Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
5,867 Commits 1 Branch 0 Tags 15 MiB
d81d6a9267
Commit Graph

645 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
405fd40aaa
Add policy for qubes.OpenURL service 
For now the same as for qubes.OpenInVM.

Fixes QubesOS/qubes-issues#1487
 2016-05-18 02:03:48 +02:00
Wojtek Porczyk
63c09a090c qubes: Combat import cycles 
This commit eliminates import statements happening in the middle of the
file (between two classes definition). The cycles are still there. The
only magic module is qubes itself.
 2016-05-05 14:33:09 +02:00
Bahtiar `kalkin-` Gadimov
7200e6153b
Rename default storage driver from xen to file 
- Rename XenPool   ⇒ FilePool
- Rename XenVolume ⇒ FileVolume
 2016-04-30 20:42:46 +02:00
Bahtiar `kalkin-` Gadimov
9674d03088 Add pool LinuxKernel 2016-04-25 07:17:18 +02:00
Bahtiar `kalkin-` Gadimov
36470310a2 Replace pool config parsing logic 
- Move add_pool/remove_pool to Qubes class
- Add Qubes.get_pool
- Remove storage.conf
 2016-04-25 07:16:37 +02:00
Wojtek Porczyk
e720e1634b qubes/tools: rewrite qvm-shutdown 
fixes QubesOS/qubes-issues#1228
 2016-04-20 13:52:58 +02:00
Marek Marczykowski-Górecki
eaf5efd814
tests: convert 'extra' test loader to core3 API 
QubesOS/qubes-issues#1800
 2016-04-11 13:50:19 +02:00
Marek Marczykowski-Górecki
8c6fe7ed90
Merge remote-tracking branch 'origin/master' into core3-devel-mm 2016-04-11 13:03:12 +02:00
Marek Marczykowski-Górecki
c55ca8004a tests: port backupcompatibility to core3 API 2016-04-07 13:21:00 +02:00
Marek Marczykowski-Górecki
8c5d42a095 backup: add support for restoring pre-core3 backups 2016-04-07 13:21:00 +02:00
Marek Marczykowski-Górecki
e0686e1e02 backup: initial conversion to core3 API 2016-04-07 13:05:25 +02:00
Marek Marczykowski-Górecki
6052143735 tests: qvm-prefs 
QubesOS/qubes-issues#1248
 2016-04-07 12:57:57 +02:00
Marek Marczykowski-Górecki
e319639146 qubes/vm: add StandaloneVM class 2016-04-07 12:57:52 +02:00
Jon Griffiths
5f3ffbbe36 Disable debug packages for core-dom0 
Leave the 'proper' fix of making this package noarch commented
out for now, to allow this to be merged.

Comments as per the parallel submit to qubes-artwork.
 2016-03-22 10:04:27 +13:00
Wojtek Porczyk
5eaf03c4a2 HVM part 1 2016-03-21 11:44:46 +01:00
Marek Marczykowski-Górecki
afd4573a02 ext/r3compatibility: create R3.x QubesDB entries 
This allows the user to start VM based on "old" system (from R3.x) in
R4.0. For example after restoring from backup, or migration. This also
makes upgrade instruction much easier - no need complex recovery
instruction if one upgrade dom0 before upgrading all the templates.

QubesOS/qubes-issues#1812
 2016-03-21 11:43:33 +01:00
Marek Marczykowski-Górecki
422f30b969 tests: port network tests to core3 API 2016-03-21 11:43:32 +01:00
Wojtek Porczyk
394fa1e5d3 qubes/tests: tests for qubes.devices 2016-03-21 11:43:32 +01:00
Wojtek Porczyk
0f9ca47d90 qubes/ext/guid: Move gui-related code to extension 2016-03-21 11:43:32 +01:00
Wojtek Porczyk
d09bd5ab6a qubes: Convert QubesVM and Extension discovery to pkg_resources 
QubesOS/qubes-issues#1238
 2016-03-21 11:43:32 +01:00
Patrick Schleizer
cf5730934a
added to rpm_spec/core-dom0.spec 2016-03-14 22:50:46 +01:00
Marek Marczykowski-Górecki
c0c0e0022e tests: convert storage tests to core3 API 
QubesOS/qubes-issues#
 2016-03-03 01:18:17 +01:00
Marek Marczykowski-Górecki
fb74126e56 tests: convert dom0 update test to core3 API 2016-03-03 01:18:17 +01:00
Wojtek Porczyk
9eafa57539 Merge remote-tracking branch 'marmarek/master' into core3-devel 
The following list is bollocks. There were many, many more.

