Commit Graph

5314 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
4e26588bb3 core/hvm: remove xenstore code
QubesDB does not require setting up directory (and permissions), so just
remove the function.
2015-02-07 01:12:29 +01:00
Marek Marczykowski-Górecki
89f8f219bf core: changes in libvirt config for libvirt-1.2.12 2015-02-05 06:31:00 +01:00
Marek Marczykowski-Górecki
17a92dd179 tests: fix checking of ping return code
Switch ==1 to !=0 - ping can exit with different errors (timeout,
resolve failed etc), but we don't care what was the reason.
2015-02-02 04:50:37 +01:00
Marek Marczykowski-Górecki
26a9dcda66 tests: actually install network tests 2015-02-02 04:50:26 +01:00
Marek Marczykowski-Górecki
2554d6aee3 Ensure that qubes-netvm.service is started after libvirtd 2015-02-02 04:49:56 +01:00
Marek Marczykowski-Górecki
c74fda802c Use tmpfile.d to create /var/run subdirs
This way it will be done much earlier, so qubes-db can be started before
qubes-core.service - which will solve startup dependency loop problem.
2015-02-02 04:48:42 +01:00
Marek Marczykowski-Górecki
db95153619 doc: typo fix 2015-01-30 01:40:41 +01:00
Marek Marczykowski-Górecki
72cf3a8201 core: remove kernel properties from DispVM and Dom0 (#948)
Qubes does not keep track of those kernel versions.

Conflicts:
	core-modules/01QubesDisposableVm.py
2015-01-30 01:40:40 +01:00
Marek Marczykowski-Górecki
2f7b3adeec doc: qvm-create-default-dvm (#940) 2015-01-30 01:39:59 +01:00
Marek Marczykowski-Górecki
c2675c00e7 doc: sync qvm-service documentation 2015-01-30 01:39:59 +01:00
Marek Marczykowski-Górecki
59a5ae9415 doc: add qvm-services: set-default-route, set-dns-server 2015-01-30 01:39:59 +01:00
Marek Marczykowski-Górecki
6b05d5b392 Add qvm-trim-template tool
Based on work done by Matt McCutchen <matt@mattmccutchen.net>, details
here:
https://groups.google.com/d/msgid/qubes-users/1417939737.2033.24.camel%40localhost
2015-01-30 01:39:59 +01:00
Marek Marczykowski-Górecki
49d510dc65 core: prevent permissions error when VM was started by root
When VM is started by root, config file is created with root owner and
user has no write access to it. As the directory is user-writable,
delete the file first.

Conflicts:
	core-modules/000QubesVm.py
2015-01-30 01:39:57 +01:00
Marek Marczykowski-Górecki
52334bc414 core: fix firewall update code
Do not load qubes.xml again, it can cause race conditions between two
instances of the same VM objects.
Especially when VM is starting ProxyVM to which it is connected,
firewall rules could not be loaded.
2015-01-30 01:38:56 +01:00
Marek Marczykowski-Górecki
c489a81dfa tests: networking 2015-01-30 01:38:56 +01:00
Marek Marczykowski-Górecki
25c425920c qvm-tools: fix error reporting in qvm-kill 2015-01-30 01:38:56 +01:00
Marek Marczykowski-Górecki
73301a67c8 core: fix vm.run(..., passio=False) handling
Long time ago passio=True was used to replace current process with
qrexec-client directly (qvm-run --pass-io was the called), but this
behaviour is not used anymore (qvm-run was the only user). And this
option was left untouched, with misleading name - one would assume that
using passio=False should disallow any I/O, but this isn't the case.

Especially qvm-sync-clock is calling clockvm.run('...', wait=True),
default value for passio=False. This causes to output data from
untrusted VM, without sanitising terminal sequences, which can be fatal.

This patch changes passio semantic to actually do what it means - when
set to True - VM process will be able to interact with
stdin/stdout/stderr. But when set to False, all those FDs will be
connected to /dev/null.

Conflicts:
	core-modules/000QubesVm.py
2015-01-30 01:38:52 +01:00
Marek Marczykowski-Górecki
1da8ab5823 core: Add missing import 2015-01-08 03:55:02 +01:00
Marek Marczykowski-Górecki
adff88101a Rework QubesWatch implementation for libvirt events 2014-12-26 02:56:38 +01:00
Marek Marczykowski-Górecki
d4ab70ae9d core: update qvm-block code for HAL API
Use QubesDB to get list of devices, call libvirt methods to
attach/detach devices.
2014-12-12 03:59:01 +01:00
Zrubi
b4e0833cb7 qubes-hcl-report v2.2
- Network devices section added to HCL Info output
2014-12-05 19:33:17 +01:00
Zrubi
55fce5dd36 qubes-hcl-report v2.1
- script redesign,
- fixed VT-d, VT-x detection,
- Support File generation is optional,
- the results are kept in dom0 by default,
- version and usage info added.

