Marek Marczykowski
371fdf5884
Merge branch 'qrexec2' of git://git.qubes-os.org/rafal/core
2011-07-09 16:52:54 +02:00
Marek Marczykowski
cd4e4f5ddd
vm: fix udev rules for VM network hotplug
2011-07-09 16:52:51 +02:00
Rafal Wojtczuk
243d488d99
qrexec: package qubes.SyncAppMenus files
2011-07-06 16:27:09 +02:00
Rafal Wojtczuk
6366db0ab6
qrexec: adjust updates fetching to the new qrexec api
2011-07-06 14:44:40 +02:00
Rafal Wojtczuk
d46150b8d3
qrexec: adjust appmenu syncing to the new qrexec api
2011-07-06 14:09:36 +02:00
Rafal Wojtczuk
7d79a15c4b
qrexec: support for rpc with dom0 as target
2011-07-06 13:56:57 +02:00
Rafal Wojtczuk
2fdf9761c7
qrexec: adjust DispVM code to the new qrexec API
...
Note, we have qvm-open-in-vm totally for free.
2011-07-06 12:32:20 +02:00
Rafal Wojtczuk
b7e8c2708c
qrexec: adjust intervm file copy code to the new qrexec API
2011-07-06 10:17:58 +02:00
Rafal Wojtczuk
ecf200dca3
qrexec: last two missing pieces of the new rpc infrastructure
2011-07-05 18:35:03 +02:00
Rafal Wojtczuk
9c7eb81a23
qrexec: add qrexec_client_vm.c
2011-07-05 11:03:31 +02:00
Marek Marczykowski
11a96f70de
vm: Load evtchn module by script in /etc/sysconfig/modules
2011-07-02 19:11:15 +02:00
Marek Marczykowski
180d7ed68e
dom0: Allow multiple versions of kernel-qubes-vm installed
2011-06-30 01:18:39 +02:00
Marek Marczykowski
f447a458f2
dom0+vm: Update VM kernel mechanism ( #242 )
...
Get kernel from global kernels dir (/var/lib/qubes/vm-kernels), not per-VM. Can
be configured by qvm-prefs (kernel parameter).
New tool: qvm-set-default-kernel
For backward compatibility kernel=None means kernel in VM dir (kernels subdir).
(possibly empty) modules.img should be created in it.
2011-06-30 01:07:47 +02:00
Marek Marczykowski
42cab54520
dom0: include missing vm-template.conf in rpm package
2011-06-23 23:23:45 +02:00
Marek Marczykowski
21222cc859
dom0: start xenstored service in %post
...
This is required by qvm-init-storage and in general to qvm-* works properly.
2011-06-23 20:04:27 +02:00
Marek Marczykowski
151b15bb8c
dom0: Edit xl.conf in %post instead of overriding file (rpm file conflict)
2011-06-23 14:39:17 +02:00
Marek Marczykowski
d9d7a69c27
dom0+vm: Tools for downloading dom0 update by VM ( #198 )
...
Mainly 4 parts:
- scripts for providing rpmdb and yum repos to VM (choosen by qvm-set-updatevm)
- VM script for downloading updates (qubes_download_dom0_updates.sh)
- qfile-dom0-unpacker which receive updates, check signatures and place its in dom0 local yum repo
- qvm-dom0-upgrade which calls all of above and after all yum gpk-update-viewer
Besides qvm-dom0-upgrade, updates are checked every 6h and user is prompted if
want to download it. At dom0 side gpk-update-icon (disabled yet) should notice
new updates in "local" repo.
2011-06-22 00:44:48 +02:00
Marek Marczykowski
6d9fdf4729
dom0: Add shortcut qubes-appmenu-select ("Add more shortcuts...") for each VM ( #45 )
2011-06-12 01:47:15 +02:00
Marek Marczykowski
83d211836a
dom0+vm: Trigger appmenus sync after yum transaction ( #45 ), NEW QREXEC COMMAND
...
After yum transaction (install/upgrade/remove),
yum-plugin-post-transaction-actions will execute script which trigger
qvm-sync-appmenus in dom0 (through qrexec).
