Commit Graph

138 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
f223594f92
app: kill default_fw_netvm property
Having both default_netvm and default_fw_netvm cause a lot of confusion,
because it isn't clear for the user which one is used when. Additionally
changing provides_network property may also change netvm property, which
may be unintended effect. This as a whole make it hard to:
- cover all netvm-changing actions with policy for Admin API
- cover all netvm-changing events (for example to apply the change to
the running VM, or to check for netvm loops)

As suggested by @qubesuser, kill the default_fw_netvm property and
simplify the logic around it.
Since we're past rc1, implement also migration logic. And add tests for
said migration.

Fixes QubesOS/qubes-issues#3247
2017-12-07 01:40:29 +01:00
Marek Marczykowski-Górecki
f2cd7fb226
Merge branch 'tests-and-fixes-20171205' 2017-12-07 01:39:34 +01:00
Marek Marczykowski-Górecki
7b81d7affa
Merge remote-tracking branch 'qubesos/pr/166'
* qubesos/pr/166:
  create "lvm" pool using rootfs thin pool instead of hardcoding qubes_dom0-pool00
  change default pool code to be fast
  cache PropertyHolder.property_list and use O(1) property name lookups
  remove unused netid code
  cache isinstance(default, collections.Callable)
  don't access netvm if it's None in visible_gateway/netmask
2017-12-06 00:41:37 +01:00
Marek Marczykowski-Górecki
d54cef5554
app: fix creating dom0 object when not already present in qubes.xml
It's constant properties are now really constant, no need to provide
them explicitly.
2017-12-05 17:39:33 +01:00
Marek Marczykowski-Górecki
0afee4b05e
Improve checking for netvm loop
There were many cases were the check was missing:
 - changing default_netvm
 - resetting netvm to default value
 - loading already broken qubes.xml

Since it was possible to create broken qubes.xml using legal calls, do
not reject loading such file, instead break the loop(s) by setting netvm
to None when loop is detected. This will be also useful if still not all
places are covered...

Place the check in default_netvm setter. Skip it during qubes.xml loading
(when events_enabled=False), but still keep it in setter, to _validate_ the
value before any property-* event got fired.
2017-12-05 17:39:33 +01:00
Marek Marczykowski-Górecki
2d830caab9
app: check DEFAULT_LVM_POOL variable for default pool
Allow to hint default_pool what is default storage pool - especially
useful for tests.
2017-12-05 17:39:33 +01:00
Marek Marczykowski-Górecki
2c6c766968
Merge branch '20171107-tests-backup-api-misc'
* 20171107-tests-backup-api-misc:
  test: make race condition on xterm close less likely
  tests/backupcompatibility: fix handling 'internal' property
  backup: fix handling target write error (like no disk space)
  tests/backupcompatibility: drop R1 format tests
  backup: use offline_mode for backup collection
  qubespolicy: fix handling '$adminvm' target with ask action
  app: drop reference to libvirt object after undefining it
  vm: always log startup fail
  api: do not log handled errors sent to a client
  tests/backups: convert to new restore handling - using qubesadmin module
  app: clarify error message on failed domain remove (used somewhere)
  Fix qubes-core.service ordering
2017-11-20 22:52:26 +01:00
qubesuser
edae7a16b9 create "lvm" pool using rootfs thin pool instead of hardcoding qubes_dom0-pool00 2017-11-11 02:38:16 +01:00
qubesuser
92c452a655 change default pool code to be fast
currently it takes 100ms+ to determine the default pool every time,
including subprocess spawning (!), which is unacceptable since
finding out the default value of properties should be instantaneous

instead of checking every thin pool to see if the root device is in
it, find and cache the name of the root device thin pool and see if
there is a configured pool with that name
2017-11-11 02:38:16 +01:00
qubesuser
f2b8ad7d38 remove unused netid code
it's unused and has a netid property with name different than key
that would cause issues in the next commit
2017-11-11 02:37:37 +01:00
Marek Marczykowski-Górecki
227378f2b3
app: drop reference to libvirt object after undefining it
Do not try to access that particular object (wrapper) when it got
undefined. If anyone want to access it, appropriate code should do a new
lookup, and probably re-define the object.
2017-11-07 03:10:41 +01:00
Marek Marczykowski-Górecki
59cebd5439
app: clarify error message on failed domain remove (used somewhere)
Point to system logs for more details. Do not include them directly in
the message for privacy reasons (Admin API client may not be given
permission to it).

QubesOS/qubes-issues#3273
QubesOS/qubes-issues#3193
2017-11-07 03:10:32 +01:00
HW42
b907303a39 qubes/vm: Improve stopped event handling
The previous version did not ensure that the stopped/shutdown event was
handled before a new VM start. This can easily lead to problems like in
QubesOS/qubes-issues#3164.

