Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3,547 Commits 1 Branch 0 Tags 15 MiB
736773dbec
Commit Graph

477 Commits

Author SHA1 Message Date
Marek Marczykowski
9f90106db4 rpm: Add libvirt to dependencies 2014-11-19 12:48:26 +01:00
Marek Marczykowski
0f6b878664 rpm: update build dependencies 2014-11-19 12:48:26 +01:00
Marek Marczykowski
201cd509e1 QubesDom0NetVm: provide get_mem* 
As libvirt doesn't keep dom0 domain object, so add special cases to get
memory information.
 2014-11-19 12:48:26 +01:00
Marek Marczykowski
107ebad9d5 Migration to libvirt - DispVM 
Move DispVM creation to qfile-daemon-dvm/QubesDisposableVm from
qubes-restore. As actual restore is handled by libvirt, we don't get
much from separate qubes-restore process.
This code still needs some improvements, especially on performance.
 2014-11-19 12:48:26 +01:00
Marek Marczykowski
f44dc40858 Migration to libvirt - HVM 2014-11-19 12:47:00 +01:00
Marek Marczykowski
a880483092 Migration to libvirt - core part 
Still not all code migrated, added appropriate TODO/FIXME comments.
 2014-11-19 12:47:00 +01:00
Marek Marczykowski
b242680cc1 spec: fix typi in %post 2014-11-19 12:46:59 +01:00
Marek Marczykowski-Górecki
9e62b77ecd rpm: require qubes-core-dom0-linux >= 2.0.24 for qrexec '-q' option 2014-10-25 01:46:26 +02:00
Marek Marczykowski-Górecki
603384b4c6 tests: add initial backup test 2014-09-18 08:25:56 +02:00
Marek Marczykowski-Górecki
1ed9c74d83 Rearrange code to not import PyQt on every qvm-* call 
Move notification functions to separate file (out of guihelpers).
 2014-06-05 01:59:42 +02:00
Wojciech Zygmunt Porczyk
30e557960a qubes-rpc-policy/qubes.GetImageRGBA.policy 
needed for qubes-app-linux-img-converter
 2014-05-20 17:49:20 +02:00
Wojciech Zygmunt Porczyk
2d907a5443 move site-packages/qubes/__init__.py to linux-utils 
__init__.py should still remain in repo to make it possible to do import
directly from repository
 2014-05-20 12:55:35 +02:00
Marek Marczykowski-Górecki
6efec32c3b rpm: drop dependency on kernel-qubes-dom0 
Since dom0 support is in mainline kernel we no longer strictly require
our patched kernel. So drop the dependency. Note that installer will
still install the right kernel.
 2014-05-11 15:42:04 +02:00
Marek Marczykowski-Górecki
8694e4ffbb rpm: specify qubes-core-dom0-linux version 
qrexec-client cmdline options have changed.
 2014-04-16 16:44:42 +02:00
Marek Marczykowski-Górecki
cd54af231b version 2.1.45 2014-04-15 04:14:46 +02:00
Marek Marczykowski-Górecki
7af90433b1 version 2.1.44-2 2014-04-08 22:08:24 +02:00
Marek Marczykowski-Górecki
e1df9f252c spec: initialize default kernel when creating qubes.xml database 
This is especially important when kernel-qubes-vm's %post was executed
before qubes-core-dom0's %post - in that case, the default kernel would
be left as "None".
 2014-04-08 05:06:12 +02:00
Marek Marczykowski-Górecki
e90e1c62ec proxyvm: add support for rules with expire time (#760) 2014-03-28 02:54:59 +01:00
Marek Marczykowski-Górecki
bba989e0a6 Move meminfo-writer to linux-utils repo 
It is common for both dom0 and VM, and also quite linux-specific
(other OSes will need other implementation). So move to linux-specific
repo (not dom0-specific).