THIS INTRODUCE NEW PREDEFINED COMMAND IN QREXEC
2011-06-12 01:46:24 +02:00
Marek Marczykowski
a4d1a21b46
dom0: qvm-sync-appmenus - copy *directory.template when needed
2011-06-11 23:09:55 +02:00
Marek Marczykowski
0ffb186681
vm: add -qubes suffix to xenstore-watch to not conflict with xen standard tool
2011-06-07 15:58:55 +02:00
Marek Marczykowski
ae6d2ac70c
dom0: include xl.conf in qubes-core-dom0 package
...
Disable autoballoon (qmemman will handle it) and specify lock file location
writable by user.
2011-06-07 15:58:55 +02:00
Marek Marczykowski
62111845ea
dom0: set memlock limit to unlimited for qubes users
...
Needed to 'xl create' work
2011-06-07 15:58:54 +02:00
Marek Marczykowski
c789121f84
dom0: migrate from xend to libxl stack - qvm-core
...
This is core part of migration. Things not migrated yet:
- DispVM (qubes_restore needs to be almost rewritten)
- VM xen config files should be fixed (use "script:" prefix in block device description, perhaps generate this files on VM start)
Huge, slow xend not needed any more, now it conflicts with libxl
2011-06-01 23:59:53 +02:00
Marek Marczykowski
986f4a888c
Merge branch 'r1-beta1-fixes'
...
Conflicts:
dom0/qvm-core/qubes.py
version_dom0
version_vm
2011-05-24 00:20:39 +02:00
Marek Marczykowski
bb073c3cdb
vm: Remove root password to allow easy escalation from UI application ( #202 )
...
Ex. gpk-application needs this to work properly while running from user. When
root password is set - polkit-daemon asks for it (according to polkit setting).
2011-05-12 19:15:24 +02:00
Joanna Rutkowska
8c218c38a7
core-dom0-vaio-fixes is now a separate package
...
Also fixes to postun scripts to properly handle updates
2011-05-10 11:14:41 +02:00
Marek Marczykowski
1891954f71
Revert "Run nm-applet as normal user"
...
This reverts commit 2f5b6e6582
.
Dbus policy hacking not needed any more. ConsoleKit session is correctly started.
2011-04-29 02:32:55 +02:00
Marek Marczykowski
655f13e2ec
Configure VM network iface on attach (not only on boot) ( #190 )
2011-04-23 02:31:54 +02:00
Marek Marczykowski
0b66804a7b
Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/smoku/core
2011-04-21 23:56:41 +02:00
Tomasz Sterna
47fea4258c
We do not want to have StandaloneVM and UtilityVM types.
2011-04-20 00:56:58 +02:00
Marek Marczykowski
1e923e3cb5
Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core
2011-04-19 09:32:45 +02:00
Marek Marczykowski
d3c96d12bf
Rename try 2...
2011-04-19 01:42:42 +02:00
Marek Marczykowski
860bab5662
Rename xenstore-watch to xenstore-watch-qubes
...
Xen 4.1.0 provides own xenstore-watch with diffrent args. We can't use it by
default, because we still support xen 3.4.
2011-04-19 01:38:07 +02:00
Tomasz Sterna
4a0d6b03c6
Disable unnecessary Upstart, Init and XDG Autostart serices. #209
...
Move unneded /etc/init/*.conf services to /etc/init/*.conf.disabled.
Start CUPS only in AppVM and UtilityVM.
Start XDG Autostart applications only in domains that makes sense for them.
2011-04-19 00:11:45 +02:00
Joanna Rutkowska
95488dc59e
Pass --level 5 for chkconfigs in core-dom0 post
2011-04-11 14:47:02 +02:00
Joanna Rutkowska
ce7fa7474f
vaio_fixes: pass special option to snd-hda-intel module (required to get sound on Vaio Z)
2011-04-11 11:35:25 +02:00
Marek Marczykowski
ba07c11237
Create ~/.local/share dir, as gnote requires it.
2011-04-10 22:12:04 +02:00
Joanna Rutkowska
35bd7db647
Do not restart qubes core in Xen triggers
...
