Commit Graph

3167 Commits

Author SHA1 Message Date
Marek Marczykowski
dde1b5b2f5 dom0/qrexec: use QUBESRPC instead of direct multiplexer path 2012-08-23 03:59:31 +02:00
Marek Marczykowski
b7f5c6ac0b dom0/qvm-tools: catch exceptions while settting VM name (#656) 2012-08-23 03:48:03 +02:00
Marek Marczykowski
85565af560 dom0/core: verify VM name for not-allowed characters (#656) 2012-08-23 03:45:06 +02:00
Marek Marczykowski
4fcaf3e7b7 Revert "win: unmask evtchn before checking if libvchan_wait is needed"
This reverts commit f7ce10db8f76f752cf9d65b420de352e70bdb048.
This should be fixed by doing 0-length reads in qrexec main loop (instead of
real read of fired port number).
2012-08-23 01:58:44 +02:00
Marek Marczykowski
7c1dfe9266 dom0/qrexec: implement standalone policy evaluation (#12 pro)
This change will allow to use the same policy mechanism to control clipboard
copy between domains.
2012-08-18 22:08:26 +02:00
Marek Marczykowski
11e142adb3 dom0/qrexec: use default user from VM settings 2012-08-18 21:42:54 +02:00
Marek Marczykowski
d0f20e9e59 Merge remote-tracking branch 'joanna-pro/hvm' into hvm 2012-08-18 21:24:01 +02:00
Marek Marczykowski
7745e23137 dom0/qrexec: use QUBESRPC instead of direct multiplexer path 2012-08-18 21:21:20 +02:00
Marek Marczykowski
a98020eca7 dom0+vm/qfile-copy: use setuid instead of policy setting to allow chroot
This will allow to not hardcode "root" username in policy, which can be useful
for non-Linux systems.
2012-08-18 21:17:07 +02:00
Marek Marczykowski
b05d035ff2 Merge remote-tracking branch 'alex/hvm' into hvm 2012-08-17 17:44:37 +02:00
Marek Marczykowski
cc23d3cb3d dom0/qubes_rpc: mark untrusted variables (#654) 2012-08-16 16:56:55 +02:00
Marek Marczykowski
26fca20d45 dom0/qmemman: fix reporting to qubes-manager
When VM is shutting down, xenstore entries (especially 'name') can be deleted
before qmemman remove VM from its list. So check if name is defined before
reporting to qubes-manager.
2012-08-16 16:56:55 +02:00
Marek Marczykowski
9b3a77bc1d dom0: move RPC services to separate directory (#654)
This makes more clear which code have contact with untrusted data from VM.
2012-08-16 16:56:16 +02:00
Joanna Rutkowska
ba85ca2df2 version 1.7.43 2012-08-10 14:45:19 +02:00
Marek Marczykowski
f41759a8b7 vm: ignore additional actions in *.desktop files (#631) 2012-08-10 11:08:05 +02:00
Marek Marczykowski
cb39325e6f vm: ignore additional actions in *.desktop files (#631) 2012-08-10 11:06:58 +02:00
Joanna Rutkowska
f2760a0385 Merge branch 'hvm' of 10.141.1.101:/var/lib/qubes/git/marmarek/core into hvm 2012-08-07 16:36:09 +02:00
Marek Marczykowski
a67bf1f1c0 Merge branch 'master' into hvm 2012-08-06 15:00:02 +02:00
Marek Marczykowski
038933789d vm/updates-proxy: fix regexp (#643) 2012-08-06 14:59:10 +02:00
Marek Marczykowski
4f56cf420a dom0/core: add missing "cleanup_dispvms" file (#648) 2012-08-06 14:57:30 +02:00
Marek Marczykowski
e1404a2d4f dom0/qvm-run: do not break --all when run in one VM failed 2012-08-04 04:15:33 +02:00
Marek Marczykowski
fa17c541af dom0: cleanup dead DispVMs at system startup (#648) 2012-08-04 00:57:34 +02:00
Marek Marczykowski
7677854fd2 dom0/core: make verbose parameter of create_appmenus optional 2012-08-04 00:37:14 +02:00
Marek Marczykowski
71c5ce14ef Merge remote-tracking branch 'alex/hvm' into hvm 2012-08-03 02:06:09 +02:00
