Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
936 Commits 1 Branch 0 Tags 20 MiB
a253719254
Commit Graph

206 Commits

Author SHA1 Message Date
Marek Marczykowski
320847de91 dom0: correctly remove appmenus for ServiceVM (if any) 2011-09-06 01:17:09 +02:00
Marek Marczykowski
77ec31d164 dom0: appmenus templates handling for StandaloneVM (#317) 
StandaloneVM also needs apps.templates dir in order to qubes-appmenu-select
works. Also can be helpful for backup/restore.
 2011-09-06 01:15:35 +02:00
Marek Marczykowski
c1f0296e66 dom0: automatically determine domain xid in create_xenstore_entries 2011-09-06 01:14:49 +02:00
Marek Marczykowski
f85fcc06aa dom0: replace obsolete swiotlb=force with iommu=soft 2011-09-03 16:15:02 +02:00
Marek Marczykowski
5cb6cd2aa7 dom0: fix uses_default_kernelopts typo 2011-09-03 16:14:51 +02:00
Marek Marczykowski
58985193e7 dom0: move network-attach logic to qubes.py 
Main reason is to remove code duplication.
Also fixes #260 and workaround (by sleep...) some race at NetVM restart
(fronted driver does not noticed vif-detach+vif-attach).
 2011-09-03 16:13:14 +02:00
Marek Marczykowski
5fe147729d dom0: copy only selected files for StandaloneVM kernel 
Especially ignore modules dir - already included in modules.img
 2011-09-03 16:04:25 +02:00
Marek Marczykowski
7f24727b2b dom0: fix waiting for vif detach 2011-09-03 16:01:22 +02:00
Marek Marczykowski
11da1633d3 dom0: Copy default template kernel to StandaloneVM dir (#333) 
Just prepare kernel for qvm-set -s <vmname> kernel none
 2011-09-01 15:01:37 +02:00
Marek Marczykowski
ac917ef1d8 dom0: Set modules.img device R/W for StandaloneVM (#333) 2011-09-01 14:56:23 +02:00
Marek Marczykowski
577dd2b076 dom0: when cleaning up network devices, wait for actual device destroy 
Otherwise subsequent network-attach will not be noticed by frontend driver.
 2011-09-01 00:01:53 +02:00
Marek Marczykowski
be5e5a98a1 dom0: use full patch for network script 
xl (apart from xm) doesn't prefix script with dir.
 2011-08-31 22:01:08 +02:00
Marek Marczykowski
3cf1af0321 dom0: implement custom kernelopts (#323) 2011-08-31 20:39:26 +02:00
Marek Marczykowski
fbce32ae1f dom0/qvm-prefs: info when kernel setting is from template 2011-08-31 18:32:37 +02:00
Rafal Wojtczuk
8ecd6134d9 firewall: call iptables-restore once per domain (#311) 
qubes.py now places rules for each domain in a separate key under
/local/domain/fw_XID/qubes_iptables_domainrules/
plus the header in /local/domain/fw_XID/qubes_iptables_header.
/local/domain/fw_XID/qubes_iptables is now just a trigger.
So, if iptables-restore fails dues to e.g. error resolving a domain name
in a rules for a domain, then only this domain will not get connectivity,
others will work fine.
 2011-07-29 16:50:12 +02:00
Rafal Wojtczuk
6fc358bd20 dispvm: honour current choice of template for dispvm 
... when auto-refreshing the dispvm savefile.
While at it, also copy dispvm-prerun.sh script in qvm-clone.
 2011-07-26 17:09:59 +02:00
Rafal Wojtczuk
7cfbe1c7d8 qubes.py: postpone qmmeman.close() 
There are indications that when parent "xl" process exits, the domain is not
booted completely; and xl actions may interfere with qmemman memory balancing.
Thus, in VM.start(), we delay releasing of qmemman handle until qrexec_daemon
connects successfully.
 2011-07-22 15:07:04 +02:00
Marek Marczykowski
342261ff10 dom0: Do not clone config file with template 
Not needed any more
 2011-07-21 00:49:03 +02:00
Marek Marczykowski
c9ad2314ea dom0: variable names conflict (#290) 
uuid is also name of (used here) python module...
 2011-07-20 16:12:28 +02:00
Marek Marczykowski
f1153a5413 dom0: initialize vmtype in create_appmenus (#212) 2011-07-20 16:06:22 +02:00
Marek Marczykowski
99dfdd70c3 dom0: Hide some messages from 'xl' tool (#265) 2011-07-17 01:54:27 +02:00
Marek Marczykowski
182e1ccf2b dom0: watch for updates from dom0 (#198) 
Additionally synchronize clock every 6h. This is started by xdg-autostart (not
qvm-core) to have running Xorg - needed to prompt user for updates download.
 2011-07-17 01:20:13 +02:00
Marek Marczykowski
a68faecc35 dom0: initialize default_kernel parameter 2011-07-15 12:24:27 +02:00
Marek Marczykowski
9f67e5de9d dom0: Regenerate appmenus also for TemplateVM in create_appmenus() 2011-07-10 23:39:48 +02:00
Marek Marczykowski
0813f49186 dom0: Clone whitelisted-apps.list with template clone 2011-07-10 23:37:35 +02:00
Marek Marczykowski
817735fc92 dom0: Do not copy obsolete apps-template.templates dir on template clone 2011-07-10 23:36:50 +02:00
Marek Marczykowski
f6609cb1c4 dom0: minor #252 fix 2011-07-09 20:43:57 +02:00
Marek Marczykowski
7e234a4a8d dom0: store dispid in QubesDisposableVm object and generate proper IP (#247) 2011-07-09 17:52:47 +02:00
Marek Marczykowski
202fb0c676 dom0: fix syntax 2011-07-09 00:36:00 +02:00
Marek Marczykowski
3e6bd65b73 Revert "[REMOVEME] Dom0: Add UGLY sleeps hoping they will temporarily prevent the race condition" 
This reverts commit 3bd1c700f6.

