Rafal Wojtczuk
d2301ab125
qvm-prefs: allow on the fly netvm switch ( #302 )
...
When changing netvm of a running vm, detach/attach eth0.
Some functionality of qubes_core_netvm thus is duplicated in setup_ip.
REQUIRES http://git.qubes-os.org/?p=rafal/xen.git;a=commit;h=42c72e6173586a807f8f153391e2e57352d362b1
2011-08-01 15:06:01 +02:00
Rafal Wojtczuk
f264b76a61
qvm-backup: handle standaloneVM properly
...
Do not attempt to copy apps.templates; copy apps/ instead.
2011-08-01 11:14:35 +02:00
Rafal Wojtczuk
8ecd6134d9
firewall: call iptables-restore once per domain ( #311 )
...
qubes.py now places rules for each domain in a separate key under
/local/domain/fw_XID/qubes_iptables_domainrules/
plus the header in /local/domain/fw_XID/qubes_iptables_header.
/local/domain/fw_XID/qubes_iptables is now just a trigger.
So, if iptables-restore fails dues to e.g. error resolving a domain name
in a rules for a domain, then only this domain will not get connectivity,
others will work fine.
2011-07-29 16:50:12 +02:00
Rafal Wojtczuk
4ad919bf6d
Correct usage of "date -s" when syncing clock in dom0
...
Apparently, "date -s" does not like the output of "date +%s.%N".
While at it, add basic date format sanitization.
2011-07-29 12:12:15 +02:00
Rafal Wojtczuk
6fc358bd20
dispvm: honour current choice of template for dispvm
...
... when auto-refreshing the dispvm savefile.
While at it, also copy dispvm-prerun.sh script in qvm-clone.
2011-07-26 17:09:59 +02:00
Rafal Wojtczuk
3df2e9783d
dispvm: when updating savefile on demand, present zenity progress bar
2011-07-26 16:36:59 +02:00
Rafal Wojtczuk
dc4d9b32f1
Add comments to policy files.
2011-07-22 16:11:03 +02:00
Rafal Wojtczuk
c23cc480b8
qrexec: use $anyvm and $dispvm symbols
2011-07-22 16:07:06 +02:00
Rafal Wojtczuk
7cfbe1c7d8
qubes.py: postpone qmmeman.close()
...
There are indications that when parent "xl" process exits, the domain is not
booted completely; and xl actions may interfere with qmemman memory balancing.
Thus, in VM.start(), we delay releasing of qmemman handle until qrexec_daemon
connects successfully.
2011-07-22 15:07:04 +02:00
Rafal Wojtczuk
9192a42b91
qmemman: when balooning, make sure that past mem-set will not steal memory
2011-07-22 13:40:21 +02:00
Rafal Wojtczuk
2fc5d190fd
qmemman: calculate dom0 maxmem properly
...
In fact, set to ALL_PHYS_MEM (and the same for other domains that do not
have static-max key, although there should not be any). Previous method
of using maxmem_kb was broken, as qmemman sets maxmem_kb to the memory target
(which I do not like btw).
2011-07-22 11:33:11 +02:00
Marek Marczykowski
1b1073d1ff
dom0: Force NetVM shutdown ( #304 )
...
Just allow to shut down netvm and firewallvm at the same time.
2011-07-21 01:01:31 +02:00
Marek Marczykowski
342261ff10
dom0: Do not clone config file with template
...
Not needed any more
2011-07-21 00:49:03 +02:00
Marek Marczykowski
1b093d5cc4
dom0/qvm-clone-template: *_xen_storage call once again... ( #291 )
2011-07-21 00:48:57 +02:00
Marek Marczykowski
6fc8d1b811
dom0/qvm-backup: ignore *-dvm VMs ( #292 )
2011-07-21 00:14:25 +02:00
Marek Marczykowski
fd4821a1ff
dom0/qvm-backup: update list of backed up files ( #294 )
...
Config and kernel not needed any more, but added appmenus list.
2011-07-21 00:12:54 +02:00
Marek Marczykowski
1dc226aba1
dom0/qvm-backup-restore: remove --recreate-conf-files option ( #295 )
...
Now useless, as config files are regenerated at each VM start
2011-07-21 00:04:57 +02:00
Marek Marczykowski
c9ad2314ea
dom0: variable names conflict ( #290 )
...
uuid is also name of (used here) python module...
2011-07-20 16:12:28 +02:00
Marek Marczykowski
f1153a5413
dom0: initialize vmtype in create_appmenus ( #212 )
2011-07-20 16:06:22 +02:00
Marek Marczykowski
c1f4fcc172
dom0: qvm-backup-restore change restore loop logic ( #212 )
2011-07-20 16:02:57 +02:00
Marek Marczykowski
99dfdd70c3
dom0: Hide some messages from 'xl' tool ( #265 )
2011-07-17 01:54:27 +02:00
Marek Marczykowski
700aff406f
dom0: create link also for dvm.conf ( #262 )
2011-07-17 01:30:44 +02:00
Marek Marczykowski
e5a0fc4d05
dom0: force permissions on qubes-dom0-cache repo dirs
2011-07-17 01:30:44 +02:00
Marek Marczykowski
906741c361
dom0: do not use os.getlogin()
...
