Marek Marczykowski-Górecki
38fc504ca0
qubes/vm/net: set mapped IP info before attaching network
...
Set parameters for possibly hiding domain's real IP before attaching
network to it, otherwise we'll have race condition with vif-route-qubes
script.
QubesOS/qubes-issues#1143
2016-11-01 00:37:43 +01:00
Marek Marczykowski-Górecki
b4fa8cdce3
qubes/vm/net: use domain's "visible IP" for a gateway address
...
This is the IP known to the domain itself and downstream domains. It may
be a different one than seen be its upstream domain.
Related to QubesOS/qubes-issues#1143`
2016-11-01 00:30:11 +01:00
Marek Marczykowski-Górecki
b8145595a9
qubes/vm/net: allow setting custom IP
...
Fixes QubesOS/qubes-issues#1477
2016-10-31 03:04:13 +01:00
Marek Marczykowski-Górecki
2c6c476410
qubes/vm/net: add feature of hiding real IP from the VM
...
This helps hiding VM IP for anonymous VMs (Whonix) even when some
application leak it. VM will know only some fake IP, which should be set
to something as common as possible.
The feature is mostly implemented at (Proxy)VM side using NAT in
separate network namespace. Core here is only passing arguments to it.
It is designed the way that multiple VMs can use the same IP and still
do not interfere with each other. Even more: it is possible to address
each of them (using their "native" IP), even when multiple of them share
the same "fake" IP.
Original approach (marmarek/old-qubes-core-admin#2 ) used network script
arguments by appending them to script name, but libxl in Xen >= 4.6
fixed that side effect and it isn't possible anymore. So use QubesDB
instead.
From user POV, this adds 3 "features":
- net/fake-ip - IP address visible in the VM
- net/fake-gateway - default gateway in the VM
- net/fake-netmask - network mask
The feature is enabled if net/fake-ip is set (to some IP address) and is
different than VM native IP. All of those "features" can be set on
template, to affect all of VMs.
Firewall rules etc in (Proxy)VM should still be applied to VM "native"
IP.
Fixes QubesOS/qubes-issues#1143
2016-10-31 02:06:01 +01:00
Marek Marczykowski-Górecki
b91714b204
qubes/features: handle recursive templates
...
Have features.check_with_template() check the template recursively.
The longest path (currently) is: DispVM -> AppVM -> TemplateVM.
2016-10-31 02:04:27 +01:00
Wojtek Porczyk
3553b2e1d4
Make pylint happy
2016-10-25 17:27:02 +02:00
Wojtek Porczyk
8edbf0e406
qubes: Document all the events
...
fixes QubesOS/qubes-issues#1811
2016-10-25 17:11:38 +02:00
Wojtek Porczyk
526f2c3751
Merge remote-tracking branch 'marmarek/core3-backup' into core3-devel
2016-10-14 15:29:37 +02:00
Wojtek Porczyk
9dc37c1ee7
Add possibility to override libvirt config
...
This is the equivalent of "custom config" from R3.x.
fixes QubesOS/qubes-issues#1798
2016-10-04 11:31:31 +02:00
Marek Marczykowski-Górecki
9395e8fc33
storage: set only 'default' pool when creating VM on custom one
...
Do not replace 'linux-kernel' pool for example.
2016-09-29 01:59:54 +02:00
Marek Marczykowski-Górecki
cdc97730cd
qubes/firewall: apply only IPv4 rules
...
Currently dom0 do not assign IPv6 addresses for VMs, so there is no
sense in IPv6 firewall yet.
QubesOS/qubes-issues#1815
2016-09-19 20:36:32 +02:00
Marek Marczykowski-Górecki
e01f7b97d9
qubes/vm: plug in new firewall code, create QubesDB entries
...
QubesOS/qubes-issues#1815
2016-09-19 20:36:31 +02:00
Marek Marczykowski-Górecki
8b408a7a70
qubes/vm: minor formating
2016-09-13 02:15:25 +02:00
Marek Marczykowski-Górecki
a2d9b15413
qmemman: support simple VM meminfo format
...
Instead of excerpt from /proc/meminfo, use just one integer. This make
qmemman handling much easier and ease implementation for non-Linux OSes
(where /proc/meminfo doesn't exist).
For now keep also support for old format.
Fixes QubesOS/qubes-issues#1312
2016-09-08 04:17:48 +02:00
Marek Marczykowski-Górecki
aa0674e8bb
qubes/vm: make VM QubesDB interface as much compatible as possible
...
All the base keys can be kept easily the same, so do it.
QubesOS/qubes-issues#1812
2016-09-08 04:17:48 +02:00
Marek Marczykowski-Górecki
d5a41e838f
Revert "qubes/vm/qubesvm: remove prefixes from qubesdb keys"
...
There is no point in changing *public API* for just a change without any
better reason. It turned out most of those settings will be the same in
Qubes 4.0, so keep names the same.
This reverts commit 2d6ad3b60c
.
QubesOS/qubes-issues#1812
2016-09-08 04:17:48 +02:00
Marek Marczykowski-Górecki
f6bc61997a
qubes/vm: fix handling dynamic netvm change
...
Correctly detach network before attaching new one.
2016-09-08 04:17:48 +02:00
Marek Marczykowski-Górecki
c534b68665
qubes/vm: start VM daemons as normal user
...
This is migration of core2 commits:
commit d0ba43f253
Author: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
Date: Mon Jun 6 02:21:08 2016 +0200
core: start guid as normal user even when VM started by root
Another attempt to avoid permissions-related problems...
QubesOS/qubes-issues#1768
commit 89d002a031
Author: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
Date: Mon Jun 6 02:19:51 2016 +0200
core: use runuser instead of sudo for switching root->user
There are problems with using sudo in early system startup
(systemd-logind not running yet, pam_systemd timeouts). Since we don't
need full session here, runuser is good enough (even better: faster).
commit 2265fd3d52
Author: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
Date: Sat Jun 4 17:42:24 2016 +0200
core: start qubesdb as normal user, even when VM is started by root
On VM start, old qubesdb-daemon is terminated (if still running). In
practice it happen only at VM startart (shutdown and quickly start
again). But in that case, if the VM was started by root, such operation
would fail.
