Marek Marczykowski
0f28db380e
dom0: QubesVm has no add_to_xen_storage()
2011-06-23 22:03:09 +02:00
Marek Marczykowski
151b15bb8c
dom0: Edit xl.conf in %post instead of overriding file (rpm file conflict)
2011-06-23 14:39:17 +02:00
Marek Marczykowski
d9d7a69c27
dom0+vm: Tools for downloading dom0 update by VM ( #198 )
...
Mainly 4 parts:
- scripts for providing rpmdb and yum repos to VM (choosen by qvm-set-updatevm)
- VM script for downloading updates (qubes_download_dom0_updates.sh)
- qfile-dom0-unpacker which receive updates, check signatures and place its in dom0 local yum repo
- qvm-dom0-upgrade which calls all of above and after all yum gpk-update-viewer
Besides qvm-dom0-upgrade, updates are checked every 6h and user is prompted if
want to download it. At dom0 side gpk-update-icon (disabled yet) should notice
new updates in "local" repo.
2011-06-22 00:44:48 +02:00
Marek Marczykowski
6d9fdf4729
dom0: Add shortcut qubes-appmenu-select ("Add more shortcuts...") for each VM ( #45 )
2011-06-12 01:47:15 +02:00
Marek Marczykowski
b75f89038b
dom0: qvm-sync-appmenus output error messages to stderr
2011-06-12 01:47:15 +02:00
Marek Marczykowski
4634a6897c
dom0: qvm-sync-appmenus: support for calling by qrexec_client
2011-06-12 00:56:47 +02:00
Marek Marczykowski
a4d1a21b46
dom0: qvm-sync-appmenus - copy *directory.template when needed
2011-06-11 23:09:55 +02:00
Marek Marczykowski
9375b8d6ff
dom0: qvm-sync-appmenus: add missing object name to vars
2011-06-11 22:58:00 +02:00
Marek Marczykowski
5714410724
dom0: qvm-sync-appmenus: create appmenus dir if needed
2011-06-11 22:55:53 +02:00
Marek Marczykowski
454b678284
dom0: cpu load calculation when VM rebooted fix
2011-06-11 20:44:26 +02:00
Marek Marczykowski
7ced90832b
dom0: Support for pcidevs in qvm-prefs
...
Can be used to e.g. have two NetVMs, eatch with one network interface assigned.
2011-06-10 19:08:47 +02:00
Marek Marczykowski
4cb5838f5b
dom0: qvm-revert-template-changes message fix
2011-06-10 18:44:53 +02:00
Marek Marczykowski
5cce87c7d2
dom0: Introduce qvm-revert-template-changes tool
2011-06-10 18:36:20 +02:00
Marek Marczykowski
63dda4de34
dom0: qvm-create: remove obsolete add_to_xen_storage call
2011-06-10 18:27:16 +02:00
Marek Marczykowski
925647c7d7
dom0: run xl create through sudo
...
This finally solve problem with RLIMIT_MEMLOCK (less important) and is required
to attach PCI devices (eg netvm restart) - more important.
2011-06-10 18:19:19 +02:00
Marek Marczykowski
891653a413
dom0: create lockfile for libxl and set dom0 name in xenstore
...
Create lockfile to set it proper permissions. Without it the first use
(qvm-start netvm) will create it with root:root and 600.
Without xend, no one sets dom0 name...
2011-06-10 12:02:32 +02:00
Marek Marczykowski
3571a34010
dom0: preserve old root-cow - for qvm-revert-template-changes
2011-06-09 14:22:22 +02:00
Marek Marczykowski
f1f98d47df
dom0: Use /var/run/xen-hotplug to store information needed for block devices cleanup.
...
Libxl removes xenstore entries before udev (+scripts) have chance to read it.
2011-06-09 14:06:24 +02:00
Marek Marczykowski
197ccb2e2c
dom0: remove obsolete code from qubes_restore
2011-06-08 03:42:51 +02:00
Marek Marczykowski
ea69b51a97
dom0: use /bin/bash as interpreter of qubes_prepare_saved_domain.sh
...
Required for ex $(( )) construction. /bin/sh may not handle it (when linked to
some other shell than bash).
2011-06-08 03:41:22 +02:00
Marek Marczykowski
e5df78fe92
dom0: Migrate qubes_restore (and all DispVM logic) to libxl
...
