Commit Graph

85 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
242590902a firewall: minor improvements
Do not require ports specified in rule - useful for "any" protocol where
ports doesn't have sense.
2014-03-28 02:55:35 +01:00
Marek Marczykowski-Górecki
e90e1c62ec proxyvm: add support for rules with expire time (#760) 2014-03-28 02:54:59 +01:00
Marek Marczykowski-Górecki
04f86c7059 core: use functions instead of evals for storing attributes to qubes.xml 2014-03-27 17:15:15 +01:00
Marek Marczykowski-Górecki
e9fe890acb core: rewrite "eval" to "func" attribute handlers 2014-03-26 04:41:28 +01:00
Marek Marczykowski-Górecki
5141aba741 core: support functions instead of evals in attribute config
eval still supported, but once all the code will be converted to
functions, the support will be removed.
2014-03-26 04:40:45 +01:00
Marek Marczykowski-Górecki
91428ebaa1 core: method to resize root.img (#699) 2014-03-21 18:43:13 +01:00
Marek Marczykowski-Górecki
09652cb0f8 core: store date of last backup for each VM 2014-03-10 04:29:14 +01:00
Marek Marczykowski-Górecki
c5e2ba03bd core: notify xenstored about domain resume
Otherwise it will not fire further domain suspend/death watches against
this domain - so xl will not cleanup the domain.
2014-03-05 03:39:49 +01:00
Marek Marczykowski-Górecki
6fece6347f core: call xl destroy as root
In case the VM has PCI devices, it need to access sysfs (as root).
2014-02-16 11:15:06 +01:00
Marek Marczykowski-Górecki
1e2459c210 core: include 'default_user' in cloned attributes 2014-02-10 12:59:46 +01:00
Marek Marczykowski-Górecki
86d3e2f4dd core: Do not kill the VM when qrexec connect timed out (#790)
In such case show an error to the user (via tray notification, not
dialog box!) and leave the VM in "transient" state. The user can wait
some more time for VM startup, check what VM is doing, or kill it
manually.
2014-02-05 03:31:36 +01:00
Marek Marczykowski-Górecki
f4a2fcc8ae core: remove dead "xm console" code 2014-02-05 03:31:32 +01:00
Marek Marczykowski-Górecki
d25482ad29 Add one more method to get system timezone
Some programs (like KDE system settings) makes /etc/localtime hardlink
instead of symlink. Handle this case. Hopefully there will be less and
less such applications...
2014-01-23 02:33:05 +01:00
Marek Marczykowski-Górecki
8dda7cf884 core: improve VM name validation
Do not allow 'special' names.
2014-01-21 00:41:01 +01:00
Marek Marczykowski-Górecki
76aa93e94b hvm: start stubdom guid regardless of guiagent_installed (#60 pro)
Alway start stubdom guid, then if guiagent_installed set - start the
target one and when connects, kill stubdom one. This allow the user to
see startup messages so prevent the impression of hang VM.

Note 1: this doesn't work when VM disables SVGA output (just after
windows boot splash screen).
Note 2: gui-daemon sometimes hangs after receiving SIGTERM (libvchan_wait
during libvchan_close). This looks to be stubdom gui agent problem.
2013-12-03 06:18:23 +01:00
Marek Marczykowski-Górecki
4ce3acd64d hvm: always use qrexec for clipboard operations
This is temporary solution until Windows GUI agent will handle
MSG_CLIPBOARD_* commands.

Also fix code style - wrap long lines
2013-12-02 03:47:49 +01:00
Marek Marczykowski-Górecki
27f6f0e64e Merge branch 'new-backups'
Conflicts:
	core-modules/000QubesVm.py
2013-11-29 04:00:58 +01:00
Marek Marczykowski-Górecki
3c99ac1d07 Performance optimization regarding xenstore access
Reduce number of xenstore access during checking current domain XID.
2013-11-26 20:16:10 +01:00
Marek Marczykowski-Górecki
09393734a3 core: refuse to set template for standalone VM 2013-11-25 07:18:01 +01:00
Marek Marczykowski-Górecki
a457b62728 core: more flexible mechanism for template compatibility check
Using class method allow the users (Qubes Manager at least) to check
for compatibility without having any particular VM instance - useful
while creating the VM.
2013-11-21 03:42:31 +01:00
Marek Marczykowski-Górecki
efeb284ab1 core: do not call resize2fs on private.img in dom0
Do not parse VM data (filesystem metadata in this case) in dom0, as this
expose dom0 for potential attack.
2013-11-21 03:38:12 +01:00
Marek Marczykowski-Górecki
6fddae3b9b Support for autostart VMs (#724) 2013-11-20 02:57:17 +01:00
Marek Marczykowski-Górecki
2005207462 Template support for HVM (#719)
Any HVM (which isn't already template-based) can be a template for
another HVM. For now do not allow simultaneous run of template and its
VM (this assumption simplify the implementation, as no root-cow.img is
needed).
2013-11-19 18:42:59 +01:00
Marek Marczykowski-Górecki
a9a8335403 Merge remote-tracking branch 'oliv/master' into new-backups
Conflicts:
	core/qubesutils.py
	dom0/qvm-core/qubes.py
2013-11-07 22:41:16 +01:00
Marek Marczykowski-Górecki
dfe0b18382 core: call ACPI S3 emulation only for VMs with PCI devices
Actually it looks to be needed only there.
But also another problem: this suspend doesn't work for firewallvm, for
unknown reason.
2013-10-24 04:10:07 +02:00
Marek Marczykowski-Górecki
149971ae2e core: add methods to trigger ACPI S3 of VM
Those methods should be called during dom0 suspend/resume.
2013-10-23 21:56:50 +02:00
Marek Marczykowski
5e0d8c1155 Pass domain name to qrexec daemon 2013-10-18 03:39:02 +02:00
Marek Marczykowski-Górecki
41ba079eb8 Force the first character of VM name to be a letter
Especially don't allow numeric-only name (our deserializer of qubes.xml
will convert it to int instead of str...).
2013-10-08 22:47:56 +02:00
Marek Marczykowski-Górecki
5da7a520c4 core: move pci_add/pci_remove to QubesVM, add support for live add/remove (#708)
This additionally requires qubes.DetachPciDevice service in VM.
2013-09-01 01:26:43 +02:00
Marek Marczykowski
19982da9d2 QubesVm: drop evals already covered by generic deserializer 2013-08-13 00:33:54 +02:00
Marek Marczykowski
28b8eb0445 Send monitor layout at VM startup.
Gui daemon isn't aware of multihead parameters, also gui protocol
doesn't support such information - currently by design it is configured
via Qubes RPC service.
At GUI startup send monitor layout to the VM.
2013-08-11 04:11:34 +02:00
Marek Marczykowski
a1e9e3bf1a Fix domain clone/rename 2013-05-25 22:18:37 +02:00
Marek Marczykowski
48098accc5 core: fix datetime handling with new imports
Now it is 'import datetime', not 'from datetime import datetime', so use
explicit datetime class from datetime module.
2013-03-26 02:15:34 +01:00
Marek Marczykowski
f7d868bff8 Missing imports once again... 2013-03-19 13:36:35 +01:00
Marek Marczykowski
a84886db07 Move all files one level up 2013-03-16 19:56:51 +01:00