This is an attempt to figure out why qubes-core-dom0 update still
causes VM restart...?
2011-04-08 23:33:52 +02:00
Joanna Rutkowska
ddd8dabe12
vaio-fixes: automaitcally add i8042.nopnp kernel arg to grub
...
This is needed to get Sony Vaio Z touchpad working
2011-04-08 23:18:28 +02:00
Joanna Rutkowska
4062683ef4
Revert "Removed qubes_setupdvm script from package"
...
This reverts commit 8ddb8593cb
.
Actually we need this script...
2011-04-08 22:57:11 +02:00
Joanna Rutkowska
9f1c226e17
vaio-fixes rpm requires alsa-utils
2011-04-08 22:52:49 +02:00
Joanna Rutkowska
f6d4f86edc
Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core
...
Conflicts:
rpm_spec/core-dom0.spec
2011-04-07 19:39:42 +02:00
Marek Marczykowski
a610ec51d0
Automaticaly start qubes_guid for all VMs when user logon
...
This is needed ex for NetVM, which is started without qubes_guid
2011-04-07 19:23:23 +02:00
Joanna Rutkowska
ae9288dd5c
Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core
2011-04-07 14:21:06 +02:00
Marek Marczykowski
2f5b6e6582
Run nm-applet as normal user
...
Configuration for D-Bus policy and PolicyKit to allow this.
2011-04-07 14:11:00 +02:00
Joanna Rutkowska
2230e67a39
Optional package with suspend fixes for Vaio Z laptops
2011-04-07 13:34:17 +02:00
Marek Marczykowski
4d3b9b0654
Disable gpk-update-icon autostart
2011-04-07 12:40:19 +02:00
Marek Marczykowski
83c877189d
Revert password removal for root and user
...
It will require some additional work with ConsoleKit...
2011-04-07 12:39:10 +02:00
Marek Marczykowski
8047ec780a
Remove passwords prompts for user and root ( #202 )
2011-04-06 23:04:42 +02:00
Joanna Rutkowska
3da9b107d6
Corrected syntax error in core-dom0 spec
2011-04-06 15:15:20 +02:00
Joanna Rutkowska
126fca97c3
Use different repo files depending on %{dist} tag ( #197 )
2011-04-06 13:59:43 +02:00
Joanna Rutkowska
e01b29dd76
Do not restart VMs during core-dom0 upgrade ( #191 )
2011-04-06 13:27:01 +02:00
Joanna Rutkowska
c80a1c18ac
Add qubes group to suders that can do everything
...
(The file in /etc/sudoers.d/ cannot have '.' in its name!)
2011-04-05 18:01:03 +02:00
Joanna Rutkowska
6aff6d3e2d
Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/smoku/core
2011-04-05 14:28:35 +02:00
Tomasz Sterna
8ddb8593cb
Removed qubes_setupdvm script from package
2011-04-04 22:20:41 +02:00
Joanna Rutkowska
a83e8c2d2d
commonvm: Update repo info, use local RPM keys
2011-04-04 11:27:48 +02:00
Joanna Rutkowska
2f278b8647
Do not try to disable 3rd party services in qubes-core-dom0 %post
...
Leavit to the installer (firstboot).
2011-04-04 00:53:16 +02:00
Joanna Rutkowska
0e61bead87
Do not restart netvms when upgrading qubes-core-dom0 ( #175 )
2011-04-04 00:52:00 +02:00
Joanna Rutkowska
0104e0eac0
core-dom0 should not add qubes.repo -- this is a task of qubes-release package and installer
2011-04-03 17:05:59 +02:00
Joanna Rutkowska
57d33eea3c
Add qvm-copy-to-vm2.gnome to core-appvm rpm
2011-03-31 13:35:36 +02:00
Joanna Rutkowska
d157fe950a
Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core
2011-03-31 13:30:05 +02:00
Marek Marczykowski
212fd13957
Stop only NM on suspend. ( #146 )
...