This improved version now ensures that the stopped/shutdown events are
handled before a new VM start.

Additionally this version should be more robust against unreliable
events from libvirt. It handles missing, duplicated and delayed stopped
events.

Instead of one 'domain-shutdown' event there are now 'domain-stopped'
and 'domain-shutdown'. The later is generated after the former. This way
it's easy to run code after the VM is shutdown including the stop of
it's storage.
2017-10-21 05:57:57 +02:00
Marek Marczykowski-Górecki
0b1a0b028b
app: fix setting default_*netvm
1. Fire both property-pre-del:netvm and property-del:netvm - those
events should be fired in pairs - especially one may assume the other
will be called too. This is the case here - one disconnect old netvm,
the other connect the new one.

2. Remove spurious 'newvalue' argument for property-del:netvm event.

3. Fix logic for default_fw_netvm/default_netvm usage. The former is
used if vm.provides_network=True.
2017-10-21 04:05:17 +02:00
Marek Marczykowski-Górecki
2164a8d7b8
Change license to LGPL v2.1+
See this thread for reasoning and acceptance from contributors:
https://groups.google.com/d/topic/qubes-devel/G7KzrfU0lWY/discussion
"Changing qubes-core-admin license to LGPL v2.1+"
2017-10-12 00:11:50 +02:00
Marek Marczykowski-Górecki
df32acfad9
Allow setting global default_dispvm to None
There is no technical need for having this set to anything. If set to
None, DispVM startup requests will be refused.
2017-10-04 15:24:53 +02:00
Marek Marczykowski-Górecki
9e8c40867b
Prevent removing domain that is referenced from anywhere
Check VM properties and global properties (all of them).

Fixes QubesOS/qubes-issues#3128
2017-09-29 11:53:01 +02:00
Wojtek Porczyk
6a93137bbe qubes/app: remove .app attr from VMMConnection 2017-09-01 19:46:28 +02:00
Wojtek Porczyk
de8ff20976 qubes: Allow for explicit closing of objects 2017-08-31 20:30:23 +02:00
Marek Marczykowski-Górecki
71a1be30e7
app: fix LVM default storage pool 2017-07-30 14:57:26 +02:00
Marek Marczykowski-Górecki
36f1a3abaf
Merge branch 'services'
* services:
  tests: check clockvm-related handlers
  doc: include list of extensions
  qubesvm: fix docstring
  ext/services: move exporting 'service.*' features to extensions
  app: update handling features/service os ClockVM
2017-07-29 05:09:32 +02:00
Marek Marczykowski-Górecki
c8c32d4956
Merge branch 'stats'
* stats:
  tests: admin.vm.Stats
  api: fix handling interrupted calls
  api/admin: implement admin.vm.Stats
  app: refresh getting VM statistics, rename to QubesHost.get_vm_stats
  api: use str(subject) instead of explicit subject.name
2017-07-29 05:05:32 +02:00
Marek Marczykowski-Górecki
e738a7596d
app: update handling features/service os ClockVM
Threis no more ntpd service used - new approach do not conflict with
ntpd. Because of this, new feature is named 'service.clocksync', and
should be _enabled_ in ClockVM ('ntpd' was disabled there).

QubesOS/qubes-issues#1230
2017-07-28 16:32:47 +02:00
Marek Marczykowski-Górecki
147bca1648
api/admin: implement admin.vm.Stats
QubesOS/qubes-issues#853
2017-07-28 03:02:32 +02:00
Marek Marczykowski-Górecki
e8b875f552
app: refresh getting VM statistics, rename to QubesHost.get_vm_stats
Get a VM statistics once. If previous measurements are provided,
calculate difference too. This is backend part of upcoming
admin.vm.Stats service.

QubesOS/qubes-issues#853
2017-07-27 22:16:03 +02:00
Marek Marczykowski-Górecki
d57120d809
app: do not wrap libvirt_conn.close() in auto-reconnect wrapper
close() function purpose is to close the connection...
2017-07-26 03:26:59 +02:00
Marek Marczykowski-Górecki
3a21e1f1b3
app: do not create 'default' storage pool
Since we have app.default_pool* properties, create appropriately named
pool and let those properties choose the right pool. This also means we
don't need to specify pool name in default volume config anymore

QubesOS/qubes-issues#2256
2017-07-25 06:20:42 +02:00
Marek Marczykowski-Górecki
73a78ca0db
app: add missing setters for default_pool* global properties
Function itself was already written, but not set in the properties.

