Marek Marczykowski
718f5c2bdb
vm: provide dispvm-dotfiles and dispvm-prerun.sh in rpm package ( #620 )
2012-07-12 14:22:44 +02:00
Marek Marczykowski
b92bb698be
vm: provide dispvm-dotfiles and dispvm-prerun.sh in rpm package ( #620 )
2012-07-12 14:21:44 +02:00
Marek Marczykowski
954b4e6947
vm/systemd: disable additional useless services ( #620 )
...
Most of them relay on direct network acces, which isn't true on Qubes.
2012-07-12 03:56:09 +02:00
Marek Marczykowski
ca7ec2aa57
vm/spec: remove dupplicated commnds, suppress error message
2012-07-12 03:56:09 +02:00
Marek Marczykowski
00778cacea
dom0/spec: suppress unnecessary messages during package upgrade
2012-07-12 03:56:09 +02:00
Marek Marczykowski
6aeaa7b036
vm/systemd: disable additional useless services ( #620 )
...
Most of them relay on direct network acces, which isn't true on Qubes.
2012-07-12 03:54:41 +02:00
Marek Marczykowski
212d4227c8
vm/spec: remove dupplicated commnds, suppress error message
2012-07-12 03:54:41 +02:00
Marek Marczykowski
f0d55138d3
dom0/spec: suppress unnecessary messages during package upgrade
2012-07-12 03:54:34 +02:00
Marek Marczykowski
302191edec
vm/spec: disable pam_systemd only in trigger
...
The %post part is unnecessary.
2012-07-09 15:54:33 +02:00
Marek Marczykowski
c1f5377b1d
vm/spec: disable pam_systemd only in trigger
...
The %post part is unnecessary.
2012-07-09 15:52:42 +02:00
Marek Marczykowski
8b2be6b693
dom0/spec: remove some udev rules from system ( #605 )
2012-07-05 01:43:32 +02:00
Marek Marczykowski
c4888add66
vm: disable D-Bus activation of NetworkManager ( #610 )
2012-07-05 01:43:32 +02:00
Marek Marczykowski
b834e2c5a7
vm/spec: disable pam_systemd globally ( #607 )
...
Actually all /etc/pam.d/ files containing pam_systemd.so are autogenerated by
authconfig, so "removing" pam_systemd.so file as not elegant solution, seems to
be much more realiable.
2012-07-05 01:43:32 +02:00
Marek Marczykowski
3ccc43ede2
dom0/spec: remove some udev rules from system ( #605 )
2012-07-05 01:40:38 +02:00
Marek Marczykowski
725e724044
vm: disable D-Bus activation of NetworkManager ( #610 )
2012-07-05 01:33:22 +02:00
Marek Marczykowski
f20099f05b
vm/spec: disable pam_systemd globally ( #607 )
...
Actually all /etc/pam.d/ files containing pam_systemd.so are autogenerated by
authconfig, so "removing" pam_systemd.so file as not elegant solution, seems to
be much more realiable.
2012-07-05 01:31:32 +02:00
Marek Marczykowski
0006ebdaff
vm/spec: fix enabling NetworkManager SystemD service
2012-06-26 03:43:36 +02:00
Marek Marczykowski
a6c7d0efbe
vm/spec: fix error messages
2012-06-26 03:43:36 +02:00
Marek Marczykowski
da63af599c
vm/spec: fix enabling of qubes-firewall SysV service
2012-06-26 03:43:36 +02:00
Marek Marczykowski
2e7d5cc178
dom0: appmenu to start Firefox in new DispVM ( #594 )
2012-06-26 03:43:36 +02:00
Marek Marczykowski
4f7656e36f
vm/spec: fix enabling NetworkManager SystemD service
2012-06-26 03:36:22 +02:00
Marek Marczykowski
4cc7d9300f
vm/spec: fix error messages
2012-06-26 03:31:28 +02:00
Marek Marczykowski
71c4ca8804
vm/spec: fix enabling of qubes-firewall SysV service
2012-06-26 03:30:06 +02:00
Marek Marczykowski
0008e71784
dom0: appmenu to start Firefox in new DispVM ( #594 )
2012-06-24 14:09:43 +02:00
Marek Marczykowski
f53ebfc3cd
vm: RPC service for NTP time sync ( #603 )
2012-06-23 00:37:47 +02:00
Marek Marczykowski
8e61660687
vm: RPC service for NTP time sync ( #603 )
2012-06-22 22:22:57 +02:00
Marek Marczykowski
288dcc562e
vm: enable yum-qubes-hooks plugin ( #592 )
2012-06-11 22:35:44 +02:00
Marek Marczykowski
5354249102
vm: enable yum-qubes-hooks plugin ( #592 )
2012-06-08 00:34:11 +02:00
Marek Marczykowski
01ca42b5c4
vm/spec: create firmware symlink only when needed
...
