Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
4,461 Commits 1 Branch 0 Tags 20 MiB
f93674de1a
Commit Graph

4461 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marek Marczykowski-Górecki
f93674de1a
mgmt: drop ProtocolRepr 
Since we've added type= argument to property.Get format, it isn't
useful anymore.

QubesOS/qubes-issues#2622
 2017-03-16 21:10:06 +01:00
Marek Marczykowski-Górecki
d21f54887d
mgmt: add decorator for method calls not accepting payload 
Fixes QubesOS/qubes-issues#2687
 2017-03-16 20:21:11 +01:00
Marek Marczykowski-Górecki
8371ffcd0f
tests: storage and labels 
QubesOS/qubes-issues#2622
 2017-03-16 20:04:07 +01:00
Marek Marczykowski-Górecki
2a223811a5
tests: add missing import 2017-03-16 20:04:06 +01:00
Marek Marczykowski-Górecki
f1c8f3220d
tests: deal with events containing dict in kwargs 
If kwargs contains dict as one of values, it isn't hashable and can't be
used as value in frozenset/tuple. Convert such values into
frozenset(dict.items()). Only one (more) level is supported, but it
should be enough.

Solution from http://stackoverflow.com/a/13264725
 2017-03-16 20:04:06 +01:00
Marek Marczykowski-Górecki
beaa0e9348
tests/mgmt: check if argument/payload is rejected when should be 
Instead of creating such tests for each method separately, use unittest
subTest functionality to handle all of them at once.
 2017-03-16 20:04:06 +01:00
Marek Marczykowski-Górecki
944bb26369
tests/mgmt: VM property related functions 2017-03-16 20:04:05 +01:00
Marek Marczykowski-Górecki
35d1167893
qubes/vm/net: fix name of argument for property-del event handler 
Since enforcing keyword arguments for event handlers, it's important now.
 2017-03-16 20:04:05 +01:00
Marek Marczykowski-Górecki
32f6bc2cd9
qubes/app: fix notifying about default_netvm change 
Notify every VM that is affected, not only those providing network
itself.
 2017-03-16 20:04:05 +01:00
Marek Marczykowski-Górecki
2c4303efc4
Prefer qubes.exc.QubesValueError over ValueError 
This provide clearer information for UI.
 2017-03-16 20:04:05 +01:00
Marek Marczykowski-Górecki
010d40dc1e
mgmt: add label-related calls 
QubesOS/qubes-issues#2622
 2017-03-16 20:04:04 +01:00
Marek Marczykowski-Górecki
33f3fedca1
mgmt: save qubes.xml after config-modifying calls 
In theory any call could modify config (through events), but lets keep
writes to qubes.xml low. In any case, qubes.xml will be eventually
written (either at next config-modifying call, or daemon exit).
 2017-03-16 20:04:04 +01:00
Marek Marczykowski-Górecki
868dbeac3e
mgmt: implement mgmt.vm.property.Set 
Sanitization of input value is tricky here, and also very important at
the same time. If property define value type (and it's something more
specific than 'str'), use that. Otherwise allow only printable ASCII
characters, and let appropriate event and setter handle value.
At this point I've reviewed all QubesVM properties in this category and
added appropriate setters where needed.

QubesOS/qubes-issues#2622
 2017-03-16 20:04:03 +01:00
Marek Marczykowski-Górecki
da51e6f032
vm/qubesvm: add validator for default_user property 
Don't allow characters potentially interfering with qrexec. To be on the
safe side, allow only alphanumeric characters + very few selected
punctuations.
 2017-03-16 20:04:03 +01:00
Marek Marczykowski-Górecki
0f8fab088e
vm/qubesvm: remove pool_name property 
It isn't used anywhere - in core3 each storage volume have pool assigned
- which may be different for each volume.
 2017-03-16 20:04:03 +01:00
Marek Marczykowski-Górecki
2d2672ec58
vm/qubesvm: convert firewall_conf into dumb, read-only property 
Don't allow anything else than firewall.xml.
 2017-03-16 20:04:03 +01:00
Marek Marczykowski-Górecki
123feced36
vm/qubesvm: forbid '/' in kernel property 
It would give VM access to some files outside of
/var/lib/qubes/vm-kernels.
 2017-03-16 20:04:02 +01:00
Marek Marczykowski-Górecki
a036e2a8a0
vm/qubesvm: improve name property setter 
Split it into two functions: validate_name - context-less verification,
and actual _setter_name which perform additional verification in
context of actual VM.
Switch to qubes.exc.* exceptions where appropriate.
 2017-03-16 20:04:02 +01:00
Marek Marczykowski-Górecki
dbf2066dfd
mgmt: encode property type in property.Get 
This also require having property.type public.

QubesOS/qubes-issues#2622
 2017-03-16 20:04:02 +01:00
Marek Marczykowski-Górecki
3b36e92b6d
vm/qubesvm: fix few more keyword arguments for events 2017-03-16 20:04:02 +01:00
Marek Marczykowski-Górecki
772293d0b5
vm/qubesvm: define 'updateable' as qubes.property 
This will allow property being accessed through management API
 2017-03-16 20:04:01 +01:00
Marek Marczykowski-Górecki
f7eabf8eb0
tools/qubesd: do not close connection before sending response 
eof_received callback should return True, if connection should not be
automatically closed just after returning from it.
 2017-03-16 20:04:01 +01:00
Marek Marczykowski-Górecki
c41585e2f5
Initialize dom0 label 
It is required property. Additionally, define icon_path to None,
otherwise it tries to access dom0.dir_path, which isn't set.
 2017-03-16 20:04:01 +01:00
Marek Marczykowski-Górecki
10a07c8726
mgmt: allow vm.List call to a particular VM 
This allow getting info about a single VM.

