Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,740 Commits 1 Branch 0 Tags 20 MiB
44767bea7f
Commit Graph

481 Commits

Author SHA1 Message Date
Marek Marczykowski
44767bea7f Merge branch 'master' into hvm 
Conflicts:
	dom0/init.d/qubes_core
	dom0/qvm-core/qubes.py
	dom0/qvm-tools/qvm-prefs
	version_dom0
	version_vm
 2012-06-26 03:49:10 +02:00
Marek Marczykowski
c978ce3a48 dom0/qvm-firewall: eliminate duplicate firewall defaults definition (#599) 
This caused ignore of different firewall defaults for TemplateVM.
 2012-06-19 00:59:27 +02:00
Marek Marczykowski
ab9c2e503a dom0: qvm-run --nogui switch 
Can be used to not start guid.
 2012-06-19 00:59:27 +02:00
Marek Marczykowski
a4e10f00c1 dom0/qvm-firewall: eliminate duplicate firewall defaults definition (#599) 
This caused ignore of different firewall defaults for TemplateVM.
 2012-06-18 23:51:44 +02:00
Marek Marczykowski
92844a161a dom0: qvm-run --nogui support for HVM 
Translate it to "nogui:" command prefix.
 2012-06-15 17:40:03 +02:00
Marek Marczykowski
4dfad5f1ae dom0: qvm-run --nogui switch 
Can be used to not start guid.
 2012-06-15 17:37:19 +02:00
Marek Marczykowski
8bdc5706f7 dom0/core: allow to change default user for qvm-run (#577) 
This doesn't make all dom0 code VM-username independent, still 'user' is
hardcoded in many places. This only change behavior of qvm-run, especially for use in HVM.
 2012-06-13 19:01:32 +02:00
Marek Marczykowski
844d43b0ef dom0/core: introduce is_guid_running() and use it in is_fully_usable() 
To improve code reuse, especially to remove direct checking for
"/var/run/qubes/guid_running.{0}" in many places.
 2012-06-13 18:59:56 +02:00
Marek Marczykowski
c534d5871b dom0/core: fix order of loading VM attributes 
Parsing kernelopts depends on uses_default_kernelopts, so set 'order' appropriate.
 2012-06-13 18:59:56 +02:00
Marek Marczykowski
6bd988bf81 dom0/core: allow to change default user for qvm-run (#577) 
This doesn't make all dom0 code VM-username independent, still 'user' is
hardcoded in many places. This only change behavior of qvm-run, especially for use in HVM.
 2012-06-13 17:16:12 +02:00
Marek Marczykowski
e6a75c732e dom0/core: support for qrexec for Windows HVM 
Because not every HVM will have qrexec agent installed, introduce VM property
'qrexec_installed'. If it is set, spawn qrexec_daemon at VM startup and allow
use of qvm-run.
 2012-06-13 17:14:25 +02:00
Marek Marczykowski
5504142187 dom0/core: fix race in QubesHVm.stubdom_xid 
device-model-domid is written to xenstore after domaid id itself, so do not
assume the former is present when we know VM XID.
 2012-06-13 17:11:21 +02:00
Marek Marczykowski
784f0f5607 dom0/core/hvm: rename is_fully_usable() to is_guid_running() 
This is what this function does.
 2012-06-13 17:09:06 +02:00
Marek Marczykowski
46db1e83f0 dom0/core: introduce is_guid_running() and use it in is_fully_usable() 
To improve code reuse, especially to remove direct checking for
"/var/run/qubes/guid_running.{0}" in many places.
 2012-06-13 17:08:30 +02:00
Marek Marczykowski
6a929190d2 dom0/core: fix order of loading VM attributes 
Parsing kernelopts depends on uses_default_kernelopts, so set 'order' appropriate.
 2012-06-13 17:01:57 +02:00
Marek Marczykowski
2eb7c5733d dom0/core: set network parameters only when VM have network access 2012-06-12 18:25:04 +02:00
Marek Marczykowski
653c056c99 dom0/core: fix HVM network settings in xen config 2012-06-12 18:24:34 +02:00
Marek Marczykowski
f2abc5e26d dom0: populate unchanged firewall settings with previous values (#589) 
Missed settings in new firewall configuration caused exception. In old qubes-manager (before #582 done) this exception silently broke saving operation, leaving user with progress bar windows infinitely...
 2012-06-05 21:21:53 +02:00
Marek Marczykowski
aea8d189f0 dom0/core: fix QubesVM.gateway 
To be consistent with QubesNetVM, where gateway property contain gateway IP for
_other_ VMs, in non-network-provider VM it should be empty.
 2012-06-05 21:21:53 +02:00
Marek Marczykowski
a528befbc4 dom0: default TemplateVM firewall: block all traffic and allow use of yum proxy (#590) 2012-06-05 21:21:53 +02:00
Marek Marczykowski
a8b992e647 dom0/core: implement per-VM-type firewall defaults 2012-06-05 21:21:53 +02:00
Marek Marczykowski
3f3dc4708c dom0: populate unchanged firewall settings with previous values (#589) 
Missed settings in new firewall configuration caused exception. In old qubes-manager (before #582 done) this exception silently broke saving operation, leaving user with progress bar windows infinitely...
 2012-06-05 20:57:40 +02:00
Marek Marczykowski
3255f81a1c dom0/core: fix QubesVM.gateway 
To be consistent with QubesNetVM, where gateway property contain gateway IP for
_other_ VMs, in non-network-provider VM it should be empty.