Conflicts:
    core-modules/003QubesTemplateVm.py
    core-modules/005QubesNetVm.py
    core/qubes.py
    core/storage/__init__.py
    core/storage/xen.py
    doc/qvm-tools/qvm-pci.rst
    doc/qvm-tools/qvm-prefs.rst
    qubes/tools/qmemmand.py
    qvm-tools/qvm-create
    qvm-tools/qvm-prefs
    qvm-tools/qvm-start
    tests/__init__.py
    vm-config/xen-vm-template-hvm.xml

This commit took 2 days (26-27.01.2016) and put our friendship to test.
    --Wojtek and Marek
 2016-03-03 01:13:51 +01:00
Wojtek Porczyk
01319e391f qubes: port netvm 
From now, there are no separate NetVM and ProxyVM class, but property
"provides_network".
 2016-03-03 00:46:05 +01:00
Marek Marczykowski-Górecki
d3f83876eb
rpm: require new enough qubes-core-dom0-linux package 
For qvm-sync-clock --force option.
 2016-02-23 16:22:02 +01:00
Wojtek Porczyk
06cc064c8c qubes/tests: split init to init1 and init2 
This is to keep the correct order of the tests. The exact dependency
graph is somewhat complicated and contains several cycles.
 2016-01-21 13:31:43 +01:00
Wojtek Porczyk
ce0b927a98 qubes/tests/int/tools/qvm_run: add tests for qvm-run 
Missing is test for --gui/--no-gui.

part of QubesOS/qubes-issues#1226
 2015-12-29 03:50:35 +01:00
Wojtek Porczyk
f1a0b1af39 qubes/tools: add qvm-run, qvm-{,un}pause 
Also change convention of calling main(): now command returns its
numeric value instead of bool.

Also fixed QSB#13

fixes QubesOS/qubes-issues#1226
 2015-12-29 03:43:08 +01:00
Wojtek Porczyk
7b30361fa6 qubes/tools: add qubes-prefs 
fixes QubesOS/qubes-issues#1209
 2015-12-24 00:48:17 +01:00
Wojtek Porczyk
729c28281b spec: disable AutoReq 
This fixes compilation under Fedora. Depending on $PATH order, automagic
dependencies put /usr/bin/python or /bin/python (because we have
anything, becase /bin is just symlink to /usr/bin.
 2015-12-23 14:34:54 +01:00
Wojtek Porczyk
91bde9b80f spec: add missing BuildRequires 2015-12-23 14:34:54 +01:00
Wojtek Porczyk
0dc0fd306f core3: test fixing 
part of QubesOS/qubes-issues#1248
 2015-12-23 14:34:53 +01:00
Marek Marczykowski-Górecki
377d3ad43a
rpm: do not motify /etc/udev/rules.d/xen-backend.rules anymore 
Xen 4.6 no longer uses udev to call hotplug scripts.

QubesOS/qubes-issues#1361
 2015-11-27 20:00:34 +01:00
Marek Marczykowski-Górecki
f525a58134
core: adjust for updated stubdom support in libvirt 
Fixes QubesOS/qubes-issues#1456
 2015-11-27 20:00:33 +01:00
Bahtiar `kalkin-` Gadimov
bfaf37dae5 Add pool config parsing 2015-11-17 19:37:18 +01:00
Wojtek Porczyk
96efb4568a core3: add different exceptions 
From now on there are different exceptions which can be raise on
different occasions.

fixes QubesOS/qubes-issues#1279
 2015-10-17 00:17:12 +02:00
Wojtek Porczyk
15713cbf46 qubes/tools: rewrite qvm-kill 
Also new function, `error_runtime` for common parser.

fixes QubesOS/qubes-issues#1222
 2015-10-05 18:06:02 +02:00
Wojtek Porczyk
c538d536c8 core3: move qmemman 
This is part of fixing qvm-start.

qmemman was moved with minimal touching, mainly module names.

Moved function parsing human-readable sizes from core2. This function is
wrong, because it treats k/M/G as 1024-based, but leave it for now.
 2015-10-05 12:46:14 +02:00
Wojtek Porczyk
fcdb579bab core3: qubesmanager notifying extension 
core/notify.py was excavated and tray notifying remnants were moved to
qubes.log. They are unused as yet.

Also extension events are fixed.
 2015-10-05 12:46:14 +02:00
Wojtek Porczyk
6f4951d08a install python package with setuptools 2015-10-05 12:46:14 +02:00
Wojtek Porczyk
b0be1ad584 qubes/tools: qvm-start rewritten from original 2015-10-05 12:46:14 +02:00
Wojtek Porczyk
e7cba0214f qubes/tools: qvm-prefs 2015-10-05 12:46:13 +02:00
Wojtek Porczyk
ff7d89700a qubes/tools: port qvm-create 2015-06-30 17:18:24 +02:00
Wojtek Porczyk
669a976d4e qubes/tools: add common action for setting properties 2015-06-29 17:40:43 +02:00
Wojtek Porczyk
fd0107f11a new tool: qubes-create 
At present it just creates default qubes.xml (empty barring labels and AdminVM).
In the future it can be evolved into backend for firstboot.
 2015-06-29 17:39:28 +02:00
Wojtek Porczyk
18d36c17e1 rpm_spec/core-dom0-doc.spec: fix build dependencies 2015-06-29 17:39:28 +02:00
Wojtek Porczyk
6a4820c381 qubes/tools: qvm-ls 2015-06-29 17:39:28 +02:00
Wojtek Porczyk
8805db5e5f core3 move: AdminVM class 2015-06-29 17:39:26 +02:00
Wojtek Porczyk
8afba4c5e9 core3 move: storage/* 2015-06-29 17:39:26 +02:00
Wojtek Porczyk
5f92afc013 rpm: install RelaxNG specfiles 2015-06-29 17:39:26 +02:00
Wojtek Porczyk
7e12d0485d add core3 to Makefiles and spec 2015-06-29 17:39:26 +02:00
Wojtek Porczyk
2c1cacc0ac doc: swallow manpages into sphinx 2015-06-29 17:39:23 +02:00
Marek Marczykowski-Górecki
9cbf9a8a59 Add support for 'pci_strictreset' option 
This allows to assign PCI device to the VM, even if it doesn't support
proper reset. The default behaviour (when the value is True) is to not
allow such attachment (VM will not start if such device is assigned).

