Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,051 Commits 1 Branch 0 Tags 20 MiB
99c0356bf2
Commit Graph

1051 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marek Marczykowski
7f940cefde dom0: load pciback module (#252) 2011-07-09 20:43:27 +02:00
Marek Marczykowski
3543b0271e dom0: Fix QfileDaemonDvm error message 2011-07-09 17:56:40 +02:00
Marek Marczykowski
973d79e932 dom0: remove calls to not existing *_xen_storage methods in qvm-* 2011-07-09 17:56:06 +02:00
Marek Marczykowski
d11271df97 vm: Fix IP address of DispVM after restore (#247) 
IP was set by udev script only on VM start, not restore
 2011-07-09 17:54:47 +02:00
Marek Marczykowski
aa77d13170 dom0: reload firewall rules after DispVM start (#247) 2011-07-09 17:54:23 +02:00
Marek Marczykowski
7e234a4a8d dom0: store dispid in QubesDisposableVm object and generate proper IP (#247) 2011-07-09 17:52:47 +02:00
Marek Marczykowski
ff70ded003 dom0: fix typo in qfile-daemon-dvm 2011-07-09 16:52:55 +02:00
Marek Marczykowski
371fdf5884 Merge branch 'qrexec2' of git://git.qubes-os.org/rafal/core 2011-07-09 16:52:54 +02:00
Marek Marczykowski
cd4e4f5ddd vm: fix udev rules for VM network hotplug 2011-07-09 16:52:51 +02:00
Marek Marczykowski
202fb0c676 dom0: fix syntax 2011-07-09 00:36:00 +02:00
Marek Marczykowski
3e6bd65b73 Revert "[REMOVEME] Dom0: Add UGLY sleeps hoping they will temporarily prevent the race condition" 
This reverts commit 3bd1c700f6.

Conflicts:

	dom0/qvm-core/qubes.py
 2011-07-08 21:38:24 +02:00
Marek Marczykowski
3b3929b6a2 Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 
Conflicts:
	dom0/qvm-core/qubes.py
 2011-07-08 21:37:43 +02:00
Rafal Wojtczuk
a50cc81b7b qrexec: git add missing files 2011-07-07 11:17:00 +02:00
Rafal Wojtczuk
af92ce3e48 qrexec: added qrexec/README.rpc file 
Short introduction to the new features.
 2011-07-07 11:14:04 +02:00
Rafal Wojtczuk
2600134e3b qrexec: tiny corrections to rpc autostart code 2011-07-07 10:38:15 +02:00
Rafal Wojtczuk
77f21e08a4 qrexec: corrected stupid typo 2011-07-07 10:06:45 +02:00
Rafal Wojtczuk
65fe9e1b93 qrexec: manually autostart target rpc domain 
option 2) from the previous commit comment
 2011-07-07 10:05:41 +02:00
Rafal Wojtczuk
11c1cb0aa2 qrexec: temporarily disable auto executing domains upon rpc request 
There are two problems with qvm-run -a:
1) even with -q flag, it spits to stdout (actually, "xl create" does it), and
this garbage is received by rpc client
2) even with -q flag, it steals input (actually, "qrexec ... wait for session")

These two can be manually fixed (by passing /dev/null appropriately); hovewer,
this is prone to disaster if qvm-run is enhanced/broken later.

We could do
if is_domain_running() ; then
	run qrexec client
else
	qvm-run -a domain true </dev/null >/dev/null
	run qrexec client
fi
which looks safer; but is_domain_running() is a bit expensive even in "running"
case - we need to xl_context.list_domains anyway.

