Marek Marczykowski
71cfeba203
vm: Check for TemplateVM updates ( #198 )
...
Just before dom0 updates check for TemplateVM updates and notify the user when
there are some.
2011-06-27 21:14:34 +02:00
Marek Marczykowski
2784d0ccd4
vm: Run ntpd in FirewallVM as clock source for dom0 ( #198 )
2011-06-27 21:14:34 +02:00
Marek Marczykowski
d9d7a69c27
dom0+vm: Tools for downloading dom0 update by VM ( #198 )
...
Mainly 4 parts:
- scripts for providing rpmdb and yum repos to VM (choosen by qvm-set-updatevm)
- VM script for downloading updates (qubes_download_dom0_updates.sh)
- qfile-dom0-unpacker which receive updates, check signatures and place its in dom0 local yum repo
- qvm-dom0-upgrade which calls all of above and after all yum gpk-update-viewer
Besides qvm-dom0-upgrade, updates are checked every 6h and user is prompted if
want to download it. At dom0 side gpk-update-icon (disabled yet) should notice
new updates in "local" repo.
2011-06-22 00:44:48 +02:00
Marek Marczykowski
83d211836a
dom0+vm: Trigger appmenus sync after yum transaction ( #45 ), NEW QREXEC COMMAND
...
After yum transaction (install/upgrade/remove),
yum-plugin-post-transaction-actions will execute script which trigger
qvm-sync-appmenus in dom0 (through qrexec).
THIS INTRODUCE NEW PREDEFINED COMMAND IN QREXEC
2011-06-12 01:46:24 +02:00
Marek Marczykowski
4ab4783ee2
dom0: block-snapshot: add prepare and cleanup actions
...
"prepare" and "cleanup" actions can be used to setup device manually - not from
udev. This is used by qvm-revert-template-changes.
2011-06-10 18:34:17 +02:00
Marek Marczykowski
f3b245a45a
dom0: block-snapshot: retrieve domain name from frontend-id only when no "domain" entry in xenstore
...
This enables compatibility with libxl AND xend.
2011-06-10 18:33:31 +02:00
Marek Marczykowski
ae52e1829a
dom0: block-snapshot: enable nullglob to not fail on snapshot/origin remove
...
Normally should not happen because all domains needs at least one snapshot
device, but in some rare situation can be helpful to cleanup stale devices.
2011-06-10 18:29:56 +02:00
Marek Marczykowski
f1f98d47df
dom0: Use /var/run/xen-hotplug to store information needed for block devices cleanup.
...
Libxl removes xenstore entries before udev (+scripts) have chance to read it.
2011-06-09 14:06:24 +02:00
Marek Marczykowski
986f4a888c
Merge branch 'r1-beta1-fixes'
...
Conflicts:
dom0/qvm-core/qubes.py
version_dom0
version_vm
2011-05-24 00:20:39 +02:00
Joanna Rutkowska
957c324371
vm: add current-testing repo definitions
2011-05-23 21:39:48 +02:00
Timo Juhani Lindfors
b43baee220
Ensure 'make clean' removes xenstore-watch
2011-05-13 14:16:10 +02:00
Marek Marczykowski
98f4028142
Connect vif's to already running VMs on NetVM/ProxyVM startup ( #190 )
...
Also cleanup stale vifs using "xm network-detach ... -f"
Fix iptables rules to support not only first vif of VM
2011-04-23 03:05:27 +02:00
Marek Marczykowski
655f13e2ec
Configure VM network iface on attach (not only on boot) ( #190 )
2011-04-23 02:31:54 +02:00
Marek Marczykowski
bd56c4709f
Allow normal user to read xenstore values
...
This is needed by qubes-session
2011-04-07 18:43:52 +02:00
Joanna Rutkowska
126fca97c3
Use different repo files depending on %{dist} tag ( #197 )
2011-04-06 13:59:43 +02:00
Joanna Rutkowska
102d5735e7
Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core
2011-04-06 10:40:51 +02:00
Marek Marczykowski
95a52d388b
Optimize iptables rules in NetVM
...
Move "state RELATED,ESTABLISHED" rule to the beginning.
2011-04-06 10:33:42 +02:00
Joanna Rutkowska
00107ccd84
Correct repo file for VMs
2011-04-05 23:53:44 +02:00
Joanna Rutkowska
a83e8c2d2d
commonvm: Update repo info, use local RPM keys
2011-04-04 11:27:48 +02:00
Joanna Rutkowska
59e00482d1
Fix stupid synatx error that prevented displaing error messages
2011-03-31 15:25:33 +02:00
Joanna Rutkowska
f713729826
Move nautilus scripts creation to qubes_core
...
qubes_core_appvm executes too early, when /home is still not symlinked to /rw/home.
2011-03-31 15:15:10 +02:00
Joanna Rutkowska
d5537b72a7
Use zenity instead of kdialog in appvm code
2011-03-31 13:26:41 +02:00
Tomasz Sterna
01b7d9aafc
Create needed NetworkManager.conf in netvm. #94
...
Also fixed qubes_fix_nm_conf.sh script.
2011-03-26 11:33:04 +01:00
Rafal Wojtczuk
769213e019
Removed obsolete code, in appvm.
2011-03-24 17:13:21 +01:00
Rafal Wojtczuk
dd9f1a6f7f
Move execution of qrexec_agent to qubes_core
...