So when VM is started by root, make sure that qubesdb-daemon will be
running as normal user (the first user in group 'qubes' - there should
be only one).
Fixes QubesOS/qubes-issues#1745
2016-09-08 04:17:47 +02:00
Marek Marczykowski-Górecki
16db68b053
Merge branch 'core3-devices' into core3-devel
...
* core3-devices:
Fix core2migration and tests for new devices API
tests: more qubes.devices tests
qubes/ext/pci: implement pci-no-strict-reset/BDF feature
qubes/tools: allow calling qvm-device as qvm-devclass (like qvm-pci)
qubes: make pylint happy
qubes/tools: add qvm-device tool (and tests)
tests: load qubes.tests.tools.qvm_ls
tests: PCI devices tests
tests: add context manager to catch stdout
qubes/ext/pci: move PCI devices handling to an extension
qubes/devices: use more detailed exceptions than just KeyError
qubes/devices: allow non-persistent attach
qubes/storage: misc fixes for VM-exposed block devices handling
qubes: new devices API
Fixes QubesOS/qubes-issues#2257
2016-09-04 21:32:01 +02:00
Marek Marczykowski-Górecki
6cb624daf3
Merge remote-tracking branch 'qubesos/pr/51' into core3-devel
...
* qubesos/pr/51:
Make pylint happy ♥ qubes.storage.lvm
Fix lvm AppVM startup from lvm
qubes.storage.lvm.qubes_lvm use debug not info
Fix qvm-create lvm based AppVM
qvm-block & qvm-pool add better Exception handling
Remove unexpected property
qvm-start --debug don't catch exceptions
2016-09-04 21:02:19 +02:00
Marek Marczykowski-Górecki
c2617663e5
qubes/vm/standalonevm: volatile image should be writable
...
QubesOS/qubes-issues#2256
2016-09-04 20:58:11 +02:00
Marek Marczykowski-Górecki
aa67a4512e
qubes/ext/pci: move PCI devices handling to an extension
...
Implement required event handlers according to documentation in
qubes.devices.
A modification of qubes.devices.DeviceInfo is needed to allow dynamic,
read-only properties.
QubesOS/qubes-issues#2257
2016-09-03 20:41:03 +02:00
Marek Marczykowski-Górecki
d7a3c0d319
qubes: new devices API
...
Allow device plugin to list attached and available devices. Enforce
at API level every device being exposed by some domain.
This commit only changes devices API, but not update existing users
(pci) yet.
QubesOS/qubes-issues#2257
2016-09-03 20:40:39 +02:00
Bahtiar `kalkin-` Gadimov
b712d0f6f3
Remove unexpected property
2016-08-29 00:05:18 +02:00
Marek Marczykowski-Górecki
3e30dc17cb
qubes/vm: remove special case for 'meminfo-writer' feature
...
It should be either in a plugin, or handled entirely from inside of VM.
But surely not in main QubesVM class.
Fixes QubesOS/qubes-issues#2101
2016-08-18 11:59:45 +02:00
Marek Marczykowski-Górecki
0293c1c7ef
qubes/vm: move misc XML tags loading to separate method
2016-08-18 11:57:11 +02:00
Marek Marczykowski-Górecki
46791e05f4
qubes/dispvm: do not clone 'template' property from base VM
...
template should point at the base VM itself.
2016-08-17 02:14:19 +02:00
Marek Marczykowski-Górecki
53b2b30c0a
qubes: fix some error messages
2016-08-17 02:13:59 +02:00
Marek Marczykowski-Górecki
3a2a87839f
qubes/vm: fix TemplateVM.commit_changes
...
Storage method was renamed to just `commit`, as it applies not only to
templates now.
2016-08-17 01:47:09 +02:00
Marek Marczykowski-Górecki
5d8ecd60de
qubes: minor fixes in handling defaults
...
- fix assigning 'template' property - do not do it if VM already have it
set
- cap default maxmem at 4000, as we clamp it to 10*memory anyway (and
default memory is 400)
2016-08-17 00:50:38 +02:00
Marek Marczykowski-Górecki
460f0849a7
qubes/features: handle recursive templates in check_with_template
...
This is the case for DispVMs: DispVM -> AppVM -> TemplateVM
2016-08-17 00:47:32 +02:00
Marek Marczykowski-Górecki
1a215e47ab
qubes: add 'default_dispvm' property - both Qubes and QubesVM
...
QubesOS/qubes-issues#2253
2016-08-17 00:46:43 +02:00
Marek Marczykowski-Górecki
ab6f961931
qubes/dispvm: misc fixes, make it actually working
...
- DispVM is no longer a special case for storage
- Add missing 'rw=True' for volatile volume
- Handle storage initialization (copy&paste from AppVM)
- Clone properties from DispVM template
QubesOS/qubes-issues#2253
2016-08-17 00:42:17 +02:00
Marek Marczykowski-Górecki
d4e534bc05
qubes/vm: fix pause handling
...
1. There is no such thing as libvirt_domain.pause().
2. libvirt_domain.state() returns [state, reason]
2016-08-09 05:14:12 +02:00
Marek Marczykowski-Górecki
3f6c96ee39
qubes/vm: fix handling autostart set/reset
...