Require libvirt patch for this option.
 2015-05-28 00:11:17 +02:00
Marek Marczykowski-Górecki
d02aa70e93 dispvm: speedup sparse files handling by using bsdtar 
Apparently it is much faster. Especially during savefile preparation -
tar reads the whole file, while bsdtar gets file map and reads only used
regions.
 2015-03-30 05:29:14 +02:00
Marek Marczykowski-Górecki
c74fda802c Use tmpfile.d to create /var/run subdirs 
This way it will be done much earlier, so qubes-db can be started before
qubes-core.service - which will solve startup dependency loop problem.
 2015-02-02 04:48:42 +01:00
Marek Marczykowski-Górecki
ce716f9c5a rpm: add R: PyQt4 for guihelpers module 
It was pulled by qubes-manager, but since it is optional, we shouldn't
rely on its dependencies.
 2014-11-21 20:09:57 +01:00
Marek Marczykowski-Górecki
37696b7d43 rpm: move xenconsoled configuration to xen package 2014-11-19 12:50:32 +01:00
Marek Marczykowski-Górecki
5b0b62ee5b rpm: fix path 2014-11-19 12:50:28 +01:00
Marek Marczykowski-Górecki
ec17f7d329 core/xen: setup xen-specific defaults in separate settings file 2014-11-19 12:50:26 +01:00
Marek Marczykowski-Górecki
0a1f3d0a44 core: split VM images handling to separate class 
This will ease handling different types of VMM (which can require
different image types, location etc).
 2014-11-19 12:50:25 +01:00
Marek Marczykowski-Górecki
72e415a807 move qubes-notify-* to libexec 2014-11-19 12:50:25 +01:00
Marek Marczykowski-Górecki
ed13972e4e Remove xenstore-watch-qubes 
Since we have Qubes DB, it needed anymore.
 2014-11-19 12:50:24 +01:00
Marek Marczykowski-Górecki
0009805041 rpm+makefile: move build/install code to Makefile files 
This makes build "scripts" not tied to Fedora-specific files. Especially
ease porting to other platforms.
 2014-11-19 12:50:24 +01:00
Marek Marczykowski
f159f3e168 Use QubesDB instead of Xenstore. 
Mostly done. Things still using xenstore/not working at all:
 - DispVM
 - qubesutils.py (especially qvm-block and qvm-usb code)
 - external IP change notification for ProxyVM (should be done via RPC
   service)
 2014-11-19 12:48:28 +01:00
Marek Marczykowski
31424603fa rpm: move R: xen-runtime inside vmm-xen deps block 
Do not depend on xen package unconditionally.
 2014-11-19 12:48:28 +01:00
Marek Marczykowski
c95dc298a1 rpm: set sgid for data directories 
Make sure that contents belong to qubes group, even when created by root
user.
 2014-11-19 12:48:27 +01:00
Marek Marczykowski
5db1957086 rpm: improve deps on libvirt 
Use metapackage to install all required libvirt modules.
 2014-11-19 12:48:27 +01:00
Marek Marczykowski
9f90106db4 rpm: Add libvirt to dependencies 2014-11-19 12:48:26 +01:00
Marek Marczykowski
0f6b878664 rpm: update build dependencies 2014-11-19 12:48:26 +01:00
Marek Marczykowski
201cd509e1 QubesDom0NetVm: provide get_mem* 
As libvirt doesn't keep dom0 domain object, so add special cases to get
memory information.
 2014-11-19 12:48:26 +01:00
Marek Marczykowski
107ebad9d5 Migration to libvirt - DispVM 
Move DispVM creation to qfile-daemon-dvm/QubesDisposableVm from
qubes-restore. As actual restore is handled by libvirt, we don't get
much from separate qubes-restore process.
This code still needs some improvements, especially on performance.
 2014-11-19 12:48:26 +01:00
Marek Marczykowski
f44dc40858 Migration to libvirt - HVM 2014-11-19 12:47:00 +01:00
Marek Marczykowski
a880483092 Migration to libvirt - core part 
Still not all code migrated, added appropriate TODO/FIXME comments.
 2014-11-19 12:47:00 +01:00
Marek Marczykowski
b242680cc1 spec: fix typi in %post 2014-11-19 12:46:59 +01:00
Marek Marczykowski-Górecki
9e62b77ecd rpm: require qubes-core-dom0-linux >= 2.0.24 for qrexec '-q' option 2014-10-25 01:46:26 +02:00
Marek Marczykowski-Górecki
603384b4c6 tests: add initial backup test 2014-09-18 08:25:56 +02:00
Marek Marczykowski-Górecki
1ed9c74d83 Rearrange code to not import PyQt on every qvm-* call 
Move notification functions to separate file (out of guihelpers).
 2014-06-05 01:59:42 +02:00
Wojciech Zygmunt Porczyk
30e557960a qubes-rpc-policy/qubes.GetImageRGBA.policy 
needed for qubes-app-linux-img-converter
 2014-05-20 17:49:20 +02:00
Wojciech Zygmunt Porczyk
2d907a5443 move site-packages/qubes/__init__.py to linux-utils 
__init__.py should still remain in repo to make it possible to do import
directly from repository
 2014-05-20 12:55:35 +02:00
Marek Marczykowski-Górecki
6efec32c3b rpm: drop dependency on kernel-qubes-dom0 
Since dom0 support is in mainline kernel we no longer strictly require
our patched kernel. So drop the dependency. Note that installer will
still install the right kernel.
 2014-05-11 15:42:04 +02:00
Marek Marczykowski-Górecki
8694e4ffbb rpm: specify qubes-core-dom0-linux version 
qrexec-client cmdline options have changed.
 2014-04-16 16:44:42 +02:00
Marek Marczykowski-Górecki
cd54af231b version 2.1.45 2014-04-15 04:14:46 +02:00
Marek Marczykowski-Górecki
7af90433b1 version 2.1.44-2 2014-04-08 22:08:24 +02:00
Marek Marczykowski-Górecki
e1df9f252c spec: initialize default kernel when creating qubes.xml database 
This is especially important when kernel-qubes-vm's %post was executed
before qubes-core-dom0's %post - in that case, the default kernel would
be left as "None".
 2014-04-08 05:06:12 +02:00
Marek Marczykowski-Górecki
e90e1c62ec proxyvm: add support for rules with expire time (#760) 2014-03-28 02:54:59 +01:00
Marek Marczykowski-Górecki