Gotta decide on one of these.
 2011-07-07 09:13:51 +02:00
Marek Marczykowski
bfe28d5ee6 dom0: Wrap hotplug scripts with flock (#253) 
Apparently locking mechanism in xen hotplug scripts isn't working. This is
workaround before it will be fixed in xen...
 2011-07-06 23:11:51 +02:00
Rafal Wojtczuk
c80ee3b231 qrexec: allow for more options in the policy files 2011-07-06 18:34:00 +02:00
Rafal Wojtczuk
7b39b15f6d qrexec: enforce strict character set in TRIGGER_EXEC message 2011-07-06 17:07:40 +02:00
Rafal Wojtczuk
ab6aeb0bca qrexec: in qrexec_client_vm, need to preserve absolute exe name before execv 2011-07-06 16:51:56 +02:00
Rafal Wojtczuk
243d488d99 qrexec: package qubes.SyncAppMenus files 2011-07-06 16:27:09 +02:00
Rafal Wojtczuk
6366db0ab6 qrexec: adjust updates fetching to the new qrexec api 2011-07-06 14:44:40 +02:00
Rafal Wojtczuk
b3ce35b5e2 qrexec: change qrexec_client_vm syntax to be nicer to read 
Now the local_program is just before arguments, which is nicer.
 2011-07-06 14:21:35 +02:00
Rafal Wojtczuk
d46150b8d3 qrexec: adjust appmenu syncing to the new qrexec api 2011-07-06 14:09:36 +02:00
Rafal Wojtczuk
7d79a15c4b qrexec: support for rpc with dom0 as target 2011-07-06 13:56:57 +02:00
Rafal Wojtczuk
2fdf9761c7 qrexec: adjust DispVM code to the new qrexec API 
Note, we have qvm-open-in-vm totally for free.
 2011-07-06 12:32:20 +02:00
Rafal Wojtczuk
b7e8c2708c qrexec: adjust intervm file copy code to the new qrexec API 2011-07-06 10:17:58 +02:00
Marek Marczykowski
0de378dafc dom0: automatically bind PCI devices to pciback at VM start (#252) 2011-07-05 22:10:45 +02:00
Marek Marczykowski
5f10e408e0 dom0: stores QubesVm.pcidevs as list (#252) 
To easier manage pci devices attached to VM
 2011-07-05 22:01:28 +02:00
Marek Marczykowski
82bc4bad0b dom0: always set appmenus_templates_dir for QubesVm 
If possible - to reasonable value (vm dir for UpdateableVM or template - for
template-based VM).
 2011-07-05 21:26:39 +02:00
Marek Marczykowski
b9e00b2189 dom0: Include default whitelisted-appmenus.list in template (#266) 2011-07-05 21:20:43 +02:00
Rafal Wojtczuk
5b78e8f983 qrexec: dup old stdin/out fds, pass the dup-ed fds in SAVED_FD_%d env var 2011-07-05 20:01:28 +02:00
Rafal Wojtczuk
ecf200dca3 qrexec: last two missing pieces of the new rpc infrastructure 2011-07-05 18:35:03 +02:00
Rafal Wojtczuk
1e355f11d2 qrexec: in agent, use nonzero "fake" pid for existing process 
Because 0 means invalid entry.
Also make sure that the rest of code handles -1 pid fine.
 2011-07-05 13:04:34 +02:00
Rafal Wojtczuk
2c23891856 Revert "qrexec: in agent, use nonzero "fake" pid for existing process" 
This reverts commit 9e77e8831e.
 2011-07-05 12:58:27 +02:00
Rafal Wojtczuk
9e77e8831e qrexec: in agent, use nonzero "fake" pid for existing process 
Because 0 means invalid entry.
 2011-07-05 12:49:06 +02:00
Rafal Wojtczuk
9ac98a77b9 qrexec: in agent, handle CONNECT_EXISTING the way convenient for client 2011-07-05 12:46:33 +02:00
Rafal Wojtczuk
703cedc708 qrexec: fixed qrexec_client getopt handling 2011-07-05 11:04:44 +02:00
Rafal Wojtczuk
9c7eb81a23 qrexec: add qrexec_client_vm.c 2011-07-05 11:03:31 +02:00
Rafal Wojtczuk
b4f28152b8 qrexec: CONNECT_EXISTING command handling in daemon and client 2011-07-04 20:55:25 +02:00
Rafal Wojtczuk
c05b26763a qrexec: new communication scheme, agent<->server part 
1) Instead of a set of predefined commands, we send MSG_AGENT_TO_SERVER_TRIGGER_CONNECT_EXISTING msg with a parameter (e.g. "org.qubes-os.vm.Filecopy")
defining required action
2) qrexec_daemon just forks qrexec_policy, that will take care of actually
allowing and executing required action
3) after MSG_AGENT_TO_SERVER_TRIGGER_CONNECT_EXISTING, qrexec_agent does not
execute a command - it justs uses already established file descriptors to
send data to/from. Thus, there is no need to use ~/.xxxxxspool - a command line
tool can have direct access to remote fds.
 2011-07-04 18:56:56 +02:00
Rafal Wojtczuk
732a90443e qrexec: move daemon-specific code out of unix_server.c 
So that agent can use code in unix_server.c
 2011-07-04 17:06:29 +02:00
Rafal Wojtczuk
60a435eb1e Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core into syncmarek 
Conflicts:
	dom0/init.d/qubes_core
 2011-07-04 15:28:40 +02:00
Marek Marczykowski
33fa170e75 vm: remove /lib/modules from fstab (#263) 
This is mounted by initramfs
 2011-07-03 20:53:36 +02:00
Marek Marczykowski
fdf636f50e vm: Do not setup IP second time 
It is assigned by udev script
 2011-07-03 20:11:55 +02:00
Marek Marczykowski
d16b6f24f9 dom0: fix cmdline of DispVM guid (#248) 2011-07-02 22:44:49 +02:00
Joanna Rutkowska
3bd1c700f6 [REMOVEME] Dom0: Add UGLY sleeps hoping they will temporarily prevent the race condition 2011-07-02 22:15:43 +02:00
Joanna Rutkowska
fc31161361 Dom0: Fix calling syntax for qrexec_client for updatevm 2011-07-02 22:12:43 +02:00