1. Service symlink must have ".service" extension
2. Disable service on property reset to default
2016-08-09 05:14:09 +02:00
Marek Marczykowski-Górecki
5b4e30524a
qubes/vm: remove duplicated check for duplicate name on rename
2016-08-09 03:02:04 +02:00
Marek Marczykowski-Górecki
4e022382a5
Merge remote-tracking branch 'origin/master' into core3-devel
2016-08-08 00:11:46 +02:00
Wojtek Porczyk
288ff85731
Merge remote-tracking branch 'origin/pull/48/head' into core3-devel
2016-08-03 18:25:02 +02:00
Bahtiar `kalkin-` Gadimov
9d30bb132a
Fix umask
2016-08-03 02:57:44 +02:00
Bahtiar `kalkin-` Gadimov
0dd1875fb6
Add vm.shutdown(wait)
2016-08-01 15:09:28 +02:00
Wojtek Porczyk
ecb626d64b
qubes/vm/qubesvm: Simplify error message
2016-07-21 19:40:45 +02:00
Wojtek Porczyk
f915115cfb
Merge remote-tracking branch 'woju/pull/25/head' into core3-devel
2016-07-21 19:38:58 +02:00
Bahtiar `kalkin-` Gadimov
bcf1cfcb1f
Add qvm-clone(1)
2016-07-13 22:35:58 +02:00
Bahtiar `kalkin-` Gadimov
1f735669bc
Migrate qubes.vm modules to new API
2016-07-13 22:34:33 +02:00
Bahtiar `kalkin-` Gadimov
1cbabc79ff
qubes.vm.QubesVM use new storage api
2016-07-13 22:34:32 +02:00
Bahtiar `kalkin-` Gadimov
3952cef556
QubesVM serialize bool values from XML
2016-07-13 22:21:32 +02:00
Bahtiar `kalkin-` Gadimov
bba9b38e8e
Avoid libvirt access in qubes.vm.qubesvm.QubesVM
2016-07-13 22:21:30 +02:00
Bahtiar `kalkin-` Gadimov
de5487bf14
Dumb down qvm-remove
...
- Move `vm.is_halted()` check in to VMCollection.__delitem__()
- `vm.remove_from_disk()` will raise exception if is called on a running vm
2016-07-13 18:24:29 +02:00
Wojtek Porczyk
d28ab908cc
Network and storage fixes
2016-06-29 16:42:35 +02:00
Wojtek Porczyk
b53c572f1d
Merge remote-tracking branch 'woju/pull/23/head' into core3-devel
2016-06-28 15:19:57 +02:00
Wojtek Porczyk
c9accc258c
Merge remote-tracking branch 'woju/pull/15/head' into core3-devel
...
Conflicts:
qubes/storage/__init__.py
qubes/storage/file.py
qubes/vm/qubesvm.py
2016-06-28 15:15:00 +02:00
Bahtiar `kalkin-` Gadimov
7081bd433a
Make pylint happy
2016-06-23 14:23:34 +02:00
Bahtiar `kalkin-` Gadimov
0ab27d7426
qubes.vm.__init__ Remove unneeded time import
2016-06-23 14:23:33 +02:00
Bahtiar `kalkin-` Gadimov
b584d1a4bb
Remove QubesVM.is_netvm() and is_disposablevm()
2016-06-23 14:23:33 +02:00
Bahtiar `kalkin-` Gadimov
4a0b7585d1
Remove QubesVM.is_proxyvm()
2016-06-23 14:23:32 +02:00
Bahtiar `kalkin-` Gadimov
b0a7d0c283
Remove QubesVM.is_appvm()
2016-06-23 14:23:32 +02:00
Bahtiar `kalkin-` Gadimov
e08ca1ff57
Remove QubesVM.is_template()
2016-06-23 14:23:31 +02:00
Bahtiar `kalkin-` Gadimov
ba3b191702
QubesVM add docstrings & fix pylint errors
2016-06-23 14:23:31 +02:00
Bahtiar `kalkin-` Gadimov
a2668d81e3
QubesVM remove resize functions
2016-06-23 14:23:30 +02:00
Bahtiar `kalkin-` Gadimov
9132690eef
Add QubesVM.is_halted()
2016-06-23 14:23:24 +02:00
Bahtiar `kalkin-` Gadimov
bb2e6a2ad3
Add QubesVM.attached_volumes()
2016-06-23 13:16:09 +02:00
Bahtiar `kalkin-` Gadimov
09727b1cbd
Add Volume.internal field
...
- Linux kernel volumes are always internal volumes
2016-06-23 13:16:03 +02:00
Bahtiar `kalkin-` Gadimov
87ae5a3b65
Fix qvm-start
2016-06-21 17:44:35 +02:00
Bahtiar `kalkin-` Gadimov
d56f02598a
Replace QubesVM.verify_files() with Storage.verify_files()
2016-06-21 14:58:12 +02:00
Bahtiar `kalkin-` Gadimov
296fa17322
QubesVM remove obsolete *_img methods
2016-06-21 14:58:12 +02:00
Bahtiar `kalkin-` Gadimov
29633f43f8
qubes.vm.templatevm Add LICENSE & docstring
2016-06-16 17:11:49 +02:00
Bahtiar `kalkin-` Gadimov
91ee455a37
NetVMMixin add docstrings & fix pylint errors
2016-06-16 17:06:19 +02:00
Bahtiar `kalkin-` Gadimov
b77c36b224
Remove NetVMMixin.vif()
2016-06-16 17:01:34 +02:00
Bahtiar `kalkin-` Gadimov
7ccba17a38
qubes.vm.__init__ Replace TODOs with SEE: #1815
2016-06-16 17:01:34 +02:00
Bahtiar `kalkin-` Gadimov
ec9550c7cc
qubes.vm.__init__ Remove debug xml file creation
2016-06-16 17:01:34 +02:00
Bahtiar `kalkin-` Gadimov
94d9fd040f
qubes.vm.__init__ Add docstrings
2016-06-16 17:01:34 +02:00
Bahtiar `kalkin-` Gadimov
77d54b55ad
qubes.vm.__init__ Fix pylint warnings
2016-06-16 17:01:34 +02:00
Bahtiar `kalkin-` Gadimov
f318871279
qubes.vm.__init__ Remove uses_custom_config bits
2016-06-16 17:01:34 +02:00
Bahtiar `kalkin-` Gadimov
b5fe49f422
qubes.vm.__init__ Remove unneeded imports
2016-06-16 17:01:34 +02:00
Bahtiar `kalkin-` Gadimov
93e68a6796
qubes.vm.dispvm Fix XXX, add docstring & LICENSE
2016-06-16 17:01:33 +02:00
Bahtiar `kalkin-` Gadimov
d25c44ca71
qubes.vm.appvm Fix XXX, add docstrings & LICENSE
2016-06-16 17:01:33 +02:00
Bahtiar `kalkin-` Gadimov
0cd667a1f5
qubes.vm.adminvm fix XXX and add docstrings
2016-06-16 17:01:33 +02:00
Bahtiar `kalkin-` Gadimov
e5906df0c7
AdminVM remove get_private_img_sz
2016-06-16 16:59:27 +02:00
Bahtiar `kalkin-` Gadimov
a4577c0dce
Rename Storage.create_on_disk to Storage.create
2016-06-16 16:59:27 +02:00
Bahtiar `kalkin-` Gadimov
930fe417a8
Remove storage size and usage methods from QubesVM
2016-06-16 16:59:26 +02:00
Wojtek Porczyk
e47043ebd7
More pylint fixes
2016-06-16 13:29:16 +02:00
Wojtek Porczyk
3cb5f031a9
Fix storage initialisation
2016-06-16 13:29:15 +02:00
Wojtek Porczyk
1f302fb776
Fix "pylint fixes" wrt dir_path
2016-06-16 13:29:15 +02:00
Wojtek Porczyk
677a3e51f4
Move libvirt XML network device to jinja
2016-06-16 13:29:15 +02:00
Wojtek Porczyk
ba20254888
Rewrite PCI attaching/detaching from xl to libvirt
...