QubesOS/qubes-issues#853
 2017-03-16 20:04:01 +01:00
Marek Marczykowski-Górecki
fb7bd6823a
mgmt: implement storage-related methods 
QubesOS/qubes-issues#2622
 2017-03-16 20:04:01 +01:00
Wojtek Porczyk
417cb6e912 qubes/vm/mix/net: fix event arguments 
Arguments to events are now keyword-only and require exact names.
 2017-03-06 17:20:57 +01:00
Wojtek Porczyk
4a247b1b1b Merge remote-tracking branch 'origin/pull/90/head' into core3-devel 2017-03-02 13:19:57 +01:00
Wojtek Porczyk
c228bc934e ci/pylintrc: disable deprecated-method 
Pylint deprecated-method report interferes with asyncio.ensure_future
compatibility monkeypatch. The function asyncio.async was renamed
between 3.4.3 (fc23) and 3.4.4 (what is currently on Travis). For
reference, debian stable has 3.4.2.
 2017-03-02 13:08:25 +01:00
Marek Marczykowski-Górecki
f7d73893d7
qubes/storage: py3k related fixes 2017-03-01 21:50:06 +01:00
Wojtek Porczyk
c2a0d34ade pylint: do not interpret asyncio.ensure_future compat hack 2017-03-01 18:30:49 +01:00
Wojtek Porczyk
865ab10a0c qubesd+mgmt: convert mgmt functions to coroutines 
QubesOS/qubes-issues#2622
 2017-03-01 17:31:37 +01:00
Marek Marczykowski-Górecki
3e0f225938
qubes: allow 'property' object comparing with str 
This will allow checking if a given name is valid property name, using
simple `name in vm.property_list()`.

QubesOS/qubes-issues#853
 2017-02-27 21:57:56 +01:00
Marek Marczykowski-Górecki
2169075807
qubesd: fix response message header 
Type is not 16 bit big-endian. Encode it as 8bit code and \x00 as
delimiter explicitly.

QubesOS/qubes-issues#853
 2017-02-27 21:43:14 +01:00
Marek Marczykowski-Górecki
6ab7032b11
qubes/mgmt: encode VM name without quotes 
That's how it is in the specification.

QubesOS/qubes-issues#853
 2017-02-27 21:42:30 +01:00
Marek Marczykowski-Górecki
f4616fc366
qubesd: make qubesd socket qubes-group owned 
QubesOS/qubes-issues#853
 2017-02-27 21:42:06 +01:00
Marek Marczykowski-Górecki
c454973596
qubes/mgmt: use keyword arguments in events 
QubesOS/qubes-issues#853
 2017-02-27 20:56:16 +01:00
Marek Marczykowski-Górecki
751415434c
backup: make hmac verification more defensive 
Check HMAC file size, read it as binary or with 'ascii' encoding only.
 2017-02-27 02:37:52 +01:00
Marek Marczykowski-Górecki
a6c7da6061
tests: be even more defensive on cleaning up VMs 
Don't fail even if qubes-test.xml do not load at all because of syntax
error - for example empty file.
 2017-02-27 02:37:52 +01:00
Marek Marczykowski-Górecki
c5a8135fdb
fix misplaced comment 2017-02-27 02:37:51 +01:00
Marek Marczykowski-Górecki
45709b510a
backup: minor fixes after bringing back scrypt support 2017-02-27 02:37:51 +01:00
Marek Marczykowski-Górecki
1363251438
Revert "Revert "backup: use 'scrypt' tool for backup encryption and integrity protection"" 
This reverts commit 0f1672dc63.

Bring it back. Lets not revert the whole feature just because required
package exists only in qubes-builder, not in some online repository.
Also, this revert didn't go as planned - there was a reference to a
'passphrase' local variable, but it wasn't assigned any value.

Cc: @woju
 2017-02-27 02:37:50 +01:00
Marek Marczykowski-Górecki
13fc810363
tests: some more fixes for core3 API 2017-02-27 02:37:50 +01:00
Marek Marczykowski-Górecki
3ecc0a9bcb
tests: improve devices API unit test 
Check fired events - inspired by qvm-device test.
 2017-02-27 02:37:50 +01:00
Marek Marczykowski-Górecki
7f2ca33774
tests: fix importing template in non-default pool 2017-02-27 02:37:50 +01:00
Marek Marczykowski-Górecki
3726c7d9c3
python: decode xrandr output earlier, don't use regexp on bytes 2017-02-27 02:37:49 +01:00
Marek Marczykowski-Górecki
5e43d26abd
qubes: unify property ordering 
We already have property ordering defined in property_list(), lets move
it to proper place: property.__lt__.
 2017-02-27 02:37:49 +01:00
Marek Marczykowski-Górecki
9ace4e66f1
tests: more py3k related fixes 2017-02-27 02:37:49 +01:00
Marek Marczykowski-Górecki
33416f2549
qmemman: update for py3k 
This just make the code compatible with py3k, but nothing more.
Converting to asyncio is probably the next step.
 2017-02-27 02:37:49 +01:00
Marek Marczykowski-Górecki
2c3e112951
backup: one more py3k related fix 2017-02-27 02:37:48 +01:00
Marek Marczykowski-Górecki
e52d8fb051
qubes: allow passing name of class to app.add_new_vm 
This will allow more flexible API usage, especially when using mgmt API
- we need to use VM type as string there.
We don't lose any flexibility here - VM class names needs to be uniquely
identified by a string (used in qubes.xml) anyway.
 2017-02-27 02:37:48 +01:00