Marek Marczykowski
ec47c5eb81 win: unmask evtchn before checking if libvchan_wait is needed
This should prevent the race, when evtchn is signalled between condition check
and libvchan_wait call.
2012-08-03 02:02:26 +02:00
Marek Marczykowski
847fe81dcd dom0/qvm-run: do not break --all when run in one VM failed 2012-08-01 01:01:37 +02:00
Marek Marczykowski
e6c8bf81fd Merge branch 'master' into hvm
Conflicts:
	version_dom0
2012-08-01 00:55:05 +02:00
Marek Marczykowski
b7d2667b1d vm/kernel-placeholder: simplify upgrade 2012-07-30 23:16:05 +02:00
Marek Marczykowski
a680976f1e dom0/updates: show errors from qubes-receive-updates
Especially when signature verification failed, show message about it, not
enigmatic "Could not open/read
file:///var/lib/qubes/updates/repodata/repomd.xml"
2012-07-30 23:16:05 +02:00
Marek Marczykowski
4ffe3e0391 dom0/qvm-block: fix error handler 2012-07-30 23:16:05 +02:00
Marek Marczykowski
c2d4b0de62 dom0/updates: typo fix in qubes-manager statfile handling 2012-07-30 23:16:05 +02:00
Joanna Rutkowska
65a08f7bae version 1.7.42 2012-07-30 16:59:19 +02:00
Marek Marczykowski
be389bddb9 dom0/core: allow custom kernel for non-updateable VMs 2012-07-28 01:40:24 +02:00
Marek Marczykowski
500baf3a60 dom0/core: allow custom kernel for non-updateable VMs 2012-07-28 01:39:59 +02:00
Marek Marczykowski
18c9af90c7 dom0/core: fix qubes-session wait code 2012-07-28 00:55:12 +02:00
Marek Marczykowski
4b9cc1e405 dom0/core: fix qubes-session wait code 2012-07-28 00:51:19 +02:00
Marek Marczykowski
e4d15f55f1 Merge remote-tracking branch 'alex/hvm' into hvm 2012-07-25 02:56:51 +02:00
Marek Marczykowski
d1b827e1bd Merge branch 'master' into hvm
Conflicts:
	dom0/init.d/qubes_core
	rpm_spec/core-dom0.spec
	version_dom0
2012-07-25 02:52:00 +02:00
Marek Marczykowski
b691f57bbf vm: kernel-placeholder package to inhibit real kernel pkg in VM (#645)
Some packages depends on kernel (ex fuse, pulseaudio), but kernel in VM is
managed by dom0. Any hack like exlude or so on will break some things, so
install empty placeholder package to fulfill dependencies.
2012-07-23 23:17:50 +02:00
Marek Marczykowski
cc12b58c2e Merge remote-tracking branch 'joanna/master' 2012-07-23 22:16:42 +02:00
Marek Marczykowski
ad7da49e74 dom0/core: remove ugly hack in network-reconnect code (#637) 2012-07-22 01:33:08 +02:00
Marek Marczykowski
9c912694be vm/prepare-dvm: wait for Xorg in more deterministic way (#636) 2012-07-22 01:23:45 +02:00
Marek Marczykowski
6da61af323 dom0/backup-restore: fix netvm field in summary 2012-07-21 00:12:18 +02:00
Joanna Rutkowska
f2d8142823 version 1.7.41-dom0 2012-07-20 23:22:43 +02:00
Marek Marczykowski
6580fc70a7 Merge branch 'master' of git://git.qubes-os.org/joanna/core
on (#635)

Parse config and setup socket before fork.
2012-07-20 23:01:06 +02:00
Marek Marczykowski
a97458ad08 dom0/core: do not reset firewall on clone_attrs 2012-07-20 22:55:28 +02:00
Marek Marczykowski
dc95349145 dom0/backup-restore: fix verification of VMs in backup 2012-07-20 22:55:28 +02:00
Marek Marczykowski
e7477cfaf2 dom0/core: minor comments improvements 2012-07-20 22:55:28 +02:00
Marek Marczykowski
dbbb168b66 dom0/core: improve diagnostics of qmemman errors 2012-07-20 22:55:17 +02:00
Marek Marczykowski
130873071f dom0/core: do not reset firewall on clone_attrs 2012-07-20 22:54:53 +02:00