Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
2,241 Commits 1 Branch 0 Tags 15 MiB
f8fa85b341
Commit Graph

2241 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Olivier Médoc
69354475bf dom0/qvm-sync-clock: use timestamp in RFC2822 format to avoid locale issues 2012-10-04 05:44:19 +02:00
Bruce A Downs
d19a3cce99 vm: Added 'most recently used' feature to 'copy to vm' dialog 
* replaced zenity to qvm-mru-entry in qubes_rpc/qvm-copy-to-vm.gnome
* added python script qubes_rpc/qvm-mru-entry
* added /usr/bin/qvm-mru-entry to rpm_spec/core-vm.spec
 2012-10-04 05:44:19 +02:00
Bruce A Downs
dba7d94fba vm/spec: mod to core-vm.spec to add test for files 
core rpm was failing during uninstall attempting to move non-existent files
* /var/lib/qubes/fstab.orig
* /var/lib/qubes/serial.orig
 2012-10-04 05:44:19 +02:00
Marek Marczykowski
7a485ab7f9 vm/file-editor: connect /dev/null as stdin (#657) 
If stdin is closed (not connected to /dev/null) first opened file will get fd=0
and will be treated as stdin.
 2012-10-04 05:44:19 +02:00
Marek Marczykowski
303d4ab042 dom0/iptables: block IPv6 traffic 
Dom0 is network isolated anyway, but apply also firewall in case of use
qubes-dom0-network-via-netvm.
 2012-10-04 05:44:19 +02:00
Marek Marczykowski
9c3f8417d4 vm/iptables: block IPv6 traffic 
This isn't properly handled by Qubes VMs yet, so block it in all the VMs.
Also restrict access to firewall config.
 2012-10-04 05:44:19 +02:00
Marek Marczykowski
56e0359cfb vm/yum-proxy: one more regexp fix 2012-10-04 05:44:19 +02:00
Marek Marczykowski
551cc8b186 vm/yum-proxy: filter regexp: add missing ^$ marks, remove unneded .* at the beginning 
Reported-by: Igor Bukanov <igor@mir2.org>
 2012-10-04 05:44:19 +02:00
Marek Marczykowski
0cf7c03ea5 vm/systemd: early user-configurable init script 2012-10-04 05:44:19 +02:00
Marek Marczykowski
04e57db419 vm/yum-proxy: allow pkgtags repodata 2012-10-04 05:44:19 +02:00
Marek Marczykowski
397f2912f0 dom0/core: allow '_' in VM name 2012-10-04 05:44:18 +02:00
Marek Marczykowski
d172fa72f1 vm/qrexec: fix race between child cleanup and select call 
reap_children() can close FD, which was already added to FD_SET for select.
This can lead to EBADF and agent termination.
 2012-10-04 05:44:18 +02:00
Marek Marczykowski
9519d843d8 dom0/spec: mark qrexec policy as config files 
Prevent override on upgrade, when user makes some own changes (especially
"always allow" feature).
 2012-10-04 05:44:18 +02:00
Marek Marczykowski
92747285c7 dom0/qvm-block: rework device name parsing to better support c0p1 name style 2012-10-04 05:44:18 +02:00
Marek Marczykowski
38fc566e52 vm/spec: fix adding yum-proxy configuration 
Do not add entry if already present.
 2012-10-04 05:29:58 +02:00
Marek Marczykowski
6419fea4ce vm/spec: fix adding yum-proxy configuration 
Do not add entry if already present.
 2012-10-04 05:29:10 +02:00
Marek Marczykowski
349331251d Merge branch 'hvm' of git://gitpro.qubes-os.org/joanna/core into hvm 2012-10-04 05:14:42 +02:00
Marek Marczykowski
19a60eff55 dom0/core: fix icon handling on VM clone 2012-10-03 22:28:49 +02:00
Marek Marczykowski
1b25d77504 dom0/core: recreate appmenus after rename for any VM, not only AppVM (#659) 2012-10-03 21:36:52 +02:00
Marek Marczykowski
45639096fa dom0/core: include net/proxy VM default appmenus list in cloned template 2012-10-03 21:12:18 +02:00
Olivier Médoc
9a90f499bc dom0/qvm-sync-clock: use timestamp in RFC2822 format to avoid locale issues 2012-10-03 14:55:05 +02:00
Bruce A Downs
cbf05999fb vm: Added 'most recently used' feature to 'copy to vm' dialog 
* replaced zenity to qvm-mru-entry in qubes_rpc/qvm-copy-to-vm.gnome
* added python script qubes_rpc/qvm-mru-entry
* added /usr/bin/qvm-mru-entry to rpm_spec/core-vm.spec
 2012-09-28 00:57:08 +02:00
Bruce A Downs
6f35c13be2 vm/spec: mod to core-vm.spec to add test for files 
core rpm was failing during uninstall attempting to move non-existent files
* /var/lib/qubes/fstab.orig
* /var/lib/qubes/serial.orig
 2012-09-28 00:57:08 +02:00
Joanna Rutkowska
cd66ee2ce1 version 1.7.46 2012-09-27 11:03:26 +02:00
Marek Marczykowski
47e1665096 vm/file-editor: connect /dev/null as stdin (#657) 
If stdin is closed (not connected to /dev/null) first opened file will get fd=0
and will be treated as stdin.
 2012-09-27 02:06:26 +02:00
Marek Marczykowski
286339dd82 dom0/iptables: block IPv6 traffic 
Dom0 is network isolated anyway, but apply also firewall in case of use
qubes-dom0-network-via-netvm.
 2012-09-25 16:14:31 +02:00
Marek Marczykowski
a90a21b8ff vm/iptables: block IPv6 traffic 
This isn't properly handled by Qubes VMs yet, so block it in all the VMs.
Also restrict access to firewall config.
 2012-09-25 16:14:06 +02:00
Marek Marczykowski
decf7ef648 vm/yum-proxy: one more regexp fix 2012-09-25 15:08:06 +02:00
Marek Marczykowski
f710531f68 vm/yum-proxy: filter regexp: add missing ^$ marks, remove unneded .* at the beginning 
Reported-by: Igor Bukanov <igor@mir2.org>
 2012-09-25 13:37:59 +02:00
Marek Marczykowski
c1214bfef9 dom0/core: VM property for qrexec startup timeout (#27 pro) 2012-09-25 03:26:44 +02:00
Marek Marczykowski
c26e21d883 dom0/qrexec: tunable connect timeout, prompt the user on timeout (#27 pro) 2012-09-25 03:26:24 +02:00
Marek Marczykowski
d1620d9a32 dom0/qrexec: kill child process on connect timeout 
Sometimes vchan can not detect dead target domain so kill it explicit to not
leave a mess.
 2012-09-25 03:23:54 +02:00
Marek Marczykowski
96199058d1 dom0/core: wait for user session on HVM start (#31 pro) 2012-09-25 00:23:35 +02:00
Marek Marczykowski
f271ad8463 dom0/core: fix return value of QubesHVM.run() 2012-09-25 00:23:20 +02:00
Marek Marczykowski
9db9d8b6c2 dom0/core: allow passing stdin to QubesVM.run() 2012-09-25 00:22:31 +02:00
Marek Marczykowski
11ae1f45fc vm/systemd: early user-configurable init script 2012-09-23 23:28:58 +02:00
Marek Marczykowski
dd7fe532ae vm/yum-proxy: allow pkgtags repodata 2012-09-19 12:55:45 +02:00
Marek Marczykowski
cb5479666c win/vchan: reset the evtchn buffer in case of overflow 
In case of evtchn buffer overflow (received more than 1024 events between
libvchan_wait calls) further reads returns ERROR_IO_DEVICE. The only way to
recover from that is to reset the buffer. Because vchan code doesn't take care
of number of fired events - only the fact that some event was fired - lost
events here shouldn't break anything. Events reported _after_ libvchan_wait
call will be collected and reported correctly.