It doesn't work when VM started from init.d script
2011-07-17 01:30:44 +02:00
Marek Marczykowski
059ecb3224
dom0: run netvm+firewallvm daemons as group qubes
...
To give them access to X server.
2011-07-17 01:30:44 +02:00
Marek Marczykowski
79d593e191
dom0: Allow UID as parameter to qfile-dom0-unpacker
2011-07-17 01:28:14 +02:00
Marek Marczykowski
4f10835d83
dom0: create directory for rpm updates ( #198 )
2011-07-17 01:20:13 +02:00
Marek Marczykowski
7c5aa0d3ea
dom0: Place DispVM savefile in shm only when exists ( #262 )
2011-07-17 01:20:13 +02:00
Marek Marczykowski
182e1ccf2b
dom0: watch for updates from dom0 ( #198 )
...
Additionally synchronize clock every 6h. This is started by xdg-autostart (not
qvm-core) to have running Xorg - needed to prompt user for updates download.
2011-07-17 01:20:13 +02:00
Marek Marczykowski
02ae961bf0
dom0: hide warnings from tar ( #265 )
...
Unfortunately tar in Fedora 13 is to old to support --warning option, which
disables only particular kind of warnings..
2011-07-17 01:20:13 +02:00
Marek Marczykowski
4607428c38
dom0: validate downloaded packages names ( #198 )
2011-07-17 01:20:13 +02:00
Marek Marczykowski
49257d488b
dom0+vm: download updates as normal user ( #198 )
2011-07-17 01:20:13 +02:00
Marek Marczykowski
977b058395
dom0: implement size/file-count limit of downloaded updates ( #198 )
...
Currently limit is 2GB and 2048 files, but can be adjusted by env variables
(UPDATES_MAX_BYTES, UPDATES_MAX_FILES).
2011-07-17 01:20:13 +02:00
Marek Marczykowski
60d14758d6
dom0: create xen-hotplug state dir
2011-07-17 01:20:06 +02:00
Marek Marczykowski
8121e80db0
dom0: script for initrd regeneration ( #7 )
2011-07-15 12:52:01 +02:00
Marek Marczykowski
a68faecc35
dom0: initialize default_kernel parameter
2011-07-15 12:24:27 +02:00
Marek Marczykowski
a5429c31fa
dom0: provide explicit config path to xl save
...
The default behaviour is to take it from /var/lib/xen, where files are created
with mode 600, so unable to read it as normal user.
2011-07-14 02:11:51 +02:00
Marek Marczykowski
7bf51a71e7
dom0: Set correct qubes_vm_type for DispVM ( #271 )
2011-07-13 01:21:55 +02:00
Marek Marczykowski
8a933a76ec
dom0: Fix appmenu-select desktop file name ( #266 )
2011-07-12 19:46:00 +02:00
Marek Marczykowski
9f67e5de9d
dom0: Regenerate appmenus also for TemplateVM in create_appmenus()
2011-07-10 23:39:48 +02:00
Marek Marczykowski
0813f49186
dom0: Clone whitelisted-apps.list with template clone
2011-07-10 23:37:35 +02:00
Marek Marczykowski
817735fc92
dom0: Do not copy obsolete apps-template.templates dir on template clone
2011-07-10 23:36:50 +02:00
Marek Marczykowski
4bab5e8834
dom0: Use appmenu directory template directly from /usr/share/qubes
...
This allows to use common apps.templates for both AppVM and TemplateVM menu
items.
2011-07-10 23:33:21 +02:00
Marek Marczykowski
1d2680944c
dom0: qvm-pci verify PCI device before adding
2011-07-09 23:48:55 +02:00
Marek Marczykowski
87ebdeefd4
dom0: use qrexec_client instead of qvm-run to not start guid
...
guid doesn't makes sense in /etc/init.d/qubes_netvm
2011-07-09 21:20:36 +02:00
Marek Marczykowski
f6609cb1c4
dom0: minor #252 fix
2011-07-09 20:43:57 +02:00
Marek Marczykowski
7f940cefde
dom0: load pciback module ( #252 )
2011-07-09 20:43:27 +02:00
Marek Marczykowski
3543b0271e
dom0: Fix QfileDaemonDvm error message
2011-07-09 17:56:40 +02:00
Marek Marczykowski
973d79e932
dom0: remove calls to not existing *_xen_storage methods in qvm-*
2011-07-09 17:56:06 +02:00
Marek Marczykowski
aa77d13170
dom0: reload firewall rules after DispVM start ( #247 )
2011-07-09 17:54:23 +02:00