Also remove ip_forward setting from sysctl, so NM will not reset it on restart
2011-03-31 00:19:41 +02:00
Joanna Rutkowska
4eaa03d80f
Merge branch 'spring-merge' of git.qubes-os.org:/var/lib/qubes/git/rafal/core
2011-03-30 17:37:49 +02:00
Rafal Wojtczuk
6104af2b2c
Implemented console qvm-copy-to-vm
...
It waits for the copy to finish, and is capable of killer
progress indicator.
2011-03-30 17:25:57 +02:00
Rafal Wojtczuk
8e2aa6c825
Renamed qvm-copy-to-vm2 to qvm-trigger-copy-to-vm
...
The new name describes the task of the script better.
2011-03-30 16:48:48 +02:00
Rafal Wojtczuk
9e9fd4c9ba
core-appvm.spec: create /home/user/.gnome2/nautilus-scripts
...
And symlinks in it that will be visible in "scripts" context
menu of nautilus.
2011-03-30 12:37:47 +02:00
Joanna Rutkowska
23f4806c7d
Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core
2011-03-29 13:25:07 +02:00
Marek Marczykowski
c2e0a84c22
Add 01qubes-suspend-netvm to rpm ( #146 )
2011-03-29 12:39:01 +02:00
Joanna Rutkowska
b1394a1b6a
Add BuildRequires: xen-devel
2011-03-29 11:02:29 +02:00
Rafal Wojtczuk
df9549a7db
Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/smoku/core into spring-merge
2011-03-28 17:28:24 +02:00
Tomasz Sterna
01b7d9aafc
Create needed NetworkManager.conf in netvm. #94
...
Also fixed qubes_fix_nm_conf.sh script.
2011-03-26 11:33:04 +01:00
Marek Marczykowski
d87265851c
Merge branch 'spring-merge' of ssh://git.qubes-os.org/var/lib/qubes/git/rafal/core
2011-03-24 16:43:13 -04:00
Marek Marczykowski
f1a8887d11
Merge branch 'master' of git://git.qubes-os.org/joanna/core
2011-03-24 16:41:49 -04:00
Rafal Wojtczuk
57fd6c49bb
Removed obsolete code, dom0 side
...
Just like the previous commit, it is related to switch to
qrexec-based file copy.
2011-03-24 17:18:10 +01:00
Rafal Wojtczuk
769213e019
Removed obsolete code, in appvm.
2011-03-24 17:13:21 +01:00
Joanna Rutkowska
e2efae5286
Merge branch 'spring-merge' of git.qubes-os.org:/var/lib/qubes/git/rafal/core
2011-03-24 11:51:43 +01:00
Rafal Wojtczuk
2d37b3e508
Create a separate package with libraries.
2011-03-24 11:39:44 +01:00
Joanna Rutkowska
2c7478dab8
Merge branch 'spring-merge' of git.qubes-os.org:/var/lib/qubes/git/rafal/core
2011-03-24 10:17:15 +01:00
Rafal Wojtczuk
fac1b78ec0
One more build order fix.
2011-03-24 10:03:39 +01:00
Marek Marczykowski
5f4fcedf55
Merge branch 'master' of git://git.qubes-os.org/joanna/core
2011-03-23 20:12:13 -04:00
Marek Marczykowski
b95dd0fcaa
Enable build on appvm.
2011-03-23 19:55:35 -04:00
Rafal Wojtczuk
01b75b5987
Enable build on non-appvm.
2011-03-23 17:47:35 +01:00
Joanna Rutkowska
30df10cf18
Merge branch 'spring-merge' of git.qubes-os.org:/var/lib/qubes/git/rafal/core
2011-03-23 17:15:15 +01:00
Rafal Wojtczuk
0b208e8664
Move libs and /var/run/qubes out of qubes-netvm
...
They are already in core-appvm package.
2011-03-23 11:48:06 +01:00
Rafal Wojtczuk
5350e5cc5b
move qrexec_agent out of core-netvm.spec
...
It is already in core-appvm.
2011-03-23 11:46:53 +01:00
Rafal Wojtczuk
488eda21d9
Merge branch 'blockless' into spring-merge
...
