Marek Marczykowski-Górecki
25c425920c
qvm-tools: fix error reporting in qvm-kill
2015-01-30 01:38:56 +01:00
Marek Marczykowski-Górecki
73301a67c8
core: fix vm.run(..., passio=False) handling
...
Long time ago passio=True was used to replace current process with
qrexec-client directly (qvm-run --pass-io was the called), but this
behaviour is not used anymore (qvm-run was the only user). And this
option was left untouched, with misleading name - one would assume that
using passio=False should disallow any I/O, but this isn't the case.
Especially qvm-sync-clock is calling clockvm.run('...', wait=True),
default value for passio=False. This causes to output data from
untrusted VM, without sanitising terminal sequences, which can be fatal.
This patch changes passio semantic to actually do what it means - when
set to True - VM process will be able to interact with
stdin/stdout/stderr. But when set to False, all those FDs will be
connected to /dev/null.
Conflicts:
core-modules/000QubesVm.py
2015-01-30 01:38:52 +01:00
Marek Marczykowski-Górecki
d4ab70ae9d
core: update qvm-block code for HAL API
...
Use QubesDB to get list of devices, call libvirt methods to
attach/detach devices.
2014-12-12 03:59:01 +01:00
Zrubi
b4e0833cb7
qubes-hcl-report v2.2
...
- Network devices section added to HCL Info output
2014-12-05 19:33:17 +01:00
Zrubi
55fce5dd36
qubes-hcl-report v2.1
...
- script redesign,
- fixed VT-d, VT-x detection,
- Support File generation is optional,
- the results are kept in dom0 by default,
- version and usage info added.
(cherry picked from commit f5845b2df1db19da37f02ace24f29a82660c39ff)
2014-12-05 17:06:17 +01:00
Marek Marczykowski-Górecki
467477409d
makefile/windows: install qvm-tools with .py extension
...
So system will automatically run them with python interpreter (wherever
it is installed). This require to have ".py" in PATHEXT variable.
2014-11-19 12:50:26 +01:00
Marek Marczykowski-Górecki
eaac99bf64
qvm-tools: check if running as root only on systems with os.geteuid
2014-11-19 12:50:26 +01:00
Marek Marczykowski-Górecki
0009805041
rpm+makefile: move build/install code to Makefile files
...
This makes build "scripts" not tied to Fedora-specific files. Especially
ease porting to other platforms.
2014-11-19 12:50:24 +01:00
Marek Marczykowski
5a28074c2b
qvm-template-commit: add --offline-mode option
...
Allow force offline mode (disable check if VM isn't running) - useful
for running from anaconda (inside of chroot).
2014-11-19 12:48:27 +01:00
Marek Marczykowski
b8c62c0279
Wrap all VMM connection related object into QubesVMMConnection class
...
This makes easier to import right objects in submodules (only one
object). This also implement lazy connection - at first access, not at
module import, which speeds up tools, which doesn't need runtime
information (like qvm-prefs or qvm-service). In the future this will
ease migration from xenstore to QubesDB.
Also implement "offline mode" - operate on qubes.xml without connecting
to VMM - raise exception at such try.
This is needed to run tools during installation, where only minimal
set of services are started, especially no libvirt.
2014-11-19 12:48:26 +01:00
Marek Marczykowski-Górecki
19d064ca66
qvm-tools/qvm-run: do not echo empty line, remove unneeded imports
2014-11-10 02:25:27 +01:00
Marek Marczykowski-Górecki
ac155705d1
qvm-tools/qvm-run: remove --shutdown option
...
There is separate tool for this operation (qvm-shutdown). qvm-run
options related to shutdown (--wait, --force) can be confusing to the
user.
2014-11-10 02:24:43 +01:00
Marek Marczykowski-Górecki
96d5b47cce
qvm-tools/qvm-backup: add --debug option
2014-09-26 14:42:25 +02:00
Marek Marczykowski-Górecki
68460fb272
qvm-tools/qvm-shutdown: handle domains with xl daemon killed ( #903 )
...
When system is going down, systemd kills all the users processes,
including 'xl' daemons waiting for domain shutdown. This results in
zombie domains not cleaned up. The proper fix would be somehow extract
those processes from user session scope (most likely by starting them as
a service).
But because it applies only to system shutdown (qvm-shutdown
call there), it is simpler to add appropriate handling code to
qvm-shutdown.
In R3 the problem will vanish, because of use libvirtd deamon, so no
user processes required to track domains state.
2014-09-26 02:18:42 +02:00
Marek Marczykowski-Górecki
fc7d686b2e
qvm-tools/qvm-shutdown: do not kill already dead VM
...
When VM stop just when the timeout expires, qvm-shutdown should not try
to kill it - this would result in QubesException("VM already stopped!").
2014-09-25 05:47:35 +02:00
Marek Marczykowski-Górecki
a40e946a3f
backups: add qvm-backup-restore --debug option
2014-09-17 23:12:27 +02:00
Marek Marczykowski-Górecki
b506a0cc15
backups: make the restore more defensive
...
Continue restore even if some fails failed to extract
2014-09-17 23:12:27 +02:00
Marek Marczykowski-Górecki
228ae07543
backups: improve errors handling
...
Report nice error message (not a traceback), interrupt the process on
non-recoverable error (when extraction process is already dead).
2014-09-17 14:43:41 +02:00
Marek Marczykowski-Górecki
f0bbb28398
backups: implement verify-only option ( #863 )
2014-09-17 14:43:27 +02:00
Marek Marczykowski-Górecki
591826daa2
qvm-tools: fix error message for setting vcpus using qvm-prefs
...
Simple typo, but results in exception.
