Commit Graph

66 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
3d803acfde
Generate policy for Admin API calls based on annotations on actual methods
This ease Admin API administration, and also adds checking if qrexec
policy + scripts matches actual Admin API methods implementation.
The idea is to classify every Admin API method as either local
read-only, local read-write, global read-only or global read-write.
Where local/global means affecting a single VM, or the whole system.

See QubesOS/qubes-issues#2871 for details.

Fixes QubesOS/qubes-issues#2871
2017-07-04 04:27:34 +02:00
Marek Marczykowski-Górecki
28737d16ce
Migrate qubes.NotifyTools, qubes.FeaturesRequest, qubes.NotifyUpdates
Make them call into qubesd. Create separate socket for "misc" calls - VM
accessible, but not part of Admin API.
2017-06-06 03:33:30 +02:00
Marek Marczykowski-Górecki
2c01504a50
Add default policy for qubes.UpdatesProxy service
QubesOS/qubes-issues#1854
2017-05-26 15:08:19 +02:00
Marek Marczykowski-Górecki
3cacf290bb
admin: implement admin.vm.volume.Import
Implement this in two parts:
1. Permissions checks, getting a path from appropriate storage pool
2. Actual data import

The first part is done by qubesd in a standard way, but then, instead of
accepting all the data (which may be several GB), return a path to which
a shell script (in practice: `dd` command) will write the data.
Then the script call back to qubesd again to report success/failure and
qubesd response from that call is actually returned to the user.

This way we do not pass all the data through qubesd, but still can
control the process from there in a meaningful way. Note that the last
part (second call to qubesd) may perform all kind of verification (like
a signature check on the data, or so) and can also prevent VM from
starting (hooking also domain-pre-start event) from not verified image.

QubesOS/qubes-issues#2622
2017-05-26 15:08:14 +02:00
Marek Marczykowski-Górecki
f42cd28901
admin-api: create and install actual Admin API RPC endpoints
Install files in /etc/qubes-rpc for all methods defined in API
documentation, even if not yet implemented (qubesd will handle it
raising appropriate exception).
Use minimal program written in C (qubesd-query-fast), instead of
qubesd-query in python for performance reasons:
 - a single qubesd-query run: ~300ms
 - equivalent in shell (echo | nc -U): ~40ms
 - qubesd-query-fast: ~20ms

Many tools makes multiple API calls, so performance here do matter. For
example qvm-ls (from VM) currently takes about 60s on a system with 24
VMs.

Also make use of `$include:` directive in policy file, to make it easier
defining a VM with full Admin API access.

QubesOS/qubes-issues#853
2017-05-23 03:24:15 +02:00
Marek Marczykowski-Górecki
8992e71f85
Remove core2 code
This all either have been migrated to core3, or is not needed anymore.

There is still qvm-tools directory with a few tools that needs to be
migrated, or installed as is.
2017-05-12 18:36:29 +02:00
Wojtek Porczyk
9f7ba53eec fix Makefile, setup.py, spec and travis
QubesOS/qubes-issues#2074
2017-01-20 18:31:09 +01:00
Marek Marczykowski-Górecki
4d327fbc95
qubes/tools: allow calling qvm-device as qvm-devclass (like qvm-pci)
Tool can be symlinked to `qvm-class` for particular device class (for
example `qvm-pci`) - then device class can be omitted.

QubesOS/qubes-issues#2257
2016-09-03 20:41:05 +02:00
Wojtek Porczyk
6a10daf7be Merge branch 'master' into core3-devel
Remains to be fixed:
  88cb62fc
  d2640b51
  958c2926
2016-06-13 19:03:46 +02:00
Wojtek Porczyk
e757444c35 qubes/tools/qvm-features: add tool for managing qvm-features
QubesOS/qubes-issues#1637
2016-05-19 03:02:24 +02:00
Marek Marczykowski-Górecki
405fd40aaa
Add policy for qubes.OpenURL service
For now the same as for qubes.OpenInVM.

Fixes QubesOS/qubes-issues#1487
2016-05-18 02:03:48 +02:00
Bahtiar `kalkin-` Gadimov
36470310a2 Replace pool config parsing logic
- Move add_pool/remove_pool to Qubes class
- Add Qubes.get_pool
- Remove storage.conf
2016-04-25 07:16:37 +02:00
Marek Marczykowski-Górecki
8c6fe7ed90
Merge remote-tracking branch 'origin/master' into core3-devel-mm 2016-04-11 13:03:12 +02:00
Wojtek Porczyk
5eaf03c4a2 HVM part 1 2016-03-21 11:44:46 +01:00
Patrick Schleizer
2a46ebb205
fixed wrong target filename 2016-03-14 22:47:46 +01:00
Patrick Schleizer
e33b958bdd
implemented dom0 qubes.GetRandomizedTime
Required for fixing 'sys-whonix doesn't connect to Tor after system suspend'.

https://github.com/QubesOS/qubes-issues/issues/1764
2016-03-13 01:15:46 +00:00
Wojtek Porczyk
9eafa57539 Merge remote-tracking branch 'marmarek/master' into core3-devel
The following list is bollocks. There were many, many more.

Conflicts:
    core-modules/003QubesTemplateVm.py
    core-modules/005QubesNetVm.py
    core/qubes.py
    core/storage/__init__.py
    core/storage/xen.py
    doc/qvm-tools/qvm-pci.rst
    doc/qvm-tools/qvm-prefs.rst
    qubes/tools/qmemmand.py
    qvm-tools/qvm-create
    qvm-tools/qvm-prefs
    qvm-tools/qvm-start
    tests/__init__.py
    vm-config/xen-vm-template-hvm.xml

This commit took 2 days (26-27.01.2016) and put our friendship to test.
    --Wojtek and Marek
2016-03-03 01:13:51 +01:00
Wojtek Porczyk
c538d536c8 core3: move qmemman
This is part of fixing qvm-start.

qmemman was moved with minimal touching, mainly module names.