 2014-01-05 05:36:50 +01:00
Marek Marczykowski-Górecki
27f6f0e64e Merge branch 'new-backups' 
Conflicts:
	core-modules/000QubesVm.py
 2013-11-29 04:00:58 +01:00
Marek Marczykowski-Górecki
c781a522d8 backups: move backup code to separate file 
Also some major cleanups: Reduce some more code duplication
(verify_hmac, simplify backup_restore_prepare). Rename
backup_dir/backup_tmpdir variables to better match its purpose. Rename
backup_do_copy back to backup_do.  Require QubesVm object (instead of VM
name) as appvm param.
 2013-11-25 05:41:13 +01:00
Marek Marczykowski-Górecki
6fddae3b9b Support for autostart VMs (#724) 2013-11-20 02:57:17 +01:00
Marek Marczykowski-Górecki
e2c43d2292 Allow HVM to notify dom0 about tools installation 
HVM can set some xenstore entries (in qubes-tools/ subtree) to pass
informations about installed tools to dom0. qubes.NotifyTools service
triggers update of VM properties (like qrexec_installed).
This way, after installation of Qubes Windows Tools, the user doesn't need
to change any VM settings to use the tools.
 2013-10-28 05:09:54 +01:00
Marek Marczykowski
0419aee8ab spec: provides qubes-doc-dom0 2013-03-25 16:28:55 +01:00
Marek Marczykowski
ef82b53b64 spec: typo fix 2013-03-25 16:28:55 +01:00
Marek Marczykowski
0ec6da8050 spec: update Requires 2013-03-20 16:37:34 +01:00
Marek Marczykowski
a84886db07 Move all files one level up 2013-03-16 19:56:51 +01:00
Marek Marczykowski
9db68897c7 Remove other Linux-specific stuff 
Move remaining files to linux/ subdirectory.
 2013-03-16 19:54:22 +01:00
Marek Marczykowski
fa8d659189 Move dom0-update code to separate repository 
This is highly Linux-specific code. Perhaps other systems will have
equivalent, but for now move it to Linux-only repository.
 2013-03-16 19:14:26 +01:00
Marek Marczykowski
a633d331f3 Move icons to separate repository 
Because of license reasons (icons are based on GPL resources so can't be
dual licensed).
 2013-03-16 18:06:33 +01:00
Marek Marczykowski
8edadb40aa Move appmenus handling code to separate repository 
This code is highly Linux-specific so move it out of the core
repository.
 2013-03-16 18:03:10 +01:00
Marek Marczykowski
ecd8837113 Split core qubes.py into modules 2013-03-16 16:14:01 +01:00
Marek Marczykowski
41675aa30a spec: remove obsolete network setup 2013-03-15 23:54:49 +01:00
Marek Marczykowski
341f202a26 The Underscores Revolution: filenames 2013-03-15 23:03:28 +01:00
Marek Marczykowski
e1472df9dd Remove obsolete files 2013-03-14 15:05:07 +01:00
Marek Marczykowski
820ee45f03 Minor 'misc' and 'aux-tools' directory cleanup 2013-03-14 13:48:28 +01:00
Marek Marczykowski
50a8068e6f Rename qvm-core -> core 2013-03-14 04:49:48 +01:00
Marek Marczykowski
c90f5199dd The Underscores Revolution: RPC services 2013-03-14 01:22:43 +01:00
Marek Marczykowski
fe7d62f077 Move qmemman.conf to qmemman dir 2013-03-14 01:18:27 +01:00
Marek Marczykowski
1d8222dbdb Remove Fedora-comps.xml 
We have now own Qubes-comps.xml, so use it if present.
 2013-03-14 00:55:20 +01:00
Marek Marczykowski
e4264f4917 Remove SysV-init scripts 
Now dom0 uses SystemD, so init.d scripts no longer needed.
 2013-03-13 06:14:07 +01:00
Marek Marczykowski
d9358a91aa Move manpages here from separate repo 2013-03-12 17:02:26 +01:00
Marek Marczykowski
ad2bdf0634 Rename 'version_dom0' -> 'version' 
This repository contains only dom0 files now.