QubesOS/qubes-issues#2256
2017-07-25 05:21:32 +02:00
Wojtek Porczyk
b04f612374 qubes: have "service" features' keys separated by period 2017-07-05 04:16:16 +02:00
Marek Marczykowski-Górecki
dddd94b339
Merge branch 'core3-storage3' 2017-07-04 16:44:53 +02:00
Marek Marczykowski-Górecki
075d991114
config: eliminate duplicated qubes_base_dir
Remove it from system_path dict, have it in one place.
2017-07-04 14:25:07 +02:00
Marek Marczykowski-Górecki
1a1dd3dba2
storage: make default pool configurable
Do not always use pool named 'default'. Instead, have global
`default_pool` property to specify default storage pools.
Additionally add `default_pool_*` properties for each VM property, so
those can be set separately.

QubesOS/qubes-issues#2256
2017-07-04 14:25:06 +02:00
Marek Marczykowski-Górecki
6238254f49
events: merge fire_event and fire_event_pre functions
Those functions really do very similar things - lets merge them and add
simple parameter.
2017-07-04 13:04:21 +02:00
Marek Marczykowski-Górecki
083108e995
app: fix registering libvirt event handler
register_event_handlers is called early, when libvirt connection may not
be yet established - especially on empty qubes.xml. Do not skip
automatic connection logic.
2017-06-20 12:47:00 +02:00
Marek Marczykowski-Górecki
8ba60cd7e9
app: fix listing VMs based on given template 2017-06-13 13:15:21 +02:00
Marek Marczykowski-Górecki
0f12870803
storage: use direct object references, not only identifiers
Reference objects, not their IDs - this way when object is modified, it
is visible everywhere where it is used. Main changes:
- volume.pool - Pool object
- volume.source - Volume object

Since volume have Pool object reference now, move volume related
functions into Volume class (from Pool class). This avoids horrible
`storage.get_pool(volume).something(volume)` construct.

One issue here is since volume.source reference a Volume object from a
different VM - VM's template, now VM load order is important. Since we
don't have control over it, initialize vm.storage when needed - possibly
while initializing storage of different VM. Since we don't have cycles
in AppVM-TemplateVM dependencies, it is safe.

Also, since this commit, volume.source (if defined) always points at
volume of the same name from VM's template. Using volumes with something
else as a source is no longer supported.

QubesOS/qubes-issues#2256
2017-06-09 04:55:06 +02:00
Marek Marczykowski-Górecki
fa1da422d1
vm/adminvm: don't base AdminVM on QubesVM
dom0 isn't real VM and most properties doesn't apply to it. Lets make it
more explicit.
2017-06-06 21:57:27 +02:00
Marek Marczykowski-Górecki
2a4af124f8
qubes/app: don't fail on saving qubes.xml when 'qubes' group isn't there 2017-05-12 18:11:27 +02:00
Marek Marczykowski-Górecki
0dfcaa63c9
Handle libvirt events in qubesd
This is required to get shutdown notification, when it wasn't initiated
by qubesd (for example 'poweroff' command inside of VM).
Libvirt event loop implementation must be registered before making
connection to libvirt, so move it to the beginning of main().
For now, only 'domain-shutdown' event is emited.
2017-05-12 17:04:19 +02:00
Marek Marczykowski-Górecki
fa72679b47
Make pylint happy
New pylint throw some more warnings.
2017-04-21 16:57:35 +02:00
Wojtek Porczyk
c437f40284 qubes/mgmt: lifecycle and class listing
- mgmt.vmclass.List
- mgmt.vm.Start
- mgmt.vm.Shutdown
- mgmt.vm.Pause
- mgmt.vm.Unpause
- mgmt.vm.Kill

QubesOS/qubes-issues#2622
2017-04-03 21:55:01 +02:00
Marek Marczykowski-Górecki
32f6bc2cd9
qubes/app: fix notifying about default_netvm change
Notify every VM that is affected, not only those providing network
itself.
2017-03-16 20:04:05 +01:00
Marek Marczykowski-Górecki
010d40dc1e
mgmt: add label-related calls
QubesOS/qubes-issues#2622
2017-03-16 20:04:04 +01:00
Marek Marczykowski-Górecki
c41585e2f5
Initialize dom0 label
It is required property. Additionally, define icon_path to None,
otherwise it tries to access dom0.dir_path, which isn't set.
2017-03-16 20:04:01 +01:00
Marek Marczykowski-Górecki
e52d8fb051
qubes: allow passing name of class to app.add_new_vm
This will allow more flexible API usage, especially when using mgmt API
- we need to use VM type as string there.
We don't lose any flexibility here - VM class names needs to be uniquely
identified by a string (used in qubes.xml) anyway.
2017-02-27 02:37:48 +01:00
Marek Marczykowski-Górecki
f2a1687879
typos in comments 2017-02-27 02:35:49 +01:00
Wojtek Porczyk
be53db4db9 qubes/events: they accept only keyword arguments
Positional arguments are hereby deprecated, with immediate effect.