Conflicts:
appvm/Makefile
appvm/qubes_core
netvm/qubes_core
rpm_spec/core-appvm.spec
rpm_spec/core-netvm.spec
2011-03-21 13:54:35 +01:00
Joanna Rutkowska
4c5d9f56c7
Tag RPMs with dist info
2011-03-16 19:14:42 +01:00
Rafal Wojtczuk
4087b1d052
Package qvm-copy-to-vm2*, too.
2011-03-16 16:47:32 +01:00
Marek Marczykowski
1892bef66f
Require xen 3.4.3-6 with fixed /etc/xen/scripts/block
2011-03-16 11:32:51 -04:00
Marek Marczykowski
1c505589c1
Move xenstore-watch for VM from AppVM to common. Add to core-common.spec
2011-03-16 11:41:18 +01:00
Marek Marczykowski
01a1aeb403
Do not try to disable 'reboot' service
2011-03-16 11:41:18 +01:00
Marek Marczykowski
33ed1ecad8
Drop forced fedora version from requires
2011-03-16 11:41:18 +01:00
Marek Marczykowski
2818f6dfe1
Move xenstore-watch for VM from AppVM to common. Add to core-common.spec
2011-03-15 19:47:26 +01:00
Rafal Wojtczuk
84b1a186ff
Added qfile-unpacker and qfile-daemon
2011-03-15 16:43:43 +01:00
Rafal Wojtczuk
f0a7620449
Package qfile-agent-dvm, too.
2011-03-15 16:19:42 +01:00
Rafal Wojtczuk
b8d983cfa9
Added qfile-agent
2011-03-15 16:07:00 +01:00
Rafal Wojtczuk
6b6e6b7520
Added new qvm-open-in-dvm, aka qvm-open-in-dvm2
...
Small, childless bash script.
2011-03-14 11:25:18 +01:00
Rafal Wojtczuk
5d3c43e4fa
created qfile-daemon-dvm
...
Mostly code from qfilexchgd; it will be removed soon.
2011-03-14 10:43:09 +01:00
Marek Marczykowski
b04b36af2c
Register VM services also on update
2011-03-11 23:42:49 +01:00
Marek Marczykowski
3d845e4f61
Add qubes_netwatcher to proxyvm spec
2011-03-11 23:33:15 +01:00
Marek Marczykowski
de5e06e462
Remove duplicated entry in core-dom0.spec
2011-03-11 02:02:13 +01:00
Marek Marczykowski
08b4490b91
NetVM, AppVM, ProxyVM from single template - VM side (missing files...)
2011-03-11 01:42:42 +01:00
Marek Marczykowski
c7a832a279
NetVM, AppVM, ProxyVM from single template - VM side
...
Modify VM packages to:
- do not conflicts
- starts services if its VM type need it
Added core-proxyvm (firewall) and core-commonvm (common parts) packages.
2011-03-11 01:38:04 +01:00
Rafal Wojtczuk
c2214e854c
Added dvm_file_editor.
...
It works with qrexec - reads/writes data from stdin/stdout.
2011-03-10 16:50:40 +01:00
Marek Marczykowski
7e29c397aa
Add 30-qubes_external_ip to netvm.spec
2011-03-10 16:09:37 +01:00
Marek Marczykowski
a21e0d37c6
Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/smoku/core
...
Conflicts:
dom0/qvm-core/qubes.py
2011-03-10 16:05:48 +01:00
Rafal Wojtczuk
f1a7df6e95
Implemented mechanism to trigger predefined execution in dom0.
...
Processes in AppVM can ask qrexec-agent to send a
MSG_AGENT_TO_SERVER_TRIGGER_EXEC message to qrexec-daemon.
The latter will execute predefined program. It is useful for
the purpose of file copy; the predefined program will create
a connected qfile-daemon<->qfile-agent pair.
2011-03-10 15:41:31 +01:00
Tomasz Sterna
a71b846ee2
Added FirewallVM related VM scripts
2011-03-09 20:50:13 +01:00
Rafal Wojtczuk
f263aa6b7c
Moved vchan and u2mfn code to core.