On new systems, like FC16+, firmware is provided by separate package (like
linux-firmware), so no longer need to get it from kernel package.
2012-06-06 03:02:58 +02:00
Marek Marczykowski
4463701bf3
vm/spec: depend on ethtool _package_
2012-06-06 03:02:58 +02:00
Marek Marczykowski
ad6bfe3ca1
vm/spec: create firmware symlink only when needed
...
On new systems, like FC16+, firmware is provided by separate package (like
linux-firmware), so no longer need to get it from kernel package.
2012-06-06 03:00:05 +02:00
Marek Marczykowski
4911ca7eb9
vm/spec: depend on ethtool _package_
2012-06-06 02:59:07 +02:00
Marek Marczykowski
79f13d6c66
vm: yum plugin to notify dom0 about installed updates ( #592 )
2012-06-05 21:21:53 +02:00
Marek Marczykowski
ea08560e43
makefile: rename vchan Makefile to not conflict with windows build
2012-06-05 21:21:53 +02:00
Marek Marczykowski
8023c66020
vm: yum plugin to notify dom0 about installed updates ( #592 )
2012-06-05 19:28:59 +02:00
Marek Marczykowski
dd60d3da95
makefile: rename vchan Makefile to not conflict with windows build
2012-06-02 12:32:49 +02:00
Marek Marczykowski
1f194cbe08
dom0: block_cleaner: removes ejected devices from xenstore
...
When device is ejected by some VM (state=6, effectively inactive), it should be
removed from xenstore to free slot for some another device. This should be done
by libxl toolstack, but not implemented in xen 4.1 - AFAIR done in xen 4.2.
2012-06-01 20:59:45 +02:00
Marek Marczykowski
4bac57818e
vm/qubes-yum-proxy: setup yum to use qubes-yum-proxy ( #568 )
...
The simplest way is just add proxy=... entry to /etc/yum.conf, but sometimes it
is reasonable to bypass the proxy. Some examples:
- usage of non-standard repos with some exotic file layout, which will be
blocked by the proxy
- usage of repos not-accessible via proxy (eg only via VPN stared in VpnVM)
This commit introduces 'yum-proxy-setup' pseudo-service, which can be
controlled via standard qvm-service or qubes-manager. When enabled - yum will
be configured at VM startup to use qubes proxy, otherwise - to connect directly
(proxy setting will be cleared).
2012-05-31 03:11:44 +02:00
Marek Marczykowski
96508abf2c
vm: qubes-yum-proxy service ( #568 )
...
Introduce proxy service, which allow only http(s) traffic to yum repos. The
filter rules are based on URL regexp, so it isn't full-featured content
inspection and can be easy bypassed, but should be enough to prevent some
erroneus user actions (like clicking on invalid link).
It is set up to intercept connections to 10.137.255.254:8082, so VM can connect
to this IP regardless of VM in which proxy is running. By default it is
started in every NetVM, but this can be changed using qvm-service or
qubes-manager (as always).
2012-05-31 03:11:43 +02:00
Marek Marczykowski
341fbe012c
vm/spec: remove executable perm where not needed
2012-05-31 03:11:43 +02:00
Marek Marczykowski
edc3518ec9
vm/qubes-yum-proxy: setup yum to use qubes-yum-proxy ( #568 )
...
The simplest way is just add proxy=... entry to /etc/yum.conf, but sometimes it
is reasonable to bypass the proxy. Some examples:
- usage of non-standard repos with some exotic file layout, which will be
blocked by the proxy
- usage of repos not-accessible via proxy (eg only via VPN stared in VpnVM)
This commit introduces 'yum-proxy-setup' pseudo-service, which can be
controlled via standard qvm-service or qubes-manager. When enabled - yum will
be configured at VM startup to use qubes proxy, otherwise - to connect directly
(proxy setting will be cleared).
2012-05-31 03:05:13 +02:00
Marek Marczykowski
b2cfd73691
vm: qubes-yum-proxy service ( #568 )
...
Introduce proxy service, which allow only http(s) traffic to yum repos. The
filter rules are based on URL regexp, so it isn't full-featured content
inspection and can be easy bypassed, but should be enough to prevent some
erroneus user actions (like clicking on invalid link).
It is set up to intercept connections to 10.137.255.254:8082, so VM can connect
to this IP regardless of VM in which proxy is running. By default it is
started in every NetVM, but this can be changed using qvm-service or
qubes-manager (as always).