2014-09-16 01:21:21 +02:00
Marek Marczykowski-Górecki
4913fc4fbc
qvm-tools: improve messages for qvm-create --root-{move,copy}
...
There was no separate message, so it looked like registering appmenus
takes a long time.
2014-09-16 01:20:06 +02:00
Marek Marczykowski-Górecki
6dbaede3d0
qvm-tools/qubes-prefs: report empty setting as empty string instead of "none" ( #894 )
2014-09-04 23:58:32 +02:00
Hakisho Nukama
be8d807624
removed duplicated comment tag
2014-09-04 23:31:38 +02:00
Marek Marczykowski-Górecki
e5a6f58851
dispvm: by default use default dispvm-prerun script
...
Assume "--default-script" when no second argument given.
2014-07-02 02:31:22 +02:00
Marek Marczykowski-Górecki
c9ff9c2258
Revert "dispvm: use < 3.12 kernel if possible ( #868 )"
...
This reverts commit 7ce6601853
.
3.12+ kernel fixed, so no longer needed.
2014-06-27 17:31:32 +02:00
Marek Marczykowski-Górecki
7ce6601853
dispvm: use < 3.12 kernel if possible ( #868 )
...
3.12+ is known to have broken balloon driver after save+restore.
2014-06-27 03:24:41 +02:00
Zrubi
dcba6b930a
qubes-hcl-report: collect and print RAM and HDD info.
2014-06-25 14:06:19 +02:00
Marek Marczykowski-Górecki
1ed9c74d83
Rearrange code to not import PyQt on every qvm-* call
...
Move notification functions to separate file (out of guihelpers).
2014-06-05 01:59:42 +02:00
Marek Marczykowski-Górecki
6e8dc37f9b
qvm-tools: add customizable VM output color
2014-05-26 01:31:39 +02:00
Marek Marczykowski-Górecki
44f38fe076
Declare file encoding for all python files, fill missing copyright headers
...
Without that, python do not accept UTF-8 even in comments.
2014-05-18 21:03:27 +02:00
Wojciech Zygmunt Porczyk
04df26ab70
qvm-firewall: use socket.getservby(name|port)
...
instead of parsing /etc/services
(#829 )
2014-05-16 18:55:30 +02:00
Wojciech Zygmunt Porczyk
45318ecb43
regexp fixes and validation ( #829 )
2014-05-16 18:35:59 +02:00
Hakisho Nukama
0d47157f3b
qubes-hcl-report: more output added - wikis source format.
2014-05-09 17:14:17 +02:00
Marek Marczykowski-Górecki
b8b2733114
core: fix un-setting global VMs (default netvm, clockvm etc)
2014-05-05 05:24:04 +02:00
Marek Marczykowski-Górecki
3914835ceb
backups: add option to disable encryption
...
While the encryption is enabled by default in reasonable cases, allow the
user to disable it if he/she want to.
2014-05-05 05:22:57 +02:00
Marek Marczykowski-Górecki
bb9d8bbf78
Remove qubes-dom0-network-via-netvm tool ( #820 )
...
If someone really needs it for debuging he/she should be able to either
do it manually (xl network-attach...) or at worst case retrieve this
tool from git history.
2014-04-16 16:44:41 +02:00
Marek Marczykowski-Górecki
0695a5ff82
qvm-sync-clock: don't show unverified output to the terminal
2014-04-15 04:14:45 +02:00
Marek Marczykowski-Górecki
ac7746feed
qvm-run: add color output and filtering escape sequences
...
This makes VM output clearly distinguishable
2014-04-15 03:19:48 +02:00
Marek Marczykowski-Górecki
5cbfb64a57
qubesutils: enable/disable updates check on all the VMs and dom0 ( #800 )
2014-04-11 07:06:12 +02:00
Marek Marczykowski-Górecki
cd6504f8ea
qvm-tools: add qvm-ls --raw-list for machine readable VM list
2014-04-11 02:18:43 +02:00
Marek Marczykowski-Górecki
5704b41a45
hvm: seamless_gui_mode setting, including runtime change support ( #810 )
2014-04-01 01:12:35 +02:00
Zrubi
133e8ddcc3
qubes-hcl-report - bugfix
2014-03-28 07:28:43 +01:00
Marek Marczykowski-Górecki
242590902a
firewall: minor improvements
...
Do not require ports specified in rule - useful for "any" protocol where
ports doesn't have sense.
2014-03-28 02:55:35 +01:00
Marek Marczykowski-Górecki
e90e1c62ec
proxyvm: add support for rules with expire time ( #760 )
2014-03-28 02:54:59 +01:00
Marek Marczykowski-Górecki
91428ebaa1
core: method to resize root.img ( #699 )
2014-03-21 18:43:13 +01:00
Marek Marczykowski-Górecki
dda1bbc41a
backups/qvm-backup: show all warnings at one place, clarify pass phrase prompt ( #801 )
2014-03-17 21:26:42 +01:00
Marek Marczykowski-Górecki
5d7688a2fe
backups: allow provide full path for the backup (instead of directory) ( #801 )
...
This will allow the user to choose custom filename, instead of
auto generated 'qubes-backup-XXX'.
2014-03-17 21:15:39 +01:00
Marek Marczykowski-Górecki
61c10d7621
qvm-tools: display date of last backup
2014-03-10 04:29:46 +01:00
Marek Marczykowski-Górecki
ab094a623a
qvm-tools: remove files after failed VM clone
2014-02-22 01:26:51 +01:00
Marek Marczykowski-Górecki
4ff39859c4
backups/qvm-tools: decode password using console encoding
2014-02-05 06:53:07 +01:00