2011-03-08 12:24:47 +01:00
Marek Marczykowski
bef584c248
Restore rev 1 in core-dom0.spec
2011-03-06 14:06:24 +01:00
Tomasz Sterna
167c30aa6e
Start xend and xenstored during package installation
2011-03-06 14:06:24 +01:00
Marek Marczykowski
d1cfcac49c
Add BR to core-appvm.spec
2011-03-06 14:06:24 +01:00
Rafal Wojtczuk
b98dffc965
qrexec* tools, initial version
2011-03-04 16:32:58 +01:00
Marek Marczykowski
e104f82e36
Update TemplateVM with running AppVM: part 1
...
snapshot and origin device type for xen
2011-02-26 03:42:55 +01:00
Tomasz Sterna
8ca63ba176
Start xend and xenstored during package installation
2011-02-11 00:34:46 +01:00
Rafal Wojtczuk
b3511c678a
Use "conflict" instead of "requires gui" in rpm spec.
2010-11-18 14:33:18 +01:00
Joanna Rutkowska
1e7c66337c
Require gui-dom0 >= 1.1.13 that knows it doesn't own /var/{log,run}/qubes dirs
2010-10-06 14:16:27 +02:00
Rafal Wojtczuk
28880cae52
Merged triggers.
2010-10-06 13:08:17 +02:00
Rafal Wojtczuk
1f5300da85
Move /var/log/qubes and /var/run/qubes to qubes-core rpm from qubes-gui
...
Because /var/log/qubes is used in qubes-core %post. While at it, do the same with
/var/run/qubes.
2010-10-06 11:00:52 +02:00
Rafal Wojtczuk
7c1babe8aa
Do not error when qvm-get-default-netvm returns empty string.
...
It happens when installing qubes-core-dom0 for the first time.
2010-10-06 10:55:32 +02:00
Joanna Rutkowska
28e1f962e5
core dom0 rpm: restart qubes_netvm only when using netvm in Dom0
...
If we use a separate netvm, then core update in Dom0 doesn't really change the networking,
worse, if we restarted netvm it would get another XID, which would break our DispVM savefile.
One day we should fix it!
2010-10-04 17:51:01 +02:00
Joanna Rutkowska
bbe085711d
Restart qubes_core after Xen update
...
This is needed to re-set qubes permissions on some Xen sockets
2010-10-04 15:25:58 +02:00
Joanna Rutkowska
e1c0aa6eef
dom0 rpm: start/stop qubes services for install/update
2010-10-04 14:21:14 +02:00
Rafal Wojtczuk
28fbb48845
Attach/detach pci devices from netvm upon resume/suspend
2010-09-30 18:22:26 +02:00
Rafal Wojtczuk
acac39ec41
rpmbuild wants pyo files in %files
2010-09-27 17:41:03 +02:00
Rafal Wojtczuk
90e3f4ffd8
Add reset_vm_configs.py script
2010-09-27 16:58:02 +02:00
Joanna Rutkowska
67537316cb
core-dom0.rpm: Always do %post, not only when installing for the 1st time
2010-09-23 12:42:43 +02:00
Rafal Wojtczuk
0217dba40e
Completed dvm->setupdvm name transition
2010-09-22 10:24:57 +02:00
Rafal Wojtczuk
e13e5027c3
qubes_dvm init.d script
...
We want to set up a default dvm if needed at boot time; for this,
the default netvm must have been already started. Therefore, we
need a qubes_dvm script, that executes after qubes_netvm.
2010-09-21 21:46:11 +02:00
Joanna Rutkowska
71baae50cb
Merge branch 'ticket4' of git://qubes-os.org/rafal/core
2010-09-17 17:30:36 +02:00
Rafal Wojtczuk
e1de26f79a
Require NetworkManager >= 0.8.1-1
...
Unfortunately, config files layout changes with NM version; therefore
require >= 0.8.1-1.
This should also prevent NM from messing with VIF interfaces on suspend/resume.
2010-09-17 15:16:01 +02:00
Joanna Rutkowska
ec988f9385
core-appvm.spec: create 'user' user in %pre instead of in %post
...
... otherwsie rpm -i throws an error when trying to set permissions for
/home_volatile/user, as the user 'user' doesn't exist when the %files section
is being processed during rpm install (if this is a first install of the rpm).
