Libvirt do not show actual block device (loop*) choosen for the device -
only original (file) path. But file path is available in device
description. Please note that VM can provide any description (withing
allowed limits), effectively breaking this check again (hidding the
attachment status). But even without this bug it could do that - by
hidding the whole device from QubesDB.
FixesQubesOS/qubes-issues#2453
Otherwise qvm-create-default-dvm may fail to include it in
saved-cows.tar, which will lead to DispVM being not really disposable.
FixesQubesOS/qubes-issues#2200
If it fails - for example because of too restrictive volatile.img
permissions, subsequent DispVM will not be really disposable.
The original permissions issue should be fixed by previous commit, this
one makes sure that such errors will not be ignored.
FixesQubesOS/qubes-issues#2200
This is no longer necessary since volatile.img is formated inside the
VM. This also fixes DispVM creation if the user sets a restrictive umask
for root. Maybe related to #2200.
When stdout is redirected to some file or command two things will
happen:
- qvm-run will not automatically color the output as stdout is not a
TTY
- even when coloring is forced, it will not work, as the control
sequence (on stdout) will be redirected anyway
Fix this by handling stdout and stderr independently and output color
switching sequence to each of them.
FixesQubesOS/qubes-issues#2190
Backup compat tests use 'test-' prefix (as it was initially for all the
tests. Since changing this right not may break those backups in
non-trivial way, simply add cleanup for 'test-*' VMs.
When calling _register_watches() multiple times for dom0 (by passing
None or since 7e9c816b by passing the corresponding libvirt domain) the
check was missing if there is already a QubesDB in _qdb. Therefore a new
QubesDB was created and the old one is destroyed by the GC. As a
consequence the watch_fd is closed but the libvirt event handle for this
fd is still registered. So when libvirt calls poll() it returns
immediately POLLNVAL with the closed fd. This is not caught in libvirt
and the callback is called as if an event happened. _qdb_handler() now
calls read_watch() on the new fd for dom0 and thereby hangs the thread.
This leads (at leads) to qubes-manager to miss VM status updates and
block device events.
FixesQubesOS/qubes-issues#2178
