Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
502 Commits 1 Branch 0 Tags 20 MiB
37e06d19e4
Commit Graph

122 Commits

Author SHA1 Message Date
Rafal Wojtczuk
02514b1347 If the firewall rules file does not exist, assume ALLOW () 
So that newly created appvms have net access.
 2011-04-04 17:07:46 +02:00
Joanna Rutkowska
3f31a5f3a7 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-04-04 09:33:31 +02:00
Marek Marczykowski
c10f7ef70b Add missing coma () 2011-04-04 00:08:24 +02:00
Marek Marczykowski
398734dad2 Internal VMs (hidden in qubes-manager, menus etc) - used for DispVM template () 2011-04-03 17:47:20 +02:00
Marek Marczykowski
fa703c536f Generate firewall rules only for VMs connected to this firewall () 2011-04-03 01:54:04 +02:00
Marek Marczykowski
ab244d803f Detect if VMs is outdated () 
If so - VMs restart is required to see latest template changes.
 2011-04-02 02:11:41 +02:00
Marek Marczykowski
5e3b3fe922 Store and load from qubes.xml memory, vcpus and pcidevs 
Needed to recreate correct xen config files (ex after template package upgrade)
 2011-04-02 00:37:38 +02:00
Marek Marczykowski
156778fcd7 Set template field before check its correctness. 
Backup from Aplha3 with updateable VMs contains case, when updateable VM have template.
So set this template (to make qvm-backup-restore working), but give error message.

