Marek Marczykowski-Górecki
f2f9f568cd
backups: enforce estimated upper limit on extracted files count
...
Do not allow (compromised) source VM to use all inodes.
2014-02-05 02:48:00 +01:00
Marek Marczykowski-Górecki
038877d35d
backups: fix tar output handling
...
Tar print the filename right _before_ processing the file, so wait for
the next filename before processing actual file.
2014-02-01 14:03:26 +01:00
Marek Marczykowski-Górecki
75c0e775a4
backups: simplify EOL markers handling
...
Let the python do it right.
2014-02-01 14:02:38 +01:00
Marek Marczykowski-Górecki
a17b7f584d
backups: improve exception reporting during extract
...
Report original exception location, not the wrapper function.
2014-02-01 14:01:21 +01:00
Marek Marczykowski-Górecki
68ad6d0760
dispvm: start guid during savefile preparation
...
Now gui-agent supports reconnect to guid, so start it early to have Xorg
running in the VM.
This is still not done - for example it tries to run some commands via
(not running yet) qrexec.
2014-01-24 06:42:20 +01:00
Marek Marczykowski-Górecki
60d373dbda
qvm-tools: grammar fix in help message
...
might be repeated -> may be repeated
2014-01-23 04:50:14 +01:00
Marek Marczykowski-Górecki
d25482ad29
Add one more method to get system timezone
...
Some programs (like KDE system settings) makes /etc/localtime hardlink
instead of symlink. Handle this case. Hopefully there will be less and
less such applications...
2014-01-23 02:33:05 +01:00
Marek Marczykowski-Górecki
da773992d2
version 2.1.39
2014-01-22 22:45:26 +01:00
Marek Marczykowski-Górecki
4ea600c8d3
core/proxyvm: allow TCP traffic to DNS servers
...
Some DNS queries requires TCP - namely those with response not fitting
in 512 bytes.
2014-01-21 04:45:41 +01:00
Marek Marczykowski-Górecki
7a639911f8
dispvm: simplify DispVM preparation script
2014-01-21 04:41:18 +01:00
Marek Marczykowski-Górecki
8dda7cf884
core: improve VM name validation
...
Do not allow 'special' names.
2014-01-21 00:41:01 +01:00
Marek Marczykowski-Górecki
a4d1ede69b
backups/qvm-tools: add an option to restore only selected VMs ( #766 )
2014-01-19 04:52:13 +01:00
Marek Marczykowski-Górecki
f1bb17a3e1
backups: improve error reporting for invalid backup directory
2014-01-19 04:51:46 +01:00
Marek Marczykowski-Górecki
a6740610e3
backups: fix handling new format without backup header
...
Tar will report error when 'backup-header' file wasn't found. Ignore
this particular error.
2014-01-19 04:50:56 +01:00
Marek Marczykowski-Górecki
49259dacf6
backup: minor fix in function arguments
2014-01-19 04:50:23 +01:00
Marek Marczykowski-Górecki
c57c5fc107
dispvm: fix non-networked DispVM
...
The 'netvm-id.txt' will be empty in this case.
2014-01-16 15:48:24 +01:00
Marek Marczykowski-Górecki
849cfbf826
Merge remote-tracking branch 'woju/master' into appicons
2014-01-16 05:13:05 +01:00
Marek Marczykowski-Górecki
dc34b6c94c
qvm-backup: automatically start destination VM ( #767 )
2014-01-15 05:52:46 +01:00
Marek Marczykowski-Górecki
d473140dff
qvm-backup: encrypt the backup when custom enc algo specified
...
Also move forcing encryption earlier to have VM names hidden
(backup_prepare call).
2014-01-15 05:51:52 +01:00
Marek Marczykowski-Górecki
16f8e46f68
qvm-backup: automatically exclude destination VM from backup ( #767 )
2014-01-15 05:51:18 +01:00
Marek Marczykowski-Górecki
8921df90d8
qvm-backup: add options to specify custom hmac/enc algorithms
2014-01-15 05:34:35 +01:00
Marek Marczykowski-Górecki
adbec8e843
backups/qvm-backup: force encryption if backup is sent to AppVM ( #769 )
2014-01-15 05:34:21 +01:00
Marek Marczykowski-Górecki
26b32ca51e
backups: refuse to create encrypted and compressed backup ( #775 )
2014-01-15 05:00:13 +01:00
Marek Marczykowski-Górecki
357fe37ed2
backups: change data/time delimiter in filename according to ISO 8601
2014-01-15 04:34:51 +01:00
Marek Marczykowski-Górecki
50c00e555e
backups: make cleanup code more defensive
...
If we are killing remaining processes in cause of exception, ignore
failure here (OSError is raised in case of non existing process).
2014-01-15 03:57:59 +01:00
Marek Marczykowski-Górecki
7b1e9f3bfb
backups: implement backup header
...
