Marek Marczykowski-Górecki
01aedb7f18
storage: fix handling snap_on_start=True file volumes
...
Use the right cow image and apply the second layer to provide read-write
access. The correct setup is:
- base image + base cow -> read-only snapshot (base changes "cached"
until committed)
- read-only snapshot + VM cow -> read-write snapshot (changes discarded
after VM shutdown)
This way, even VM without Qubes-specific startup scripts will can
benefit from Template VMs, while VMs with Qubes-specific startup scripts
may still see original root.img content (for possible signature
verification, when storage domain got implemented).
QubesOS/qubes-issues#2256
2017-02-14 23:59:07 +01:00
Marek Marczykowski-Górecki
b89689e278
storage: implement two-layers of dm-snapshot in block-snapshot script
...
Have dm-snapshot of dm-snapshot. The first layer is to "cache" changes
done by base volume holder (TemplateVM in case of root.img), the second
layer is to hold changes do by snapshot volume holder (AppVM in case of
root.img). In case of Linux VMs the second layer is normally done inside
of VM (original volume is exposed read-only). But this does not work for
non-Linux VMs, orr even Linux but without qubes-specific startup
scripts.
This is first part of the change - actual construction of two layers of
dm-snapshot, not plugged in to core scripts yet.
QubesOS/qubes-issues#2256
2017-02-14 23:59:07 +01:00
Marek Marczykowski-Górecki
48f78dfbc8
tests: check if snap_on_start=True volumes are not persistent
...
Content should be reset back to base volume at each VM startup.
Disposable VMs depend on this behaviour.
QubesOS/qubes-issues#2256
2017-02-14 23:59:07 +01:00
Wojtek Porczyk
8e678c0172
qubes/mgmt: mgmt.vm.property.Reset
...
QubesOS/qubes-issues#2622
2017-02-14 11:37:17 +01:00
Wojtek Porczyk
ada0437f52
qubes/mgmt: mgmt.vm.property.Help
...
QubesOS/qubes-issues#2622
2017-02-13 21:28:27 +01:00
Wojtek Porczyk
e8a5bc9b36
qubesd: improve exception handling
...
QubesOS/qubes-issues#2622
2017-02-10 23:25:45 +01:00
Wojtek Porczyk
249d8c08e2
qubes/tools/qubesd-query: low-level interrogation tool
2017-02-10 23:25:45 +01:00
Wojtek Porczyk
02639b8d02
qubes/mgmt: mgmt.vm.property.List
...
QubesOS/qubes-issues#2622
2017-02-10 22:55:53 +01:00
Wojtek Porczyk
c12fc744a2
qubes/mgmt: move mgmt api to separate module
...
QubesOS/qubes-issues#2622
2017-02-09 23:29:05 +01:00
Wojtek Porczyk
5d455ac3c4
misc pylint fixes related to qubesd
2017-02-08 15:37:39 +01:00
Wojtek Porczyk
0be3b1fbb1
qubes/tools/qubesd: initial version
2017-02-07 17:07:53 +01:00
Wojtek Porczyk
1be75d9c83
misc python3 fixes
2017-02-07 17:07:52 +01:00
Marek Marczykowski-Górecki
04b5a22821
Merge remote-tracking branch 'qubesos/pr/87'
...
* qubesos/pr/87:
Add tests for interrupt remapping and USB controllers
2017-01-26 04:37:38 +01:00
Marek Marczykowski-Górecki
4235f587db
Merge remote-tracking branch 'qubesos/pr/86'
...
* qubesos/pr/86:
Do the right thing on removal of proxyVM used as dispvm_netvm
2017-01-26 04:35:38 +01:00
Wojtek Porczyk
9f7ba53eec
fix Makefile, setup.py, spec and travis
...
QubesOS/qubes-issues#2074
2017-01-20 18:31:09 +01:00
Wojtek Porczyk
d74567d65f
qubes: port core to python3
...
fixes QubesOS/qubes-issues#2074
2017-01-20 16:42:51 +01:00
unman
78ac2e4a28
Add tests for interrupt remapping and USB controllers
2017-01-12 00:18:04 +00:00
unman
19e68bacf2
Do the right thing on removal of proxyVM used as dispvm_netvm
2017-01-06 18:40:09 +00:00
unman
68586681fc
Fix ordering in command line backup tool
2017-01-05 23:02:38 +00:00
Andrew David Wong
1025625772
qvm-remove help: reference qubes.xml instead of "Xen DB"
2016-12-20 00:24:15 -08:00
Wojtek Porczyk
0f1672dc63
Revert "backup: use 'scrypt' tool for backup encryption and integrity protection"
...