 2012-06-05 19:57:19 +02:00
Marek Marczykowski
8b366f1148 dom0: default TemplateVM firewall: block all traffic and allow use of yum proxy (#590) 2012-06-05 19:37:39 +02:00
Marek Marczykowski
01e8a2dff9 dom0/core: implement per-VM-type firewall defaults 2012-06-05 19:37:12 +02:00
Marek Marczykowski
e4f64fd600 dom0/core: remove trailing spaces 2012-05-31 03:11:44 +02:00
Marek Marczykowski
65fc62a989 dom0/core: setup yum to use proxy when it have access to it (#568) 
To simplify configuration, automatically enable 'yum-proxy-setup'
pseudo-service when allowing access to the proxy. Also disable this service,
when access is revoked. Thanks to this the user can enable this feature by one
click in firewall settings.
 2012-05-31 03:11:44 +02:00
Marek Marczykowski
2ca4b11183 dom0/core-firewall: firewall setting for qubes-yum-proxy (#568) 
New setting for access to qubes-yum-proxy. The difference from other firewall
setting (and reason for new top-level setting): 'deny' is enforced even if
policy is set to 'allow'. This proxy service is mainly used to filter network
traffic, so do not expose it to VMs which can connect to any host directly (eg
'untrusted' VM).
 2012-05-31 03:11:44 +02:00
Marek Marczykowski
812264cfb0 dom0/core: don't limit netvm/proxyvm vcpu count to 1 (#571) 2012-05-31 03:09:22 +02:00
Marek Marczykowski
c49ad3438b dom0/core: remove trailing spaces 2012-05-31 03:05:14 +02:00
Marek Marczykowski
d89733b517 dom0/core: setup yum to use proxy when it have access to it (#568) 
To simplify configuration, automatically enable 'yum-proxy-setup'
pseudo-service when allowing access to the proxy. Also disable this service,
when access is revoked. Thanks to this the user can enable this feature by one
click in firewall settings.
 2012-05-31 03:05:13 +02:00
Marek Marczykowski
030584f026 dom0/core-firewall: firewall setting for qubes-yum-proxy (#568) 
New setting for access to qubes-yum-proxy. The difference from other firewall
setting (and reason for new top-level setting): 'deny' is enforced even if
policy is set to 'allow'. This proxy service is mainly used to filter network
traffic, so do not expose it to VMs which can connect to any host directly (eg
'untrusted' VM).
 2012-05-31 03:05:13 +02:00
Marek Marczykowski
44c14d409c dom0/core: don't limit netvm/proxyvm vcpu count to 1 (#571) 2012-05-25 15:06:00 +02:00
Marek Marczykowski
b87806db17 dom0: expose debug mode in xenstore (#567) 2012-05-22 15:51:40 +02:00
Marek Marczykowski
3d783f7fa3 dom0: expose debug mode in xenstore (#567) 2012-05-22 15:51:09 +02:00
Marek Marczykowski
987a490179 dom0/core: don't force maxmem=memory for NetVM (#572) 2012-05-20 02:10:50 +02:00
Marek Marczykowski
659dec044f dom0/core: don't force maxmem=memory for NetVM (#572) 2012-05-20 02:08:56 +02:00
Marek Marczykowski
c78d38fb0d dom0/core: disable private.img for HVM (#26 pro) 2012-05-04 13:20:10 +02:00
Marek Marczykowski
b771cb9f90 dom0/qvm-backup: chown user dir before backup (#492) 2012-05-02 00:09:00 +02:00
Marek Marczykowski
9edc845184 dom0: create appmenus for NetVMs, using separate whitelist (#538) 2012-05-02 00:09:00 +02:00
Marek Marczykowski
7b81659593 dom0: create appmenus template and icon for all VMs 2012-05-02 00:09:00 +02:00
Marek Marczykowski
370ad33c44 dom0: provide service for VM to notify about updates availability (#475) 2012-05-02 00:09:00 +02:00
Marek Marczykowski
99e784bfc0 dom0/qvm-backup: chown user dir before backup (#492) 2012-05-01 02:22:36 +02:00
Marek Marczykowski
929d6b52c9 dom0: create appmenus for NetVMs, using separate whitelist (#538) 2012-05-01 02:05:07 +02:00
Marek Marczykowski
478b57f3a9 dom0: create appmenus template and icon for all VMs 2012-05-01 02:04:16 +02:00
Marek Marczykowski
fa41bf840c dom0: provide service for VM to notify about updates availability (#475) 2012-05-01 01:12:19 +02:00
Marek Marczykowski
db6eb497a6 dom0/core: do not relay on any max xid (#445) 
What is really required is the maximum number of domains, not its IDs. Use max
QID as maximum number of domains.
 2012-04-28 03:26:20 +02:00
Marek Marczykowski
2ec08734dd dom0/core: guid for HVM is connected to stubdom - respect it when checking its state (#25 pro) 2012-04-28 02:51:43 +02:00
Marek Marczykowski
1b9e780861 dom0/core: do not relay on any max xid (#445) 
What is really required is the maximum number of domains, not its IDs. Use max
QID as maximum number of domains.
 2012-04-28 02:17:04 +02:00
Marek Marczykowski
a8ec5a6506 dom0/core: add 'timezone' property support (#1 pro) 2012-04-24 13:09:27 +02:00