Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3,981 Commits 1 Branch 0 Tags 15 MiB
9acd46bddb
Commit Graph

3981 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marek Marczykowski-Górecki
3b407eb79e qubes/app: do not enable domain events when loading XML 
Event should be enabled only after all the domains are loaded (and
domain-load event if fired).

QubesOS/qubes-issues#1816
 2016-06-02 12:28:14 +02:00
Marek Marczykowski-Górecki
daf55710b8
travis: initial version 
QubesOS/qubes-issues#1926
 2016-06-02 11:29:38 +02:00
Marek Marczykowski-Górecki
a534b1dd2c
qvm-usb: remove scary warning about PV USB stability 
USBIP (used for PV USB here) is considered stable by Linux maintainers,
so follow their judgement.

Fixes QubesOS/qubes-issues#531
 2016-06-02 02:52:59 +02:00
Marek Marczykowski-Górecki
e87da9ec9d
tests: adjust dom0_update tests for dnf in VM 
There is no support for 'copy_local' repository option, so setup test
repository over http.

Related to QubesOS/qubes-issues#1574
 2016-06-02 02:51:18 +02:00
Marek Marczykowski-Górecki
767d1f0074
qvm-usb: implement usb_detach_all 
QubesOS/qubes-issues#531
 2016-06-02 02:49:22 +02:00
Marek Marczykowski-Górecki
d5e06bfb83
qvm-usb: issue detach call to backend domain 
Make sure that even compromised frontend will be cut of (possibly
sensitive - like a webcam) device. On the other hand, if backend domain
is already compromised, it may already compromise frontend domain too,
so none of them would be better to call detach to.

QubesOS/qubes-issues#531
 2016-06-02 02:45:26 +02:00
Marek Marczykowski-Górecki
52fb410deb
qvm-usb: always pass VM as object reference not a name 
Make the API consistent.

QubesOS/qubes-issues#531
 2016-06-02 02:44:38 +02:00
Bahtiar `kalkin-` Gadimov
17790c32bb
Fix DomainPool missing a continue 2016-06-01 17:28:55 +02:00
Bahtiar `kalkin-` Gadimov
90928dc4a0
qubes-pool skip DomainPools without volumes 2016-05-30 13:31:58 +02:00
Bahtiar `kalkin-` Gadimov
c8363cfc95
qvm-pool simplify options parsing 2016-05-30 13:31:57 +02:00
Bahtiar `kalkin-` Gadimov
27305dd85d
qvm-pool actions remove access to app 2016-05-30 13:31:56 +02:00
Bahtiar `kalkin-` Gadimov
ed1a6977c0
Qubes.add_pool() add name parameter 2016-05-30 13:31:55 +02:00
Bahtiar `kalkin-` Gadimov
d703f2f44b
Add qvm-pool and manpage for it 
- Use full import paths in qvm-pool
- Add, Remove, Info and List options set `Namespace.command`. This fixes a crash
  when `-o dir_path=/mnt/foo` is specified after `-a foo xen`.
- Remove `_List`
- Remove 'added pool' and 'removed pool' messages. Unix tools are quiet
- qvm-pool call app.save()
- Rename create_parser in get_parser
- Rename local_parser variables to just parser
- qvm-pool uses print_table
 2016-05-30 13:31:54 +02:00
Bahtiar `kalkin-` Gadimov
9ef9575d4e
Fix typo in "No driver FOO for pool BAR" message 2016-05-30 13:31:54 +02:00
Bahtiar `kalkin-` Gadimov
357e8125eb
Add qubes.tools.PoolsAction 2016-05-30 13:31:53 +02:00
Bahtiar `kalkin-` Gadimov
0319df25e5
Add print_table function to qubes.tools 
- print_table uses the `column` tool with the ASCII Unit Separator to print a
pretty table
 2016-05-30 13:31:51 +02:00
Marek Marczykowski-Górecki
d67636308f
qvm-usb: modify for USBIP-over-qrexec implementation 
QubesOS/qubes-issues#531
 2016-05-26 01:38:08 +02:00
Marek Marczykowski-Górecki
3afc7b7d50
core: start qrexec-daemon as normal user, even when VM is started by root 
qrexec-daemon will start new processes for called services, which
include starting new DispVM, starting other required VMs (like backend
GPG VM). Having those processes as root leads to many permissions
problems, like the one linked below. So when VM is started by root, make
sure that qrexec-daemon will be running as normal user (the first user
in group 'qubes' - there should be only one).

QubesOS/qubes-issues#1768
 2016-05-26 01:34:53 +02:00
Bahtiar `kalkin-` Gadimov
35974a5dbf
DomainPool check the untrusted data from qubes-db 2016-05-25 17:39:34 +02:00
Wojtek Porczyk
0484be518c Merge remote-tracking branch 'woju/pull/12/head' into core3-devel 
Conflicts:
    doc/manpages/qvm-kill.rst
 2016-05-25 11:01:19 +02:00
Bahtiar `kalkin-` Gadimov
3f5a92772a
A QubesVM always has an empty DomainPool 
- A DomainPool is initialized by QubesVM after Storage initialization on a
  `domain-load` event
 2016-05-22 22:09:56 +02:00
Bahtiar `kalkin-` Gadimov
ddf040ae64
Do not serialize the domain pool config 2016-05-22 22:09:55 +02:00
Bahtiar `kalkin-` Gadimov
baaac858bc
Add DomainPool 
- All domain pool volumes are removable volumes
- DomainVolume uses device name as vid
 2016-05-22 22:09:54 +02:00
Bahtiar `kalkin-` Gadimov
e30f894df9
Add Volume.removable field 2016-05-22 21:42:27 +02:00
Bahtiar `kalkin-` Gadimov
df83188fb5
Update qvm-remove manpage 2016-05-21 01:35:33 +02:00
Bahtiar `kalkin-` Gadimov
116ba64e51
Storage.remove() catch IO/OSError and log it 2016-05-21 01:35:32 +02:00
Bahtiar `kalkin-` Gadimov
c5810758c5
FilePool fix origin volume removale 2016-05-21 01:35:31 +02:00
Bahtiar `kalkin-` Gadimov
8959e5a77e
Implement qvm-remove 
- Remove old qvm-remove
- Remove a log line from Storage, because it prints confusing lines, like:
    Removing volume kernel: /var/lib/qubes/vm-kernels/4.1.13-6/modules.img
 2016-05-21 01:35:30 +02:00
Bahtiar `kalkin-` Gadimov
3009bd862e
Fix manpage generation 2016-05-21 01:25:15 +02:00
Bahtiar `kalkin-` Gadimov
91f72dc56c
Rework argument checking when generating manpages 
Add the ability to handle commands having subcommands, like `qvm-block`