(cherry picked from commit f5845b2df1db19da37f02ace24f29a82660c39ff)
2014-12-05 17:06:17 +01:00
Marek Marczykowski-Górecki
7a3bce6c61 core: fix is_paused method 2014-11-29 02:58:47 +01:00
Marek Marczykowski-Górecki
6da608783f version 3.0.0 2014-11-22 16:24:11 +01:00
Marek Marczykowski-Górecki
ebb9a1fcb2 dispvm: fix tray notifications (#874)
Conflicts:
	dispvm/qfile-daemon-dvm
2014-11-21 23:46:58 +01:00
Marek Marczykowski-Górecki
592a4901c9 core: import monitorlayoutnotify instead of calling it as external script
Otherwise deadlock could happen - the script will try to get read lock
on qubes.xml, while the calling tool can already hold the lock. If that
was write lock (which is in case of qfile-daemon-dvm), the deadlock
occurs.
2014-11-21 21:45:03 +01:00
Marek Marczykowski-Górecki
ce716f9c5a rpm: add R: PyQt4 for guihelpers module
It was pulled by qubes-manager, but since it is optional, we shouldn't
rely on its dependencies.
2014-11-21 20:09:57 +01:00
Wojciech Zygmunt Porczyk
6b0a5f9738 storage/xen.py: always initialise args['otherdevs'] 2014-11-19 12:50:32 +01:00
Marek Marczykowski-Górecki
37696b7d43 rpm: move xenconsoled configuration to xen package 2014-11-19 12:50:32 +01:00
Marek Marczykowski-Górecki
1df73d31c6 core: xid is no longer local variable here 2014-11-19 12:50:32 +01:00
Marek Marczykowski-Górecki
9205c5c054 core: fix imports 2014-11-19 12:50:32 +01:00
Marek Marczykowski-Górecki
479ac1e42d core: check libvirt error on specific connection
Not global last one.
2014-11-19 12:50:32 +01:00
Rafał Wojdyła
7e8978d278 wni: changed qrexec agent path environment variable name 2014-11-19 12:50:32 +01:00
Rafał Wojdyła
f91d6e93f6 wni: set random password on user creation 2014-11-19 12:50:31 +01:00
Rafał Wojdyła
ccd04c7c8f wni: properly get user profiles directory 2014-11-19 12:50:31 +01:00
Rafał Wojdyła
81fb2b696b wni: vm users can't change their password 2014-11-19 12:50:31 +01:00
Rafał Wojdyła
74d09070fb .gitignore: added *.msm 2014-11-19 12:50:31 +01:00
Rafał Wojdyła
b4d827d5e8 wni: remove user profiles on domain removal 2014-11-19 12:50:31 +01:00
Rafał Wojdyła
97c793ed16 QubesVm.run(): wait for client to exit on Windows 2014-11-19 12:50:31 +01:00
Rafał Wojdyła
b6a379e94a Fixed PyQt4 import in guihelpers 2014-11-19 12:50:31 +01:00
Marek Marczykowski-Górecki
fef2672935 settings-wni: get installation directory from windows registry 2014-11-19 12:50:31 +01:00
Marek Marczykowski-Górecki
8f1ca4ac50 windows/installer: configurable destination directory 2014-11-19 12:50:31 +01:00
Marek Marczykowski-Górecki
3ba424e6ac Use VM name as argument to qrexec-client
This is the only place where ID was used - all other places uses name.
Linux qrexec-client accepts both ID and name, but sticking to one option
will simplify things (especially Windows qrexec-client/daemon).
2014-11-19 12:50:31 +01:00
Marek Marczykowski-Górecki
def58ab911 core: typo fix 2014-11-19 12:50:30 +01:00
Marek Marczykowski-Górecki
687e004b1d windows: workaround for windows "behavior" regarding parsing exec() arguments 2014-11-19 12:50:30 +01:00
Marek Marczykowski-Górecki
803e128b8e wni: Add qrexec-client path to WNI settings 2014-11-19 12:50:30 +01:00
Marek Marczykowski-Górecki
071a01d29e guihelpers: Import PyQt only when needed 2014-11-19 12:50:30 +01:00
Marek Marczykowski-Górecki
4bf094a3f8 windows/installer: Fix python registry path 2014-11-19 12:50:30 +01:00
Marek Marczykowski-Górecki
06189b4a5b wni: set path to qrexec-daemon 2014-11-19 12:50:30 +01:00
Marek Marczykowski-Górecki
4bd14f5011 windows: installer 2014-11-19 12:50:30 +01:00