QubesOS/qubes-issues#2622
2017-02-21 14:46:42 +01:00
Wojtek Porczyk
d74567d65f qubes: port core to python3
fixes QubesOS/qubes-issues#2074
2017-01-20 16:42:51 +01:00
Wojtek Porczyk
5f436360f7 qubes/app: Fix create_empty_store signature
QubesOS/qubes-issues#1729
2016-11-30 18:34:11 +01:00
Marek Marczykowski-Górecki
28d4feb0d0
qubes: fix network-related functions
- cleanup_vifs crash when non-networked VM is running
- type error in get_vms_connected_to (store VM objects, not qid)
2016-11-26 04:08:58 +01:00
Marek Marczykowski-Górecki
c4e85a81fb
qubes/app: automatically enable offline mode when running in chroot
Do not spray --offline-mode over every installer-related script.

QubesOS/qubes-issues#2412
2016-11-26 04:08:50 +01:00
Marek Marczykowski-Górecki
964955758c
qubes/app: create 'default' storage pool as LVM when present
When system is installed with LVM thin pool, it should be used by
default. But lets keep file-based on for /var/lib/qubes for some corner
cases, migration etc.

QubesOS/qubes-issues#2412
2016-11-26 04:08:08 +01:00
Marek Marczykowski-Górecki
80c0093c77
qubes/tools/qubes-create: reject overriding existing qubes.xml
If someone really want do to this, need to manually remove the file
first.

QubesOS/qubes-issues#2412
2016-11-26 04:08:06 +01:00
Marek Marczykowski-Górecki
c08766e157
qubes/features: rename 'services/ntpd' to 'service/ntpd'
It makes much more sense to use singular form here - ntpd is a single
service.
2016-11-26 04:08:06 +01:00
Wojtek Porczyk
0141e1ac73 qubes/app: Allow keeping lock after load
QubesOS/qubes-issues#1729
2016-10-28 15:43:43 +02:00
Wojtek Porczyk
8edbf0e406 qubes: Document all the events
fixes QubesOS/qubes-issues#1811
2016-10-25 17:11:38 +02:00
Wojtek Porczyk
9dc37c1ee7 Add possibility to override libvirt config
This is the equivalent of "custom config" from R3.x.

fixes QubesOS/qubes-issues#1798
2016-10-04 11:31:31 +02:00
Marek Marczykowski-Górecki
0293c1c7ef
qubes/vm: move misc XML tags loading to separate method 2016-08-18 11:57:11 +02:00
Marek Marczykowski-Górecki
53b2b30c0a
qubes: fix some error messages 2016-08-17 02:13:59 +02:00
Marek Marczykowski-Górecki
1a215e47ab
qubes: add 'default_dispvm' property - both Qubes and QubesVM
QubesOS/qubes-issues#2253
2016-08-17 00:46:43 +02:00
Marek Marczykowski-Górecki
ab6f961931
qubes/dispvm: misc fixes, make it actually working
- DispVM is no longer a special case for storage
- Add missing 'rw=True' for volatile volume
- Handle storage initialization (copy&paste from AppVM)
- Clone properties from DispVM template