Some more comments in the code (here and in qrexec-agent in the next commit).
 2012-09-16 23:32:56 +02:00
Marek Marczykowski
3ecc031603 dom0/core: allow '_' in VM name 2012-09-14 12:58:00 +02:00
Marek Marczykowski
2444603ef5 dom0/core: allow '_' in VM name 2012-09-14 12:57:25 +02:00
Marek Marczykowski
900a21db72 dom0/init.d: hide some missleading error 2012-09-04 19:24:01 +02:00
Marek Marczykowski
b7eaf9a30d dom0/core: do not use hardcoded "user" in qvm-sync-clock 2012-08-31 00:53:50 +02:00
Marek Marczykowski
e6da68dae2 dom0/qrexec: use DEFAULT user feature of qrexec_daemon in policy parser 2012-08-30 17:48:19 +02:00
Marek Marczykowski
3f5a34f635 Revert "dom0/qrexec: use default user from VM settings" 
This reverts commit b1ccc9a510e465b8b59f12bafb7735664c4101d0.
This can be handled by qrexec_daemon itself.

Conflicts:

	qrexec/qrexec_policy
 2012-08-30 17:47:32 +02:00
Marek Marczykowski
46fd664ba3 dom0/qrexec: implement default user handling in qrexec_daemon 
This will simplify using qrexec from utilities which doen't load qubes.xml
normally (like qrexec_policy, gui daemon).
 2012-08-30 17:44:52 +02:00
Joanna Rutkowska
614573d0a3 version 1.7.45 2012-08-29 10:48:23 +02:00
Joanna Rutkowska
23f3f424e5 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2012-08-29 10:46:02 +02:00
Marek Marczykowski
629ae5317c vm/qrexec: fix race between child cleanup and select call 
reap_children() can close FD, which was already added to FD_SET for select.
This can lead to EBADF and agent termination.
 2012-08-27 01:26:12 +02:00
Marek Marczykowski
e80ff6bdeb dom0/spec: mark qrexec policy as config files 
Prevent override on upgrade, when user makes some own changes (especially
"always allow" feature).
 2012-08-27 01:25:39 +02:00
Marek Marczykowski
4e2f47d95c dom0/spec: mark qrexec policy as config files 
Prevent override on upgrade, when user makes some own changes (especially
"always allow" feature).
 2012-08-27 00:53:58 +02:00