The only remaining part is querying vm-side BDF. That can't be done
in libvirt.
2016-06-16 13:29:15 +02:00
Wojtek Porczyk
6ade5736d7
pylint fixes
2016-06-10 21:27:29 +02:00
Wojtek Porczyk
6895f34a7f
qubes/vm/qubesvm: change type of exception
2016-06-10 21:27:29 +02:00
Wojtek Porczyk
5a76d0b03b
qubes/vm/dispvm: Add methods for creating and destroying
...
fixes QubesOS/qubes-issues#866
2016-06-02 19:55:42 +02:00
Wojtek Porczyk
476b681749
qubes/vm/qubesvm: return self from methods modifying state
...
This is helpful when writing oneliners.
QubesOS/qubes-issues#866
2016-06-02 17:17:05 +02:00
Wojtek Porczyk
a615a45ecd
Merge remote-tracking branch 'woju/pull/13/head' into core3-devel
2016-06-02 13:24:15 +02:00
Marek Marczykowski-Górecki
7e0af81ecc
qubes/vm: fix PCI device detach
2016-06-02 13:22:48 +02:00
Marek Marczykowski-Górecki
bb2e1f2870
qubes/vm: handle VM toplevel directory in QubesVM object not Storage
...
This directory is not only for disk images (in fact disk images may be
elsewhere depending on choosen volume pool), so it would be cleaner to
handle (create/remove) it directly in QubesVM class.
2016-06-02 13:22:07 +02:00
Marek Marczykowski-Górecki
ed6e69b77e
qubes/vm: minor
2016-06-02 13:14:19 +02:00
Marek Marczykowski-Górecki
2d8d78bebe
qubes/vm/standalonevm: set volume_config
...
Otherwise VM wouldn't have any hard disk...
2016-06-02 13:14:02 +02:00
Marek Marczykowski-Górecki
5b5f290c23
qubes/vm: fix setting autostart property
...
This is actually workaround for systemd bug reported here:
https://bugzilla.redhat.com/show_bug.cgi?id=1181922
qubesos/qubes-issues#925
This is migration of 9bfcb72722
commit to
core3.
2016-06-02 13:13:21 +02:00
Marek Marczykowski-Górecki
b37bf55f5e
qubes/vm: fix handling rename
...
Libvirt VM config is no longer named after VM.
2016-06-02 13:10:56 +02:00
Marek Marczykowski-Górecki
5e2b617c6f
qubes/vm: fix parameters for some even handlers
2016-06-02 13:10:43 +02:00
Marek Marczykowski-Górecki
2bb73ab0a1
qubes/vm: add validators for many properties
2016-06-02 13:10:28 +02:00
Marek Marczykowski-Górecki
36644f3710
qubes/vm: initialize vm.volumes in one place
...
Move it to QubesVM, instead of each class separately.
2016-06-02 13:10:02 +02:00
Marek Marczykowski-Górecki
ff78b26f66
qubes: implement offline mode
...
Apparently the most important (the only?) property required in offline
mode is "is_running". So let's patch it to return False and make sure
any other libvirt usage would result in failure.
Or maybe better simply returh False in vm.is_running, when libvirt
connection fails? But then it would not be possible to use offline mode
and have (some, probably unrelated) libvirtd running at the same time.
Fixes QubesOS/qubes-issues#2008
2016-06-02 12:41:26 +02:00
Marek Marczykowski-Górecki
c965024287
qubes/vm: Implement Disposable VM
...
Implement DispVM as a VM based on AppVM.
QubesOS/qubes-issues#866
2016-06-02 12:37:19 +02:00
Marek Marczykowski-Górecki
b24ab45d00
qubes/vm: fix network attach/detach
2016-06-02 12:28:53 +02:00
Bahtiar `kalkin-` Gadimov
3f5a92772a
A QubesVM always has an empty DomainPool
...
- A DomainPool is initialized by QubesVM after Storage initialization on a
`domain-load` event
2016-05-22 22:09:56 +02:00
Bahtiar `kalkin-` Gadimov
8959e5a77e
Implement qvm-remove
...
- Remove old qvm-remove
- Remove a log line from Storage, because it prints confusing lines, like:
Removing volume kernel: /var/lib/qubes/vm-kernels/4.1.13-6/modules.img
2016-05-21 01:35:30 +02:00
Wojtek Porczyk
786884ad7a
qubes: fix netvm properties and tests
...
fixes QubesOS/qubes-issues#1816
2016-05-19 03:02:23 +02:00
Wojtek Porczyk
63c09a090c
qubes: Combat import cycles
...
This commit eliminates import statements happening in the middle of the
file (between two classes definition). The cycles are still there. The
only magic module is qubes itself.
