Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,526 Commits 1 Branch 0 Tags 15 MiB
286339dd82
Commit Graph

1526 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marek Marczykowski
286339dd82 dom0/iptables: block IPv6 traffic 
Dom0 is network isolated anyway, but apply also firewall in case of use
qubes-dom0-network-via-netvm.
 2012-09-25 16:14:31 +02:00
Marek Marczykowski
a90a21b8ff vm/iptables: block IPv6 traffic 
This isn't properly handled by Qubes VMs yet, so block it in all the VMs.
Also restrict access to firewall config.
 2012-09-25 16:14:06 +02:00
Marek Marczykowski
decf7ef648 vm/yum-proxy: one more regexp fix 2012-09-25 15:08:06 +02:00
Marek Marczykowski
f710531f68 vm/yum-proxy: filter regexp: add missing ^$ marks, remove unneded .* at the beginning 
Reported-by: Igor Bukanov <igor@mir2.org>
 2012-09-25 13:37:59 +02:00
Marek Marczykowski
11ae1f45fc vm/systemd: early user-configurable init script 2012-09-23 23:28:58 +02:00
Marek Marczykowski
dd7fe532ae vm/yum-proxy: allow pkgtags repodata 2012-09-19 12:55:45 +02:00
Marek Marczykowski
3ecc031603 dom0/core: allow '_' in VM name 2012-09-14 12:58:00 +02:00
Joanna Rutkowska
614573d0a3 version 1.7.45 2012-08-29 10:48:23 +02:00
Joanna Rutkowska
23f3f424e5 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2012-08-29 10:46:02 +02:00
Marek Marczykowski
629ae5317c vm/qrexec: fix race between child cleanup and select call 
reap_children() can close FD, which was already added to FD_SET for select.
This can lead to EBADF and agent termination.
 2012-08-27 01:26:12 +02:00
Marek Marczykowski
e80ff6bdeb dom0/spec: mark qrexec policy as config files 
Prevent override on upgrade, when user makes some own changes (especially
"always allow" feature).
 2012-08-27 01:25:39 +02:00
Marek Marczykowski
3b320878ac dom0/qvm-block: rework device name parsing to better support c0p1 name style 2012-08-26 14:42:32 +02:00
Joanna Rutkowska
2c12096f98 version 1.7.44-dom0 2012-08-23 12:19:37 +02:00
Marek Marczykowski
1cd3ef3456 dom0/qvm-tools: catch exceptions while settting VM name (#656) 2012-08-23 04:02:50 +02:00
Marek Marczykowski
536eb00b9c dom0/core: verify VM name for not-allowed characters (#656) 2012-08-23 04:01:55 +02:00
Marek Marczykowski
dde1b5b2f5 dom0/qrexec: use QUBESRPC instead of direct multiplexer path 2012-08-23 03:59:31 +02:00
Marek Marczykowski
cc23d3cb3d dom0/qubes_rpc: mark untrusted variables (#654) 2012-08-16 16:56:55 +02:00
Marek Marczykowski
26fca20d45 dom0/qmemman: fix reporting to qubes-manager 
When VM is shutting down, xenstore entries (especially 'name') can be deleted
before qmemman remove VM from its list. So check if name is defined before
reporting to qubes-manager.
 2012-08-16 16:56:55 +02:00
Marek Marczykowski
9b3a77bc1d dom0: move RPC services to separate directory (#654) 
This makes more clear which code have contact with untrusted data from VM.