QubesOS/qubes-issues#2253
2016-08-17 00:42:17 +02:00
Marek Marczykowski-Górecki
5ab860a18c
qubes: don't fail VM removal if already undefined in libvirt
This may happen when it was manually undefined for some reason. Or
during tests cleanup (tearDown).
2016-08-08 00:15:46 +02:00
Marek Marczykowski-Górecki
53562799cd
Fix typo in libvirt auto reconnection 2016-08-08 00:13:26 +02:00
Bahtiar `kalkin-` Gadimov
f3072e7dd0
qubes-create adds default lvm pool if it exists 2016-08-03 02:57:42 +02:00
Bahtiar `kalkin-` Gadimov
c559ffdeab
VMCollection reword vm already exists exception 2016-08-03 02:57:39 +02:00
Wojtek Porczyk
f915115cfb Merge remote-tracking branch 'woju/pull/25/head' into core3-devel 2016-07-21 19:38:58 +02:00
Bahtiar `kalkin-` Gadimov
d8a90a77c2
Make pylint really happy ♥♥♥ 2016-07-13 22:35:58 +02:00
Bahtiar `kalkin-` Gadimov
1f735669bc
Migrate qubes.vm modules to new API 2016-07-13 22:34:33 +02:00
Bahtiar `kalkin-` Gadimov
6fad722554
Make pylint really happy ♥♥♥ 2016-07-13 21:13:29 +02:00
Bahtiar `kalkin-` Gadimov
de5487bf14
Dumb down qvm-remove
- Move `vm.is_halted()` check in to VMCollection.__delitem__()
- `vm.remove_from_disk()` will raise exception if is called on a running vm
2016-07-13 18:24:29 +02:00
Bahtiar `kalkin-` Gadimov
12745a4860
Qubes.add_pool() returns the added pool 2016-06-23 13:17:00 +02:00
Marek Marczykowski-Górecki
2ff6aa456e
Provide fake CPUs count and total memory in offline mode 2016-06-16 21:08:44 +02:00
Wojtek Porczyk
63b6674fbd fix qvm-ls display of cpu_time
QubesOS/qubes-core-admin#27
2016-06-13 19:10:01 +02:00
Wojtek Porczyk
6ade5736d7 pylint fixes 2016-06-10 21:27:29 +02:00
Wojtek Porczyk
5a76d0b03b qubes/vm/dispvm: Add methods for creating and destroying
fixes QubesOS/qubes-issues#866
2016-06-02 19:55:42 +02:00
Wojtek Porczyk
a719e0d93d qubes/vm/qubesvm: allow looking up by UUID
Also, allow lookup using VM from other app.

QubesOS/qubes-issues#866
2016-06-02 17:18:33 +02:00
Wojtek Porczyk
a615a45ecd Merge remote-tracking branch 'woju/pull/13/head' into core3-devel 2016-06-02 13:24:15 +02:00
Marek Marczykowski-Górecki
5e2b617c6f qubes/vm: fix parameters for some even handlers 2016-06-02 13:10:43 +02:00
Marek Marczykowski-Górecki
692f75353e qubes/app: split initialising empty Qubes object from saving it
It may be useful to create fresh Qubes() object but not save it yet
before setting other things. One such case is migration from core2.
2016-06-02 12:42:37 +02:00
Marek Marczykowski-Górecki
ff78b26f66 qubes: implement offline mode
Apparently the most important (the only?) property required in offline
mode is "is_running". So let's patch it to return False and make sure
any other libvirt usage would result in failure.

Or maybe better simply returh False in vm.is_running, when libvirt
connection fails? But then it would not be possible to use offline mode
and have (some, probably unrelated) libvirtd running at the same time.

Fixes QubesOS/qubes-issues#2008
2016-06-02 12:41:26 +02:00
Marek Marczykowski-Górecki
3b407eb79e qubes/app: do not enable domain events when loading XML
Event should be enabled only after all the domains are loaded (and
domain-load event if fired).

QubesOS/qubes-issues#1816
2016-06-02 12:28:14 +02:00
Bahtiar `kalkin-` Gadimov
ed1a6977c0
Qubes.add_pool() add name parameter 2016-05-30 13:31:55 +02:00
Bahtiar `kalkin-` Gadimov
d703f2f44b
Add qvm-pool and manpage for it
- Use full import paths in qvm-pool
- Add, Remove, Info and List options set `Namespace.command`. This fixes a crash
  when `-o dir_path=/mnt/foo` is specified after `-a foo xen`.
- Remove `_List`
- Remove 'added pool' and 'removed pool' messages. Unix tools are quiet
- qvm-pool call app.save()
- Rename create_parser in get_parser
- Rename local_parser variables to just parser
- qvm-pool uses print_table
2016-05-30 13:31:54 +02:00
Bahtiar `kalkin-` Gadimov
9ef9575d4e
Fix typo in "No driver FOO for pool BAR" message 2016-05-30 13:31:54 +02:00
Bahtiar `kalkin-` Gadimov
ddf040ae64
Do not serialize the domain pool config 2016-05-22 22:09:55 +02:00
Wojtek Porczyk
786884ad7a qubes: fix netvm properties and tests
fixes QubesOS/qubes-issues#1816
2016-05-19 03:02:23 +02:00
Wojtek Porczyk
d728f4b9ff qubes/app: reconnect to libvirtd after crash
Sometimes libvirt crashes. After that the connection (and all
vm.libvirt_domain-s) were unusable.

fixes QubesOS/qubes-issues#990
2016-05-05 17:33:00 +02:00
Wojtek Porczyk
63c09a090c qubes: Combat import cycles
This commit eliminates import statements happening in the middle of the
file (between two classes definition). The cycles are still there. The
only magic module is qubes itself.
2016-05-05 14:33:09 +02:00