Commit Graph

5288 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
f01b1e50ad
docs: fix qvm-firewall description 2015-09-25 22:23:29 +02:00
Marek Marczykowski-Górecki
b9e6b0a076
core/hvm: fix error message when creating HVM while not supported by the hardware
libvirt reports such errors at domain definition, not startup (as was in
libxl).

QubesOS/qubes-issues#1198
2015-09-25 22:21:10 +02:00
Marek Marczykowski-Górecki
dd1bea98e1
core/start: ensure that the previous QubesDB daemon isn't running
When restarting VM (starting it just after it was shut down), it may
happen that previous `qubesdb-daemon` instance is still running - if VM
doesn't properly terminate the connection, dom0 part will not terminate
immediately, but at next alive check (every 10s). Such `qubesdb-daemon`,
when terminating, will remove pid file and socket file. In case of new
daemon already running it would be those of the new daemon, making the
whole QubesDB of this VM inaccessible for dom0 (`qubesdb-daemon` is
running, but its socket is removed).

To prevent this race, ensure that previous instance is terminated before
starting the new one.
There is no need to manually removing socket file, because if some stale
socket exists, it will be replaced by the new one when new
`qubesdb-daemon` starts up.

QubesOS/qubes-issues#1241
2015-09-25 22:06:14 +02:00
Marek Marczykowski-Górecki
ef6095662e
utils/QubesWatch: register domain watches on VIR_DOMAIN_EVENT_RESUMED
QubesVM.start() first creates domain as paused, completes its setup
(including starting qubesdb-daemon and creating appropriate entries),
then resumes the domain. So wait for that resume to be sure that
`qubesdb-daemon` is already running and populated.

QubesOS/qubes-issues#1110
2015-09-25 22:02:53 +02:00
Marek Marczykowski-Górecki
5f0d564051
utils/QubesWatch: use timers to retry QubesDB watch registration
QubesWatch._register_watches is called from libvirt event callback,
asynchronously to qvm-start. This means that `qubesdb-daemon` may
not be running or populated yet.

If first QubesDB connection (or watch registration) fails, schedule next
try using timers in libvirt event API (as it is base of QubesWatch
mainloop), instead of some sleep loop. This way other events will be
processed in the meantime.

QubesOS/qubes-issues#1110
2015-09-25 20:37:44 +02:00
Marek Marczykowski-Górecki
9205fbb336 backup: fix R2B3 and older backup restore (#1124)
Similar issue to qubesos/qubes-issues#1124
2015-09-06 00:06:09 +02:00
Marek Marczykowski-Górecki
4a4d16feb9 version 3.0.22 2015-09-05 00:28:45 +02:00
Marek Marczykowski-Górecki
c2cd84952e tests: backup compatibility with R2 (#1124)
QubesOS/qubes-issues#1124
2015-09-05 00:04:04 +02:00
Marek Marczykowski-Górecki
496a74f873 tests: add DispVM to backup compatibility test (r2b2)
Test for qubesos/qubes-issues#1124
2015-09-05 00:03:03 +02:00
Marek Marczykowski-Górecki
76bddaa280 core: use vm.absolute_path to parse paths in qubes.xml
This makes easier to handle some corner cases. One of them is having
entry without `dir_path` defined. This may happen when migrating from R2
(using backup+restore or in-place) while some DisposableVM was running
(even if not included in the backup itself).

