#!/usr/bin/python2.6 # # The Qubes OS Project, http://www.qubes-os.org # # Copyright (C) 2010 Joanna Rutkowska # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # # from qubes.qubes import QubesVmCollection from qubes.qubes import QubesVmLabels from qubes.qubes import qubes_kernels_base_dir from optparse import OptionParser import subprocess import os def do_list(vm): label_width = 18 fmt="{{0:<{0}}}: {{1}}".format(label_width) print fmt.format ("name", vm.name) print fmt.format ("label", vm.label.name) print fmt.format ("type", vm.type) if vm.template_vm is not None: print fmt.format ("template", vm.template_vm.name) if vm.netvm_vm is not None: print fmt.format ("netvm", vm.netvm_vm.name) print fmt.format ("updateable?", vm.is_updateable()) print fmt.format ("installed by RPM?", vm.installed_by_rpm) print fmt.format ("dir", vm.dir_path) print fmt.format ("config", vm.conf_file) print fmt.format ("pcidevs", vm.pcidevs) if vm.template_vm is None: print fmt.format ("root img", vm.root_img) if vm.is_template(): print fmt.format ("root COW img", vm.rootcow_img) if vm.template_vm is not None: print fmt.format ("root img", vm.template_vm.root_img) print fmt.format ("root volatile img", vm.volatile_img) print fmt.format ("private img", vm.private_img) print fmt.format ("vcpus", str(vm.vcpus)) print fmt.format ("memory", vm.memory) print fmt.format ("maxmem", vm.maxmem) if vm.template_vm is not None: print fmt.format ("kernel", "%s (from template)" % vm.kernel) elif vm.uses_default_kernel: print fmt.format ("kernel", "%s (default)" % vm.kernel) else: print fmt.format ("kernel", vm.kernel) if vm.uses_default_kernelopts: print fmt.format ("kernelopts", "%s (default)" % vm.kernelopts) else: print fmt.format ("kernelopts", vm.kernelopts) def set_label(vms, vm, args): if len (args) != 1: print "Missing label name argument!" label = args[0] if label not in QubesVmLabels: print "Wrong label name, supported values are the following:" for l in QubesVmLabels.values(): print "* {0}".format(l.name) exit (1) vm.label = QubesVmLabels[label] subprocess.check_call (["ln", "-sf", vm.label.icon_path, vm.icon_path]) def set_memory(vms, vm, args): if len (args) != 1: print "Missing memory argument!" vm.memory = int(args[0]) def set_maxmem(vms, vm, args): if len (args) != 1: print "Missing maxmem argument!" vm.maxmem = int(args[0]) def set_pcidevs(vms, vm, args): if len (args) != 1: print "Missing pcidevs argument!" vm.pcidevs = list(eval(args[0])) def set_netvm(vms, vm, args): if len (args) != 1: print "Missing netvm name argument!" print "Possible values:" print "1) default" print "2) none" print "3) " return netvm = args[0] if netvm == "none": netvm_vm = None vm.uses_default_netvm = False elif netvm == "default": netvm_vm = vms.get_default_netvm_vm() vm.uses_default_netvm = True else: netvm_vm = vms.get_vm_by_name (netvm) if netvm_vm is None: print "A VM with the name '{0}' does not exist in the system.".format(netvm) exit(1) if not netvm_vm.is_netvm(): print "VM '{0}' is not a NetVM".format(netvm) exit (1) vm.uses_default_netvm = False vm.netvm_vm = netvm_vm if not vm.is_running(): return if not vm.netvm_vm.is_running(): subprocess.check_call(["qvm-start", vm.netvm_vm.name]) subprocess.check_call(["xl", "network-detach", vm.name, "0"]) domain_path="/local/domain/"+str(vm.get_xid()) subprocess.check_call(["xenstore-write", domain_path+"/qubes_ip", vm.ip]) subprocess.check_call(["xenstore-write", domain_path+"/qubes_gateway", vm.netvm_vm.gateway]) subprocess.check_call(["xenstore-write", domain_path+"/qubes_secondary_dns", vm.netvm_vm.secondary_dns]) subprocess.check_call(["xl", "network-attach", vm.name, "ip="+vm.ip, "backend="+vm.netvm_vm.name, "script=/etc/xen/scripts/vif-route-qubes"]) def set_updateable(vms, vm, args): if vm.is_updateable(): print "VM '{0}' is already set 'updateable', no action required.".format(vm.name) return True if vm.is_running(): print "Cannot change 'updateable' attribute of a running VM. Shut it down first." return False if vm.is_appvm(): # Check if the Template is *non* updateable... if not vm.template_vm.is_updateable(): print "VM '{0}': Setting 'updateable' attribute to True.".format(vm.name) vm.set_updateable() else: print "The Template VM ('{0}') is marked as 'updateable' itself!".format(vm.template_vm.name) print "Cannot make the AppVM updateable too, as this might cause COW-backed storage incoherency." print "If you want to make this AppVM updateable, you must first make the Template VM nonupdateable." return False if vm.is_template(): # Make sure that all the AppVMs are non-updateable... for appvm in vm.appvms.values(): if appvm.is_updateable(): print "At least one of the AppVMs ('{0}') of this Template VM is also marked 