It stores basic backup information like used hmac/crypto algorithm,
whether backup is encrypted/compressed and possibly more. The header
file is parsed only after successful HMAC verification. Because we do
not know which HMAC algorithm was used before reading the header, try to
guess trying all supported (starting with the default one).
Backup header is stored as the first file, which is always not encrypted
and not compressed. Then qubes.xml follows.
2014-01-15 03:53:45 +01:00
Marek Marczykowski-Górecki
4c29d743c8
backups: introduce configurable HMAC/encryption algo
...
For now always set it to default values (no frontend application uses
those parameters), but be prepared for further improvements.
2014-01-15 03:50:29 +01:00
Marek Marczykowski-Górecki
4b493b6d9a
backups: unify compress/encrypt parameter names
2014-01-15 03:45:12 +01:00
Marek Marczykowski-Górecki
8d445beebb
backups: fix qvm-backup-restore calls
...
Do not use backup_restore_header, it is called from
backup_restore_prepare now.
2014-01-15 03:36:45 +01:00
Marek Marczykowski-Górecki
a2037a4985
backups: do not hardcode limit values in the code ( #771 )
...
Also introduce limit for stderr read from VM (anti DoS protection).
2014-01-15 03:36:16 +01:00
Marek Marczykowski-Górecki
b85cd0448f
backups: minor fixes, mostly formatting
2014-01-15 01:05:54 +01:00
Marek Marczykowski-Górecki
6b4c96d195
Improve block devices detection during system startup
...
Not only refresh the info about mounted devices, but also check for
others - detected before xenstored was running. Because of recent change
in udev rules (adding flock) it shouldn't deadlock now.
2014-01-13 05:00:01 +01:00
Marek Marczykowski-Górecki
40953176f4
backups: reorganise restore API
...
Call backup_restore_header from backup_restore_prepare, there is no
sense in requiring the user to call them separately. Also store all
parameters in restore_info object as special '$OPTIONS$' VM to not
require passing them twice (with all the chances for the errors).
2014-01-13 04:45:02 +01:00
Marek Marczykowski-Górecki
338fc74ea2
backups: misc minor fixes
2014-01-13 04:37:54 +01:00
Marek Marczykowski-Górecki
c6ca2725a1
backups: rename classes according to coding style
2014-01-13 04:27:19 +01:00
Wojciech Porczyk
962d3da42e
appicons
...
labels need to be specified with colour code
also fixed duplicate QubesDispVmLabels
2014-01-11 00:07:55 +01:00
Marek Marczykowski-Górecki
e2c19e0bc4
qvm-tools: fix typo in qvm-start
2014-01-10 03:32:22 +01:00
Marek Marczykowski-Górecki
c825a41909
backups: ignore EPIPE on pipe.close()
...
This is most likely some padding left in output buffer. See #764
comments for details.
2014-01-10 03:31:15 +01:00
Marek Marczykowski-Górecki
6abca8ce57
backups: do not chdir() in main process
...
This can be any application, for example Qubes Manager. Changing current
dir can have side effects, especially when we do not change it back
after restore (or in any error encountered).
2014-01-10 03:30:59 +01:00
Marek Marczykowski-Górecki
29bd92aad9
backups: terminate Extract_Worker on error in main process
2014-01-10 03:28:53 +01:00
Marek Marczykowski-Górecki
d86865d299
backups: fix passing -z option to openssl
...
Note that this is not fix #775 in any way.
2014-01-10 03:26:50 +01:00
Marek Marczykowski-Górecki
01312a17d6
backups: improve error handling in Extract_Worker
...
Terminate children when exception raised. Also rename tar2_command to
tar2_process to improve readability.
2014-01-10 03:23:51 +01:00
Marek Marczykowski-Górecki
eeca3eb697
backups: improve error reporting when something failed in dest VM
2014-01-10 03:20:48 +01:00
Marek Marczykowski-Górecki
bcf1a19807
backups: fix include/exclude of dom0 home in backup
...
Place it in the list just like the other VMs. Then handle separately.
2014-01-10 03:19:22 +01:00
Danny Fullerton
268dcfd71d
Fix qvm-block crash with /dev/mdXpY devices
2014-01-08 11:51:05 +01:00
Marek Marczykowski-Górecki
631f5f8383
version 2.1.38
2014-01-06 17:52:28 +01:00
Vincent Penquerc'h
8e16c0be34
qubes-restore: check for negative numbers from file data
2014-01-06 17:47:16 +01:00
Vincent Penquerc'h
cdbfa0b7eb
xenstore-watch: initialize token passed to xen
...
Xen will read it till the terminating NUL.
Plus return 0 on exit and define main as returning int.
2014-01-06 17:47:16 +01:00
Vincent Penquerc'h
2924a3436f
qubes-restore: minor const/void fixups
2014-01-06 17:47:16 +01:00
Vincent Penquerc'h
cb39059ede
qubes-restore: trivial error message \n fixups
2014-01-06 17:47:16 +01:00