2012-05-31 03:04:11 +02:00
Marek Marczykowski
a953e56042
vm/spec: remove executable perm where not needed
2012-05-31 02:21:15 +02:00
Marek Marczykowski
b4aa6c6ddc
vm/spec: fix /etc/hosts if it was broken by previous version
2012-05-08 23:45:00 +02:00
Marek Marczykowski
0ebd1d0de6
vm/spec: fix /etc/hosts if it was broken by previous version
2012-05-08 23:44:07 +02:00
Marek Marczykowski
950d848ede
vm: notify dom0 when updates available in VM ( #475 )
2012-05-02 00:09:00 +02:00
Marek Marczykowski
370ad33c44
dom0: provide service for VM to notify about updates availability ( #475 )
2012-05-02 00:09:00 +02:00
Marek Marczykowski
9c7ab91491
dom0: remove unused reset_vm_configs.py
2012-05-02 00:09:00 +02:00
Marek Marczykowski
af1f88755d
vm: notify dom0 when updates available in VM ( #475 )
2012-05-01 01:14:04 +02:00
Marek Marczykowski
fa41bf840c
dom0: provide service for VM to notify about updates availability ( #475 )
2012-05-01 01:12:19 +02:00
Marek Marczykowski
366e405df0
dom0: remove unused reset_vm_configs.py
2012-04-30 13:29:01 +02:00
Marek Marczykowski
f05605eccc
dom0/spec: fix spec for qmemman.conf
2012-03-29 16:18:00 +02:00
Marek Marczykowski
7bee34dfb0
dom0/spec: fix spec for qmemman.conf
2012-03-29 16:17:10 +02:00
Marek Marczykowski
71b98f9d95
dom0/qmemman: add support for config file
2012-03-28 00:47:26 +02:00
Marek Marczykowski
2e6e9bfab9
dom0/qmemman: add support for config file
2012-03-28 00:21:01 +02:00
Marek Marczykowski
ba6c682254
dom0/rpm-spec: fix xenconsoled setup
...
XENCONSOLED_LOG_GUESTS was erroneously replaced by XENCONSOLED_LOG_HYPERVISOR.
So to config fresh systems and broken by prevoius version, remove any
XENCONSOLED_LOG_ entries and add correct one at the config end.
2012-03-11 21:14:52 +01:00
Marek Marczykowski
e77bdf63db
dom0/rpm-spec: fix xenconsoled setup
...
XENCONSOLED_LOG_GUESTS was erroneously replaced by XENCONSOLED_LOG_HYPERVISOR.
So to config fresh systems and broken by prevoius version, remove any
XENCONSOLED_LOG_ entries and add correct one at the config end.
2012-03-11 21:12:49 +01:00
Marek Marczykowski
a58259a171
Merge branch 'master' into hvm
...
Conflicts:
version_dom0
version_vm
2012-03-09 10:19:34 +01:00
Marek Marczykowski
0b142fb040
vm/init.d: make firewall and netwatcher service consistent with systemd
2012-03-09 01:50:18 +01:00
Marek Marczykowski
a717b3755e
Merge branch 'master' into hvm
...
Conflicts:
dom0/qvm-core/qubes.py
2012-03-06 02:21:52 +01:00
Marek Marczykowski
db043c84bc
dom0/sysconfig: load and setup cpufreq-xen if present
...
Required for suspend on Core i5 with pvops kernel.
2012-03-05 12:44:08 +01:00
Marek Marczykowski
91ec015486
dom0/sysconfig: enable xenconsoled logging
2012-03-05 12:31:15 +01:00
Marek Marczykowski
25b57bab88
dom0/appmenus: Create "Start" appmenu for HVM domains
2012-03-02 01:56:50 +01:00
Marek Marczykowski
63f3537f98
dom0/spec: require xen-hvm package for stubdom
2012-03-01 10:57:34 +01:00
Joanna Rutkowska
0e0fe6a3d9
Merge branch 'master' of git://git.qubes-os.org/marmarek/core into hvm
2012-02-27 13:30:14 +01:00
Marek Marczykowski
067fb100a1
dom0/modules: support for pvops modules in dom0
2012-02-25 14:04:06 +01:00
Marek Marczykowski
3ad50b58e7
dom0/spec: include HVM config template in rpm
2012-02-24 04:53:15 +01:00
Marek Marczykowski
b422bf8b2f
dom0/pm-utils: fix scripts order according to pm-utils docs ( #443 )
2012-02-09 11:31:41 +01:00
Marek Marczykowski
73e63d9998
dom0/spec: include qubes-* tools in rpm ( #421 )
2012-02-07 12:31:44 +01:00
Marek Marczykowski
70db6b0fc9
vm/mimeopen: save mimetype defaults for DispVM ( #423 )
2012-02-06 19:08:08 +01:00
Marek Marczykowski
a4a9632a5a
vm/spec: fix file permissions
2012-02-06 12:58:02 +01:00
Marek Marczykowski
b87fff44c4
dom0/clock: sync clock using new qubes-sync-clock from cron ( #435 , #429 )
2012-02-01 17:39:20 +01:00
Marek Marczykowski
4c78a9cb7f
dom0/spec: require cron daemon ( #429 )
2012-01-30 16:27:12 +01:00
Marek Marczykowski
31fd953377
vm/spec: do not complain about missing serial.conf
2012-01-30 14:22:35 +01:00
Marek Marczykowski
ad75f3c99e
vm/network: symlink NetworkManager system-connection to /rw ( #425 )
...