2010-09-15 15:33:09 +02:00
Joanna Rutkowska
9b8c018bc2
Merge branch 'qmemman' of git://qubes-os.org/rafal/core
2010-09-13 15:05:13 +02:00
Rafal Wojtczuk
1239643c73
Tell Network Manager to keep hands off vif interfaces
...
...somehow indirectly, by specifying the mac; unfortunately I do not
see any other way.
2010-09-07 13:18:08 +02:00
Rafal Wojtczuk
31e7e96056
Switch to routed VM network (instead of bridging)
...
No headache from layer 2 attacks.
2010-09-06 17:07:42 +02:00
Rafal Wojtczuk
64e8013dc2
Unify dom0 and netvm sysconfig/iptables
...
Plus:
- dedicated chain for DNAT to nameservers
- prevent intervm networking. Can be conveniently overriden in necessary cases
by inserting ACCEPT clauses (per VM, probably) at the top of FORWARD
2010-09-06 15:10:01 +02:00
Rafal Wojtczuk
1c337db989
qmemman: make meminfo-writer a C program
2010-09-03 16:23:09 +02:00
Rafal Wojtczuk
62487c0f1e
Memory management across VMs, first release
2010-08-30 11:40:19 +02:00
Rafal Wojtczuk
4cf0a61858
Before restoring DVM, check for available xen memory
...
As we already do xm mem-set 0 800 in qubes_core, this is a
correct check. Now, there should be no errors from qubes_restore
in normal circumstances.
2010-07-27 16:08:09 +02:00
Rafal Wojtczuk
aa894b5700
qvm-create-default-dvm script
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
d46bf2a270
Pathnames cleanup
...
Move internal scripts to /usr/lib/qubes plus a couple of similar.
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
11b8a0409f
DVM: execute user script before save
...
qubes_prepare_saved_domain.sh now takes optional second argument, the
filename. The content of the file will be copied (via xenstore) to DVM
and executed just before save. This makes it possible to preload memory
with useful apps.
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
0c0f34ba9b
DVM: manage savefiles
...
Instead of hardcoded savefile name, use a symlink in
/var/run/qubes. Tools should set this symlink to a correct
savefile. Also, test whether the savefile is older than the
template root.img.
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
a9047d63be
add qvm-dvm.desktop to rpm files section
2010-07-21 12:57:02 +02:00
Rafal Wojtczuk
0462be5043
qvm-dvm.desktop entry
2010-07-21 12:57:01 +02:00
Rafal Wojtczuk
897a5ab05e
core-appvm requires mimeopen now
2010-07-21 12:57:01 +02:00
Rafal Wojtczuk
0dbef3f2ae
dvm: appvm side code
2010-07-21 12:56:43 +02:00
Rafal Wojtczuk
793b7b2596
Quick VM restore support
2010-07-21 12:56:21 +02:00
Joanna Rutkowska
c8ef500588
Pause/Unpause all running VMs on system suspend/resume
...
This is to fix the VM lockup problem on HT processors that
occured after S3 resume (see ticket #52 ).
The qvm-run command now takes additional two switches:
--pause
--unpause
2010-07-08 12:41:29 +02:00
Joanna Rutkowska
7bb022878c
Dom0: rm qubes-r1-dom0.repo created by user during installation
...
We want the user to use the qubes.repo that is installed by qubes-core-dom0
2010-07-06 16:50:31 +02:00
Joanna Rutkowska
115df6f1af
Dom0: sync wallclocks in all vms upon resume from S3 sleep
...
This is really a workaround, until Xen implements proper suspend/resume
mechanism for notfying DomUs about system-wide S3 sleep.
See this thread for more details:
http://lists.xensource.com/archives/html/xen-devel/2010-07/msg00037.html
2010-07-06 16:32:50 +02:00
Joanna Rutkowska
4cd46be139
netvm spec: do not create user in %post
...
We don't need user account in netvm, do we?
2010-06-18 01:54:38 +02:00
Joanna Rutkowska
df70691aa0
appvm spec: do not attempt to remove HWADDR from ifcfg-eth0
...