2016-05-05 14:33:09 +02:00
Bahtiar `kalkin-` Gadimov
29f4be0f10
If vm doesnt support volume_config raise TypeError
2016-04-25 07:17:21 +02:00
Bahtiar `kalkin-` Gadimov
d7ff4b9057
Move volume xml config from QubesVM to Volume
2016-04-25 07:17:20 +02:00
Bahtiar `kalkin-` Gadimov
49b4951389
Storage move rename() logic to XenPool
...
- Fix config renaming
2016-04-25 07:17:20 +02:00
Bahtiar `kalkin-` Gadimov
2c2a778a1d
Serialize volume_config from qubes.xml
2016-04-25 07:17:19 +02:00
Bahtiar `kalkin-` Gadimov
fe6a35155e
Move kernel file checks to LinuxKernel pool
2016-04-25 07:17:19 +02:00
Bahtiar `kalkin-` Gadimov
5f7cb41a21
Move Storage.clone_disk_files logic to XenPool
...
- Add XenVolume to identify volumes which can be cloned even if they are not in
the same pool
2016-04-25 07:17:17 +02:00
Bahtiar `kalkin-` Gadimov
973c83cedd
Move most resize logic to XenPool
2016-04-25 07:17:17 +02:00
Bahtiar `kalkin-` Gadimov
bdfb85ac19
Refactor Storage, Pool and XenPool
...
- Remove all *_dev_config methods
- Checks if a storage image exists moved to XenPool
- Storage.remove wraps Pool.remove()
- Stop volumes on domain sutdown/kill
- Warn when using deprecated methods
2016-04-25 07:17:17 +02:00
Bahtiar `kalkin-` Gadimov
32255a7916
Reverted Storage ←→ Pool dependency
...
- Storage() operates on a pool and in future on multiple pools
2016-04-25 07:17:16 +02:00
Bahtiar `kalkin-` Gadimov
9d646aabd3
Add volume_config to AppVM and TemplateVM
2016-04-25 07:17:13 +02:00
Bahtiar `kalkin-` Gadimov
428dd5bc1b
QubesVM.dir_path is set independent of storage
2016-04-25 07:16:37 +02:00
Bahtiar `kalkin-` Gadimov
cc7dd625d9
Loop over QubesVM.block_devices in libvirt xml
2016-04-25 07:16:36 +02:00
Bahtiar `kalkin-` Gadimov
ebb79e9c4f
Fix TC_01_Properties/test_030_rename_conflict_app
2016-04-20 14:02:04 +02:00
Bahtiar `kalkin-` Gadimov
f74646fb1b
Assert that a TemplateVM can't have a template
2016-04-20 13:59:32 +02:00
Bahtiar `kalkin-` Gadimov
6aac0a5732
On startup-failure only force_shutdown if running
...
This avoids losing the exception if an exception is raised in
self.force_shutdown(), because the vm is not running or paused
2016-04-20 13:59:17 +02:00
Wojtek Porczyk
2a9752716c
Merge remote-tracking branch 'marmarek/core3-devel-mm' into core3-devel
2016-04-20 13:55:46 +02:00
Wojtek Porczyk
fe8fdb264b
qubes/vm/qubesvm: move is_guid_running to GUI extension
2016-04-20 13:54:56 +02:00
Marek Marczykowski-Górecki
2a46abbefd
qubes.vm: implement TemplateVM.appvms property
2016-04-20 02:28:11 +02:00
Marek Marczykowski-Górecki
8c6fe7ed90
Merge remote-tracking branch 'origin/master' into core3-devel-mm
2016-04-11 13:03:12 +02:00
Marek Marczykowski-Górecki
424d3054f3
backup: use vm.features to store backup-specific metadata
...
Do not keep them in system qubes.xml.
2016-04-07 13:21:00 +02:00
Marek Marczykowski-Górecki
e8f21929ad
backup: by default include all the VMs with vm.include_in_backups
...
If there is a need for more robust default, it should be handled at that
property.
2016-04-07 13:21:00 +02:00
Marek Marczykowski-Górecki
45d6ab3862
qubes/vm: store libvirt config in libvirt.xml, fix rename handling
2016-04-07 13:03:46 +02:00
Marek Marczykowski-Górecki
7f5feac98b
qubes/vm: fixes for features handling
...
Properly handle 'None' value, there is no difference between empty
string (<x></x>) and no content at all (<x/>).
2016-04-07 13:03:30 +02:00
Marek Marczykowski-Górecki
7cbe2dbd38
qubes/vm: add passio_stderr argument to vm.run_service
...
This allows getting error messages from service call, to provide more
meaningful error messages.
2016-04-07 12:58:05 +02:00
Marek Marczykowski-Górecki
e319639146
qubes/vm: add StandaloneVM class
2016-04-07 12:57:52 +02:00
Marek Marczykowski-Górecki
15e032cddb
qubes/vm: fix handling "None" kernel
...
The "None" value still makes sense for HVM domains.
2016-03-21 11:44:59 +01:00
Wojtek Porczyk
29d0baa944
qubes/vm/mix/net: By default MAC is constant
...
MAC address was one place, where qid was leaked to the VM. Different MAC
addresses are not needed, since we do routing, not switching.
2016-03-21 11:44:59 +01:00
Wojtek Porczyk
04cc2099f7
HVM part 2
2016-03-21 11:44:54 +01:00
Marek Marczykowski-Górecki
8da7416f30
vm: Remove reference to old libvirt config template
...
This file isn't installed anymore
2016-03-21 11:44:54 +01:00
Wojtek Porczyk
5eaf03c4a2
HVM part 1
2016-03-21 11:44:46 +01:00
Wojtek Porczyk
d766b8e110
qubes: Fix "unify event names"
2016-03-21 11:43:33 +01:00
Marek Marczykowski-Górecki
9567f7b40b
vm: rename 'yum-proxy-setup' feature to 'updates-proxy-setup'
...
The 'yum-proxy-setup' is deprecated since R3.0, so finally remove old
name.
But add it to R3.x compatibility layer.
