05605f1394 dom0/qvm-core: ignore template_vm=None when loading qubes.xml 
This should result in more elegant error message in case of error in qubes.xml.
 2011-10-07 21:46:27 +02:00
Marek Marczykowski
98827c7020 dom0/qvm-core: output messages to stderr (#276) 2011-10-07 21:40:29 +02:00
Marek Marczykowski
9152bf6652 dom0/spec: disable prelink service 2011-10-07 21:28:26 +02:00
Marek Marczykowski
3876cf4070 dom0/dom0-updates: check for dom0 updates from cron (#354) 2011-10-07 21:28:16 +02:00
Marek Marczykowski
b3a125076b dom0/dom0-updates: add --gui and --check-only options (#354) 
Will be needed for automatically checking for updates
 2011-10-07 21:25:38 +02:00
Marek Marczykowski
cace6c02f4 vm/dom0-updates: add --gui switch as oposite to --nogui (#354) 
Dom0 can now control whether to use GUI or no - not relying on script default.
Actually it is used to cancel --nogui passed earlier.
 2011-10-07 21:13:00 +02:00
Marek Marczykowski
684578ba16 dom0/pm-utils: after suspend start qubes_core_netvm instead of NetworkManager directly 
Actually this is run for every VM with PCI device, so it can be AppVM, not
NetVM. qubes_core_netvm will check if it is NetVM before starting
NetworkManager.
 2011-10-07 21:11:08 +02:00
Marek Marczykowski
218dd2c50c dom0/pm-utils: remove both uhci and ehci NetVM modules before sleep 2011-10-07 21:07:25 +02:00
Marek Marczykowski
d576b9855c dom0/qvm-create: do not add PCI devs to new NetVM (#282) 
This makes sense only in firstboot - so move it there.
 2011-10-03 23:01:55 +02:00
Marek Marczykowski
053944470c dom0: improve vif cleanup 
Just remove dead devices from xenstore, there is no point in waiting for its
shutdown (which 'xl' does) as backend domain is dead.
 2011-10-03 22:54:45 +02:00
Marek Marczykowski
600877b830 dom0: use default values for values not present in qubes.xml 
Do not set them to None. This should improve compatibility with older versions of qubes.xml
 2011-10-01 10:33:25 +02:00
Marek Marczykowski
56f3d7ba75 dom0+vm/qvm-block: convert device size to bytes 2011-10-01 10:33:18 +02:00
Marek Marczykowski
f0038d2ec7 dom0: typo fix in default_fw_netvm saving 2011-10-01 02:55:22 +02:00
Marek Marczykowski
3c7f8b97cd dom0: return datatime value in get_start_time (#315) 2011-10-01 02:54:18 +02:00
Marek Marczykowski
7ae0c52e6d dom0: introduce ClockVM - timesource for dom0 (#361) 2011-10-01 02:54:00 +02:00
Marek Marczykowski
287da572e9 dom0+vm: introduce 'qubes-service' xenstore dir - enable/disable VM services from dom0 
This allows control which services are started in VM by dom0. For some
situation vm_type was used, but it isn't enough - i.e. ntpd should be started
in one, selected NetVM.
 2011-10-01 02:49:25 +02:00
Marek Marczykowski
d456ec4575 dom0/qmemman: call do_balance after each domain list change notification (#246) 
For unknown reason watch '@releaseDomain' is called twice: first when domain
disappeared from xenstore, second when resources (including memory) are freed.
So call do_balance after each of this event to redistribute freed memory.
 2011-09-30 15:23:57 +02:00
Marek Marczykowski
aa08f555c3 dom0+vm: minor fixes in qvm-block scripts 2011-09-30 11:20:03 +02:00
Marek Marczykowski
5fc5301cee Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 2011-09-30 10:46:04 +02:00
Marek Marczykowski
8d855aa958 dom0+vm/qvm-block: automatically detach device when physical dev removed (#226) 
This will work when device is unmounted. On mounted device backend will be
removed (after 3s timeout), but frontend will left in "closing" state - manual
'xl block-detach' will be needed.
 2011-09-30 10:42:56 +02:00
Marek Marczykowski
111d807ae0 dom0: include qubesutils in rpm package (#226) 2011-09-30 10:42:56 +02:00
Marek Marczykowski
960b02e8ed dom0+vm: make sure that block backend module is loaded when needed (#226) 2011-09-30 10:42:50 +02:00
Marek Marczykowski
e3993ca5f9 dom0: qvm-block tool, new qubesutils python module (#226) 2011-09-29 13:56:22 +02:00
Marek Marczykowski
64be313847 dom0: change Domain-0 name to "dom0" to match qubes tools 2011-09-29 13:56:22 +02:00
Marek Marczykowski
6b885bd361 dom0+vm: expose block devices info in xenstore (#226) 2011-09-29 13:56:06 +02:00
Marek Marczykowski
801e113c06 vm: minor fixes for Fedora 15 
1. create /var/run/qubes as /var/run is now on tmpfs
2. if system-d is present - use it to disable NetworkManager
 2011-09-27 01:37:09 +02:00
Joanna Rutkowska
e6585a85a6 version 1.6.32-dom0 2011-09-26 17:54:50 +02:00
Joanna Rutkowska
59f71f634a dom0: Fix xenstore permissions qubes_netvm_external_ip 
We should ensure that the first expression in the permisions list
is nX, where X is the owning domain, and not rX or wX, as otherwise
we would be granting all other VMs read access to the key.

This is explained in more detail here:

http://wiki.xensource.com/xenwiki/XenBus

In practice the perms problem applied only to the qubes_netvm_external_ip key
that is exposed by each NetVM to corresponding Proxy VMs. Before this fix,
the key was readable by any VM in the system, which might not be desired in some
more advanced networking setups, such as with Tor Proxy VM.
 2011-09-26 17:24:11 +02:00