Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
512 Commits 1 Branch 0 Tags 15 MiB
95a52d388b
Commit Graph

271 Commits

Author SHA1 Message Date
Marek Marczykowski
d4e80e7984 Deny inter-VM traffic in ProxyVM 2011-04-06 10:32:20 +02:00
Marek Marczykowski
c8acca0eb6 Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 
Conflicts:
	dom0/qvm-core/qubes.py
 2011-04-05 14:39:40 +02:00
Marek Marczykowski
ffaa518c5a Fix checking if there is AppVMs based on template (#154) 2011-04-05 14:33:51 +02:00
Marek Marczykowski
c2498a33e2 Uninstall appmenus only if present in VM dir (#192) 2011-04-05 11:58:21 +02:00
Marek Marczykowski
449bcb09ac Don't remove VM dir, when qvm-create failed 
It can contain user data (copied here by hand)
 2011-04-05 00:12:32 +02:00
Marek Marczykowski
1b0f198999 Don't pause AppVMs when connecting network to dom0 
There is no point in this, because we have firewall in NetVM. If someone
compromise NetVM to controll firewall, he could also reach dom0 by network.
 2011-04-04 20:02:07 +02:00
Marek Marczykowski
2aec07dd60 Store VM collection connected to NetVM 2011-04-04 19:08:40 +02:00
Joanna Rutkowska
a88e104b6e Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-04-04 18:47:08 +02:00
Marek Marczykowski
a6d079594b Don't set template on StandaloneVM - only use it when copying template files (#189) 2011-04-04 18:41:02 +02:00
Rafal Wojtczuk
02514b1347 If the firewall rules file does not exist, assume ALLOW (#188) 
So that newly created appvms have net access.
 2011-04-04 17:07:46 +02:00
Joanna Rutkowska
b779fadda6 Revert "Start qrexec daemon when VM is running (but qrexec not)" 
This functionality has already been implemented by:

d6bdb85883

This reverts commit 97403a8e45.
 2011-04-04 09:35:48 +02:00
Joanna Rutkowska
3f31a5f3a7 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-04-04 09:33:31 +02:00
Marek Marczykowski
c10f7ef70b Add missing coma (#155) 2011-04-04 00:08:24 +02:00
Marek Marczykowski
398734dad2 Internal VMs (hidden in qubes-manager, menus etc) - used for DispVM template (#155) 2011-04-03 17:47:20 +02:00
Marek Marczykowski
fa703c536f Generate firewall rules only for VMs connected to this firewall (#158) 2011-04-03 01:54:04 +02:00
Marek Marczykowski
ab244d803f Detect if VMs is outdated (#168) 
If so - VMs restart is required to see latest template changes.
 2011-04-02 02:11:41 +02:00
Marek Marczykowski
5e3b3fe922 Store and load from qubes.xml memory, vcpus and pcidevs 
Needed to recreate correct xen config files (ex after template package upgrade)
 2011-04-02 00:37:38 +02:00
Marek Marczykowski
e22f303f79 Warn user when restoring backup as root (#159) 2011-04-01 02:11:40 +02:00
Marek Marczykowski
136a65e0be Fix indentation - duplicate VMs warning message (#159) 2011-04-01 02:10:50 +02:00
Marek Marczykowski
156778fcd7 Set template field before check its correctness. 
Backup from Aplha3 with updateable VMs contains case, when updateable VM have template.
So set this template (to make qvm-backup-restore working), but give error message.