Previously it was in both qubes_core_appvm and qubes_core_netvm;
somehow counterintuitively, qubes_core_netvm executes on appvm, too. So
move it to a common place.
2011-03-23 11:34:01 +01:00
Rafal Wojtczuk
488eda21d9
Merge branch 'blockless' into spring-merge
...
Conflicts:
appvm/Makefile
appvm/qubes_core
netvm/qubes_core
rpm_spec/core-appvm.spec
rpm_spec/core-netvm.spec
2011-03-21 13:54:35 +01:00
Marek Marczykowski
823bd1ce0f
Use common image for swap and root-cow - volatile.img ( #118 )
...
This reduces xvd* devices count, so speeds up VM start.
Also swap-cow is no longer needed, so remove this additional dm-snapshot layer.
2011-03-18 22:15:32 -04:00
Marek Marczykowski
74d61e7f9a
Autocommit template changes after template shutdown ( #96 )
2011-03-18 18:54:14 -04:00
Marek Marczykowski
55780b8c15
Indent fix
2011-03-18 18:24:55 -04:00
Rafal Wojtczuk
e410ad52ba
Bloody perror messes with errno; need to save errno.
2011-03-16 16:24:54 +01:00
Rafal Wojtczuk
777eaa2168
In read_all()/write_all(), continue upon EINTR.
2011-03-16 12:58:40 +01:00
Marek Marczykowski
1c505589c1
Move xenstore-watch for VM from AppVM to common. Add to core-common.spec
2011-03-16 11:41:18 +01:00
Rafal Wojtczuk
0ed004904c
Handy gui_fatal() etc routines.
2011-03-15 13:00:12 +01:00
Rafal Wojtczuk
c0ca1a9f50
Make sure read_all sets errno to 0 at EOF.
2011-03-15 10:36:50 +01:00
Rafal Wojtczuk
bd89fa0631
Move copy_all_fd from dvm_file_editor.c to ioall.c
...
It is useful in e.g. qfile-agent-dvm.
2011-03-11 11:57:16 +01:00
Rafal Wojtczuk
e19390ca1c
Moved ioall.c file to "common"
2011-03-11 11:47:20 +01:00
Marek Marczykowski
c7a832a279
NetVM, AppVM, ProxyVM from single template - VM side
...
Modify VM packages to:
- do not conflicts
- starts services if its VM type need it
Added core-proxyvm (firewall) and core-commonvm (common parts) packages.
2011-03-11 01:38:04 +01:00
Marek Marczykowski
24c0778154
gitignore files - add build products
2011-03-06 14:06:24 +01:00
Marek Marczykowski
50cdb7ca7e
block-snapshot fixes
2011-03-06 14:06:23 +01:00
Marek Marczykowski
e104f82e36
Update TemplateVM with running AppVM: part 1
...
snapshot and origin device type for xen
2011-02-26 03:42:55 +01:00
Joanna Rutkowska
71baae50cb
Merge branch 'ticket4' of git://qubes-os.org/rafal/core
2010-09-17 17:30:36 +02:00
Rafal Wojtczuk
e1de26f79a
Require NetworkManager >= 0.8.1-1
...
Unfortunately, config files layout changes with NM version; therefore
require >= 0.8.1-1.
This should also prevent NM from messing with VIF interfaces on suspend/resume.
2010-09-17 15:16:01 +02:00
Joanna Rutkowska
9b8c018bc2
Merge branch 'qmemman' of git://qubes-os.org/rafal/core
2010-09-13 15:05:13 +02:00
Rafal Wojtczuk
d91c03358c
qmemman: save a syscall in meminfo-writer via use of "pread"
2010-09-10 14:53:41 +02:00
Rafal Wojtczuk
6736081581
Compile meminfo-writer with -O3
2010-09-10 11:38:06 +02:00
Rafal Wojtczuk
0c1f21a28e
qmemman: when a AppVM is low on memory, allow small adjustments
...
A small AppVM (say, with 100MB total) can go below prefmem, and
still not be assigned memory, because of the MIN_TOTAL_MEMORY_TRANSFER
threshold.
So, if AppVM is below prefmem, allow for smaller mem-sets.
2010-09-10 11:35:30 +02:00
Rafal Wojtczuk
f6e3607d2d
qmemman: offload some processing to meminfo-writer
...
Make meminfo-writer compute used memory, and report to qmemman only if
it has changed significantly enough. As it is written in C, its code is
much faster that qmemman-server; also in the idle case, it saves on xenstore
communication overhead. Allows to send updates up to 10 times per second,
with CPU load on the VM below 0.1%.
2010-09-09 17:51:53 +02:00
Rafal Wojtczuk
31e7e96056
Switch to routed VM network (instead of bridging)
...
No headache from layer 2 attacks.
2010-09-06 17:07:42 +02:00
Rafal Wojtczuk
64e8013dc2
Unify dom0 and netvm sysconfig/iptables
...
Plus:
- dedicated chain for DNAT to nameservers
- prevent intervm networking. Can be conveniently overriden in necessary cases
by inserting ACCEPT clauses (per VM, probably) at the top of FORWARD
2010-09-06 15:10:01 +02:00
Rafal Wojtczuk
1c337db989
qmemman: make meminfo-writer a C program
2010-09-03 16:23:09 +02:00