 2013-03-12 16:50:14 +01:00
Marek Marczykowski
fce0db13c9 move qvm-create-default-dvm to qvm-tools dir 2013-03-12 16:12:23 +01:00
Marek Marczykowski
fcf51c6a6f Remove qclipd - now part of qubes-manager 2013-03-12 16:00:31 +01:00
Marek Marczykowski
844cb21544 Require dmidecode - for qubes-hcl-report tool 2013-03-09 22:20:47 +01:00
Marek Marczykowski
b3c9c74a50 move dispvm files to more meaningful directory 2013-03-08 17:26:55 +01:00
Marek Marczykowski
0e8037deee remove VM files 2013-03-07 05:07:42 +01:00
Marek Marczykowski
f4c37be03a remove qubes-core-libs files - moved to separate repository 2013-03-07 02:54:55 +01:00
Marek Marczykowski
3c3252b2a3 Remove qrexec - moved to separate package 2013-03-07 02:30:03 +01:00
Marek Marczykowski
325cf4b894 forgotten subdir 2013-03-06 18:41:10 +01:00
Marek Marczykowski
ca2a54b2b1 do install files used by dom0 netvm 
We don't support dom0 netvm anymore.
 2013-03-06 18:38:08 +01:00
Marek Marczykowski
7d07a6cf50 move dom0 files to dom0 subdirectory 
Those files are actually common for dom0 and VM, but as we splitted the repos,
move them accordingly.
 2013-03-06 18:37:58 +01:00
Marek Marczykowski
8fc805f34a vm/systemd: disable avahi-daemon 
Aparently this service have changed name, so make sure it will be disabled also
under new name.
 2013-03-03 17:35:54 +01:00
Marek Marczykowski
35e01c4165 dom0/spec: improve PackageKit settings 
1. Do not try to tell "no network detected"
2. Do not try to tell "Distribution upgrade detected - Fedora 16"
 2013-03-01 01:36:05 +01:00
Marek Marczykowski
d89bdac58c dom0: create volatile.img if not exists (StandaloneVM case) 
StandaloneVM have no template to get clean volatile.img. Normally it is copied
from template during VM creation, but it can happen that image would not extx
(e.g. after backup restore). So create it from scratch.

Stay with original approach (restoring from clean image of template) for other
cases as it is much simpler (and perhaps faster).
 2013-02-27 05:29:27 +01:00
Marek Marczykowski
d12e532fc2 vm: Use nautilus-actions to provide "Copy to other AppVM" etc nautilus commands 
No more ugly symlink creation at VM startup, nautilus-actions have system-wide
dir (in opposite to nautilus-scripts).

Currently old symlinks are not cleaned up. Maybe it should, but leaving them
have one advantage: will not break existing users behavior.
 2013-02-21 16:44:16 +01:00
Marek Marczykowski
8d347cb455 vm/spec: mark some config files with %config(noreplace) 
Do mark such critical files, which shouldn't be modified by the user.
 2013-02-21 07:25:47 +01:00
Marek Marczykowski
9310f398d5 dom0/spec: own qubes python subdir 2013-02-21 04:32:55 +01:00
Marek Marczykowski
b214fa6f9d dom0: Scale icons to 48x48 
We register them as 48px icons, so scale them to that size (originally 600px).
Specifically required by gui-daemon which require prescalled icon.
 2013-02-19 01:05:22 +01:00
Marek Marczykowski
cd4c62fc42 dom0/systemd: disable xendomains.service 2013-02-13 16:55:07 +01:00
Marek Marczykowski
0e39e961ea dom0/systemd: Rename qubes-dispvm to qubes-setupdvm 
This is more accurate name. Also "qubes-setupdvm" is already used in
some places, so change service name instead of changing that places (at
least qubes-core.service).
 2013-02-13 16:52:38 +01:00
Marek Marczykowski
eb5ba60da7 vm/spec: force legacy iptables services 2013-02-12 01:38:30 +01:00
Marek Marczykowski
22a0d391c2 vm: revert /etc/yum.conf exclude config 
Upgrade of kernel is suppressed by qubes-vm-kernel-placeholder package.
Excluding xorg packages makes more problems than goods (e.g. unable to
install dummy driver, block fedora bugfixes).