Conflicts:

	dom0/qvm-core/qubes.py
 2011-07-08 21:38:24 +02:00
Marek Marczykowski
3b3929b6a2 Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 
Conflicts:
	dom0/qvm-core/qubes.py
 2011-07-08 21:37:43 +02:00
Marek Marczykowski
0de378dafc dom0: automatically bind PCI devices to pciback at VM start (#252) 2011-07-05 22:10:45 +02:00
Marek Marczykowski
5f10e408e0 dom0: stores QubesVm.pcidevs as list (#252) 
To easier manage pci devices attached to VM
 2011-07-05 22:01:28 +02:00
Marek Marczykowski
82bc4bad0b dom0: always set appmenus_templates_dir for QubesVm 
If possible - to reasonable value (vm dir for UpdateableVM or template - for
template-based VM).
 2011-07-05 21:26:39 +02:00
Marek Marczykowski
b9e00b2189 dom0: Include default whitelisted-appmenus.list in template (#266) 2011-07-05 21:20:43 +02:00
Joanna Rutkowska
3bd1c700f6 [REMOVEME] Dom0: Add UGLY sleeps hoping they will temporarily prevent the race condition 2011-07-02 22:15:43 +02:00
Joanna Rutkowska
fc31161361 Dom0: Fix calling syntax for qrexec_client for updatevm 2011-07-02 22:12:43 +02:00
Marek Marczykowski
cd7024cad1 Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 2011-07-02 18:49:18 +02:00
Marek Marczykowski
35e18029c1 dom0: use default kernel for new VMs 2011-07-02 18:48:17 +02:00
Joanna Rutkowska
1ef800414a Dom0: qubes.py: honor the verbose flag when printing debuging messages 2011-07-02 13:35:59 +02:00
Marek Marczykowski
f447a458f2 dom0+vm: Update VM kernel mechanism (#242) 
Get kernel from global kernels dir (/var/lib/qubes/vm-kernels), not per-VM. Can
be configured by qvm-prefs (kernel parameter).
New tool: qvm-set-default-kernel

For backward compatibility kernel=None means kernel in VM dir (kernels subdir).
(possibly empty) modules.img should be created in it.
 2011-06-30 01:07:47 +02:00
Marek Marczykowski
40c7e32fe9 dom0: Use first FirewallVM as UpdateVM 2011-06-27 21:14:34 +02:00
Marek Marczykowski
a0b60af3d6 dom0: Do not use transactions to access xenstore 
Unfortunately they aren't reliable... at least for writing ~10 keys at once
from python.
 2011-06-25 22:31:22 +02:00
Marek Marczykowski
d9d7a69c27 dom0+vm: Tools for downloading dom0 update by VM (#198) 
Mainly 4 parts:
 - scripts for providing rpmdb and yum repos to VM (choosen by qvm-set-updatevm)
 - VM script for downloading updates (qubes_download_dom0_updates.sh)
 - qfile-dom0-unpacker which receive updates, check signatures and place its in dom0 local yum repo
 - qvm-dom0-upgrade which calls all of above and after all yum gpk-update-viewer

Besides qvm-dom0-upgrade, updates are checked every 6h and user is prompted if
want to download it. At dom0 side gpk-update-icon (disabled yet) should notice
new updates in "local" repo.
 2011-06-22 00:44:48 +02:00
Marek Marczykowski
454b678284 dom0: cpu load calculation when VM rebooted fix 2011-06-11 20:44:26 +02:00
Marek Marczykowski
925647c7d7 dom0: run xl create through sudo 
This finally solve problem with RLIMIT_MEMLOCK (less important) and is required
to attach PCI devices (eg netvm restart) - more important.
 2011-06-10 18:19:19 +02:00
Marek Marczykowski
3571a34010 dom0: preserve old root-cow - for qvm-revert-template-changes 2011-06-09 14:22:22 +02:00
Marek Marczykowski
fcd4cd44eb dom0: create config template for DispVM 
Introduction for later patches.
 2011-06-08 03:30:42 +02:00
Marek Marczykowski
1647d03f74 dom0: use path given in argument to store VM configuration 2011-06-08 03:29:52 +02:00
Marek Marczykowski
f5e4cf58aa dom0: include vif in domain config (no need for network-attach) 2011-06-08 03:28:08 +02:00