bba989e0a6 Move meminfo-writer to linux-utils repo 
It is common for both dom0 and VM, and also quite linux-specific
(other OSes will need other implementation). So move to linux-specific
repo (not dom0-specific).
 2014-01-05 05:36:50 +01:00
Marek Marczykowski-Górecki
27f6f0e64e Merge branch 'new-backups' 
Conflicts:
	core-modules/000QubesVm.py
 2013-11-29 04:00:58 +01:00
Marek Marczykowski-Górecki
c781a522d8 backups: move backup code to separate file 
Also some major cleanups: Reduce some more code duplication
(verify_hmac, simplify backup_restore_prepare). Rename
backup_dir/backup_tmpdir variables to better match its purpose. Rename
backup_do_copy back to backup_do.  Require QubesVm object (instead of VM
name) as appvm param.
 2013-11-25 05:41:13 +01:00
Marek Marczykowski-Górecki
6fddae3b9b Support for autostart VMs (#724) 2013-11-20 02:57:17 +01:00
Marek Marczykowski-Górecki
e2c43d2292 Allow HVM to notify dom0 about tools installation 
HVM can set some xenstore entries (in qubes-tools/ subtree) to pass
informations about installed tools to dom0. qubes.NotifyTools service
triggers update of VM properties (like qrexec_installed).
This way, after installation of Qubes Windows Tools, the user doesn't need
to change any VM settings to use the tools.
 2013-10-28 05:09:54 +01:00
Marek Marczykowski
0419aee8ab spec: provides qubes-doc-dom0 2013-03-25 16:28:55 +01:00
Marek Marczykowski
ef82b53b64 spec: typo fix 2013-03-25 16:28:55 +01:00
Marek Marczykowski
0ec6da8050 spec: update Requires 2013-03-20 16:37:34 +01:00
Marek Marczykowski
a84886db07 Move all files one level up 2013-03-16 19:56:51 +01:00
Marek Marczykowski
9db68897c7 Remove other Linux-specific stuff 
Move remaining files to linux/ subdirectory.
 2013-03-16 19:54:22 +01:00
Marek Marczykowski
fa8d659189 Move dom0-update code to separate repository 
This is highly Linux-specific code. Perhaps other systems will have
equivalent, but for now move it to Linux-only repository.
 2013-03-16 19:14:26 +01:00
Marek Marczykowski
a633d331f3 Move icons to separate repository 
Because of license reasons (icons are based on GPL resources so can't be
dual licensed).
 2013-03-16 18:06:33 +01:00
Marek Marczykowski
8edadb40aa Move appmenus handling code to separate repository 
This code is highly Linux-specific so move it out of the core
repository.
 2013-03-16 18:03:10 +01:00
Marek Marczykowski
ecd8837113 Split core qubes.py into modules 2013-03-16 16:14:01 +01:00
Marek Marczykowski
41675aa30a spec: remove obsolete network setup 2013-03-15 23:54:49 +01:00
Marek Marczykowski
341f202a26 The Underscores Revolution: filenames 2013-03-15 23:03:28 +01:00
Marek Marczykowski
e1472df9dd Remove obsolete files 2013-03-14 15:05:07 +01:00
Marek Marczykowski
820ee45f03 Minor 'misc' and 'aux-tools' directory cleanup 2013-03-14 13:48:28 +01:00
Marek Marczykowski
50a8068e6f Rename qvm-core -> core 2013-03-14 04:49:48 +01:00
Marek Marczykowski
c90f5199dd The Underscores Revolution: RPC services 2013-03-14 01:22:43 +01:00
Marek Marczykowski
fe7d62f077 Move qmemman.conf to qmemman dir 2013-03-14 01:18:27 +01:00
Marek Marczykowski
1d8222dbdb Remove Fedora-comps.xml 
We have now own Qubes-comps.xml, so use it if present.
 2013-03-14 00:55:20 +01:00
Marek Marczykowski
e4264f4917 Remove SysV-init scripts 
Now dom0 uses SystemD, so init.d scripts no longer needed.
 2013-03-13 06:14:07 +01:00
Marek Marczykowski
d9358a91aa Move manpages here from separate repo 2013-03-12 17:02:26 +01:00
Marek Marczykowski
ad2bdf0634 Rename 'version_dom0' -> 'version' 
This repository contains only dom0 files now.
 2013-03-12 16:50:14 +01:00
Marek Marczykowski
fce0db13c9 move qvm-create-default-dvm to qvm-tools dir 2013-03-12 16:12:23 +01:00
Marek Marczykowski
fcf51c6a6f Remove qclipd - now part of qubes-manager 2013-03-12 16:00:31 +01:00
Marek Marczykowski
844cb21544 Require dmidecode - for qubes-hcl-report tool 2013-03-09 22:20:47 +01:00
Marek Marczykowski
b3c9c74a50 move dispvm files to more meaningful directory 2013-03-08 17:26:55 +01:00
Marek Marczykowski
0e8037deee remove VM files 2013-03-07 05:07:42 +01:00
Marek Marczykowski
f4c37be03a remove qubes-core-libs files - moved to separate repository 2013-03-07 02:54:55 +01:00
Marek Marczykowski
3c3252b2a3 Remove qrexec - moved to separate package 2013-03-07 02:30:03 +01:00
Marek Marczykowski
325cf4b894 forgotten subdir 2013-03-06 18:41:10 +01:00
Marek Marczykowski
ca2a54b2b1 do install files used by dom0 netvm 
We don't support dom0 netvm anymore.
 2013-03-06 18:38:08 +01:00
Marek Marczykowski
7d07a6cf50 move dom0 files to dom0 subdirectory 
Those files are actually common for dom0 and VM, but as we splitted the repos,
move them accordingly.
 2013-03-06 18:37:58 +01:00
Marek Marczykowski
8fc805f34a vm/systemd: disable avahi-daemon 
Aparently this service have changed name, so make sure it will be disabled also
under new name.
 2013-03-03 17:35:54 +01:00
Marek Marczykowski
35e01c4165 dom0/spec: improve PackageKit settings 
1. Do not try to tell "no network detected"
2. Do not try to tell "Distribution upgrade detected - Fedora 16"
 2013-03-01 01:36:05 +01:00
Marek Marczykowski
d89bdac58c dom0: create volatile.img if not exists (StandaloneVM case) 
StandaloneVM have no template to get clean volatile.img. Normally it is copied
from template during VM creation, but it can happen that image would not extx
(e.g. after backup restore). So create it from scratch.

