Commit Graph

109 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
39ef189a93
Merge remote-tracking branch 'origin/pr/354'
* origin/pr/354: (35 commits)
  tests/lvm: re-introduce POOL_CONF
  tests/lvm & callback: remove explicit class references
  storage/callback: remove the "word of caution"
  storage/callback: comment fixes
  storage/callback: add the config ID as callback argument
  storage/callback: some callbacks added & removed
  tests/lvm & callback: Refactoring
  Revert "storage/callback: do not run sync code async"
  tests/callback: ensure missing conf causes errors
  storage/callback: do not run sync code async
  tests/callback: added callback-specific tests
  storage/callback: async Volume.export() & added Volume.export_end()
  storage/lvm: make the "hack" work with CallbackPool instances
  storage/callback: add the backend_class property
  tests/callback: add them to the rpm build
  storage/callback: various fixes
  tests/callback: add rudimentary tests for the callback driver
  tests/lvm: make the tests re-usable for other drivers
  storage/callback: fix issues detected by pylint
  storage/callback: volume callbacks now also rceive the source volume as argument (if there's any)
  ...
2020-11-27 00:26:18 +01:00
Marek Marczykowski-Górecki
e73320533f
Add policy for paranoid mode backup restore
Policy allows a VM with 'backup-restore-mgmt' tag to create VMs, and
then manage VMs with 'backup-restore-in-progress' tag (which is added by
AdminExtension, based on 'tag-created-vm-with' feature).

VM with 'backup-restore-mgmt' tag can also call qubes.RestoreById
service to a VM with 'backup-restore-storage' tag. This service allows
to retrieve backup archive.

QubesOS/qubes-issues#5310
2020-08-06 04:23:03 +02:00
3hhh
170e5f5d7a
storage/callback: fix the rpm build 2020-07-16 14:31:03 +02:00
Marek Marczykowski-Górecki
aebb1594d7
Merge branch 'qubesd-socket'
* qubesd-socket:
  rpm: update dependency on qrexec
  Remove qubesd-query-fast
  Make qubesd connected directly as an socket qrexec service
2020-05-24 03:26:04 +02:00
Marek Marczykowski-Górecki
9cc6050e7c
Convert default qrexec policy to the new format
QubesOS/qubes-issues#4370
2020-05-24 02:22:36 +02:00
Marek Marczykowski-Górecki
61143a99a5
Remove qubesd-query-fast
Since qubesd is connected directly as a socket-based qrexec service, the
qubesd-query-fast tool isn't needed anymore.
2020-05-11 01:13:15 +02:00
Marek Marczykowski-Górecki
48ae89fe62
Make qubesd connected directly as an socket qrexec service
Remove intermediate qubesd-query-fast proxy process.
This requires changing socket protocol to match what qrexec is sending
in the header.

Fixes QubesOS/qubes-issues#3293
2020-05-11 01:13:15 +02:00
Pawel Marczewski
cf19596471
Add policy for qubes.VMExecGUI 2020-01-24 19:07:40 +01:00
Pawel Marczewski
08d83fb241
Support qubes.VMExec call
The feature is advertised by core-agent so that it can be used
instead of VMShell.

See QubesOS/qubes-issues#4850.
2020-01-24 16:57:13 +01:00
Pawel Marczewski
63ac952803
Implement new admin.vm.ImportWithSize API call
This should allow importing a volume and changing the size at the
same time, without performing the resize operation on original
volume first.

The internal API has been renamed to internal.vm.volume.ImportBegin
to avoid confusion, and for symmetry with ImportEnd.

See QubesOS/qubes-issues#5239.
2020-01-23 09:47:22 +01:00
Pawel Marczewski
62735d9696
Add admin.vm.CurrentState method
For all the transient values that should not be treated as
real properties. To be used in core-admin-client.
2020-01-15 16:06:08 +01:00
Marek Marczykowski-Górecki
10f99e5c4a
api/admin: implement *.property.GetAll methods
Allow getting all the VM properties with one call. This greatly improve
performance of an applications retrieving many/all of them (qvm-ls,
qubes manager etc)

QubesOS/qubes-issues#5415
Fixes QubesOS/qubes-issues#3293
2019-12-05 23:31:14 +01:00
Marta Marczykowska-Górecka
2f6497e48d
Added admin.pool.UsageDetails API method
admin.pool.UsageDetails reports the usage data, unlike
admin.pool.Info, which should report the config/unchangeable data.
At the moment admin.Pool.Info still reports usage, to maintain
compatibility, but once all relevant tools are updated,
it should just return configuration data.
2019-10-23 03:04:30 +02:00
Frédéric Pierret (fepitre)
7d1b6e24a9
Add qubes.ConnectTCP RPC for allowing dom0 sockets binding 2019-08-29 11:40:20 +02:00
Frédéric Pierret (fepitre)
e32ce14ab5
qubes-rpc: add qubes.ConnectTCP 2019-08-08 12:28:30 +02:00
Frédéric Pierret (fepitre)
7ff01b631d
admin: add admin.deviceclass.List
QubesOS/qubes-issues#5213
2019-08-06 11:01:02 +02:00
Marek Marczykowski-Górecki
c5aaf8cdd7
Merge branch 'remove-qrexec' 2019-06-07 05:10:54 +02:00
Frédéric Pierret (fepitre)
1c09a2c77e
Rename and fix from Marek's comments 2019-05-07 15:03:34 +02:00
Frédéric Pierret (fepitre)
4b86606890
Add qvm-terminal-dispvm 2019-05-05 17:28:17 +02:00
Frédéric Pierret (fepitre)
518d0edc94
Rename qubes.ShowTerminal to admin.vm.Terminal 2019-04-30 17:25:23 +02:00
Marek Marczykowski-Górecki
1949b0c777
Remove qrexec related files - moved to core-qrexec repository
QubesOS/qubes-issues#4955
2019-04-11 04:29:04 +02:00
Wojtek Porczyk
ff612a870b qubes/features: check_with_(template_and_)adminvm
- Two new methods: .features.check_with_adminvm() and
  .check_with_template_and_adminvm(). Common code refactored.