'updateable'.".format(appvm.name) print "Cannot make the Template VM updateable too, as this might cause COW-backed storage incoherency." print "If you want to make this Template VM updateable, you must first make all its decedent AppVMs nonupdateable." return False print "VM '{0}': Setting 'updateable' attribute to True.".format(vm.name) vm.set_updateable() return True def set_nonupdateable(vms, vm, args): if not vm.is_updateable(): print "VM '{0}' is already set 'nonupdateable', no action required.".format(vm.name) return True if vm.is_running(): print "Cannot change 'updateable' attribute of a running VM. Shut it down first." return False if vm.is_netvm(): print "Why, on earth, would you want to make a NetVM 'nonupdateable'?" return False print "VM '{0}': Setting 'updateable' attribute to False.".format(vm.name) vm.set_nonupdateable() return True def set_kernel(vms, vm, args): if vm.template_vm is not None: print "Cannot set kernel for template-based VM. Set it for template instead." return False if len (args) != 1: print "Missing kernel version argument!" print "Possible values:" print "1) default" print "2) none (kernels subdir in VM)" print "3) , one of:" for k in os.listdir(qubes_kernels_base_dir): print " -", k return kernel = args[0] if kernel == "default": kernel = vms.get_default_kernel() vm.uses_default_kernel = True elif kernel == "none": kernel = None vm.uses_default_kernel = False else: if not os.path.exists(qubes_kernels_base_dir + '/' + kernel): print "Kernel version {0} not installed.".format(kernel) exit(1) vm.uses_default_kernel = False vm.kernel = kernel def set_template(vms, vm, args): if len (args) != 1: print "Missing template name argument!" return False template_name = args[0]; template_vm = vms.get_vm_by_name(template_name) if template_vm is None or template_vm.qid not in vms: print "A VM with the name '{0}' does not exist in the system.".format(template_name) return False if not template_vm.is_template(): print "VM '{0}' is not a TemplateVM".format(template_name) return False print "Setting template for VM '{0}' to '{1}'...".format (vm.name, template_name) vm.template_vm = template_vm return True def set_vcpus(vms, vm, args): if len (args) != 1: print "Missing vcpus count argument!" return False vcpus = int(args[0]) if vcpus <= 0: print "A vcpus count must be positive." return False qubes_host = QubesHost() if vcpus > qubes_host.no_cpus: print "This host has only {0} cpus".format(ubes_host.no_cpus) return False print "Setting vcpus count for VM '{0}' to '{1}'...".format (vm.name, vcpus) vm.vcpus = vcpus return True def set_kernelopts(vms, vm, args): if len (args) != 1: print "Missing kernel opts argument!" if len (args) != 1: print "Missing kernel opts argument!" print "Possible values:" print "1) default" print "2) " return False if args[0] == 'default': vm.uses_default_kernelopts = True else: vm.uses_default_kernelopts = False vm.kernelopts = args[0] return True properties = { "updateable": set_updateable, "nonupdateable": set_nonupdateable, "pcidevs": set_pcidevs, "label" : set_label, "netvm" : set_netvm, "maxmem" : set_maxmem, "memory" : set_memory, "kernel" : set_kernel, "template" : set_template, "vcpus" : set_vcpus, "kernelopts": set_kernelopts, } def do_set(vms, vm, property, args): if property not in properties.keys(): print "ERROR: Wrong property name: '{0}'".format(property) return False return properties[property](vms, vm, args) def main(): usage = "usage: %prog -l [options] \n"\ "usage: %prog -s [options] [...]\n"\ "List/set various per-VM properties." parser = OptionParser (usage) parser.add_option ("-l", "--list", action="store_true", dest="do_list", default=False) parser.add_option ("-s", "--set", action="store_true", dest="do_set", default=False) (options, args) = parser.parse_args () if (len (args) < 1): parser.error ("You must provide at least the vmname!") vmname = args[0] if options.do_list and options.do_set: print "You cannot provide -l and -s at the same time!" exit (1) if options.do_set: qvm_collection = QubesVmCollection() qvm_collection.lock_db_for_writing() qvm_collection.load() else: qvm_collection = QubesVmCollection() qvm_collection.lock_db_for_reading() qvm_collection.load() qvm_collection.unlock_db() vm = qvm_collection.get_vm_by_name(vmname) if vm is None or vm.qid not in qvm_collection: print "A VM with the name '{0}' does not exist in the system.".format(vmname) exit(1) if options.do_set: if len (args) < 2: print "You must specify the property you wish to set..." print "Available properties:" for p in properties.keys(): print "--> '{0}'".format(p) exit (1) property = args[1] do_set(qvm_collection, vm, property, args[2:]) qvm_collection.save() qvm_collection.unlock_db() else: # do_list do_list(vm) main()