Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
917 Commits 1 Branch 0 Tags 15 MiB
e2aeceb230
Commit Graph

82 Commits

Author SHA1 Message Date
Joanna Rutkowska
203b55ee0a vm: allow user-define hook for IP change event 
This is especially useful for proxy VMs that e.g. run some transparent proxy service such as tor,
and need to rebind it upon IP change (of course this assumes iptables-based transparent redirection
such as DNAT).
 2011-08-18 15:49:49 +02:00
Joanna Rutkowska
fc5dc8b22d Merge branch 'prebeta2' of git.qubes-os.org:/var/lib/qubes/git/rafal/core 2011-08-02 19:35:19 +02:00
Rafal Wojtczuk
357759147f setup_ip: turn off sg 
Apparently vif frontend has broken sg implementation; we already worked around
it in init.d script via ethtool; now do the same in setup_ip. It is relevant
when attaching firewallvm to a different netvm on the fly.
 2011-08-02 19:27:45 +02:00
Joanna Rutkowska
7309cc2f04 Merge branch 'prebeta2' of git.qubes-os.org:/var/lib/qubes/git/rafal/core 2011-08-01 15:41:56 +02:00
Rafal Wojtczuk
d2301ab125 qvm-prefs: allow on the fly netvm switch (#302) 
When changing netvm of a running vm, detach/attach eth0.
Some functionality of qubes_core_netvm thus is duplicated in setup_ip.
REQUIRES http://git.qubes-os.org/?p=rafal/xen.git;a=commit;h=42c72e6173586a807f8f153391e2e57352d362b1
 2011-08-01 15:06:01 +02:00
Marek Marczykowski
002fad72c4 dom0+vm: Polishing qvm-dom0-upgrade (#287) 
Do not print error message when no package downloaded. Also some more covenient
usage when dowloading new packages (implied --resolve --nogui).
 2011-07-25 13:45:36 +02:00
Marek Marczykowski
49257d488b dom0+vm: download updates as normal user (#198) 2011-07-17 01:20:13 +02:00
Marek Marczykowski
f24897ae56 vm: Split updates check and download into separate scripts (#198) 2011-07-17 01:20:13 +02:00
Marek Marczykowski
977b058395 dom0: implement size/file-count limit of downloaded updates (#198) 
Currently limit is 2GB and 2048 files, but can be adjusted by env variables
(UPDATES_MAX_BYTES, UPDATES_MAX_FILES).
 2011-07-17 01:20:13 +02:00
Marek Marczykowski
4fd6cf98d5 vm: more reliably set IP address of VM 2011-07-14 02:11:43 +02:00
Marek Marczykowski
3c32fc8d21 vm: Do not try to load non-existing xen-evtchn module 2011-07-10 23:54:23 +02:00
Rafal Wojtczuk
6366db0ab6 qrexec: adjust updates fetching to the new qrexec api 2011-07-06 14:44:40 +02:00
Rafal Wojtczuk
b3ce35b5e2 qrexec: change qrexec_client_vm syntax to be nicer to read 
Now the local_program is just before arguments, which is nicer.
 2011-07-06 14:21:35 +02:00
Rafal Wojtczuk
d46150b8d3 qrexec: adjust appmenu syncing to the new qrexec api 2011-07-06 14:09:36 +02:00
Marek Marczykowski
33fa170e75 vm: remove /lib/modules from fstab (#263) 
This is mounted by initramfs
 2011-07-03 20:53:36 +02:00
Marek Marczykowski
fdf636f50e vm: Do not setup IP second time 
It is assigned by udev script
 2011-07-03 20:11:55 +02:00
Marek Marczykowski
11a96f70de vm: Load evtchn module by script in /etc/sysconfig/modules 2011-07-02 19:11:15 +02:00
Marek Marczykowski
af7fb11a4a Revert "vm: Load evtchn module in qubes_core" 
This reverts commit 26a9b77545.
Will be loaded by separate script in /etc/sysconfig/modules

Conflicts:

	common/qubes_core
 2011-07-02 19:09:28 +02:00
Joanna Rutkowska
88098ae69b vm: qubes_core ident fixes 2011-07-02 13:14:57 +02:00
Joanna Rutkowska
26a9b77545 vm: Load evtchn module in qubes_core 2011-07-02 13:12:53 +02:00
Joanna Rutkowska
3428d95015 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-07-02 00:29:32 +02:00
Marek Marczykowski
01a5046e54 vm: Load u2mfn module 2011-07-02 00:24:20 +02:00
Joanna Rutkowska
bfa03d5fb9 Update VM yum repos confs for Beta2 2011-07-01 22:56:11 +02:00
Marek Marczykowski
f447a458f2 dom0+vm: Update VM kernel mechanism (#242) 
Get kernel from global kernels dir (/var/lib/qubes/vm-kernels), not per-VM. Can
be configured by qvm-prefs (kernel parameter).
New tool: qvm-set-default-kernel

For backward compatibility kernel=None means kernel in VM dir (kernels subdir).
(possibly empty) modules.img should be created in it.
 2011-06-30 01:07:47 +02:00
Marek Marczykowski
71cfeba203 vm: Check for TemplateVM updates (#198) 
Just before dom0 updates check for TemplateVM updates and notify the user when
there are some.
 2011-06-27 21:14:34 +02:00
Marek Marczykowski
2784d0ccd4 vm: Run ntpd in FirewallVM as clock source for dom0 (#198) 2011-06-27 21:14:34 +02:00
Marek Marczykowski
d9d7a69c27 dom0+vm: Tools for downloading dom0 update by VM (#198) 
Mainly 4 parts:
 - scripts for providing rpmdb and yum repos to VM (choosen by qvm-set-updatevm)
 - VM script for downloading updates (qubes_download_dom0_updates.sh)
 - qfile-dom0-unpacker which receive updates, check signatures and place its in dom0 local yum repo
 - qvm-dom0-upgrade which calls all of above and after all yum gpk-update-viewer

