Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
779 Commits 1 Branch 0 Tags 15 MiB
2600134e3b
Commit Graph

779 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rafal Wojtczuk
2600134e3b qrexec: tiny corrections to rpc autostart code 2011-07-07 10:38:15 +02:00
Rafal Wojtczuk
77f21e08a4 qrexec: corrected stupid typo 2011-07-07 10:06:45 +02:00
Rafal Wojtczuk
65fe9e1b93 qrexec: manually autostart target rpc domain 
option 2) from the previous commit comment
 2011-07-07 10:05:41 +02:00
Rafal Wojtczuk
11c1cb0aa2 qrexec: temporarily disable auto executing domains upon rpc request 
There are two problems with qvm-run -a:
1) even with -q flag, it spits to stdout (actually, "xl create" does it), and
this garbage is received by rpc client
2) even with -q flag, it steals input (actually, "qrexec ... wait for session")

These two can be manually fixed (by passing /dev/null appropriately); hovewer,
this is prone to disaster if qvm-run is enhanced/broken later.

We could do
if is_domain_running() ; then
	run qrexec client
else
	qvm-run -a domain true </dev/null >/dev/null
	run qrexec client
fi
which looks safer; but is_domain_running() is a bit expensive even in "running"
case - we need to xl_context.list_domains anyway.

Gotta decide on one of these.
 2011-07-07 09:13:51 +02:00
Rafal Wojtczuk
c80ee3b231 qrexec: allow for more options in the policy files 2011-07-06 18:34:00 +02:00
Rafal Wojtczuk
7b39b15f6d qrexec: enforce strict character set in TRIGGER_EXEC message 2011-07-06 17:07:40 +02:00
Rafal Wojtczuk
ab6aeb0bca qrexec: in qrexec_client_vm, need to preserve absolute exe name before execv 2011-07-06 16:51:56 +02:00
Rafal Wojtczuk
243d488d99 qrexec: package qubes.SyncAppMenus files 2011-07-06 16:27:09 +02:00
Rafal Wojtczuk
6366db0ab6 qrexec: adjust updates fetching to the new qrexec api 2011-07-06 14:44:40 +02:00
Rafal Wojtczuk
b3ce35b5e2 qrexec: change qrexec_client_vm syntax to be nicer to read 
Now the local_program is just before arguments, which is nicer.
 2011-07-06 14:21:35 +02:00
Rafal Wojtczuk
d46150b8d3 qrexec: adjust appmenu syncing to the new qrexec api 2011-07-06 14:09:36 +02:00
Rafal Wojtczuk
7d79a15c4b qrexec: support for rpc with dom0 as target 2011-07-06 13:56:57 +02:00
Rafal Wojtczuk
2fdf9761c7 qrexec: adjust DispVM code to the new qrexec API 
Note, we have qvm-open-in-vm totally for free.
 2011-07-06 12:32:20 +02:00
Rafal Wojtczuk
b7e8c2708c qrexec: adjust intervm file copy code to the new qrexec API 2011-07-06 10:17:58 +02:00
Rafal Wojtczuk
5b78e8f983 qrexec: dup old stdin/out fds, pass the dup-ed fds in SAVED_FD_%d env var 2011-07-05 20:01:28 +02:00
Rafal Wojtczuk
ecf200dca3 qrexec: last two missing pieces of the new rpc infrastructure 2011-07-05 18:35:03 +02:00
Rafal Wojtczuk
1e355f11d2 qrexec: in agent, use nonzero "fake" pid for existing process 
Because 0 means invalid entry.
Also make sure that the rest of code handles -1 pid fine.
 2011-07-05 13:04:34 +02:00
Rafal Wojtczuk
2c23891856 Revert "qrexec: in agent, use nonzero "fake" pid for existing process" 
This reverts commit 9e77e8831e.
 2011-07-05 12:58:27 +02:00
Rafal Wojtczuk
9e77e8831e qrexec: in agent, use nonzero "fake" pid for existing process 
Because 0 means invalid entry.
 2011-07-05 12:49:06 +02:00
Rafal Wojtczuk
9ac98a77b9 qrexec: in agent, handle CONNECT_EXISTING the way convenient for client 2011-07-05 12:46:33 +02:00
Rafal Wojtczuk
703cedc708 qrexec: fixed qrexec_client getopt handling 2011-07-05 11:04:44 +02:00
Rafal Wojtczuk
9c7eb81a23 qrexec: add qrexec_client_vm.c 2011-07-05 11:03:31 +02:00
Rafal Wojtczuk
b4f28152b8 qrexec: CONNECT_EXISTING command handling in daemon and client 2011-07-04 20:55:25 +02:00
Rafal Wojtczuk
c05b26763a qrexec: new communication scheme, agent<->server part 
1) Instead of a set of predefined commands, we send MSG_AGENT_TO_SERVER_TRIGGER_CONNECT_EXISTING msg with a parameter (e.g. "org.qubes-os.vm.Filecopy")
defining required action
2) qrexec_daemon just forks qrexec_policy, that will take care of actually
allowing and executing required action
3) after MSG_AGENT_TO_SERVER_TRIGGER_CONNECT_EXISTING, qrexec_agent does not
execute a command - it justs uses already established file descriptors to
send data to/from. Thus, there is no need to use ~/.xxxxxspool - a command line
tool can have direct access to remote fds.
 2011-07-04 18:56:56 +02:00
Rafal Wojtczuk
732a90443e qrexec: move daemon-specific code out of unix_server.c 
So that agent can use code in unix_server.c
 2011-07-04 17:06:29 +02:00
Rafal Wojtczuk
60a435eb1e Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core into syncmarek 
Conflicts:
	dom0/init.d/qubes_core
 2011-07-04 15:28:40 +02:00
Marek Marczykowski
33fa170e75 vm: remove /lib/modules from fstab (#263) 
This is mounted by initramfs
 2011-07-03 20:53:36 +02:00
Marek Marczykowski
fdf636f50e vm: Do not setup IP second time 
It is assigned by udev script
 2011-07-03 20:11:55 +02:00
Marek Marczykowski
d16b6f24f9 dom0: fix cmdline of DispVM guid (#248) 2011-07-02 22:44:49 +02:00
Marek Marczykowski
4c69dbb7d9 dom0: remove support for netvm=dom0 from init.d/qubes_netvm 2011-07-02 19:22:29 +02:00
Marek Marczykowski
11a96f70de vm: Load evtchn module by script in /etc/sysconfig/modules 2011-07-02 19:11:15 +02:00
Marek Marczykowski
af7fb11a4a Revert "vm: Load evtchn module in qubes_core" 
This reverts commit 26a9b77545.
Will be loaded by separate script in /etc/sysconfig/modules