This reverts commit 418d749680
.
Package `scrypt` is currently not installable (not present in any repo).
Cc: @marmarek
2016-12-05 18:36:13 +01:00
Marek Marczykowski-Górecki
57e3748267
travis: remove debootstrap workaround
...
Moved to qubes-builder
2016-12-04 22:51:15 +01:00
Marek Marczykowski-Górecki
2ae4e2f4c8
Merge remote-tracking branch 'qubesos/pr/83'
...
* qubesos/pr/83:
Update qvm-block man page to match help output
2016-12-04 22:50:50 +01:00
Andrew David Wong
b00dd4484f
Update qvm-block man page to match help output
2016-12-04 00:02:50 -08:00
Wojtek Porczyk
25912f5787
qubes/tools: add qvm-tags
...
QubesOS/qubes-issues#865
2016-12-02 14:17:09 +01:00
Loren Rogers
c1f8c7daf1
Rewrite root error message
...
The language for this was very strange, so I rewrote it in a more standard format. Instead of printing things across three functions, I consolidated into one. I also opted for the more standard "WARNING:" instead of "***", which I've not seen before.
2016-11-30 22:32:16 -05:00
Wojtek Porczyk
5f436360f7
qubes/app: Fix create_empty_store signature
...
QubesOS/qubes-issues#1729
2016-11-30 18:34:11 +01:00
Wojtek Porczyk
68ad60c1b3
Merge remote-tracking branch 'origin/master' into core3-devel
...
Conflicts:
core/qubes.py
doc/Makefile
doc/manpages/qvm-prefs.rst
doc/qvm-tools/qvm-add-appvm.rst
doc/qvm-tools/qvm-backup-restore.rst
doc/qvm-tools/qvm-backup.rst
doc/qvm-tools/qvm-block.rst
doc/qvm-tools/qvm-clone.rst
doc/qvm-tools/qvm-firewall.rst
doc/qvm-tools/qvm-ls.rst
doc/qvm-tools/qvm-pci.rst
doc/qvm-tools/qvm-run.rst
doc/qvm-tools/qvm-shutdown.rst
doc/qvm-tools/qvm-start.rst
doc/qvm-tools/qvm-template-commit.rst
qvm-tools/qvm-ls
qvm-tools/qvm-prefs
qvm-tools/qvm-remove
tests/__init__.py
vm-config/xen-vm-template.xml
2016-11-30 03:07:39 +01:00
Cyril LEVIS
1b12df379c
add --help and -h on qvm-create-default-qvm
2016-11-28 13:53:36 +01:00
Marek Marczykowski-Górecki
534c3a13f7
Merge remote-tracking branch 'qubesos/pr/78'
...
* qubesos/pr/78:
Add name-raw field for qvm-ls
2016-11-28 12:59:27 +01:00
Marek Marczykowski-Górecki
71243d949e
Merge remote-tracking branch 'qubesos/pr/80'
...
* qubesos/pr/80:
qvm-check: s/stdout/stderr/
2016-11-28 12:58:28 +01:00
Marek Marczykowski-Górecki
076ef884f3
Merge remote-tracking branch 'qubesos/pr/79'
...
* qubesos/pr/79:
Implement qvm-ls --list-fields
2016-11-28 12:57:18 +01:00
Jean-Philippe Ouellet
80450dab92
Add name-raw field for qvm-ls
...
Useful to avoid needing to `... | tr -d '<>{}[]='` just to get clean
VM names in scripts.
Fixes https://github.com/QubesOS/qubes-issues/issues/2444
2016-11-28 02:58:18 -05:00
Jean-Philippe Ouellet
7033f6a796
qvm-check: s/stdout/stderr/
2016-11-28 02:54:04 -05:00
Marek Marczykowski-Górecki
97d2b428f1
Merge remote-tracking branch 'qubesos/pr/76'
...