Fixes qubesos/qubes-issues#1124
Reported by @doncohen, thanks @wyory for providing more details.
2015-09-04 01:58:53 +02:00
Marek Marczykowski-Górecki
226a144285 core: fix vm-persistence info for DispVM
(reported by @adrelanos)
qubesos/qubes-issues#1101
2015-09-03 21:11:43 +02:00
Marek Marczykowski-Górecki
4ba7d5a3cc version 3.0.21 2015-09-03 02:44:49 +02:00
Marek Marczykowski-Górecki
a1379719fa Merge remote-tracking branch 'origin/pr/1'
* origin/pr/1:
  suggest to use 'yum remove' rather than 'rpm -e' for VM removal so avoid yum's warning of noticing rpm changes outside of yum
2015-09-02 00:17:03 +02:00
Marek Marczykowski-Górecki
3beb307901 core: add VM persistence info to qubesdb (#1101)
Fixes qubesos/qubes-issues#1101
2015-09-02 00:15:14 +02:00
Patrick Schleizer
f4a38f0540 suggest to use 'yum remove' rather than 'rpm -e' for VM removal so avoid yum's warning of noticing rpm changes outside of yum 2015-08-10 18:02:18 +02:00
Marek Marczykowski-Górecki
e3ae3cdf34
hvm: update appmenus only on the first qubes.NotifyTools call
Or more precisely - only when qrexec_installed value is changed from
False to True.
Previously it was called at each VM startup.
2015-08-09 21:21:47 +02:00
Marek Marczykowski-Górecki
26cf723841
core/hvm: fix external disks handling 2015-08-09 21:21:27 +02:00
Marek Marczykowski-Górecki
375c5ababd
version 3.0.20 2015-08-08 22:09:55 +02:00
Marek Marczykowski-Górecki
1ed4a2cbb2
core: fix getting libvirt error code 2015-08-08 21:29:56 +02:00
Marek Marczykowski-Górecki
5a19f37dc0
version 3.0.19 2015-08-08 04:23:49 +02:00
Marek Marczykowski-Górecki
34174ed548
Merge remote-tracking branch 'qubesos/pr/5'
Conflicts:
	linux/aux-tools/prepare-volatile-img.sh
2015-08-08 04:15:08 +02:00
Marek Marczykowski-Górecki
bbf22c4449
tests: add a test for aborted service call
Details here:
https://groups.google.com/d/msgid/qubes-users/20150807213935.GN3740%40mail-itl
2015-08-08 03:57:13 +02:00
Marek Marczykowski-Górecki
5199840927
tests: typo fix 2015-08-08 02:05:52 +02:00
Marek Marczykowski-Górecki
754a411829
version 3.0.18 2015-08-05 02:02:50 +02:00
Marek Marczykowski-Górecki
da0e5dd4ba
core: inherit kernelopts from the template by default
Fixes qubesos/qubes-issues#1091
2015-08-05 01:43:43 +02:00
Marek Marczykowski-Górecki
7e79cd20a8
doc: wrap long lines in qvm-prefs.rst, content unchanged 2015-08-05 01:34:59 +02:00
Marek Marczykowski-Górecki
75bbd1a76b
tests: check firewall.xml path after VM rename 2015-08-05 01:04:44 +02:00
Marek Marczykowski-Górecki
2ed9008a83
core: handle firewall.xml path during VM rename 2015-08-05 01:04:44 +02:00
Marek Marczykowski-Górecki
cc8af79397
dispvm: fallback to tar instead of bsdtar on tmpfs 2015-08-05 01:04:44 +02:00
Marek Marczykowski-Górecki
46b94b6682
Make qubes-set-updates set also default state for new VMs
This makes possible to also check if the "updates check enabled" state
is consistent across VMs.

Fixes qubesos/qubes-issues#892
2015-08-05 01:04:43 +02:00
Marek Marczykowski-Górecki
fbfaa98b80
Implement offline mode in qubes-set-updates tool 2015-08-03 22:29:31 +02:00
Marek Marczykowski-Górecki
d27d22a3cf
Merge remote-tracking branch 'qubesos/pr/5'
* qubesos/pr/5:
  fix VM autostart race condition

Fixes qubesos/qubes-issues#1075

Conflicts:
	linux/aux-tools/prepare-volatile-img.sh
2015-08-01 22:04:18 +02:00
Marek Marczykowski-Górecki
a425873e73
core: add offline mode to qvm-pci
Called on LiveUSB system before libvirtd starts.
2015-08-01 22:02:16 +02:00
Marek Marczykowski-Górecki
c4a28a943a
prepare-volatile-img: ensure that /usr/sbin in in the PATH
Build environment of LiveUSB does not contain /usr/sbin in path.
2015-08-01 22:02:07 +02:00
Marek Marczykowski-Górecki
52d7de006b
do not print scary message when qvm-create --force-root is used 2015-08-01 21:58:43 +02:00
Marek Marczykowski-Górecki
90393c33f2
core: add offline mode to qvm-create, qvm-prefs
This is required to create VMs in process of building Live system, where
libvirt isn't running.

