Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,046 Commits 1 Branch 0 Tags 20 MiB
e6bbc83e0b
Commit Graph

228 Commits

Author SHA1 Message Date
Marek Marczykowski
abcd6416fc dom0: move shutdown to qvm-core 2011-10-14 11:59:33 +02:00
Marek Marczykowski
ede96353af dom0/qrexec: Add always allow option in qrexec confirmation dialog (#278) 2011-10-12 00:08:28 +02:00
Marek Marczykowski
bc47334d21 dom0: fix cleanup_vif 2011-10-10 17:11:00 +02:00
Marek Marczykowski
e1ccda362c dom0/qvm-core: release lock in VM.start() right before starting qrexec (#344) 2011-10-10 11:23:14 +02:00
Marek Marczykowski
05605f1394 dom0/qvm-core: ignore template_vm=None when loading qubes.xml 
This should result in more elegant error message in case of error in qubes.xml.
 2011-10-07 21:46:27 +02:00
Marek Marczykowski
98827c7020 dom0/qvm-core: output messages to stderr (#276) 2011-10-07 21:40:29 +02:00
Marek Marczykowski
053944470c dom0: improve vif cleanup 
Just remove dead devices from xenstore, there is no point in waiting for its
shutdown (which 'xl' does) as backend domain is dead.
 2011-10-03 22:54:45 +02:00
Marek Marczykowski
600877b830 dom0: use default values for values not present in qubes.xml 
Do not set them to None. This should improve compatibility with older versions of qubes.xml
 2011-10-01 10:33:25 +02:00
Marek Marczykowski
f0038d2ec7 dom0: typo fix in default_fw_netvm saving 2011-10-01 02:55:22 +02:00
Marek Marczykowski
3c7f8b97cd dom0: return datatime value in get_start_time (#315) 2011-10-01 02:54:18 +02:00
Marek Marczykowski
7ae0c52e6d dom0: introduce ClockVM - timesource for dom0 (#361) 2011-10-01 02:54:00 +02:00
Marek Marczykowski
287da572e9 dom0+vm: introduce 'qubes-service' xenstore dir - enable/disable VM services from dom0 
This allows control which services are started in VM by dom0. For some
situation vm_type was used, but it isn't enough - i.e. ntpd should be started
in one, selected NetVM.
 2011-10-01 02:49:25 +02:00
Marek Marczykowski
aa08f555c3 dom0+vm: minor fixes in qvm-block scripts 2011-09-30 11:20:03 +02:00
Marek Marczykowski
5fc5301cee Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 2011-09-30 10:46:04 +02:00
Marek Marczykowski
e3993ca5f9 dom0: qvm-block tool, new qubesutils python module (#226) 2011-09-29 13:56:22 +02:00
Marek Marczykowski
6b885bd361 dom0+vm: expose block devices info in xenstore (#226) 2011-09-29 13:56:06 +02:00
Joanna Rutkowska
59f71f634a dom0: Fix xenstore permissions qubes_netvm_external_ip 
We should ensure that the first expression in the permisions list
is nX, where X is the owning domain, and not rX or wX, as otherwise
we would be granting all other VMs read access to the key.

This is explained in more detail here:

http://wiki.xensource.com/xenwiki/XenBus

In practice the perms problem applied only to the qubes_netvm_external_ip key
that is exposed by each NetVM to corresponding Proxy VMs. Before this fix,
the key was readable by any VM in the system, which might not be desired in some
more advanced networking setups, such as with Tor Proxy VM.
 2011-09-26 17:24:11 +02:00
Marek Marczykowski
0ce7336cad dom0: Distinguish 'Halting','Crashed' state from simple 'Halted' (#314) 2011-09-13 18:39:09 +02:00
Joanna Rutkowska
f2770e2d03 dom0: Fix create_xenstore_entries in other classes to not require xid argument 2011-09-09 18:49:15 +02:00
Marek Marczykowski
2319083631 dom0: use default kernel opts when custom opts isn't set 
This can happen after rpm upgrade.
 2011-09-09 14:24:17 +02:00
Joanna Rutkowska
89d532ef11 dom0: qubes.py: do not use pci=nomsi as a default argument for passthrough VM kernels anymore 2011-09-08 14:09:03 +02:00
Marek Marczykowski
5e09af2b46 dom0: limit default swiotlb size for NetVM (#342) 2011-09-08 01:19:25 +02:00
Marek Marczykowski
320847de91 dom0: correctly remove appmenus for ServiceVM (if any) 2011-09-06 01:17:09 +02:00
Marek Marczykowski
77ec31d164 dom0: appmenus templates handling for StandaloneVM (#317) 
StandaloneVM also needs apps.templates dir in order to qubes-appmenu-select
works. Also can be helpful for backup/restore.
 2011-09-06 01:15:35 +02:00
Marek Marczykowski
c1f0296e66 dom0: automatically determine domain xid in create_xenstore_entries 2011-09-06 01:14:49 +02:00
Marek Marczykowski
f85fcc06aa dom0: replace obsolete swiotlb=force with iommu=soft 2011-09-03 16:15:02 +02:00
Marek Marczykowski
5cb6cd2aa7 dom0: fix uses_default_kernelopts typo 2011-09-03 16:14:51 +02:00
Marek Marczykowski
58985193e7 dom0: move network-attach logic to qubes.py 
Main reason is to remove code duplication.
Also fixes #260 and workaround (by sleep...) some race at NetVM restart
(fronted driver does not noticed vif-detach+vif-attach).
 2011-09-03 16:13:14 +02:00
Marek Marczykowski
5fe147729d dom0: copy only selected files for StandaloneVM kernel 
Especially ignore modules dir - already included in modules.img
 2011-09-03 16:04:25 +02:00
Marek Marczykowski
7f24727b2b dom0: fix waiting for vif detach 2011-09-03 16:01:22 +02:00
Marek Marczykowski
11da1633d3 dom0: Copy default template kernel to StandaloneVM dir (#333) 
Just prepare kernel for qvm-set -s <vmname> kernel none
 2011-09-01 15:01:37 +02:00
Marek Marczykowski
ac917ef1d8 dom0: Set modules.img device R/W for StandaloneVM (#333) 2011-09-01 14:56:23 +02:00
Marek Marczykowski
577dd2b076 dom0: when cleaning up network devices, wait for actual device destroy 
Otherwise subsequent network-attach will not be noticed by frontend driver.
 2011-09-01 00:01:53 +02:00
Marek Marczykowski
be5e5a98a1 dom0: use full patch for network script 
xl (apart from xm) doesn't prefix script with dir.
 2011-08-31 22:01:08 +02:00
Marek Marczykowski
3cf1af0321 dom0: implement custom kernelopts (#323) 2011-08-31 20:39:26 +02:00
Marek Marczykowski
fbce32ae1f dom0/qvm-prefs: info when kernel setting is from template 2011-08-31 18:32:37 +02:00
Rafal Wojtczuk
8ecd6134d9 firewall: call iptables-restore once per domain (#311) 
qubes.py now places rules for each domain in a separate key under
/local/domain/fw_XID/qubes_iptables_domainrules/
plus the header in /local/domain/fw_XID/qubes_iptables_header.
/local/domain/fw_XID/qubes_iptables is now just a trigger.
So, if iptables-restore fails dues to e.g. error resolving a domain name
in a rules for a domain, then only this domain will not get connectivity,
others will work fine.
 2011-07-29 16:50:12 +02:00
Rafal Wojtczuk
6fc358bd20 dispvm: honour current choice of template for dispvm 
... when auto-refreshing the dispvm savefile.
While at it, also copy dispvm-prerun.sh script in qvm-clone.
 2011-07-26 17:09:59 +02:00
Rafal Wojtczuk
7cfbe1c7d8 qubes.py: postpone qmmeman.close() 
There are indications that when parent "xl" process exits, the domain is not
booted completely; and xl actions may interfere with qmemman memory balancing.
Thus, in VM.start(), we delay releasing of qmemman handle until qrexec_daemon
connects successfully.
 2011-07-22 15:07:04 +02:00
Marek Marczykowski
342261ff10 dom0: Do not clone config file with template 
Not needed any more
 2011-07-21 00:49:03 +02:00
Marek Marczykowski
c9ad2314ea dom0: variable names conflict (#290) 
uuid is also name of (used here) python module...
 2011-07-20 16:12:28 +02:00
Marek Marczykowski
f1153a5413 dom0: initialize vmtype in create_appmenus (#212) 2011-07-20 16:06:22 +02:00
Marek Marczykowski
99dfdd70c3 dom0: Hide some messages from 'xl' tool (#265) 2011-07-17 01:54:27 +02:00
Marek Marczykowski
182e1ccf2b dom0: watch for updates from dom0 (#198) 
Additionally synchronize clock every 6h. This is started by xdg-autostart (not
qvm-core) to have running Xorg - needed to prompt user for updates download.
 2011-07-17 01:20:13 +02:00
Marek Marczykowski
a68faecc35 dom0: initialize default_kernel parameter 2011-07-15 12:24:27 +02:00
Marek Marczykowski
9f67e5de9d dom0: Regenerate appmenus also for TemplateVM in create_appmenus() 2011-07-10 23:39:48 +02:00
Marek Marczykowski
0813f49186 dom0: Clone whitelisted-apps.list with template clone 2011-07-10 23:37:35 +02:00
Marek Marczykowski
817735fc92 dom0: Do not copy obsolete apps-template.templates dir on template clone 2011-07-10 23:36:50 +02:00
Marek Marczykowski
f6609cb1c4 dom0: minor #252 fix 2011-07-09 20:43:57 +02:00
Marek Marczykowski
7e234a4a8d dom0: store dispid in QubesDisposableVm object and generate proper IP (#247) 2011-07-09 17:52:47 +02:00