Detailed changes:
- use domain config in separate file (not embeded in savefile)
- DispVM domain config generated from dvm.conf (introduced by previous patches) by qubes_restore
- use call 'xl restore' to restore domain (instead of command to xend)
- additional parameter to qubes_restore - config template
- minor changes (xenstore perms, block-detach without /dev/ prefix, etc)
2011-06-08 03:36:02 +02:00
Marek Marczykowski
81ae4fafcf
dom0: Use 10.138.x.y for DispVMs and fix gateway/DNS addresses
2011-06-08 03:33:45 +02:00
Marek Marczykowski
fcd4cd44eb
dom0: create config template for DispVM
...
Introduction for later patches.
2011-06-08 03:30:42 +02:00
Marek Marczykowski
1647d03f74
dom0: use path given in argument to store VM configuration
2011-06-08 03:29:52 +02:00
Marek Marczykowski
f5e4cf58aa
dom0: include vif in domain config (no need for network-attach)
2011-06-08 03:28:08 +02:00
Marek Marczykowski
c444ebc5f8
dom0/qmemman: different approach of mem-set and maxmem (libxl way)
...
Libxl stores maxmem in xenstore (/local/domain/X/memory/static-max) and sets
maxmem and target_mem to actual memory. So qmemman should use xenstore entry as
memory_maximum (when exists) and also adjust maxmem when changing domain memory.
2011-06-07 16:19:52 +02:00
Marek Marczykowski
50a910362d
dom0/qmemman: Fix distribution memory left because of memory_maximum
2011-06-07 15:58:55 +02:00
Marek Marczykowski
9ed6b94d63
dom0/qmemman: Check for memory_maximum also for dom0
2011-06-07 15:58:55 +02:00
Marek Marczykowski
bd447308fe
dom0/qmemman: distribute memory freed by deleted domain
...
Also wait a moment after domain list change for domain cleanup. Even if this
time is not sufficient, memory will be balanced when some domain need it.
2011-06-07 15:58:55 +02:00
Marek Marczykowski
429c685f1d
dom0: write firewall rules only for running proxyvms
2011-06-07 15:58:55 +02:00
Marek Marczykowski
ae6d2ac70c
dom0: include xl.conf in qubes-core-dom0 package
...
Disable autoballoon (qmemman will handle it) and specify lock file location
writable by user.
2011-06-07 15:58:55 +02:00
Marek Marczykowski
645132f043
dom0: Explicitly set maxmem=mem for NetVM
2011-06-07 15:58:54 +02:00
Marek Marczykowski
6dd0870ca6
dom0: Generate Xen VM config file from common template, on each VM start
...
Do not use many different config templates for different types of VMs. Also
regenerate config on each VM start to keep in synchronized with qubes.xml
2011-06-07 15:58:54 +02:00
Marek Marczykowski
62111845ea
dom0: set memlock limit to unlimited for qubes users
...
Needed to 'xl create' work
2011-06-07 15:58:54 +02:00
Marek Marczykowski
5ebd163fd3
dom0: check RLIMIT_MEMLOCK before starting VM (and fix if possible)
2011-06-07 15:58:54 +02:00
Marek Marczykowski
d3e6e3dec0
dom0: use xen.lowlevel.xs instead of call xenstore-*
2011-06-05 23:35:53 +02:00
Marek Marczykowski
9ce2f440c3
dom0: remove import of old xend libraries
2011-06-05 22:58:20 +02:00
Marek Marczykowski
7b2ac4b279
dom0: catch error when no VM found by libxc (assume not running)
2011-06-04 02:46:12 +02:00
Marek Marczykowski
f5751bfea7
dom0: prevent division by zero on calculating cpu usage
...
When VM is starting online_vcpus=0 for short time.
2011-06-04 02:44:27 +02:00
Marek Marczykowski
cc4df5089d
dom0: XC/XL infos for dom0
2011-06-02 01:20:23 +02:00
Marek Marczykowski
fac1f7f107
dom0: Set xid=0 for QubesDom0NetVm
2011-06-02 01:20:01 +02:00
Marek Marczykowski
cb1fbfc145
dom0: store xid in QubesVm on get_xid()
2011-06-02 00:07:22 +02:00
Marek Marczykowski
c789121f84
dom0: migrate from xend to libxl stack - qvm-core
...
This is core part of migration. Things not migrated yet:
- DispVM (qubes_restore needs to be almost rewritten)
- VM xen config files should be fixed (use "script:" prefix in block device description, perhaps generate this files on VM start)
Huge, slow xend not needed any more, now it conflicts with libxl
2011-06-01 23:59:53 +02:00
Marek Marczykowski
086c41cb9f
dom0 qmemman: watch /local/domain xenstore tree for new/deleted domains
...
This is the place where _running_ domains are placed.
2011-06-01 23:31:56 +02:00
Marek Marczykowski
4f33e17e69
Set appmenus_templates_dir also for StandaloneVM ( #45 )
...