Stay with original approach (restoring from clean image of template) for other
cases as it is much simpler (and perhaps faster).
 2013-02-27 05:29:27 +01:00
Marek Marczykowski
d12e532fc2 vm: Use nautilus-actions to provide "Copy to other AppVM" etc nautilus commands 
No more ugly symlink creation at VM startup, nautilus-actions have system-wide
dir (in opposite to nautilus-scripts).

Currently old symlinks are not cleaned up. Maybe it should, but leaving them
have one advantage: will not break existing users behavior.
 2013-02-21 16:44:16 +01:00
Marek Marczykowski
8d347cb455 vm/spec: mark some config files with %config(noreplace) 
Do mark such critical files, which shouldn't be modified by the user.
 2013-02-21 07:25:47 +01:00
Marek Marczykowski
9310f398d5 dom0/spec: own qubes python subdir 2013-02-21 04:32:55 +01:00
Marek Marczykowski
b214fa6f9d dom0: Scale icons to 48x48 
We register them as 48px icons, so scale them to that size (originally 600px).
Specifically required by gui-daemon which require prescalled icon.
 2013-02-19 01:05:22 +01:00
Marek Marczykowski
cd4c62fc42 dom0/systemd: disable xendomains.service 2013-02-13 16:55:07 +01:00
Marek Marczykowski
0e39e961ea dom0/systemd: Rename qubes-dispvm to qubes-setupdvm 
This is more accurate name. Also "qubes-setupdvm" is already used in
some places, so change service name instead of changing that places (at
least qubes-core.service).
 2013-02-13 16:52:38 +01:00
Marek Marczykowski
eb5ba60da7 vm/spec: force legacy iptables services 2013-02-12 01:38:30 +01:00
Marek Marczykowski
22a0d391c2 vm: revert /etc/yum.conf exclude config 
Upgrade of kernel is suppressed by qubes-vm-kernel-placeholder package.
Excluding xorg packages makes more problems than goods (e.g. unable to
install dummy driver, block fedora bugfixes).
 2013-02-12 01:38:30 +01:00
Marek Marczykowski
0936152e12 vm/systemd: disable NetworkManager-wait-online when NM inactive 2013-02-12 01:38:30 +01:00
Marek Marczykowski
268cbfdc84 vm: require net-tools 
Needed to setup network in VM
 2013-02-12 01:38:30 +01:00
Marek Marczykowski
07d7957caa dom0: install PolicyKit allow-all rules 
Same purpose as sudo rule - the user already can do almost all
administrative tasks and access all VMs data, so do disable annoying
password prompt (eg at system shutdown), which do not add any real
security layer.
 2013-02-12 01:38:29 +01:00
Marek Marczykowski
1579340802 vm: move polkit configs from qubes-gui-vm package 2013-02-12 01:38:29 +01:00
Marek Marczykowski
d2dc386997 vm/kernel-placeholder: update provided version 
Some fc18 packages requires >3.5 kernel, so update kernel-placeholder
appropriate (according to newest available package in unstable
repository).
 2013-02-12 01:38:29 +01:00
Marek Marczykowski
b8ccfd6e2e dom0/init: implement systemd unit files 
They cover standard init.d scripts when system have systemd, so can be placed
both in one package.
 2013-01-27 00:04:40 +01:00
Marek Marczykowski
d99ebe043c dom0/updates: add groups definition from fc18 2013-01-26 23:58:44 +01:00
Marek Marczykowski
75fc222545 dom0/dracut: support new dracut module interface 2013-01-25 03:09:18 +01:00
Marek Marczykowski
c5ae049e3b Revert "dom0/spec: fix HVM settings on upgrade" 
This reverts commit 4b44f977db.
This doesn't actually fix the problem, because in %post new qubes.py is already
installed and maxmem=memory is no longer true.
 2013-01-11 15:28:55 +01:00
Marek Marczykowski
4b44f977db dom0/spec: fix HVM settings on upgrade 
HVM should have meminfo-writer disabled by default (and now have). But existing
VMs have it already enabled so it must be fixed now. Generic HVM isn't capable
of dynamic memory management.