Split the ArgumentCheckVisitor in an OptionsCheckVisitor &
SubCommandCheckVisitor. The OptionsCheckVisitor checks options given
in a section named 'Options' (case insensitive), while the
SubCommandCheckVisitor dispatches on a section named 'Commands' (case
insensitive).

This also fixes finding the undocumented command arguments. The previous
solution with depart_document did not work. NodeVisitor does not dispatch to
depart_document() even if it's mentioned in the documentation.
 2016-05-21 01:25:14 +02:00
Bahtiar `kalkin-` Gadimov
e580131465
Add AliasedSubParsersAction 2016-05-21 01:25:13 +02:00
Bahtiar `kalkin-` Gadimov
99598fe4b2
Update qvm-kill manpage 2016-05-21 01:24:18 +02:00
Bahtiar `kalkin-` Gadimov
910276e898
Rename want_vm_* in vmname_nargs 2016-05-21 01:24:17 +02:00
Bahtiar `kalkin-` Gadimov
d4c74d210f
Implement vmname parsing 2016-05-21 01:24:16 +02:00
Bahtiar `kalkin-` Gadimov
3549a9d4ec
Add VmNameGroup 2016-05-21 01:24:14 +02:00
Bahtiar `kalkin-` Gadimov
7fe827d858
Add VmNameAction 2016-05-21 01:24:13 +02:00
Bahtiar `kalkin-` Gadimov
c22d9e88c9
Add QubesAction 2016-05-21 01:24:12 +02:00
Wojtek Porczyk
e757444c35 qubes/tools/qvm-features: add tool for managing qvm-features 
QubesOS/qubes-issues#1637
 2016-05-19 03:02:24 +02:00
Bahtiar `kalkin-` Gadimov
a65b0edcd4 Add QubesArgumentParser.print_error() 2016-05-19 03:02:24 +02:00
Wojtek Porczyk
454e1835fe pylintrc: add (commented) ruleset for debugging imports 2016-05-19 03:02:24 +02:00
Wojtek Porczyk
786884ad7a qubes: fix netvm properties and tests 
fixes QubesOS/qubes-issues#1816
 2016-05-19 03:02:23 +02:00
Marek Marczykowski-Górecki
7c0f5a4be6
qubes-hcl-report: filename sanitization for old bash 
Bash in dom0 (Fedora 20 based) doesn't properly handle "+(..)" operator.
So remove it for now.

Fixes QubesOS/qubes-issues#1994
 2016-05-18 14:21:26 +02:00
Marek Marczykowski-Górecki
a8fcc58934
version 3.2.2 2016-05-18 03:00:41 +02:00
Marek Marczykowski-Górecki
6311eec6fd
tests: force reloading partition table after setting partitioned loop dev 
Apparently "losetup -P" doesn't always properly read partition table.
Force reload using blockdev --rereadpt.
 2016-05-18 02:03:48 +02:00
Marek Marczykowski-Górecki
405fd40aaa
Add policy for qubes.OpenURL service 
For now the same as for qubes.OpenInVM.

Fixes QubesOS/qubes-issues#1487
 2016-05-18 02:03:48 +02:00
Marek Marczykowski-Górecki
3abf2b24b4
tests: check opening URL 
While at it, fix policy preparation for qvm-open-in-vm tests.

QubesOS/qubes-issues#1487
 2016-05-18 02:03:31 +02:00
Marek Marczykowski-Górecki
692254fcbf
qubes-bug-report: remove trailing spaces 
QubesOS/qubes-issues#901
 2016-05-17 20:33:05 +02:00
Marek Marczykowski-Górecki
b1e368da43
Merge remote-tracking branch 'qubesos/pr/30' 
* qubesos/pr/30:
  qubes-bug-report coding style 4 spaces instead of tabs and using += operator
  qubes-bug-report subprocess removed, refactored and fixed pacman command for archlinux packages
  Tool to create bug reports.

Fixes QubesOS/qubes-issues#901
 2016-05-17 20:32:46 +02:00
Marek Marczykowski-Górecki
94d52a13e7
core: adjust guid parameters when running on KDE5 
On KDE5 native decoration plugin is used and requires special properties
set (instead of `_QUBES_VMNAME` etc).
Special care needs to be taken when detecting environment, because
environment variables aren't good enough - this script may be running
with cleared environment (through sudo, or from systemd). So check
properties of X11 root window.

QubesOS/qubes-issues#1784
 2016-05-17 20:22:13 +02:00
Jeepler
14efbb4a22 qubes-bug-report coding style 4 spaces instead of tabs and using += operator 2016-05-17 13:15:26 -05:00