- Two new AdminAPI calls to take advantage of the methods:
  - admin.vm.feature.CheckWithAdminVM
  - admin.vm.feature.CheckWithTemplateAndAdminVM

- Features manager moved to separate module in anticipation of features
  on app object in R5.0. The attribute Features.vm renamed to
  Features.subject.

- Documentation, tests.
2018-12-20 18:28:33 +01:00
Rusty Bird
bc30c6f3e8
tests: delete orphaned Makefile 2018-09-11 23:50:27 +00:00
Marek Marczykowski-Górecki
376c8ec00d
api/admin: implement admin.vm.volume.Set.rw method
Allow setting 'rw' volume property.
2018-03-20 16:52:06 +01:00
Marek Marczykowski-Górecki
bda9264e19
Add qubes.GetDate proxy service
This enable two things:
1. Follow global clockvm setting, without adjusting qrexec policy.
2. Avoid starting clockvm by arbitrary VM.

Fixes QubesOS/qubes-issues#3588
2018-03-03 03:50:58 +01:00
Marek Marczykowski-Górecki
5840dd76f9
Add default policy for qubes.StartApp service
Fixes QubesOS/qubes-issues#3044
2018-02-28 04:41:45 +01:00
Marek Marczykowski-Górecki
be7b278032
doc: link qvm-device man page for qvm-block, qvm-pci, qvm-usb
Those three are special cases of qvm-device tool, so lets use its
documentation too.
2018-01-11 03:44:53 +01:00
Marek Marczykowski-Górecki
bf59b00f1d
features: add check_with_netvm, similar to check_with_template
Allow using default feature value from netvm, not template. This makes
sense for network-related features like using tor, supporting ipv6 etc.

Similarly to check_with_template, expose it also on Admin API.
2017-12-07 01:40:30 +01:00
Wojtek Porczyk
61c164e1c3 qubes-rpc: policy.RegisterArgument
This qrexec is meant for services, which require some kind of
"registering" before use. After registering, the backend should invoke
this call with frontend as the intended destination, with the actual
service in argument of this call and the argument as the payload.

By default this qrexec is disabled by policy.

Signed-off-by: Wojtek Porczyk <woju@invisiblethingslab.com>
2017-11-30 00:26:21 +01:00
Marek Marczykowski-Górecki
c3afdde3ef
api/admin: add API for changing revisions_to_keep dynamically
This one pool/volume property makes sense to change dynamically. There
may be more such properties, but lets be on the safe side and take
whitelist approach - allow only selected (just one for now), instead of
blacklisting any harmful ones.

QubesOS/qubes-issues#3256
2017-11-07 02:57:59 +01:00
Marek Marczykowski-Górecki
4809c16e08
admin-api: add admin.*.property.GetDefault
Fixes QubesOS/qubes-issues#3197
2017-10-21 04:05:15 +02:00
Marek Marczykowski-Górecki
cea70748a6
api/admin: implement admin.vm.device....Set.persistent
This will allow converting persistent device (used to boot VM for
example) to non-persistent.

QubesOS/qubes-issues#3055
2017-09-05 01:33:47 +02:00
Marek Marczykowski-Górecki
a32bb4ecb2
Install qubes-hcl-report and qubes-bug-report
Fixes QubesOS/qubes-issues#3023
2017-08-14 02:26:34 +02:00
Marek Marczykowski-Górecki
5d0a2fe463
Add default policy for qubes.VMRootShell service 2017-08-06 20:54:11 +02:00
Marek Marczykowski-Górecki
971c7d4ac9
api/admin: add admin.vm.CreateDisposable in place of internal.vm.Create.DispVM
Add public Admin API call to create Disposable VM that would be
automatically destroyed after shutdown. Do not keep this functionality
for qrexec-policy tool only.
Also, use admin.vm.Start there, instead of internal.vm.Start and
admin.vm.Kill instead of internal.vm.CleanupDispVM (this is enough,
because DispVM now have auto_cleanup property).