Previously it was forced to always have maxmem=memory but it wasn't fully
correct because someone could install Qubes agents/PV drivers including
meminfo-writer and xen-balloon even in HVM so it should be possible to turn it.
 2013-01-11 05:05:44 +01:00
Olivier Medoc
6d6c744f2c vm/qubes_rpc: implement qubes.WaitForSession 
RPC call will be used in vm.start function instead of the hardcoded echo > /tmp/qubes-session-waiter
 2013-01-11 01:12:23 +01:00
Marek Marczykowski
0b078a5e70 qubes-core-vm-kernel-placeholder 1.0-2 2013-01-04 13:23:48 +01:00
Marek Marczykowski
74054b4dda vm/kernel-placeholder: provide xorg-x11-drv-nouveau to resolve deps problem 2013-01-04 13:23:20 +01:00
Marek Marczykowski
554d119fae spec: generate proper debuginfo packages 
%setup macro must be present in %prep to set variables required by
find-debuginfo script. Symlink is to place sources in nice
/usr/src/debug/%{name}-%{version} subdir instead of plain /usr/src/debug/core
(which can be ambiguous).
Additionally all packages need to have _builddir pointing at top src dir (in
core-dom0 it was dom0 subdir). And to cheat make about current dir (to have
%{name}-%{version} included in path) chdir must be done by shell, not make - so
can't use make -C.
 2012-12-12 04:12:59 +01:00
Marek Marczykowski
02e7469be3 spec: do not build u2mfn not packaged in core-dom0 and core-vm 
This is packages in core-libs, so build it only there.
 2012-12-12 04:10:41 +01:00
Marek Marczykowski
e75d2fc57a vm/spec: do not remote 50-qubes_misc.rules during installation 2012-11-22 08:22:52 +01:00
Marek Marczykowski
19983edc3c vm: setup /dev/xen/evtchn permissions using udev rule 
This works also when the device is recreated, which is the case in DispVM
(during xl restore).
 2012-11-22 00:51:18 +01:00
Marek Marczykowski
3a3e265d1d vm: load dummy-hcd module to suppress libusb bug 
libusb crashes when no USB controller is present, load dummy-hcd as workaround.
 2012-11-19 17:52:16 +01:00
Marek Marczykowski
0a6e95225a vm: remove qubes-upgrade-vm after upgrade 2012-11-15 21:38:39 +01:00
Marek Marczykowski
629038e76d spec: extract core libs from qubes-core-vm 
This libs are required by both dom0 and VM so it's better to have it
separately. Previously in VM it was separate package, but dom0 have them
embedded in qubes-core-dom0, but qubes-core-vm-libs package was used to build
qubes-gui-dom0. Now we do not build all packages for all distros (especially do
not build core-vm package for dom0 distro, so gui-dom0 build fails), so make it
explicit which package is needed by which system.
 2012-11-14 13:12:51 +01:00
Marek Marczykowski
504b37e378 dom0/spec: remove obsoleted patch_appvm_initramfs.sh 
For a long time dracut module is used instead.
 2012-11-13 03:45:12 +01:00
Marek Marczykowski
67e9a785fb spec: fix compilation order 2012-11-08 00:02:13 +01:00
Marek Marczykowski
f45e6c92c5 spec: add missing 'make' call 2012-11-07 18:05:17 +01:00
Marek Marczykowski
cb31b333ae vm/spec: fix NotShowIn entries in autostart desktop files 2012-11-03 05:22:03 +01:00
Marek Marczykowski
7fec0fd6f3 dom0/updates: include pkg groups metadata from Fedora 13 
This will allow calls like "qubes-dom0-update @XFCE"
 2012-10-23 05:47:09 +02:00
Marek Marczykowski
e9025d3690 dom0/spec: fix file permissions in package 2012-10-23 05:46:25 +02:00
Marek Marczykowski
a432b729fa vm/qvm-usb: include vusb-ctl in VM package 2012-10-23 05:45:47 +02:00
Alexandre Bezroutchko
b2a784d35f adjust rpm spec file to cover compiled python files 2012-10-21 20:59:17 +02:00
Alexandre Bezroutchko
5d4cf00899 dvp/qvm-usb: converted installer scripts into RPM 2012-10-21 15:10:40 +02:00
Marek Marczykowski