Also fix typo.
 2011-04-01 02:06:22 +02:00
Marek Marczykowski
97403a8e45 Start qrexec daemon when VM is running (but qrexec not) 
This takes place ex. when VM started from qubes-manager.
There is little sense in implementing full start procedure in every qubes tool,
so start it here, not in qubes-manager.
 2011-04-01 01:23:57 +02:00
Marek Marczykowski
f0716c2498 Setup firewall for every VM with FW configuration (no only AppVM) (#167) 2011-04-01 01:17:38 +02:00
Marek Marczykowski
97393c54a5 Really block 'updateable' flag change 2011-04-01 01:17:18 +02:00
Marek Marczykowski
1f5c03da3f Remove QubesCowVm class 
StandaloneVM isn't really CowVM; also most AppVM/CowVM features applies also to TemplateVM.
So CowVM class is meaningless.
 2011-04-01 01:14:18 +02:00
Rafal Wojtczuk
d6bdb85883 Start qrexec_daemon in vm.start() 
Instead of three separate places - qvm-start, qvm-run, manager.
 2011-03-31 11:11:39 +02:00
Rafal Wojtczuk
5978f7a724 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core into spring-merge 2011-03-31 09:44:30 +02:00
Marek Marczykowski
3a5cc0cc21 Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 2011-03-31 02:51:34 +02:00
Marek Marczykowski
ece8cfa9f0 Show output from resize2fs, when running it in AppVM (#5) 2011-03-31 02:40:45 +02:00
Marek Marczykowski
6273c42faf Recursive stop VMs, when stopping NetVM (#172) 
Dependency resolving in qvm-core, recursive stopping only in qvm-run for now.
 2011-03-31 02:35:02 +02:00
Marek Marczykowski
01ef2aff9e Wait for device size change, before resize2fs (#5) 2011-03-31 00:44:58 +02:00
Marek Marczykowski
212fd13957 Stop only NM on suspend. (#146) 
Also remove ip_forward setting from sysctl, so NM will not reset it on restart
 2011-03-31 00:19:41 +02:00
Joanna Rutkowska
23f4806c7d Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-03-29 13:25:07 +02:00
Marek Marczykowski
464337a24e Ignore exit status from netvm pm-scripts (#146) 2011-03-29 12:22:31 +02:00
Marek Marczykowski
2bcbc1742e Run pm-utils scripts in netvm on suspend (#146) 2011-03-29 12:20:50 +02:00
Rafal Wojtczuk
50af4bd8a0 qfile-daemon-dvm: lock around possible savefile recreate 2011-03-28 17:39:21 +02:00
Rafal Wojtczuk
df9549a7db Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/smoku/core into spring-merge 2011-03-28 17:28:24 +02:00
Tomasz Sterna
04a6b01b1b Do not allow NEW connection to VM through ProxyVM. #136 2011-03-27 17:24:17 +02:00
Marek Marczykowski
0d52b037f1 Changed network addresses to 10.137.0.0/16 (#73) 
Also limit qid to 254 - should be enough and fits in one byte (in IP address)
 2011-03-27 12:58:38 +02:00
Tomasz Sterna
efcff5cc3a Added plymouth progress handling to qubes_setupdvm init script. 2011-03-26 11:33:04 +01:00
Tomasz Sterna
5efee35654 Fix ownership and rights when creating DVM during boot. 2011-03-26 11:33:04 +01:00
Tomasz Sterna
e2d9673713 Fixed qubes_setupdvm whitespace. 2011-03-26 11:33:04 +01:00
Marek Marczykowski
14f0141214 Fix to long label for standalone VM 2011-03-24 21:56:59 -04:00
Marek Marczykowski
f2567cbf71 Check if template_vm is set when recreating config files (#131) 2011-03-24 21:44:07 -04:00
Marek Marczykowski
24b5c24c25 create_appmenus() on standalone VM -> only register existing apps in menu 
Needed for example on backup-restore
 2011-03-24 21:41:10 -04:00
Marek Marczykowski
9aa5638dcf Create template_vm property in every VM (defaults to None) 
Simplify template based VM detection.
 2011-03-24 21:39:13 -04:00
Marek Marczykowski
7dca7a5a32 Support for backup standalone VMs (add root.img, apps/); add firewall.xml to backup 2011-03-24 21:37:30 -04:00
Marek Marczykowski
8bdbed7bb8 Fix error handling in qvm-backup-restore 2011-03-24 21:35:46 -04:00
Marek Marczykowski
4723b9e2ef Template name change option, reset config files, standalone vm restore (#103) 
Recreate config file when requested but also when template name changed.
Restore full AppVM dir from backup - not only selected files.
 2011-03-24 21:34:04 -04:00
Marek Marczykowski
d87265851c Merge branch 'spring-merge' of ssh://git.qubes-os.org/var/lib/qubes/git/rafal/core 2011-03-24 16:43:13 -04:00
Rafal Wojtczuk
57fd6c49bb Removed obsolete code, dom0 side 
Just like the previous commit, it is related to switch to
qrexec-based file copy.
 2011-03-24 17:18:10 +01:00