26a9974432
The first operation returns a token, which can be passed to the second one to actually perform clone operation. This way the caller needs have power over both source and destination VMs (or at least appropriate volumes), so it's easier to enforce appropriate qrexec policy. The pending tokens are stored on Qubes() instance (as QubesAdminAPI is not persistent). It is design choice to keep them in RAM only - those are one time use and this way restarting qubesd is a simple way to invalidate all of them. Otherwise we'd need some additional calls like CloneCancel or such. QubesOS/qubes-issues#2622 |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| admin.py | ||
| internal.py | ||
| misc.py | ||