e35b413c19 dom0/spec: add R: python-lxml for pretty print 2012-10-19 02:21:41 +02:00
Marek Marczykowski
d03bab3db2 Merge branch 'master-for-hvm' into hvm 
Conflicts:
	dom0/qvm-core/qubes.py
	dom0/qvm-tools/qvm-sync-clock
 2012-10-04 05:45:41 +02:00
Marek Marczykowski
490a5e9e1a vm/spec: fix adding yum-proxy configuration 
Do not add entry if already present.
 2012-10-04 05:44:20 +02:00
Bruce A Downs
d19a3cce99 vm: Added 'most recently used' feature to 'copy to vm' dialog 
* replaced zenity to qvm-mru-entry in qubes_rpc/qvm-copy-to-vm.gnome
* added python script qubes_rpc/qvm-mru-entry
* added /usr/bin/qvm-mru-entry to rpm_spec/core-vm.spec
 2012-10-04 05:44:19 +02:00
Bruce A Downs
dba7d94fba vm/spec: mod to core-vm.spec to add test for files 
core rpm was failing during uninstall attempting to move non-existent files
* /var/lib/qubes/fstab.orig
* /var/lib/qubes/serial.orig
 2012-10-04 05:44:19 +02:00
Marek Marczykowski
303d4ab042 dom0/iptables: block IPv6 traffic 
Dom0 is network isolated anyway, but apply also firewall in case of use
qubes-dom0-network-via-netvm.
 2012-10-04 05:44:19 +02:00
Marek Marczykowski
9c3f8417d4 vm/iptables: block IPv6 traffic 
This isn't properly handled by Qubes VMs yet, so block it in all the VMs.
Also restrict access to firewall config.
 2012-10-04 05:44:19 +02:00
Marek Marczykowski
9519d843d8 dom0/spec: mark qrexec policy as config files 
Prevent override on upgrade, when user makes some own changes (especially
"always allow" feature).
 2012-10-04 05:44:18 +02:00
Marek Marczykowski
6419fea4ce vm/spec: fix adding yum-proxy configuration 
Do not add entry if already present.
 2012-10-04 05:29:10 +02:00
Marek Marczykowski
4e2f47d95c dom0/spec: mark qrexec policy as config files 
Prevent override on upgrade, when user makes some own changes (especially
"always allow" feature).
 2012-08-27 00:53:58 +02:00
Marek Marczykowski
c0455ac641 Merge branch 'master' into hvm 
Conflicts:
	dom0/qvm-tools/qvm-create
	version_dom0
 2012-08-23 11:11:59 +02:00
Marek Marczykowski
a98020eca7 dom0+vm/qfile-copy: use setuid instead of policy setting to allow chroot 
This will allow to not hardcode "root" username in policy, which can be useful
for non-Linux systems.
 2012-08-18 21:17:07 +02:00
Marek Marczykowski
9b3a77bc1d dom0: move RPC services to separate directory (#654) 
This makes more clear which code have contact with untrusted data from VM.
 2012-08-16 16:56:16 +02:00
Marek Marczykowski
a67bf1f1c0 Merge branch 'master' into hvm 2012-08-06 15:00:02 +02:00
Marek Marczykowski
fa17c541af dom0: cleanup dead DispVMs at system startup (#648) 2012-08-04 00:57:34 +02:00
Marek Marczykowski
e6c8bf81fd Merge branch 'master' into hvm 
Conflicts:
	version_dom0
 2012-08-01 00:55:05 +02:00
Marek Marczykowski
b7d2667b1d vm/kernel-placeholder: simplify upgrade 2012-07-30 23:16:05 +02:00
Marek Marczykowski
d1b827e1bd Merge branch 'master' into hvm 
Conflicts:
	dom0/init.d/qubes_core
	rpm_spec/core-dom0.spec
	version_dom0
 2012-07-25 02:52:00 +02:00
Marek Marczykowski
b691f57bbf vm: kernel-placeholder package to inhibit real kernel pkg in VM (#645) 
Some packages depends on kernel (ex fuse, pulseaudio), but kernel in VM is
managed by dom0. Any hack like exlude or so on will break some things, so
install empty placeholder package to fulfill dependencies.
 2012-07-23 23:17:50 +02:00
Marek Marczykowski
f98bf1d570 dom0: fix dirs permissions after xen upgrade 2012-07-20 13:08:18 +02:00
Marek Marczykowski
38e8b85b06 dom0: fix dirs permissions after xen upgrade 2012-07-18 12:46:36 +02:00
Marek Marczykowski
0f6f445ece Revert "vm/spec: disable pam_systemd globally (#607)" (#626) 
This reverts commit 8ec4b6963b71b95bc0cda6dd80d99bf60aa9caec.
This caused regression (#626).