Also fix typo.
 2011-04-01 02:06:22 +02:00
Marek Marczykowski
f0716c2498 Setup firewall for every VM with FW configuration (no only AppVM) () 2011-04-01 01:17:38 +02:00
Marek Marczykowski
97393c54a5 Really block 'updateable' flag change 2011-04-01 01:17:18 +02:00
Marek Marczykowski
1f5c03da3f Remove QubesCowVm class 
StandaloneVM isn't really CowVM; also most AppVM/CowVM features applies also to TemplateVM.
So CowVM class is meaningless.
 2011-04-01 01:14:18 +02:00
Rafal Wojtczuk
d6bdb85883 Start qrexec_daemon in vm.start() 
Instead of three separate places - qvm-start, qvm-run, manager.
 2011-03-31 11:11:39 +02:00
Rafal Wojtczuk
5978f7a724 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core into spring-merge 2011-03-31 09:44:30 +02:00
Marek Marczykowski
3a5cc0cc21 Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 2011-03-31 02:51:34 +02:00
Marek Marczykowski
6273c42faf Recursive stop VMs, when stopping NetVM () 
Dependency resolving in qvm-core, recursive stopping only in qvm-run for now.
 2011-03-31 02:35:02 +02:00
Rafal Wojtczuk
df9549a7db Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/smoku/core into spring-merge 2011-03-28 17:28:24 +02:00
Tomasz Sterna
04a6b01b1b Do not allow NEW connection to VM through ProxyVM. 2011-03-27 17:24:17 +02:00
Marek Marczykowski
0d52b037f1 Changed network addresses to 10.137.0.0/16 () 
Also limit qid to 254 - should be enough and fits in one byte (in IP address)
 2011-03-27 12:58:38 +02:00
Marek Marczykowski
24b5c24c25 create_appmenus() on standalone VM -> only register existing apps in menu 
Needed for example on backup-restore
 2011-03-24 21:41:10 -04:00
Marek Marczykowski
9aa5638dcf Create template_vm property in every VM (defaults to None) 
Simplify template based VM detection.
 2011-03-24 21:39:13 -04:00
Marek Marczykowski
7f94cf2709 Merge branch 'spring-merge' of ssh://git.qubes-os.org/var/lib/qubes/git/rafal/core into spring-merge 2011-03-23 19:45:59 -04:00
Marek Marczykowski
0962eab45a Cmdline tool to grow private.img () 2011-03-23 19:41:58 -04:00
Rafal Wojtczuk
25f49bca18 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core into spring-merge 2011-03-23 16:47:05 +01:00
Rafal Wojtczuk
a1f8cd9071 When creating disposablevm object, pass non-None dirpath 
QubesVm constructor does not like it.
 2011-03-23 13:26:39 +01:00
Marek Marczykowski
46190b9d82 Copy kernel for standalone VM 2011-03-23 09:59:59 +01:00
Rafal Wojtczuk
105486135b Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/smoku/core into spring-merge 2011-03-23 09:23:38 +01:00
Tomasz Sterna
481e9871c4 Implemented implicit rule to allow ICMP traffic in firewall 2011-03-21 22:06:53 +01:00
Marek Marczykowski
a5a43cdbc7 Fix missing arg to reset_volatile_storage () 
And do not call it twice...
 2011-03-19 17:05:53 -04:00
Marek Marczykowski
bc383b692d Use clean-volatile.img.tar instead of unpacked one () 
"tar x" is much faster than cp on sparse file
 2011-03-19 17:05:00 -04:00
Marek Marczykowski
c461835ea7 Dont allow to change disable 'updateable' flag of standalone VM 2011-03-18 22:19:03 -04:00
Marek Marczykowski
ee28ca10d4 Indent, blank lines 2011-03-18 22:18:31 -04:00
Marek Marczykowski
823bd1ce0f Use common image for swap and root-cow - volatile.img () 
This reduces xvd* devices count, so speeds up VM start.
Also swap-cow is no longer needed, so remove this additional dm-snapshot layer.
 2011-03-18 22:15:32 -04:00
Tomasz Sterna
aa58bec1d9 Fixed default policy handling in firewall rules 2011-03-18 14:12:19 +01:00
Marek Marczykowski
33e7ee3623 Reduce duplicated code in qubes.xml load 
Parse common attrs in separate function.
Side effect: possibility to set custom TemplateVM label
 2011-03-16 20:40:15 -04:00
Marek Marczykowski
bef1ea4c92 Reduce duplicated code in create_xml_entries 2011-03-16 19:42:01 -04:00
Marek Marczykowski
4e68c4cde9 Standalone VM () 
'updateable' property is now read-onlyr; updateable=True means that VM has own
root.img, not persistent root-cow.img.
 2011-03-16 18:45:02 -04:00
Marek Marczykowski
ef6a3e576b Parse tags %MEM% and %VCPUS% in {app,net}vm-template.conf () 2011-03-16 13:39:54 -04:00
Marek Marczykowski
379a5620c8 Fix netvm creation from template 
Missing netvms_conf_file parameter in template
 2011-03-16 13:38:16 -04:00
Marek Marczykowski
5acc4610b4 Allow installed_by_rpm=False in NetVM and ProxyVM 2011-03-16 11:41:18 +01:00
Marek Marczykowski
7dbe6e1731 Create NetVM xen config from separate template (netvm-template.conf) 2011-03-16 11:41:18 +01:00
Marek Marczykowski
14c48f5253 Merge commit '00ba6dd5b7441cf10f87f527f4ac7eb459cb0a08' 2011-03-15 18:33:01 +01:00
Marek Marczykowski
993d34e7d5 Allow labels for NetVM/ProxyVM. Require it in qvm-create. 2011-03-15 18:28:28 +01:00
Marek Marczykowski
588f4b91c8 Fix Firewall -> Proxy... 2011-03-15 17:40:23 +01:00
Tomasz Sterna
d82001819d Properly call QubesProxyVm superclass 2011-03-14 20:57:08 +01:00
Tomasz Sterna
c92a2bf25f Properly create default firewall configuration 2011-03-14 20:43:56 +01:00
Marek Marczykowski
d6181d21cf Merge commit 'e2d52a27e810522c41720bb17b1f4f52f1fe2e6a' 
Conflicts:
	dom0/qvm-core/qubes.py
	fwvm/init.d/qubes_firewall
 2011-03-11 23:32:13 +01:00
Marek Marczykowski
65a758029e Revert "Requiest external_ip permission at start, not create" 
This reverts commit 53b8e5aacf.
 2011-03-11 23:21:23 +01:00
Tomasz Sterna
dc8325f564 Use DNS IPs in firewall rules 2011-03-11 19:39:26 +01:00
Marek Marczykowski
53b8e5aacf Requiest external_ip permission at start, not create 2011-03-11 02:22:26 +01:00
Marek Marczykowski
344b257d87 Missing coma 2011-03-11 02:12:23 +01:00