Besides qvm-dom0-upgrade, updates are checked every 6h and user is prompted if
want to download it. At dom0 side gpk-update-icon (disabled yet) should notice
new updates in "local" repo.
 2011-06-22 00:44:48 +02:00
Marek Marczykowski
83d211836a dom0+vm: Trigger appmenus sync after yum transaction (#45), NEW QREXEC COMMAND 
After yum transaction (install/upgrade/remove),
yum-plugin-post-transaction-actions will execute script which trigger
qvm-sync-appmenus in dom0 (through qrexec).
THIS INTRODUCE NEW PREDEFINED COMMAND IN QREXEC
 2011-06-12 01:46:24 +02:00
Marek Marczykowski
4ab4783ee2 dom0: block-snapshot: add prepare and cleanup actions 
"prepare" and "cleanup" actions can be used to setup device manually - not from
udev. This is used by qvm-revert-template-changes.
 2011-06-10 18:34:17 +02:00
Marek Marczykowski
f3b245a45a dom0: block-snapshot: retrieve domain name from frontend-id only when no "domain" entry in xenstore 
This enables compatibility with libxl AND xend.
 2011-06-10 18:33:31 +02:00
Marek Marczykowski
ae52e1829a dom0: block-snapshot: enable nullglob to not fail on snapshot/origin remove 
Normally should not happen because all domains needs at least one snapshot
device, but in some rare situation can be helpful to cleanup stale devices.
 2011-06-10 18:29:56 +02:00
Marek Marczykowski
f1f98d47df dom0: Use /var/run/xen-hotplug to store information needed for block devices cleanup. 
Libxl removes xenstore entries before udev (+scripts) have chance to read it.
 2011-06-09 14:06:24 +02:00
Marek Marczykowski
986f4a888c Merge branch 'r1-beta1-fixes' 
Conflicts:
	dom0/qvm-core/qubes.py
	version_dom0
	version_vm
 2011-05-24 00:20:39 +02:00
Joanna Rutkowska
957c324371 vm: add current-testing repo definitions 2011-05-23 21:39:48 +02:00
Timo Juhani Lindfors
b43baee220 Ensure 'make clean' removes xenstore-watch 2011-05-13 14:16:10 +02:00
Marek Marczykowski
98f4028142 Connect vif's to already running VMs on NetVM/ProxyVM startup (#190) 
Also cleanup stale vifs using "xm network-detach ... -f"
Fix iptables rules to support not only first vif of VM
 2011-04-23 03:05:27 +02:00
Marek Marczykowski
655f13e2ec Configure VM network iface on attach (not only on boot) (#190) 2011-04-23 02:31:54 +02:00
Marek Marczykowski
bd56c4709f Allow normal user to read xenstore values 
This is needed by qubes-session
 2011-04-07 18:43:52 +02:00
Joanna Rutkowska
126fca97c3 Use different repo files depending on %{dist} tag (#197) 2011-04-06 13:59:43 +02:00
Joanna Rutkowska
102d5735e7 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-04-06 10:40:51 +02:00
Marek Marczykowski
95a52d388b Optimize iptables rules in NetVM 
Move "state RELATED,ESTABLISHED" rule to the beginning.
 2011-04-06 10:33:42 +02:00
Joanna Rutkowska
00107ccd84 Correct repo file for VMs 2011-04-05 23:53:44 +02:00
Joanna Rutkowska
a83e8c2d2d commonvm: Update repo info, use local RPM keys 2011-04-04 11:27:48 +02:00
Joanna Rutkowska
59e00482d1 Fix stupid synatx error that prevented displaing error messages 2011-03-31 15:25:33 +02:00
Joanna Rutkowska
f713729826 Move nautilus scripts creation to qubes_core 
qubes_core_appvm executes too early, when /home is still not symlinked to /rw/home.
 2011-03-31 15:15:10 +02:00
Joanna Rutkowska
d5537b72a7 Use zenity instead of kdialog in appvm code 2011-03-31 13:26:41 +02:00
Tomasz Sterna
01b7d9aafc Create needed NetworkManager.conf in netvm. #94 
Also fixed qubes_fix_nm_conf.sh script.
 2011-03-26 11:33:04 +01:00
Rafal Wojtczuk
769213e019 Removed obsolete code, in appvm. 2011-03-24 17:13:21 +01:00
Rafal Wojtczuk
dd9f1a6f7f Move execution of qrexec_agent to qubes_core 
Previously it was in both qubes_core_appvm and qubes_core_netvm;
somehow counterintuitively, qubes_core_netvm executes on appvm, too. So
move it to a common place.
 2011-03-23 11:34:01 +01:00
Rafal Wojtczuk
488eda21d9 Merge branch 'blockless' into spring-merge 
Conflicts:
	appvm/Makefile
	appvm/qubes_core
	netvm/qubes_core
	rpm_spec/core-appvm.spec
	rpm_spec/core-netvm.spec
 2011-03-21 13:54:35 +01:00