Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
5,811 Commits 1 Branch 0 Tags 15 MiB
d7b90f92e0
Commit Graph

5811 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rafal Wojtczuk
d40fb3a2e1 Fifo semantics is hard to get right. 
Finally: we need to close the command pipe at EOF.
 2011-03-16 16:11:05 +01:00
Joanna Rutkowska
e659710d62 version 1.4.1 2011-03-16 15:57:54 +01:00
Rafal Wojtczuk
15bab70eae Handle pipe io in qrexec_agent properly 
Don't reopen pipe after each read - no need, and it could lose events.
 2011-03-16 15:18:37 +01:00
Rafal Wojtczuk
769eedd33a Make qrexec_client wait for its local child before exiting 
If we do not wait and exit imemdiately, qrexec_daemon will decrease
the children count and continue spawning processes, while e.g.
qfile-daemon still waits for kdialog - so dom0 will be DoSed by
multiple processes.
 2011-03-16 14:52:35 +01:00
Rafal Wojtczuk
27cfd6111a qrexec_daemon limits the number of its children 
So that evil VM cannot just send flood of exec qfile-daemon requests,
and DoS dom0.
 2011-03-16 14:21:45 +01:00
Rafal Wojtczuk
777eaa2168 In read_all()/write_all(), continue upon EINTR. 2011-03-16 12:58:40 +01:00
Rafal Wojtczuk
a195f436b7 In qfile-unpacker, set perms on the directory only on second pass. 
It solves problem with transferring r.x directory. Originally, it
would fail when creating files in the directory (as it is not
writable). Now, we will create it rwx, create files in it, and fix
perms and utimes on the second pass.
[user@devel fcopy]$ ls -ald /boot
dr-xr-xr-x 4 root root 4096 Sep  1  2010 /boot
 2011-03-16 12:48:29 +01:00
Rafal Wojtczuk
821f707053 Added qvm-copy-to-vm2.kde 2011-03-16 12:00:22 +01:00
Marek Marczykowski
5e2dd1c6ce Revert "Do not add new vm to xen storage in qvm-create - it is done by core" 
This reverts commit 72ddb5aae1.
 2011-03-16 11:44:25 +01:00
Marek Marczykowski
d89c2fd37c Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/marmarek/core 2011-03-16 11:43:58 +01:00
Marek Marczykowski
1c505589c1 Move xenstore-watch for VM from AppVM to common. Add to core-common.spec 2011-03-16 11:41:18 +01:00
Marek Marczykowski
72ddb5aae1 Do not add new vm to xen storage in qvm-create - it is done by core 2011-03-16 11:41:18 +01:00
Marek Marczykowski
5acc4610b4 Allow installed_by_rpm=False in NetVM and ProxyVM 2011-03-16 11:41:18 +01:00
Marek Marczykowski
01a1aeb403 Do not try to disable 'reboot' service 2011-03-16 11:41:18 +01:00
Marek Marczykowski
33ed1ecad8 Drop forced fedora version from requires 2011-03-16 11:41:18 +01:00
Marek Marczykowski
7dbe6e1731 Create NetVM xen config from separate template (netvm-template.conf) 2011-03-16 11:41:18 +01:00
Rafal Wojtczuk
2938ee5356 removed set -x from qvm-copy-to-vm2 2011-03-16 11:07:27 +01:00
Rafal Wojtczuk
ecf007b3a2 qfile-agent writes DONE to the status file at the end of work. 2011-03-16 11:06:27 +01:00
Rafal Wojtczuk
b01464670b New qvm-copy-to-vm, aka qvm-copy-to-vm2 2011-03-16 10:50:11 +01:00
Rafal Wojtczuk
5230c12934 qfile-agent: Handle filenames with trailing slash properly. 2011-03-16 10:48:27 +01:00
Rafal Wojtczuk