 2013-02-12 01:38:30 +01:00
Marek Marczykowski
0936152e12 vm/systemd: disable NetworkManager-wait-online when NM inactive 2013-02-12 01:38:30 +01:00
Marek Marczykowski
268cbfdc84 vm: require net-tools 
Needed to setup network in VM
 2013-02-12 01:38:30 +01:00
Marek Marczykowski
07d7957caa dom0: install PolicyKit allow-all rules 
Same purpose as sudo rule - the user already can do almost all
administrative tasks and access all VMs data, so do disable annoying
password prompt (eg at system shutdown), which do not add any real
security layer.
 2013-02-12 01:38:29 +01:00
Marek Marczykowski
1579340802 vm: move polkit configs from qubes-gui-vm package 2013-02-12 01:38:29 +01:00
Marek Marczykowski
d2dc386997 vm/kernel-placeholder: update provided version 
Some fc18 packages requires >3.5 kernel, so update kernel-placeholder
appropriate (according to newest available package in unstable
repository).
 2013-02-12 01:38:29 +01:00
Marek Marczykowski
b8ccfd6e2e dom0/init: implement systemd unit files 
They cover standard init.d scripts when system have systemd, so can be placed
both in one package.
 2013-01-27 00:04:40 +01:00
Marek Marczykowski
d99ebe043c dom0/updates: add groups definition from fc18 2013-01-26 23:58:44 +01:00
Marek Marczykowski
75fc222545 dom0/dracut: support new dracut module interface 2013-01-25 03:09:18 +01:00
Marek Marczykowski
c5ae049e3b Revert "dom0/spec: fix HVM settings on upgrade" 
This reverts commit 4b44f977db.
This doesn't actually fix the problem, because in %post new qubes.py is already
installed and maxmem=memory is no longer true.
 2013-01-11 15:28:55 +01:00
Marek Marczykowski
4b44f977db dom0/spec: fix HVM settings on upgrade 
HVM should have meminfo-writer disabled by default (and now have). But existing
VMs have it already enabled so it must be fixed now. Generic HVM isn't capable
of dynamic memory management.

Previously it was forced to always have maxmem=memory but it wasn't fully
correct because someone could install Qubes agents/PV drivers including
meminfo-writer and xen-balloon even in HVM so it should be possible to turn it.
 2013-01-11 05:05:44 +01:00
Olivier Medoc
6d6c744f2c vm/qubes_rpc: implement qubes.WaitForSession 
RPC call will be used in vm.start function instead of the hardcoded echo > /tmp/qubes-session-waiter
 2013-01-11 01:12:23 +01:00
Marek Marczykowski
0b078a5e70 qubes-core-vm-kernel-placeholder 1.0-2 2013-01-04 13:23:48 +01:00
Marek Marczykowski
74054b4dda vm/kernel-placeholder: provide xorg-x11-drv-nouveau to resolve deps problem 2013-01-04 13:23:20 +01:00
Marek Marczykowski
554d119fae spec: generate proper debuginfo packages 
%setup macro must be present in %prep to set variables required by
find-debuginfo script. Symlink is to place sources in nice
/usr/src/debug/%{name}-%{version} subdir instead of plain /usr/src/debug/core
(which can be ambiguous).
Additionally all packages need to have _builddir pointing at top src dir (in
core-dom0 it was dom0 subdir). And to cheat make about current dir (to have
%{name}-%{version} included in path) chdir must be done by shell, not make - so
can't use make -C.
 2012-12-12 04:12:59 +01:00
Marek Marczykowski
02e7469be3 spec: do not build u2mfn not packaged in core-dom0 and core-vm 
This is packages in core-libs, so build it only there.
 2012-12-12 04:10:41 +01:00
Marek Marczykowski
e75d2fc57a vm/spec: do not remote 50-qubes_misc.rules during installation 2012-11-22 08:22:52 +01:00
Marek Marczykowski
19983edc3c vm: setup /dev/xen/evtchn permissions using udev rule 
This works also when the device is recreated, which is the case in DispVM
(during xl restore).