2016-03-21 11:43:33 +01:00
Wojtek Porczyk
0f03b257ce
qubes/vm: Fix features coercion
2016-03-21 11:43:33 +01:00
Marek Marczykowski-Górecki
3b1238f7cf
vm: stub for new firewall API
...
- introduce 'firewall-changed' event
- add reload_firewall_for_vm stub function
Should that function be private, called only from appropriate event
handlers?
QubesOS/qubes-issues#1815
2016-03-21 11:43:33 +01:00
Marek Marczykowski-Górecki
c99a47d192
vm: fix handling firewall_conf path
...
It may be (and by default is) path relative to VM directory.
This code will be gone in the final version, after merging firewall
configuration into qubes.xml. But for now have something testable.
2016-03-21 11:43:33 +01:00
Marek Marczykowski-Górecki
c9cad71d03
vm/mix/net: create vm.connected_vms dynamically
...
It is much less error-prone way. Previous approach didn't worked because
VMs weren't added here at 'domain-init'/'domain-loaded' event. And even
after adding such handlers it wasn't working because of
QubesOS/qubes-issues#1816 .
It may be a little slower, but since it isn't used so often
(starting/stopping VM and reloading firewall), shouldn't be a problem.
2016-03-21 11:43:33 +01:00
Marek Marczykowski-Górecki
3e3213e7c7
Redo "core: do not reset firewal when setting netvm=none"
...
Apparently it got lost in merge.
QubesOS/qubes-issues#862
2016-03-21 11:43:33 +01:00
Marek Marczykowski-Górecki
736773dbec
vm: remove obsolete firewall handling code
...
There is no vm.write_iptables_xenstore_entry().
QubesOS/qubes-issues#1815
2016-03-21 11:43:33 +01:00
Marek Marczykowski-Górecki
12f778b539
qubes/vm: do not recursively use repr in BaseVM.__repr__
...
This will easily end up in infinite recursion. For example
'sys-net'.template points at 'fedora-23', which itself has
'fedora-23'.netvm set to 'sys-net'.
2016-03-21 11:43:32 +01:00
Wojtek Porczyk
0f9ca47d90
qubes/ext/guid: Move gui-related code to extension
2016-03-21 11:43:32 +01:00
Wojtek Porczyk
75dd882b83
qubes: Unify event names
...
Events will be named <object>-[pre-]-<verb>, where verb is in infinitive
form.
2016-03-21 11:43:32 +01:00
Wojtek Porczyk
d09bd5ab6a
qubes: Convert QubesVM and Extension discovery to pkg_resources
...
QubesOS/qubes-issues#1238
2016-03-21 11:43:32 +01:00
Wojtek Porczyk
93686eae06
qubes/vm: change services to features
2016-03-21 11:43:32 +01:00
Wojtek Porczyk
bf78e662f6
Import qubesdb from the new module
...
fixes QubesOS/qubes-issues#1252
2016-03-03 01:18:17 +01:00
Marek Marczykowski-Górecki
5375dce90d
Prefer human readable output in qvm-prefs and qubes-prefs tools
2016-03-03 01:18:17 +01:00
Marek Marczykowski-Górecki
e3c94f3949
core: fix handling numeric label value set
...
Not sure if it should be supported this way, but surely it shouldn't
throw AttributeError.
2016-03-03 01:18:17 +01:00
Marek Marczykowski-Górecki
9633573408
core: adjust units comment for host.memory_total, and fix related places
...
QubesOS/qubes-issues#1737
2016-03-03 01:18:16 +01:00
Wojtek Porczyk
88a63cbe3a
qubes/vm/qubesvm: do not clone VM-specific properties
...
This is reworked
core: do not clone VM-unique identifiers in clone_properties
by Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2016-03-03 01:18:16 +01:00
Marek Marczykowski-Górecki
2cbbe0bdb6
core: abandon 'kernels' in VM directory
...
Since we have PV Grub now (which is much more convenient), it is useless
now.
2016-03-03 01:18:16 +01:00
Marek Marczykowski-Górecki
9428c70d31
core: fix vm.create_on_disk
...
QubesOS/qubes-issues#
2016-03-03 01:18:16 +01:00
Marek Marczykowski-Górecki
62759fb1f6
core: move maxmem default initialization to property itself
...
Also fix (for now?) units - memory_total is int bytes while maxmem in
megabytes.
QubesOS/qubes-issues#1737
2016-03-03 01:18:16 +01:00
Marek Marczykowski-Górecki
2f3762ee68
core: minor fixes in handling properties
...
Conflicts:
qubes/vm/qubesvm.py
2016-03-03 01:18:16 +01:00
Marek Marczykowski-Górecki
ab469e4473
vm: fix calling monitor layout notifier
2016-03-03 01:18:15 +01:00
Marek Marczykowski-Górecki
4095f3c5eb
vm: disable uses_custom_config for now
2016-03-03 01:18:15 +01:00
Marek Marczykowski-Górecki
926596cba7
Initialize vm.storage after loading all the properties
...
It needs at least vm.name to be set.
2016-03-03 01:18:15 +01:00
Marek Marczykowski-Górecki
3af71ab65d
storage: fix handling netvm and adminvm
...
@woju what was consensus on 'servicevms' dir? Since "being network
provider" is no longer separate type and can be changed during VM
lifetime, maybe we should abandon that idea? Or maybe just set it as VM
property (some storage pool config argument) - that way mgmt stack could
put all the sys-* VMs into separate directory, regardless of the type.
2016-03-03 01:18:06 +01:00
Wojtek Porczyk
c47e29ed50
Fix most errors from pylint
2016-03-03 01:14:54 +01:00
Wojtek Porczyk
9eafa57539
Merge remote-tracking branch 'marmarek/master' into core3-devel
...
The following list is bollocks. There were many, many more.