StandaloneVM also have appmenus templates - retrieved from VM. User can choose
some of them to real menu.
2011-05-24 00:14:03 +02:00
Marek Marczykowski
df0240c218
Remove desktop files after uninstalling it ( #45 )
2011-05-24 00:10:17 +02:00
Marek Marczykowski
dee7c69156
Create appmenus only for whitelisted apps (if set) ( #45 )
2011-05-24 00:09:44 +02:00
Marek Marczykowski
e1cea1f50b
dom0: tool for sync desktop file templates ( #45 )
2011-05-20 16:38:00 +02:00
Marek Marczykowski
773f0f7b7a
dom0: Fix qvm-prefs for standalone VM
2011-05-17 23:05:55 +02:00
Marek Marczykowski
ee87fff0d7
dom0: implement QubesVm.get_start_time() ( #231 )
...
Needed to check if VM was just started again
2011-05-12 18:15:09 +02:00
Marek Marczykowski
dccc528144
dom0: qmemman: distribute memory only if there are VMs which can accept it
...
This prevent potential inifinite loop in qmemman when free memory cannot be
assigned to any VM (because of static max). Practically this will never happen,
because dom0 can always accept memory.
2011-05-12 17:36:47 +02:00
Marek Marczykowski
b57b41aafa
dom0: qmemman: Support for maxmem != physical memory ( #235 )
2011-05-12 15:20:26 +02:00
Marek Marczykowski
3d92e50792
Merge branch 'sane-and-pretty' of ssh://git.qubes-os.org/var/lib/qubes/git/rafal/core
2011-05-09 12:25:14 +02:00
Rafal Wojtczuk
6067be29df
qmemman: add comments, make some identifiers more verbose
2011-05-04 17:58:28 +02:00
Rafal Wojtczuk
18e207cbc5
qmemman: prefix variables read from xenstore with "untrusted_"
...
Additionally move all already existing checks to an already
existing is_meminfo_suspicious procedure.
2011-05-04 17:10:01 +02:00
Marek Marczykowski
4a76bf2981
Call xm to set maxmem, instead of direct call to xend.
...
Previous one hangs sometimes with 100% occupied by xend.
This will also be simpler to port to xl/libxl interface.
2011-05-01 12:02:27 +02:00
Marek Marczykowski
f49c3a4224
Reduce dom0 priority bonus
...
To not kill AppVMs performance with ex kcryptd
2011-05-01 00:32:04 +02:00
Marek Marczykowski
aa7df98b7e
Use half of host memory as maxmem by default. Allow to configure it per VM.
2011-04-29 01:43:41 +02:00
Marek Marczykowski
ac84bbe621
Remove correct lockfile on qubes_setupdvm stop
2011-04-27 23:07:38 +02:00
Marek Marczykowski
98f4028142
Connect vif's to already running VMs on NetVM/ProxyVM startup ( #190 )
...
Also cleanup stale vifs using "xm network-detach ... -f"
Fix iptables rules to support not only first vif of VM
2011-04-23 03:05:27 +02:00
Marek Marczykowski
0b66804a7b
Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/smoku/core
2011-04-21 23:56:41 +02:00
Marek Marczykowski
50af1d15b3
Catch more exceptions during VM restore ( #212 )
2011-04-20 20:05:58 +02:00
Tomasz Sterna
5001b7c9d7
Save VM updatable state in qubes_vm_updateable
2011-04-20 01:01:38 +02:00
Marek Marczykowski
8a9bbbfc98
Fix usage info (and args check) for remove_appvm_appmenus.sh ( #225 )
2011-04-19 18:06:01 +02:00
Marek Marczykowski
e7190d0239
Clean appmenus on template remove ( #225 )
2011-04-19 17:55:06 +02:00
Marek Marczykowski
ccecb27b5b
Use any directory template when creating appmenus ( #225 )
2011-04-19 16:52:31 +02:00
Marek Marczykowski
6eb39106bb
Include appmenus template for TemplateVM when clonning template files ( #225 )
2011-04-19 16:09:11 +02:00
Marek Marczykowski
067165e030
Link to icon on template clone ( #225 )
2011-04-19 15:56:00 +02:00
Marek Marczykowski
1e53115eab
Create appmenus not only for AppVM ( #225 )
...
Needed also by TemplateVM, and maybe others (service VMs)
For TemplateVM uses separate appmenus template (apps-template.templates).
2011-04-19 15:54:36 +02:00
Marek Marczykowski
ae661a6148
Down net ifaces on suspend ( #146 )
...