e6da61cb5e Scan filecopy sppool properly. 2011-03-16 10:14:39 +01:00
Rafal Wojtczuk
2ea7a0e77a Build filecopy tools with -g. 2011-03-16 10:11:55 +01:00
Joanna Rutkowska
fa7e13c602 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-03-15 22:57:27 +01:00
Marek Marczykowski
2818f6dfe1 Move xenstore-watch for VM from AppVM to common. Add to core-common.spec 2011-03-15 19:47:26 +01:00
Marek Marczykowski
63b06516b7 Do not add new vm to xen storage in qvm-create - it is done by core 2011-03-15 18:51:31 +01:00
Marek Marczykowski
14c48f5253 Merge commit '00ba6dd5b7441cf10f87f527f4ac7eb459cb0a08' 2011-03-15 18:33:01 +01:00
Marek Marczykowski
993d34e7d5 Allow labels for NetVM/ProxyVM. Require it in qvm-create. 2011-03-15 18:28:28 +01:00
Joanna Rutkowska
5e1a808648 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-03-15 18:16:33 +01:00
Marek Marczykowski
588f4b91c8 Fix Firewall -> Proxy... 2011-03-15 17:40:23 +01:00
Rafal Wojtczuk
8ce0e0f39b Fixed permissions of qfile-daemon 2011-03-15 16:48:17 +01:00
Rafal Wojtczuk
84b1a186ff Added qfile-unpacker and qfile-daemon 2011-03-15 16:43:43 +01:00
Rafal Wojtczuk
f0a7620449 Package qfile-agent-dvm, too. 2011-03-15 16:19:42 +01:00
Rafal Wojtczuk
b8d983cfa9 Added qfile-agent 2011-03-15 16:07:00 +01:00
Rafal Wojtczuk
66bf0abb53 Use gui_fatal in qfile-agent-dvm.c 2011-03-15 13:12:21 +01:00
Rafal Wojtczuk
0ed004904c Handy gui_fatal() etc routines. 2011-03-15 13:00:12 +01:00
Rafal Wojtczuk
c0ca1a9f50 Make sure read_all sets errno to 0 at EOF. 2011-03-15 10:36:50 +01:00
Joanna Rutkowska
f83daa49f9 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/smoku/core 2011-03-14 22:44:04 +01:00
Tomasz Sterna
d82001819d Properly call QubesProxyVm superclass 2011-03-14 20:57:08 +01:00
Tomasz Sterna
00ba6dd5b7 Properly find root netvm in netvm chain 2011-03-14 20:44:17 +01:00
Tomasz Sterna
c92a2bf25f Properly create default firewall configuration 2011-03-14 20:43:56 +01:00
Joanna Rutkowska
b8d98403ff Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-03-14 13:15:48 +01:00
Rafal Wojtczuk
6b6e6b7520 Added new qvm-open-in-dvm, aka qvm-open-in-dvm2 
Small, childless bash script.
 2011-03-14 11:25:18 +01:00
Rafal Wojtczuk
5d3c43e4fa created qfile-daemon-dvm 
Mostly code from qfilexchgd; it will be removed soon.
 2011-03-14 10:43:09 +01:00
Marek Marczykowski
b04b36af2c Register VM services also on update 2011-03-11 23:42:49 +01:00
Marek Marczykowski
3d845e4f61 Add qubes_netwatcher to proxyvm spec 2011-03-11 23:33:15 +01:00
Marek Marczykowski
d6181d21cf Merge commit 'e2d52a27e810522c41720bb17b1f4f52f1fe2e6a' 
Conflicts:
	dom0/qvm-core/qubes.py
	fwvm/init.d/qubes_firewall
 2011-03-11 23:32:13 +01:00
Marek Marczykowski
65a758029e Revert "Requiest external_ip permission at start, not create" 
This reverts commit 53b8e5aacf.
 2011-03-11 23:21:23 +01:00
Tomasz Sterna
e2d52a27e8 Use SIGKILL to stop qubes_firewall service 2011-03-11 19:40:23 +01:00
Tomasz Sterna
bba0e6e1ef FwVM network changes watcher script 2011-03-11 19:39:52 +01:00
Tomasz Sterna
dc8325f564 Use DNS IPs in firewall rules 2011-03-11 19:39:26 +01:00