Conflicts:
core-modules/003QubesTemplateVm.py
core-modules/005QubesNetVm.py
core/qubes.py
core/storage/__init__.py
core/storage/xen.py
doc/qvm-tools/qvm-pci.rst
doc/qvm-tools/qvm-prefs.rst
qubes/tools/qmemmand.py
qvm-tools/qvm-create
qvm-tools/qvm-prefs
qvm-tools/qvm-start
tests/__init__.py
vm-config/xen-vm-template-hvm.xml
This commit took 2 days (26-27.01.2016) and put our friendship to test.
--Wojtek and Marek
2016-03-03 01:13:51 +01:00
Wojtek Porczyk
2d6ad3b60c
qubes/vm/qubesvm: remove prefixes from qubesdb keys
2016-03-03 00:46:05 +01:00
Wojtek Porczyk
e8bedcd7ba
qubes/vm: fix starting netvm
2016-03-03 00:46:05 +01:00
Wojtek Porczyk
01319e391f
qubes: port netvm
...
From now, there are no separate NetVM and ProxyVM class, but property
"provides_network".
2016-03-03 00:46:05 +01:00
Wojtek Porczyk
689dd64b0d
qubes: misc pylint fixes
2015-12-29 22:04:00 +01:00
Wojtek Porczyk
bf4dbe07d5
qubes/tests/vm/qubesvm: add basic tests for QubesVM
...
And already one fix to instantiation.
2015-12-29 20:35:04 +01:00
Wojtek Porczyk
69e0b94c74
Fix for UUID management
...
This fixes up 75c3f355db
"qubes/vm/qubesvm: fix domain's UUID management".
Previously 'domain-init' was never really fired.
fixes QubesOS/qubes-issues#1557
2015-12-29 03:50:35 +01:00
Wojtek Porczyk
f1a0b1af39
qubes/tools: add qvm-run, qvm-{,un}pause
...
Also change convention of calling main(): now command returns its
numeric value instead of bool.
Also fixed QSB#13
fixes QubesOS/qubes-issues#1226
2015-12-29 03:43:08 +01:00
Wojtek Porczyk
2e42a408e5
core3: Add documentation to qubes.exc
...
part of QubesOS/qubes-issues#1279
2015-10-17 00:20:44 +02:00
Wojtek Porczyk
96efb4568a
core3: add different exceptions
...
From now on there are different exceptions which can be raise on
different occasions.
fixes QubesOS/qubes-issues#1279
2015-10-17 00:17:12 +02:00
Wojtek Porczyk
ea44c0acf3
qubes: pylint fixes
...
Fix bunch of errors and warnings.
2015-10-05 23:49:39 +02:00
Wojtek Porczyk
c9cbf8ffe2
core3: fix mounting modules.img
2015-10-05 12:46:14 +02:00
Wojtek Porczyk
3724d6fca1
qubes/vm/qubesvm: fix core2 compatibility
2015-10-05 12:46:14 +02:00
Wojtek Porczyk
8628a984fc
qubes/vm: fix memory constraint while generating libvirt XML
2015-10-05 12:46:14 +02:00
Wojtek Porczyk
75c3f355db
qubes/vm/qubesvm: fix domain's UUID management
...
Now we generate UUID on domain's instantiation. This is needed, because
we sometimes don't update XML (like in qvm-start).
fixes QubesOS/qubes-issues#1236
2015-10-05 12:46:14 +02:00
Wojtek Porczyk
6f4951d08a
install python package with setuptools
2015-10-05 12:46:14 +02:00
Wojtek Porczyk
ce60915fb0
qvm-ls: fix listing domains and labels
2015-10-05 12:46:14 +02:00
Wojtek Porczyk
b4d51b016b
core3: some properties can be set only once
...
Some properties should not be changed by user at will (like UUID). The
solution is to make them write-once, so they will be set when loading
from XML and frozen for the lifespan of the object holding the property.
When desperately needed, users may edit XML by hand.
fixes QubesOS/qubes-issues#1235
2015-10-05 12:46:14 +02:00
Wojtek Porczyk
a017d78174
Dumb down dir_path property
...
From now, dir_path cannot be set and is calculated from domain's class
and name.
fixes QubesOS/qubes-issues#1234
2015-10-05 12:46:14 +02:00
Wojtek Porczyk
12329e7b35
qubes/vm/qubesvm: fix log initialisation
2015-10-05 12:46:14 +02:00
Wojtek Porczyk
af1a6a49bd
qvm-ls: fix printing label
2015-10-05 12:46:13 +02:00
Wojtek Porczyk
0fbee4dc10
core3: more fixes
2015-10-05 12:46:13 +02:00
Wojtek Porczyk
80d664441d
core3: fixes from Marek
...
This is adapted from commit 90a50dca406e3d40c88ea338566e0460589df7a3.
2015-10-05 12:46:13 +02:00
Wojtek Porczyk
e9b998400d
qubes/vm/qubesvm: fix __init__ wrt .storage attr
2015-09-28 18:20:28 +02:00
Wojtek Porczyk
84eb082ed2
qubes/vm/qubesvm: fix label setting/loading
2015-09-28 18:20:28 +02:00
Wojtek Porczyk
ea9a984fa7
qubes/vm: Fix instantiating QubesVM
...
vm.app attribute needs to be accessible before setting properties
2015-09-28 18:20:28 +02:00
Wojtek Porczyk
12092c3aa5
core3: port TemplateVM
2015-09-28 18:15:24 +02:00
Wojtek Porczyk
7886695c63
qubes/vm/qubesvm: fix qid setter to accept str
...
Mainly for loading from XML.