Additionally there is no udev in the build environment, so needs to
manually create /dev/loop*p* based on sysfs info.
2015-08-01 21:58:38 +02:00
Patrick Schleizer
472ed54e4c fix VM autostart race condition
https://github.com/QubesOS/qubes-issues/issues/1075
2015-07-30 17:46:24 +02:00
Marek Marczykowski-Górecki
8f862cdf69
core/hvm: check if VM serving cdrom content is running 2015-07-25 04:17:59 +02:00
Marek Marczykowski-Górecki
51826decec
core/hvm: start guid before qrexec, even when gui agent is installed
This way even when qrexec agent would timeout on connection, guid will
be already running.
Also use new -K guid option to terminate stubdom guid when the real guid
is connected (unless in debug mode - then both guid will be running).
2015-07-25 03:55:50 +02:00
Marek Marczykowski-Górecki
4a01c53787
qvm-tools: update qvm-trim-template for R3 block attach api 2015-07-22 05:46:12 +02:00
Marek Marczykowski-Górecki
39379364c7
version 3.0.17 2015-07-13 00:58:53 +02:00
Marek Marczykowski-Górecki
6df309351d
block: fix detection if the block device is attached anywhere 2015-07-13 00:58:11 +02:00
Marek Marczykowski-Górecki
4b0ce945b7 version 3.0.16 2015-07-08 05:59:04 +02:00
Marek Marczykowski-Górecki
b47c74c3a4 qvm-tools: fix usage info for qvm-template-commit 2015-07-08 05:58:29 +02:00
Marek Marczykowski-Górecki
1199806b5a core: fix handling firewall configuration for VM clones and DispVMs (#1032)
There were two bugs:
1. Firewall configuration wasn't copied during qvm-clone (it is in
   separate file, so now it is included in vm.clone_disk_files).
2. Non-default firewall configuration wasn't stored in qubes.xml. This
   means that initially DispVM got proper configuration (inherited from
   calling VM), but if anything caused firewall reload (for example
   starting another VM), the firewall rules was cleared to default state
   (allow all).

Fixes qubesos/qubes-issues#1032
2015-07-08 04:46:14 +02:00
Marek Marczykowski-Górecki
a7e08e4584 tests: add qvm-clone test (#1032 case) 2015-07-08 04:26:11 +02:00
Marek Marczykowski-Górecki
6c167911f1 qvm-sync-clock: hide stdout in non-verbose mode 2015-07-08 01:59:49 +02:00
Marek Marczykowski-Górecki
5f9a30d335 qvm-sync-clock: use qubes.SetDateTime service instead of direct "date" call
This way it gives more control over time synchronization to the VM. For
example Whonix VMs can decide to not use this mechanism. Also VM can
choose how that time will be set (chronyc call?). And finally it will be
possible to implement the same for other OS-es (Windows).

Additionally because of calling date as "localcmd" each time, instead of
once at the beginning, time synchronization is more accurrate now. If
some VM stall the time set call, other VMs time will no longer be
affected (but still synchronization will be delayed).
2015-07-08 01:56:38 +02:00
Marek Marczykowski-Górecki
e52f0a0566 core: by default call qrexec services without GUI
Most of them do not need GUI (especially those started from dom0), so
speed the things up a little (no need to wait for guid). But if some
service will need GUI access, there is "gui" parameter.
2015-07-08 01:36:28 +02:00
Marek Marczykowski-Górecki
284419b355 core: add "localcmd" support in QubesVm.run_service function 2015-07-08 01:35:59 +02:00