NetworkManager stop isn't enough
2011-04-19 12:53:57 +02:00
Marek Marczykowski
1e923e3cb5
Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core
2011-04-19 09:32:45 +02:00
Marek Marczykowski
860bab5662
Rename xenstore-watch to xenstore-watch-qubes
...
Xen 4.1.0 provides own xenstore-watch with diffrent args. We can't use it by
default, because we still support xen 3.4.
2011-04-19 01:38:07 +02:00
Marek Marczykowski
3f310e5f3e
Adopt vchan to xen-libs-4.1.0 API.
...
Add #ifdefs to support new and old API
2011-04-19 01:21:48 +02:00
Joanna Rutkowska
ce7fa7474f
vaio_fixes: pass special option to snd-hda-intel module (required to get sound on Vaio Z)
2011-04-11 11:35:25 +02:00
Joanna Rutkowska
cc83e31047
Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core
2011-04-10 22:52:07 +02:00
Marek Marczykowski
8dc50df12b
Missing vm name in message
2011-04-10 21:49:13 +02:00
Rafal Wojtczuk
7b43755f33
qfile-daemon-dvm: increase timeout of tray notification
2011-04-10 15:39:35 +02:00
Rafal Wojtczuk
e6cc7b84d8
qubes_setupdvm: preserve mtime of the default savefile copy in shm
...
Otherwise, if the savefile is stale, we would use it instead of
recreating.
2011-04-10 15:18:17 +02:00
Joanna Rutkowska
1d97d1bd0f
Don't create DispVM savefile in initd script
2011-04-08 23:00:10 +02:00
Joanna Rutkowska
b9f6962716
Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core
2011-04-08 22:50:57 +02:00
Marek Marczykowski
4ae804b3ec
Wait for qubes-session initialization before executing GUI application ( #208 )
2011-04-08 22:35:31 +02:00
Marek Marczykowski
0dc4fb929e
Backup kernel+initrd of StandaloneVM ( #213 )
2011-04-08 20:03:38 +02:00
Joanna Rutkowska
304c27313a
qubes.py: handle nicely situation when create_appmenus exits with error
2011-04-08 16:00:14 +02:00
Joanna Rutkowska
670f034ee9
Igonre the 'run as root' warning for qvm-create-default-dvm
2011-04-08 11:03:00 +02:00
Joanna Rutkowska
f6d4f86edc
Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core
...
Conflicts:
rpm_spec/core-dom0.spec
2011-04-07 19:39:42 +02:00
Joanna Rutkowska
7097cfa2ac
Add explanations why we don't isolate root from user in VMs and in Dom0
2011-04-07 19:38:02 +02:00
Marek Marczykowski
a610ec51d0
Automaticaly start qubes_guid for all VMs when user logon
...
This is needed ex for NetVM, which is started without qubes_guid
2011-04-07 19:23:23 +02:00
Joanna Rutkowska
2230e67a39
Optional package with suspend fixes for Vaio Z laptops
2011-04-07 13:34:17 +02:00
Marek Marczykowski
e9c6dc387e
Fixed getting VMs connected to NetVM ( #172 )
2011-04-07 10:42:24 +02:00
Marek Marczykowski
086f2720df
Add missing import ( #200 )
2011-04-06 23:55:16 +02:00
Marek Marczykowski
c569d4070e
Warning the user if calling qvm-{create,remove} as root ( #200 )
2011-04-06 23:52:39 +02:00
Marek Marczykowski
d1abb37a5f
Do not fail if cannot remove VM from xen store just before adding it again ( #204 )
2011-04-06 23:30:14 +02:00
Joanna Rutkowska
d01489b486
Use 200MB by default for NetVM and ProxyVM
2011-04-06 13:34:03 +02:00
Joanna Rutkowska
102d5735e7
Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core
2011-04-06 10:40:51 +02:00
Marek Marczykowski
d4e80e7984
Deny inter-VM traffic in ProxyVM
2011-04-06 10:32:20 +02:00
Joanna Rutkowska
c80a1c18ac
Add qubes group to suders that can do everything
...
(The file in /etc/sudoers.d/ cannot have '.' in its name!)
2011-04-05 18:01:03 +02:00
Joanna Rutkowska
a7ac3a089c
Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core
2011-04-05 14:41:52 +02:00
Marek Marczykowski
c8acca0eb6
Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core
...
Conflicts:
dom0/qvm-core/qubes.py
2011-04-05 14:39:40 +02:00
Marek Marczykowski
ffaa518c5a
Fix checking if there is AppVMs based on template ( #154 )
2011-04-05 14:33:51 +02:00
Joanna Rutkowska
cc5d0e016d
Use priority 8x for qubes services, allowing for more flexibility
2011-04-05 14:31:19 +02:00