In FC15, NetworkManager by default uses global connections ("Available to all users"). Save them in /rw instead of /etc, to preserve them across reboots.
2012-01-30 14:20:02 +01:00
Marek Marczykowski
f8562f8e1c
vm/spec: hide diagnostics from systemctl
2012-01-18 17:24:04 +01:00
Marek Marczykowski
83cde6e841
vm: enable qubes-firewall ( #424 )
2012-01-18 13:37:31 +01:00
Marek Marczykowski
351b413f74
spec: fix build order
2012-01-15 17:36:22 +01:00
Marek Marczykowski
1e2ca857cc
vm/systemd: enable ntpd and NetworkManager services
2012-01-14 01:40:54 +01:00
Marek Marczykowski
b5f691da1c
vm/systemd: add some package requirements according to Fedora documentation
2012-01-14 01:40:10 +01:00
Marek Marczykowski
7dbb3fe5b0
vm: disable some autostart applications
2012-01-14 01:39:43 +01:00
Marek Marczykowski
f581fad6fd
vm: disable silent automatic update *installation* in FC15 ( #415 )
...
Do not silently download and install updates, especially in NonUpdateableVM.
2012-01-14 01:37:22 +01:00
Marek Marczykowski
cf591a4cd5
vm/init: introduce SystemD startup scripts
2012-01-10 12:10:16 +01:00
Marek Marczykowski
11055f7162
vm/spec: split SysV init scripts into separate subpackage
2012-01-10 12:09:09 +01:00
Marek Marczykowski
95edff2ac2
vm/spec: add Obsoletes header for smooth upgrade
2012-01-10 11:23:27 +01:00
Marek Marczykowski
adc0b6eff5
vm(+dom0): major rearrage VM files in repo; merge core-*vm packages
2012-01-06 21:31:12 +01:00
Marek Marczykowski
9c40e23af2
vm: disable cron also using systemctl
...
This is needed for FC15
2011-12-30 23:53:46 +01:00
Marek Marczykowski
0cab96ad6d
vm/qvm-block: do not disable qubes block udev rules ( #393 )
2011-12-26 21:01:31 +01:00
Marek Marczykowski
0d32a533e7
vm/yum-repo: Use $releasever in repo definition
...
Instead of multiple files with only release version different.
2011-12-12 03:35:22 +01:00
Marek Marczykowski
a3f2496a27
vm/spec: more precise blacklisting updates of xorg ( #381 )
2011-12-05 13:50:07 +01:00
Marek Marczykowski
8a09f45bd8
dom0: and do not include xenfreepages in rpm...
2011-11-02 20:13:26 +01:00
Marek Marczykowski
ede96353af
dom0/qrexec: Add always allow option in qrexec confirmation dialog ( #278 )
2011-10-12 00:08:28 +02:00
Marek Marczykowski
9152bf6652
dom0/spec: disable prelink service
2011-10-07 21:28:26 +02:00
Marek Marczykowski
3876cf4070
dom0/dom0-updates: check for dom0 updates from cron ( #354 )
2011-10-07 21:28:16 +02:00
Marek Marczykowski
8d855aa958
dom0+vm/qvm-block: automatically detach device when physical dev removed ( #226 )
...
This will work when device is unmounted. On mounted device backend will be
removed (after 3s timeout), but frontend will left in "closing" state - manual
'xl block-detach' will be needed.
2011-09-30 10:42:56 +02:00
Marek Marczykowski
111d807ae0
dom0: include qubesutils in rpm package ( #226 )
2011-09-30 10:42:56 +02:00
Marek Marczykowski
6b885bd361
dom0+vm: expose block devices info in xenstore ( #226 )
2011-09-29 13:56:06 +02:00
Marek Marczykowski
801e113c06
vm: minor fixes for Fedora 15
...
1. create /var/run/qubes as /var/run is now on tmpfs
2. if system-d is present - use it to disable NetworkManager
2011-09-27 01:37:09 +02:00
Marek Marczykowski
72bc213980
vm/spec: do not use chown in %install - it will not work as unprivileged user
2011-09-25 15:18:48 +02:00
Marek Marczykowski
27ca0f878c
rpm spec: do not mark files with %dir
2011-09-22 01:16:32 +02:00