* qubesos/pr/76:
DRY Qubes[Disp]VmLabels
2016-11-27 19:06:16 +01:00
Jean-Philippe Ouellet
6ddf141376
Implement qvm-ls --list-fields
2016-11-27 01:12:53 -05:00
Marek Marczykowski-Górecki
8f443547fb
qubes/vm: disconnect from old QubesDB when going to start new instance
...
QubesDB daemon no longer remove socket created by new instance, so one
part of VM restart race condition is solved. The only remaining part is
to ensure that we really connect to the new instance, instead of talking
to the old one (soon to be terminated).
Fixes QubesOS/qubes-issues#1694
2016-11-26 04:09:00 +01:00
Marek Marczykowski-Górecki
3b209515c2
qubes/vm/dispvm: don't crash when DispVM is already killed
...
This is regression of QubesOS/qubes-issues#1660
Fixes QubesOS/qubes-issues#1660
2016-11-26 04:09:00 +01:00
Marek Marczykowski-Górecki
6ff836dfa4
qubes/log: add FD_CLOEXEC to log files
...
Don't leak log file descriptors. At least 'lvm' complains.
QubesOS/qubes-issues#2412
2016-11-26 04:08:59 +01:00
Marek Marczykowski-Górecki
194fb9b99b
rpm: disable prelink only when present
...
It isn't installed by default.
QubesOS/qubes-issues#2412
2016-11-26 04:08:59 +01:00
Marek Marczykowski-Górecki
210cb65d1c
qubes/tools: drop requirement of qubes-prefs --force-root
...
None of properties set there do any "dangerous thing" for filesystem
permissions (at least for now), so do not require it. This is mostly to
keep compatibility with %post rpm scripts (kernel-qubes-vm at least).
QubesOS/qubes-issues#2412
2016-11-26 04:08:59 +01:00
Marek Marczykowski-Górecki
a318d5cea9
Don't fail on DBus connection error or opening log
...
Especially in offline mode - like during installation, tests etc.
QubesOS/qubes-issues#2412
2016-11-26 04:08:59 +01:00
Marek Marczykowski-Górecki
02a0713665
qubes/tools: better handle qvm-template-postprocess called as root
...
This tool by design is called as root, so try to:
- switch to normal user if possible
- fix file permissions afterwards - if not
QubesOS/qubes-issues#2412
2016-11-26 04:08:58 +01:00
Marek Marczykowski-Górecki
28475f7214
systemd: adjust qubes-prefs options
...
As the service is called as root, it needs --force-root.
QubesOS/qubes-issues#2412
2016-11-26 04:08:58 +01:00
Marek Marczykowski-Górecki
28d4feb0d0
qubes: fix network-related functions
...
- cleanup_vifs crash when non-networked VM is running
- type error in get_vms_connected_to (store VM objects, not qid)
2016-11-26 04:08:58 +01:00
Marek Marczykowski-Górecki
e85b0663f6
tools: fire 'template-postinstall' event for extensions
...
Allow extensions to finish template setup. This include retrieving
appmenus, settings defaults etc.
QubesOS/qubes-issues#2412
2016-11-26 04:08:58 +01:00
Marek Marczykowski-Górecki
0041063b8e
qubes/config: set default labels
...
There was a comment '# Set later', but actually values were never set.
This break adding just installed template (qvm-template-postprocess).
QubesOS/qubes-issues#2412
2016-11-26 04:08:57 +01:00
Marek Marczykowski-Górecki
c4e85a81fb
qubes/app: automatically enable offline mode when running in chroot
...
Do not spray --offline-mode over every installer-related script.
QubesOS/qubes-issues#2412
2016-11-26 04:08:50 +01:00
Marek Marczykowski-Górecki
d8a1216daf
Fix qubes-create in offline mode
...
QubesOS/qubes-issues#2412
2016-11-26 04:08:09 +01:00
Marek Marczykowski-Górecki
5e15db4176
qubes/tools: accept qvm-start --no-guid
...
Lets keep compatibility with older scripts.
QubesOS/qubes-issues#2412
2016-11-26 04:08:08 +01:00