 2012-08-16 16:56:16 +02:00
Joanna Rutkowska
ba85ca2df2 version 1.7.43 2012-08-10 14:45:19 +02:00
Marek Marczykowski
f41759a8b7 vm: ignore additional actions in *.desktop files (#631) 2012-08-10 11:08:05 +02:00
Marek Marczykowski
038933789d vm/updates-proxy: fix regexp (#643) 2012-08-06 14:59:10 +02:00
Marek Marczykowski
4f56cf420a dom0/core: add missing "cleanup_dispvms" file (#648) 2012-08-06 14:57:30 +02:00
Marek Marczykowski
e1404a2d4f dom0/qvm-run: do not break --all when run in one VM failed 2012-08-04 04:15:33 +02:00
Marek Marczykowski
fa17c541af dom0: cleanup dead DispVMs at system startup (#648) 2012-08-04 00:57:34 +02:00
Marek Marczykowski
7677854fd2 dom0/core: make verbose parameter of create_appmenus optional 2012-08-04 00:37:14 +02:00
Marek Marczykowski
b7d2667b1d vm/kernel-placeholder: simplify upgrade 2012-07-30 23:16:05 +02:00
Marek Marczykowski
a680976f1e dom0/updates: show errors from qubes-receive-updates 
Especially when signature verification failed, show message about it, not
enigmatic "Could not open/read
file:///var/lib/qubes/updates/repodata/repomd.xml"
 2012-07-30 23:16:05 +02:00
Marek Marczykowski
4ffe3e0391 dom0/qvm-block: fix error handler 2012-07-30 23:16:05 +02:00
Marek Marczykowski
c2d4b0de62 dom0/updates: typo fix in qubes-manager statfile handling 2012-07-30 23:16:05 +02:00
Joanna Rutkowska
65a08f7bae version 1.7.42 2012-07-30 16:59:19 +02:00
Marek Marczykowski
be389bddb9 dom0/core: allow custom kernel for non-updateable VMs 2012-07-28 01:40:24 +02:00
Marek Marczykowski
18c9af90c7 dom0/core: fix qubes-session wait code 2012-07-28 00:55:12 +02:00
Marek Marczykowski
b691f57bbf vm: kernel-placeholder package to inhibit real kernel pkg in VM (#645) 
Some packages depends on kernel (ex fuse, pulseaudio), but kernel in VM is
managed by dom0. Any hack like exlude or so on will break some things, so
install empty placeholder package to fulfill dependencies.
 2012-07-23 23:17:50 +02:00
Marek Marczykowski
cc12b58c2e Merge remote-tracking branch 'joanna/master' 2012-07-23 22:16:42 +02:00
Marek Marczykowski
ad7da49e74 dom0/core: remove ugly hack in network-reconnect code (#637) 2012-07-22 01:33:08 +02:00
Marek Marczykowski
9c912694be vm/prepare-dvm: wait for Xorg in more deterministic way (#636) 2012-07-22 01:23:45 +02:00
Marek Marczykowski
6da61af323 dom0/backup-restore: fix netvm field in summary 2012-07-21 00:12:18 +02:00
Joanna Rutkowska
f2d8142823 version 1.7.41-dom0 2012-07-20 23:22:43 +02:00
Marek Marczykowski
6580fc70a7 Merge branch 'master' of git://git.qubes-os.org/joanna/core 
on (#635)

Parse config and setup socket before fork.
 2012-07-20 23:01:06 +02:00
Marek Marczykowski
a97458ad08 dom0/core: do not reset firewall on clone_attrs 2012-07-20 22:55:28 +02:00
Marek Marczykowski
dc95349145 dom0/backup-restore: fix verification of VMs in backup 2012-07-20 22:55:28 +02:00
Marek Marczykowski
e7477cfaf2 dom0/core: minor comments improvements 2012-07-20 22:55:28 +02:00
Marek Marczykowski
dbbb168b66 dom0/core: improve diagnostics of qmemman errors 2012-07-20 22:55:17 +02:00
Joanna Rutkowska
00d4da8ee0 version 1.7.40-dom0 2012-07-20 16:47:36 +02:00
Joanna Rutkowska
6ae56d7e18 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2012-07-20 16:45:35 +02:00
Marek Marczykowski
5ea32bd11b dom0/meminfo-writer: fork into background after first info sent to qmemman (#635) 2012-07-20 16:42:12 +02:00
Marek Marczykowski
148e5e55f7 dom0/qmemman: fork into background after daemon initialization (#635) 
Parse config and setup socket before fork.
 2012-07-20 16:42:11 +02:00
Joanna Rutkowska
47f297f411 version 1.7.39 2012-07-20 13:36:20 +02:00
Joanna Rutkowska
eb74c823d5 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2012-07-20 13:34:49 +02:00