QubesOS/qubes-issues#2974
2017-08-06 20:54:10 +02:00
Marek Marczykowski-Górecki
c8c32d4956
Merge branch 'stats'
* stats:
  tests: admin.vm.Stats
  api: fix handling interrupted calls
  api/admin: implement admin.vm.Stats
  app: refresh getting VM statistics, rename to QubesHost.get_vm_stats
  api: use str(subject) instead of explicit subject.name
2017-07-29 05:05:32 +02:00
Marek Marczykowski-Górecki
147bca1648
api/admin: implement admin.vm.Stats
QubesOS/qubes-issues#853
2017-07-28 03:02:32 +02:00
Marek Marczykowski-Górecki
6dbce8259f
api/admin: plug backup into Admin API
Fixes QubesOS/qubes-issues#2931
2017-07-20 12:19:01 +02:00
Marta Marczykowska-Górecka
6da06d424e
clock synchronization rewrite
clock synchronization mechanism rewritten to use systemd-timesync instead of NtpDate; at the moment, requires:
- modifying /etc/qubes-rpc/policy/qubes.GetDate to redirect GetDate to designated clockvm
- enabling clocksync service in clockvm ( qvm-features clockvm-name service/clocksync true )

Works as specified in issue listed below, except for:
- each VM synces with clockvm after boot and every 6h
- clockvm synces time with the Internet using systemd-timesync
- dom0 synces itself with clockvm every 1h (using cron)

fixes QubesOS/qubes-issues#1230
2017-07-06 23:37:26 +02:00
Marek Marczykowski-Górecki
6db39345fb
Merge remote-tracking branch 'origin/core3-quick-fixes-20170703' 2017-07-04 16:11:18 +02:00
Marek Marczykowski-Górecki
51022cada5
Merge remote-tracking branch 'origin/policy-adminvm' 2017-07-04 15:51:30 +02:00
Marek Marczykowski-Górecki
3d803acfde
Generate policy for Admin API calls based on annotations on actual methods
This ease Admin API administration, and also adds checking if qrexec
policy + scripts matches actual Admin API methods implementation.
The idea is to classify every Admin API method as either local
read-only, local read-write, global read-only or global read-write.
Where local/global means affecting a single VM, or the whole system.

See QubesOS/qubes-issues#2871 for details.

Fixes QubesOS/qubes-issues#2871
2017-07-04 04:27:34 +02:00
Marek Marczykowski-Górecki
77e84b9ce4
Add qvm-block symlink 2017-07-04 04:09:27 +02:00
Marek Marczykowski-Górecki
3dcd29afea
api/admin: remove admin.vm.Clone operation
The same can be achieved with Create+volume.Clone

QubesOS/qubes-issues#2622
2017-06-26 13:10:00 +02:00
Marek Marczykowski-Górecki
28737d16ce
Migrate qubes.NotifyTools, qubes.FeaturesRequest, qubes.NotifyUpdates
Make them call into qubesd. Create separate socket for "misc" calls - VM
accessible, but not part of Admin API.
2017-06-06 03:33:30 +02:00
Marek Marczykowski-Górecki
2c01504a50
Add default policy for qubes.UpdatesProxy service
QubesOS/qubes-issues#1854
2017-05-26 15:08:19 +02:00
Marek Marczykowski-Górecki
3cacf290bb
admin: implement admin.vm.volume.Import
Implement this in two parts:
1. Permissions checks, getting a path from appropriate storage pool
2. Actual data import

The first part is done by qubesd in a standard way, but then, instead of
accepting all the data (which may be several GB), return a path to which
a shell script (in practice: `dd` command) will write the data.
Then the script call back to qubesd again to report success/failure and
qubesd response from that call is actually returned to the user.

This way we do not pass all the data through qubesd, but still can
control the process from there in a meaningful way. Note that the last
part (second call to qubesd) may perform all kind of verification (like
a signature check on the data, or so) and can also prevent VM from
starting (hooking also domain-pre-start event) from not verified image.

QubesOS/qubes-issues#2622
2017-05-26 15:08:14 +02:00
Marek Marczykowski-Górecki
f42cd28901
admin-api: create and install actual Admin API RPC endpoints
Install files in /etc/qubes-rpc for all methods defined in API
documentation, even if not yet implemented (qubesd will handle it
raising appropriate exception).
Use minimal program written in C (qubesd-query-fast), instead of
qubesd-query in python for performance reasons:
 - a single qubesd-query run: ~300ms
 - equivalent in shell (echo | nc -U): ~40ms
 - qubesd-query-fast: ~20ms

Many tools makes multiple API calls, so performance here do matter. For
example qvm-ls (from VM) currently takes about 60s on a system with 24
VMs.

Also make use of `$include:` directive in policy file, to make it easier
defining a VM with full Admin API access.

QubesOS/qubes-issues#853
2017-05-23 03:24:15 +02:00
Marek Marczykowski-Górecki
8992e71f85
Remove core2 code
This all either have been migrated to core3, or is not needed anymore.

There is still qvm-tools directory with a few tools that needs to be
migrated, or installed as is.
2017-05-12 18:36:29 +02:00
Wojtek Porczyk
9f7ba53eec fix Makefile, setup.py, spec and travis
QubesOS/qubes-issues#2074
2017-01-20 18:31:09 +01:00