Conflicts:

	rpm_spec/core-vm.spec
 2012-07-16 13:36:08 +02:00
Marek Marczykowski
eeabd3b371 Revert "vm/spec: disable pam_systemd globally (#607)" (#626) 
This reverts commit 8ec4b6963b71b95bc0cda6dd80d99bf60aa9caec.
This caused regression (#626).

Conflicts:

	rpm_spec/core-vm.spec
 2012-07-16 12:49:41 +02:00
Marek Marczykowski
d9291ab2b4 dom0/appmenus: Rename dir entry for ServiceVMs (#627) 2012-07-15 02:41:23 +02:00
Marek Marczykowski
06ba3f6e49 vm: implement qubes.GetAppmenus to reduce code duplication 
As one-liner services are now real one-line, just do it.
 2012-07-15 02:41:23 +02:00
Marek Marczykowski
20f6c6c6dc vm: simplify qubes.VMShell service 
Now additional wrapper not required to skip cmdline argument
 2012-07-15 02:41:23 +02:00
Marek Marczykowski
b6b50b6fea dom0/appmenus: Rename dir entry for ServiceVMs (#627) 2012-07-15 02:26:17 +02:00
Marek Marczykowski
1c096ec65c vm: implement qubes.GetAppmenus to reduce code duplication 
As one-liner services are now real one-line, just do it.
 2012-07-15 02:26:09 +02:00
Marek Marczykowski
15d5a1205d vm: simplify qubes.VMShell service 
Now additional wrapper not required to skip cmdline argument
 2012-07-15 02:04:17 +02:00
Marek Marczykowski
906332ea40 vm: export SuspendPre and SuspendPost qrexec services (#617) 
1. Try to use NetworkManager sleep command instead of shutting it down
2. Move sleep action details (which is VM-specific) to VM
3. Export it as qrexec service(s)
 2012-07-13 14:44:11 +02:00
Marek Marczykowski
6d6f43fb4e vm: export SuspendPre and SuspendPost qrexec services (#617) 
1. Try to use NetworkManager sleep command instead of shutting it down
2. Move sleep action details (which is VM-specific) to VM
3. Export it as qrexec service(s)
 2012-07-13 14:40:52 +02:00
Marek Marczykowski
718f5c2bdb vm: provide dispvm-dotfiles and dispvm-prerun.sh in rpm package (#620) 2012-07-12 14:22:44 +02:00
Marek Marczykowski
b92bb698be vm: provide dispvm-dotfiles and dispvm-prerun.sh in rpm package (#620) 2012-07-12 14:21:44 +02:00
Marek Marczykowski
954b4e6947 vm/systemd: disable additional useless services (#620) 
Most of them relay on direct network acces, which isn't true on Qubes.
 2012-07-12 03:56:09 +02:00
Marek Marczykowski
ca7ec2aa57 vm/spec: remove dupplicated commnds, suppress error message 2012-07-12 03:56:09 +02:00
Marek Marczykowski
00778cacea dom0/spec: suppress unnecessary messages during package upgrade 2012-07-12 03:56:09 +02:00
Marek Marczykowski
6aeaa7b036 vm/systemd: disable additional useless services (#620) 
Most of them relay on direct network acces, which isn't true on Qubes.
 2012-07-12 03:54:41 +02:00
Marek Marczykowski
212d4227c8 vm/spec: remove dupplicated commnds, suppress error message 2012-07-12 03:54:41 +02:00
Marek Marczykowski
f0d55138d3 dom0/spec: suppress unnecessary messages during package upgrade 2012-07-12 03:54:34 +02:00