Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,773 Commits 1 Branch 0 Tags 15 MiB
b92bb698be
Commit Graph

1773 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marek Marczykowski
95a52d388b Optimize iptables rules in NetVM 
Move "state RELATED,ESTABLISHED" rule to the beginning.
 2011-04-06 10:33:42 +02:00
Marek Marczykowski
d4e80e7984 Deny inter-VM traffic in ProxyVM 2011-04-06 10:32:20 +02:00
Joanna Rutkowska
00107ccd84 Correct repo file for VMs 2011-04-05 23:53:44 +02:00
Joanna Rutkowska
ad197d6255 version 1.5.11-dom0 2011-04-05 18:01:59 +02:00
Joanna Rutkowska
c80a1c18ac Add qubes group to suders that can do everything 
(The file in /etc/sudoers.d/ cannot have '.' in its name!)
 2011-04-05 18:01:03 +02:00
Joanna Rutkowska
09bf482b35 version 1.5.10-dom0 2011-04-05 14:44:29 +02:00
Joanna Rutkowska
a7ac3a089c Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-04-05 14:41:52 +02:00
Joanna Rutkowska
54d60939b6 version 1.5.9-dom0 2011-04-05 14:39:58 +02:00
Marek Marczykowski
c8acca0eb6 Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 
Conflicts:
	dom0/qvm-core/qubes.py
 2011-04-05 14:39:40 +02:00
Marek Marczykowski
ffaa518c5a Fix checking if there is AppVMs based on template (#154) 2011-04-05 14:33:51 +02:00
Joanna Rutkowska
cc5d0e016d Use priority 8x for qubes services, allowing for more flexibility 2011-04-05 14:31:19 +02:00
Joanna Rutkowska
6aff6d3e2d Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/smoku/core 2011-04-05 14:28:35 +02:00
Joanna Rutkowska
97ca67c974 Merge branch 'spring-merge' of git.qubes-os.org:/var/lib/qubes/git/rafal/core 2011-04-05 14:24:52 +02:00
Marek Marczykowski
c2498a33e2 Uninstall appmenus only if present in VM dir (#192) 2011-04-05 11:58:21 +02:00
Rafal Wojtczuk
37e06d19e4 qmemman: handle requests for small pieces correctly 
There seems to be a problem with xm mem-set, when executed for a value
very close to the current value - the request is ignored; apparently, the
domU kernel imposes some granularity on the request size.
So, if qmemman is asked for, say 470MB, and there is 469MB free, it will try
to milk 1MB from all domains - and this will fail. REQ_SAFETY_NET_FACTOR
does not help in this scenario.
The logs show
req= 1110016 avail= 2503727104.0 donors [('11', 194375270.40000001),...
borrow 90484.1597129 from 11 - so, beg for 90K from a domain
borrow 132239.288652 from 10
borrow 537099.316089 from 0
borrow 148004.024941 from 7
borrow 139834.21573 from 9
borrow 117855.794876 from 8
and then we fail when a domain does not provide this lousy 90KB.

The solution is to ask for actual_need+XEN_FREE_MEM_LEFT, but return if we already
have actual_need+XEN_FREE_MEM_MIN (the latter is 25MB smaller).
 2011-04-05 10:52:53 +02:00
Marek Marczykowski
449bcb09ac Don't remove VM dir, when qvm-create failed 
It can contain user data (copied here by hand)
 2011-04-05 00:12:32 +02:00
Tomasz Sterna
8ddb8593cb Removed qubes_setupdvm script from package 2011-04-04 22:20:41 +02:00
Marek Marczykowski
1b0f198999 Don't pause AppVMs when connecting network to dom0 
There is no point in this, because we have firewall in NetVM. If someone
compromise NetVM to controll firewall, he could also reach dom0 by network.
 2011-04-04 20:02:07 +02:00
Marek Marczykowski
2aec07dd60 Store VM collection connected to NetVM 2011-04-04 19:08:40 +02:00
Joanna Rutkowska
183dbacc4b version 1.5.8 2011-04-04 18:48:58 +02:00
Joanna Rutkowska
a88e104b6e Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-04-04 18:47:08 +02:00
Marek Marczykowski
a6d079594b Don't set template on StandaloneVM - only use it when copying template files (#189) 2011-04-04 18:41:02 +02:00
Rafal Wojtczuk
02514b1347 If the firewall rules file does not exist, assume ALLOW (#188) 
So that newly created appvms have net access.
 2011-04-04 17:07:46 +02:00
Joanna Rutkowska
936ce590ac version 1.5.8-vm 2011-04-04 11:27:51 +02:00
Joanna Rutkowska
bbec676076 Fix rpm signing in Makefile 2011-04-04 11:27:51 +02:00
Joanna Rutkowska
a83e8c2d2d commonvm: Update repo info, use local RPM keys 2011-04-04 11:27:48 +02:00
Joanna Rutkowska
6e747e98cb Makefile improvements for repo management 
* Sign only current version of the rpms generated
 * repo-update-{current,unstable} targets for new yum repo
 2011-04-04 10:57:21 +02:00
Joanna Rutkowska
d3678d6307 version 1.5.7 2011-04-04 09:40:53 +02:00
Joanna Rutkowska
b779fadda6 Revert "Start qrexec daemon when VM is running (but qrexec not)" 
This functionality has already been implemented by:

d6bdb85883

This reverts commit 97403a8e45.
 2011-04-04 09:35:48 +02:00
Joanna Rutkowska
3f31a5f3a7 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-04-04 09:33:31 +02:00
Joanna Rutkowska
2f278b8647 Do not try to disable 3rd party services in qubes-core-dom0 %post 
Leavit to the installer (firstboot).
 2011-04-04 00:53:16 +02:00
Joanna Rutkowska
0e61bead87 Do not restart netvms when upgrading qubes-core-dom0 (#175) 2011-04-04 00:52:00 +02:00
Marek Marczykowski
c10f7ef70b Add missing coma (#155) 2011-04-04 00:08:24 +02:00
Marek Marczykowski
398734dad2 Internal VMs (hidden in qubes-manager, menus etc) - used for DispVM template (#155) 2011-04-03 17:47:20 +02:00
Joanna Rutkowska
0104e0eac0 core-dom0 should not add qubes.repo -- this is a task of qubes-release package and installer 2011-04-03 17:05:59 +02:00
Marek Marczykowski
fa703c536f Generate firewall rules only for VMs connected to this firewall (#158) 2011-04-03 01:54:04 +02:00
Marek Marczykowski
ab244d803f Detect if VMs is outdated (#168) 
If so - VMs restart is required to see latest template changes.
 2011-04-02 02:11:41 +02:00
Marek Marczykowski
5e3b3fe922 Store and load from qubes.xml memory, vcpus and pcidevs 
Needed to recreate correct xen config files (ex after template package upgrade)
 2011-04-02 00:37:38 +02:00
Marek Marczykowski
e22f303f79 Warn user when restoring backup as root (#159) 2011-04-01 02:11:40 +02:00
Marek Marczykowski
136a65e0be Fix indentation - duplicate VMs warning message (#159) 2011-04-01 02:10:50 +02:00
Marek Marczykowski
156778fcd7 Set template field before check its correctness. 
Backup from Aplha3 with updateable VMs contains case, when updateable VM have template.
So set this template (to make qvm-backup-restore working), but give error message.

Also fix typo.
 2011-04-01 02:06:22 +02:00
Marek Marczykowski
97403a8e45 Start qrexec daemon when VM is running (but qrexec not) 
This takes place ex. when VM started from qubes-manager.
There is little sense in implementing full start procedure in every qubes tool,
so start it here, not in qubes-manager.
 2011-04-01 01:23:57 +02:00
Marek Marczykowski
f0716c2498 Setup firewall for every VM with FW configuration (no only AppVM) (#167) 2011-04-01 01:17:38 +02:00
Marek Marczykowski
97393c54a5 Really block 'updateable' flag change 2011-04-01 01:17:18 +02:00
Marek Marczykowski
1f5c03da3f Remove QubesCowVm class 
StandaloneVM isn't really CowVM; also most AppVM/CowVM features applies also to TemplateVM.
So CowVM class is meaningless.
 2011-04-01 01:14:18 +02:00
Joanna Rutkowska
0982943466 version 1.5.6-appvm 2011-03-31 15:25:47 +02:00
Joanna Rutkowska
59e00482d1 Fix stupid synatx error that prevented displaing error messages 2011-03-31 15:25:33 +02:00
Joanna Rutkowska
f713729826 Move nautilus scripts creation to qubes_core 
qubes_core_appvm executes too early, when /home is still not symlinked to /rw/home.
 2011-03-31 15:15:10 +02:00
Joanna Rutkowska
bce4b225cf Autoclose file copy progress dialog 2011-03-31 15:03:25 +02:00
Joanna Rutkowska
c76d40b3fa Display name of the destVM in copy progress dialog 2011-03-31 14:44:48 +02:00