 2012-11-22 00:51:18 +01:00
Marek Marczykowski
3a3e265d1d vm: load dummy-hcd module to suppress libusb bug 
libusb crashes when no USB controller is present, load dummy-hcd as workaround.
 2012-11-19 17:52:16 +01:00
Marek Marczykowski
0a6e95225a vm: remove qubes-upgrade-vm after upgrade 2012-11-15 21:38:39 +01:00
Marek Marczykowski
629038e76d spec: extract core libs from qubes-core-vm 
This libs are required by both dom0 and VM so it's better to have it
separately. Previously in VM it was separate package, but dom0 have them
embedded in qubes-core-dom0, but qubes-core-vm-libs package was used to build
qubes-gui-dom0. Now we do not build all packages for all distros (especially do
not build core-vm package for dom0 distro, so gui-dom0 build fails), so make it
explicit which package is needed by which system.
 2012-11-14 13:12:51 +01:00
Marek Marczykowski
504b37e378 dom0/spec: remove obsoleted patch_appvm_initramfs.sh 
For a long time dracut module is used instead.
 2012-11-13 03:45:12 +01:00
Marek Marczykowski
67e9a785fb spec: fix compilation order 2012-11-08 00:02:13 +01:00
Marek Marczykowski
f45e6c92c5 spec: add missing 'make' call 2012-11-07 18:05:17 +01:00
Marek Marczykowski
cb31b333ae vm/spec: fix NotShowIn entries in autostart desktop files 2012-11-03 05:22:03 +01:00
Marek Marczykowski
7fec0fd6f3 dom0/updates: include pkg groups metadata from Fedora 13 
This will allow calls like "qubes-dom0-update @XFCE"
 2012-10-23 05:47:09 +02:00
Marek Marczykowski
e9025d3690 dom0/spec: fix file permissions in package 2012-10-23 05:46:25 +02:00
Marek Marczykowski
a432b729fa vm/qvm-usb: include vusb-ctl in VM package 2012-10-23 05:45:47 +02:00
Alexandre Bezroutchko
b2a784d35f adjust rpm spec file to cover compiled python files 2012-10-21 20:59:17 +02:00
Alexandre Bezroutchko
5d4cf00899 dvp/qvm-usb: converted installer scripts into RPM 2012-10-21 15:10:40 +02:00
Marek Marczykowski
e35b413c19 dom0/spec: add R: python-lxml for pretty print 2012-10-19 02:21:41 +02:00
Marek Marczykowski
d03bab3db2 Merge branch 'master-for-hvm' into hvm 
Conflicts:
	dom0/qvm-core/qubes.py
	dom0/qvm-tools/qvm-sync-clock
 2012-10-04 05:45:41 +02:00
Marek Marczykowski
490a5e9e1a vm/spec: fix adding yum-proxy configuration 
Do not add entry if already present.
 2012-10-04 05:44:20 +02:00
Bruce A Downs
d19a3cce99 vm: Added 'most recently used' feature to 'copy to vm' dialog 
* replaced zenity to qvm-mru-entry in qubes_rpc/qvm-copy-to-vm.gnome
* added python script qubes_rpc/qvm-mru-entry
* added /usr/bin/qvm-mru-entry to rpm_spec/core-vm.spec
 2012-10-04 05:44:19 +02:00
Bruce A Downs
dba7d94fba vm/spec: mod to core-vm.spec to add test for files 
core rpm was failing during uninstall attempting to move non-existent files
* /var/lib/qubes/fstab.orig
* /var/lib/qubes/serial.orig
 2012-10-04 05:44:19 +02:00
Marek Marczykowski
303d4ab042 dom0/iptables: block IPv6 traffic 
Dom0 is network isolated anyway, but apply also firewall in case of use
qubes-dom0-network-via-netvm.
 2012-10-04 05:44:19 +02:00
Marek Marczykowski
9c3f8417d4 vm/iptables: block IPv6 traffic 
This isn't properly handled by Qubes VMs yet, so block it in all the VMs.
Also restrict access to firewall config.
 2012-10-04 05:44:19 +02:00