Moved function parsing human-readable sizes from core2. This function is
wrong, because it treats k/M/G as 1024-based, but leave it for now.
2015-10-05 12:46:14 +02:00
Wojtek Porczyk
6f4951d08a install python package with setuptools 2015-10-05 12:46:14 +02:00
Wojtek Porczyk
5f92afc013 rpm: install RelaxNG specfiles 2015-06-29 17:39:26 +02:00
Wojtek Porczyk
7e12d0485d add core3 to Makefiles and spec 2015-06-29 17:39:26 +02:00
Marek Marczykowski-Górecki
64755b2d98 dispvm: do not treat DispVMs as Xen-specific
Theoretically it should work (with some minor modifications) on any
hypervisor.
2015-03-30 05:30:52 +02:00
Marek Marczykowski-Górecki
4bd14f5011 windows: installer 2014-11-19 12:50:30 +01:00
Marek Marczykowski-Górecki
ec37a4e681 Rename vm-configs directory to be more generic 2014-11-19 12:50:27 +01:00
Marek Marczykowski-Górecki
675a164e7d makefile/windows: use c:\qubes as default data dir 2014-11-19 12:50:26 +01:00
Marek Marczykowski-Górecki
aad945e01b makefile: install only relevant stuff according to OS/VMM 2014-11-19 12:50:25 +01:00
Marek Marczykowski-Górecki
72e415a807 move qubes-notify-* to libexec 2014-11-19 12:50:25 +01:00
Marek Marczykowski-Górecki
0009805041 rpm+makefile: move build/install code to Makefile files
This makes build "scripts" not tied to Fedora-specific files. Especially
ease porting to other platforms.
2014-11-19 12:50:24 +01:00
Marek Marczykowski
340b62d4d4 Update make clean target 2013-03-20 16:40:01 +01:00
Marek Marczykowski
b72fdb35ee Remove support for old builder API 2013-03-19 19:02:15 +01:00
Marek Marczykowski
9db68897c7 Remove other Linux-specific stuff
Move remaining files to linux/ subdirectory.
2013-03-16 19:54:22 +01:00
Marek Marczykowski
d9358a91aa Move manpages here from separate repo 2013-03-12 17:02:26 +01:00
Marek Marczykowski
ad2bdf0634 Rename 'version_dom0' -> 'version'
This repository contains only dom0 files now.
2013-03-12 16:50:14 +01:00
Marek Marczykowski
0e8037deee remove VM files 2013-03-07 05:07:42 +01:00
Marek Marczykowski
f4c37be03a remove qubes-core-libs files - moved to separate repository 2013-03-07 02:54:55 +01:00
Joanna Rutkowska
ef972bcbc7 Makefile: use fc18 as default value for DIST_DOM0 2013-02-28 13:43:32 +00:00
Marek Marczykowski
acbdccbd61 makefile: support dom0 different than fc13 2013-01-25 03:07:16 +01:00
Marek Marczykowski
dba9193801 makefile: update-repo-template target 2012-11-14 15:53:42 +01:00
Marek Marczykowski
629038e76d spec: extract core libs from qubes-core-vm
This libs are required by both dom0 and VM so it's better to have it
separately. Previously in VM it was separate package, but dom0 have them
embedded in qubes-core-dom0, but qubes-core-vm-libs package was used to build
qubes-gui-dom0. Now we do not build all packages for all distros (especially do
not build core-vm package for dom0 distro, so gui-dom0 build fails), so make it
explicit which package is needed by which system.
2012-11-14 13:12:51 +01:00
Marek Marczykowski
bd1e7620d2 makefile: generic rpms-dom0 and rpms-vm targets 2012-11-14 01:41:21 +01:00
Marek Marczykowski
c777f3d30d makefile: split rpms into rpms-vm and rpms-dom0 (#665) 2012-11-07 18:05:17 +01:00
Marek Marczykowski
b691f57bbf vm: kernel-placeholder package to inhibit real kernel pkg in VM (#645)
Some packages depends on kernel (ex fuse, pulseaudio), but kernel in VM is
managed by dom0. Any hack like exlude or so on will break some things, so
install empty placeholder package to fulfill dependencies.
2012-07-23 23:17:50 +02:00
Marek Marczykowski
56b7442646 makefile: fix clean target 2012-07-07 02:45:56 +02:00
Marek Marczykowski
7ed4cab214 Makefile: network doesn't require clean 2012-01-15 17:36:35 +01:00
Marek Marczykowski
adc0b6eff5 vm(+dom0): major rearrage VM files in repo; merge core-*vm packages 2012-01-06 21:31:12 +01:00
Joanna Rutkowska
d566da8dbb Makefile: do not run update_repo.sh for update-repo-installer 2011-11-05 11:05:49 +01:00
Joanna Rutkowska
74550bf949 Makefile: don't autoupdate yum repo after copying rpms there 2011-06-30 20:47:48 +02:00
Joanna Rutkowska
3154ce2e90 Makefile: automaically copy rpms to _all_ vm repos 2011-06-24 23:00:40 +02:00
Marek Marczykowski
986f4a888c Merge branch 'r1-beta1-fixes'
Conflicts:
	dom0/qvm-core/qubes.py
	version_dom0
	version_vm
2011-05-24 00:20:39 +02:00
Timo Juhani Lindfors
6e19780551 Ensure 'make clean' descends to u2mfn/ 2011-05-13 14:16:10 +02:00