Again, this is important when installing on an image created using yum --instalroot, in which
case there will be no ifcfg file. Besides, seems like we don't need it anymore, do we?
2010-06-18 01:53:48 +02:00
Joanna Rutkowska
af7bbccf9c
appvm: create /home/user in core-appvm %post
...
This is needed when the template image is created using yum --installroot, rather
than regular installation process.
2010-06-18 01:52:01 +02:00
Joanna Rutkowska
247feaa34d
appvm, netvm spec: be quite in %post
2010-06-18 01:50:43 +02:00
Joanna Rutkowska
6ba81ffaa9
Require F13 in VM
2010-06-18 01:48:56 +02:00
Joanna Rutkowska
9cf30ed189
appvm,netvm spec: Fix [ -e fstab ] conditional in %pre
2010-06-18 01:48:18 +02:00
Joanna Rutkowska
4fdcedbb40
Fix serial console on VM to work on F13 (REQUIRES F13)
2010-06-18 01:45:27 +02:00
Joanna Rutkowska
775e01a8e4
Make dom0, appvm, netvm use different qubes.repo
2010-06-18 01:41:10 +02:00
Joanna Rutkowska
50d7994596
Remove dom0-cleanup.spec
2010-06-15 12:21:24 +02:00
Joanna Rutkowska
096b1b9499
core-dom0.spec: disable unnecessary services in %post
...
This is only until we will have a proper installer
2010-06-15 12:20:53 +02:00
Joanna Rutkowska
ee7756b960
rpm specs: %post cleanup
...
Moved some stuff from the begging of %post sections after the
'if installing-for-the-first-time' check.
2010-06-15 00:02:48 +02:00
Joanna Rutkowska
c95fd449b7
Do not start NetworkManager from dom0 qubes_netvm script
...
Mark it for auto-start instead by the system scripts
2010-06-11 18:34:59 +02:00
Rafal Wojtczuk
4e6e4115e2
dom0 as netvm fixes
...
Use /etc/sysconfig/iptables
Replace dnsmasq with DNAT
2010-05-31 15:23:51 +02:00
Rafal Wojtczuk
2f51c6f673
Install qubes_{setup_dnat_to_ns,nmhook} from common/
2010-05-31 13:17:04 +02:00
Joanna Rutkowska
34653a06b2
Enable rsyslogd in Dom0
2010-05-31 11:54:33 +02:00
Rafal Wojtczuk
d0d82a5090
Lock out root and user passwords; provide passwordless login on the serial console
2010-05-30 15:45:40 +02:00
Rafal Wojtczuk
c75c185179
Add qubes.repo to all qubes-core-* rpms.
2010-05-30 15:45:40 +02:00
Rafal Wojtczuk
93e989bb61
Turn on IP forwarding in sysctl.conf
2010-05-30 15:45:40 +02:00
Rafal Wojtczuk
8da2dd6957
Get rid of dnsmasq in netvm.
...
qubes_setup_dnat_to_ns script sets up DNAT rules for DNS traffic; it is
triggered by dhclient or NetworkManager, and manually (in case there is
a static resolv.conf).
Put IP-dependent rules in qubes-core, after local ip is known. It could be
further improved by introducing custom chains, to enable iptables save.
Restrict FORWARD.
2010-05-30 15:45:35 +02:00
Rafal Wojtczuk
c287a21723
Allow user in VM to mount /dev/xvdi; so that we can do
...
...block-attach... something vfat-formatted...xvdi
in dom0.
2010-05-13 15:23:31 +02:00
Rafal Wojtczuk
5e02d3ebb0
Precompilation of qubes.py
...
On some systems rpmbuild will not automatically precompile qubes.py, resulting
in the core-dom0 rpm bukd failure.
2010-04-10 13:52:19 +02:00
Joanna Rutkowska
a17989470a
Initial public commit.
...
(c) 2010 Invisible Things Lab
Authors:
=========
Joanna Rutkowska <joanna@invisiblethingslab.com>
Rafal Wojtczuk <rafal@invisiblethingslab.com>
2010-04-05 20:58:57 +02:00