Conflicts:

	common/qubes_core
 2011-07-02 19:09:28 +02:00
Marek Marczykowski
cd7024cad1 Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 2011-07-02 18:49:18 +02:00
Marek Marczykowski
35e18029c1 dom0: use default kernel for new VMs 2011-07-02 18:48:17 +02:00
Joanna Rutkowska
a9a238579d version 1.6.6 2011-07-02 13:36:19 +02:00
Joanna Rutkowska
1ef800414a Dom0: qubes.py: honor the verbose flag when printing debuging messages 2011-07-02 13:35:59 +02:00
Joanna Rutkowska
8d926960f5 Dom0: Do not try to load non-existent xen-pciback module... 
Load just the pciback, which is how it is named on our kernels, and do not scare the user with weired error messages.
 2011-07-02 13:18:11 +02:00
Joanna Rutkowska
88098ae69b vm: qubes_core ident fixes 2011-07-02 13:14:57 +02:00
Joanna Rutkowska
26a9b77545 vm: Load evtchn module in qubes_core 2011-07-02 13:12:53 +02:00
Joanna Rutkowska
1023109c01 version: 1.6.5 2011-07-02 00:30:28 +02:00
Joanna Rutkowska
3428d95015 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-07-02 00:29:32 +02:00
Marek Marczykowski
a1ef7d01ea dom0: Disallow directly setting kernel version for template-based VM 2011-07-02 00:24:37 +02:00
Marek Marczykowski
01a5046e54 vm: Load u2mfn module 2011-07-02 00:24:20 +02:00
Joanna Rutkowska
bfa03d5fb9 Update VM yum repos confs for Beta2 2011-07-01 22:56:11 +02:00
Joanna Rutkowska
74550bf949 Makefile: don't autoupdate yum repo after copying rpms there 2011-06-30 20:47:48 +02:00
Joanna Rutkowska
131e4df676 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-06-30 20:41:57 +02:00
Marek Marczykowski
894e01ce16 dom0+vm: version 1.6.4 2011-06-30 01:27:14 +02:00
Marek Marczykowski
180d7ed68e dom0: Allow multiple versions of kernel-qubes-vm installed 2011-06-30 01:18:39 +02:00
Marek Marczykowski
f447a458f2 dom0+vm: Update VM kernel mechanism (#242) 
Get kernel from global kernels dir (/var/lib/qubes/vm-kernels), not per-VM. Can
be configured by qvm-prefs (kernel parameter).
New tool: qvm-set-default-kernel

For backward compatibility kernel=None means kernel in VM dir (kernels subdir).
(possibly empty) modules.img should be created in it.
 2011-06-30 01:07:47 +02:00
Marek Marczykowski
f3d908a23b dom0: qvm-sync-appmenus: limit size of retrieved data 2011-06-30 00:56:25 +02:00