Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4,780 Commits 1 Branch 0 Tags 15 MiB
55c9370454
Commit Graph

11 Commits

Author SHA1 Message Date
Wojtek Porczyk
55c9370454 qubespolicy: make commas exchangeable for spaces 
Commas in policy action are optional, if used with spaces.
 2017-07-04 12:49:26 +02:00
Marek Marczykowski-Górecki
e7f717ec3d
doc: fix formating of policy-related documentation 
Fix Sphinx warnings and errors in both doc/ and docstrings.
 2017-07-04 04:27:36 +02:00
Marek Marczykowski-Górecki
e8e30c8bdf
qubespolicy: fix handling allow rule to '$dispvm' 
When rule does not specify forced target (`target=...`), generic
`$dispvm` wasn't resolved to specific Disposable VM (based on
`default_dispvm` property).
 2017-07-04 04:27:36 +02:00
Marek Marczykowski-Górecki
8afb425271
qubespolicy: allow non-default policy directory 
This will allow to evaluate policy extracted from other system.
And also ease tests.

QubesOS/qubes-issues#2873
 2017-07-04 04:27:35 +02:00
Marek Marczykowski-Górecki
26ea836f67
qubespolicy: add $adminvm keyword for specifying dom0 aka AdminVM 
Fixes QubesOS/qubes-issues#2872
 2017-07-04 04:27:35 +02:00
Marek Marczykowski-Górecki
a937bb173a
qubespolicy: allow spaces in action arguments 
This is natural to write space after coma.
 2017-07-04 04:27:34 +02:00
Wojtek Porczyk
00a81b75a3 qubespolicy: fix import order 2017-06-01 12:31:14 +02:00
Marek Marczykowski-Górecki
258d268a3a
Rename MgmtAPI to AdminAPI - part 2: internal API 
QubesOS/qubes-issues#853
 2017-05-12 19:28:08 +02:00
Marek Marczykowski-Górecki
fa72679b47
Make pylint happy 
New pylint throw some more warnings.
 2017-04-21 16:57:35 +02:00
Marek Marczykowski-Górecki
83526a28d3
qubesd: add second socket for in-dom0 internal calls 
This socket (and commands) are not exposed to untrusted input, so no
need to extensive sanitization. Also, there is no need to provide a
stable API here, as those methods are used internally only.

QubesOS/qubes-issues#853
 2017-04-07 17:07:28 +02:00
Marek Marczykowski-Górecki
e705a04cc5
qubespolicy: initial version for core3 
This is rewritten version of core-admin-linux/qrexec/qrexec-policy.

It's placed outside of `qubes` module on purpose - to avoid imporing it,
which require a lot of time.

QubesOS/qubes-issues#865
QubesOS/qubes-issues#910
 2017-04-06 15:43:17 +02:00