2015-06-29 17:39:29 +02:00
Wojtek Porczyk
7f16e0a73b
qubes: disable events by default not to interfere with loading from XML
2015-06-29 17:39:28 +02:00
Wojtek Porczyk
f2d9d628c4
qubes/vm/qubesvm: Fix loading/instantiating
2015-06-29 17:39:28 +02:00
Wojtek Porczyk
6a4820c381
qubes/tools: qvm-ls
2015-06-29 17:39:28 +02:00
Wojtek Porczyk
e83d21c671
qubes: more documentation and doc fixes
2015-06-29 17:39:28 +02:00
Wojtek Porczyk
5d9b92a039
qubes: pylint fixes (minor programming errors)
2015-06-29 17:39:28 +02:00
Wojtek Porczyk
186b277418
qubes/vm: fix logging
2015-06-29 17:39:27 +02:00
Wojtek Porczyk
45977fc873
qubes: fix VM instantiation and loading
2015-06-29 17:39:27 +02:00
Wojtek Porczyk
8c437f4053
qubes: unify PropertyHolder API
...
get_props_list() -> property_list()
_init_property() -> _property_init()
2015-06-29 17:39:27 +02:00
Wojtek Porczyk
6798790e1f
qubes: pylint fixes (fix signatures)
2015-06-29 17:39:27 +02:00
Wojtek Porczyk
8d3edbf133
qubes/vm: fix kernels_dir
2015-06-29 17:39:27 +02:00
Wojtek Porczyk
adb144acfe
qubes: pylint fixes (small mistakes and wrong names)
2015-06-29 17:39:27 +02:00
Wojtek Porczyk
4a85c823c3
qubes: pylint fixes (qualify imported variables)
2015-06-29 17:39:27 +02:00
Wojtek Porczyk
bf29d5e5b5
qubes: pylint fixes (disable unfounded messages)
2015-06-29 17:39:27 +02:00
Wojtek Porczyk
ac1739df6b
qubes: pylint fixes (fix imports)
2015-06-29 17:39:27 +02:00
Wojtek Porczyk
ee06e7d7a2
qubes: documentation and licence fixes
2015-06-29 17:39:27 +02:00
Wojtek Porczyk
cdc3df66c8
qubes: pylint fixes (mostly whitespace)
2015-06-29 17:39:27 +02:00
Wojtek Porczyk
d937d39c9e
qubes: fix Qubes instantiation
2015-06-29 17:39:26 +02:00
Wojtek Porczyk
8e16dd2b28
qubes/storage: fix storage instantiation
2015-06-29 17:39:26 +02:00
Wojtek Porczyk
8805db5e5f
core3 move: AdminVM class
2015-06-29 17:39:26 +02:00
Wojtek Porczyk
8afba4c5e9
core3 move: storage/*
2015-06-29 17:39:26 +02:00
Jason Mehring
be3e888bbe
Fixed typos
2015-06-29 17:39:26 +02:00
Wojtek Porczyk
04c221e924
qubes/vm/qubesvm: fix env manipulation on qrexec-daemon start
2015-06-29 17:39:26 +02:00
Wojtek Porczyk
af154b53fe
qubes: change names of XML generating methods
...
Methods returning lxml.etree.Elements are called xml_ or lvxml_, meant for
qubes.xml or libvirt respectively.
Acknowledgement:
This commit is a result of core3 review by Marek.
2015-06-29 17:39:26 +02:00
Wojtek Porczyk
92eca8edb9
qubes: Fix comments accross the code
...
Acknowledgement:
This commit is a result of core3 review by Marek.
2015-06-29 17:39:25 +02:00
Wojtek Porczyk
2e1696cb16
qubes: Fix XML validation test
2015-06-29 17:39:25 +02:00
Wojtek Porczyk
091ffa5444
qubes: Add parser for property docstring
...
From now, docstrings in properties cannot contain sphinx-specific features,
because there is no sphinx in dom0.
2015-06-29 17:39:25 +02:00
Wojtek Porczyk
c0e3281d04
qubes: fix changing domain name
...
Changing name of running VM is wrong.
Acknowledgement:
This commit is a result of core3 review by Marek.
2015-06-29 17:39:25 +02:00
Wojtek Porczyk
1deb3221c7
qubes: fix netvm semantics WRT default values
...
Automatic acquiring default*_netvm, default_template and {clock,update}vm is no
more. This will be moved to firstboot. Advanced users (those, who elect not to
autoconfig their initial VMs) will have to deal with that.
Acknowledgement:
This commit is a result of core3 review by Marek.
2015-06-29 17:39:25 +02:00
Wojtek Porczyk
52c1be49ec
qubes/vm: remove unneccessary import
2015-06-29 17:39:24 +02:00
Wojtek Porczyk
9fa3d60d0b
qubes/events: fix event handling order
...
Events are divided into "pre" and "post" events. "Pre" events fire handlers in
MRO, "post" fire them in reverse.
2015-06-29 17:39:24 +02:00
Wojtek Porczyk
41fef46db2
core3 move: QubesVM
...
This is a big commit and probably incomplete. Tests will follow.
2015-06-29 17:39:24 +02:00
Wojtek Porczyk
f9658ae338
qubes/vm: remove old event methods that were overlooked
2015-06-29 17:39:24 +02:00
Wojtek Porczyk
f149c7b59b
qubes/vm: fixed __repr__ for BaseVM
...
Previously it could fail with AttributeError when any of the properties was unset.
2015-06-29 17:39:24 +02:00
Wojtek Porczyk
ef4f00dac0
qubes/vm: DeviceManager class for herding devices
...
collections.defaultdict was not enough, because it cannot pass any arguments to
factory. We need to pass domain object and device class to fire events on attach
and detach.
2015-06-29 17:39:24 +02:00
Wojtek Porczyk
1a032ecf2a
core3: basic global events and their documentation
2015-06-29 17:39:24 +02:00
Wojtek Porczyk
855a434879
core3: event framework adjusted for global Qubes object
...
From now, global events are emitted by qubes.Qubes object and handlers are registered there.
2015-06-29 17:39:24 +02:00
Wojtek Porczyk
b623a71d87
core3 move: QubesVmCollection
...
This got split to qubes.Qubes and qubes.VMCollection.
From now on, VMCollection is a stupid bag. Some parts went elsewhere.
2015-06-29 17:39:23 +02:00
Wojtek Porczyk
87ae0112eb
qubes/vm: New XML format loading
2015-06-29 17:39:23 +02:00
Wojtek Porczyk
65595e3b39
apidoc stub
2015-06-29 17:39:22 +02:00
Wojtek Porczyk
7f27d987cc
import framework for core3
2015-06-29 17:39:22 +02:00