Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
5,874 Commits 1 Branch 0 Tags 15 MiB
Python 97.8%
Shell 1.7%
Makefile 0.5%
3f96c72ee3
Go to file
Marek Marczykowski-Górecki 3f96c72ee3
api/admin: (ext/admin) limit listing VMs based on qrexec policy 
Various Admin API calls, when directed at dom0, retrieve global system
view instead of a specific VM. This applies to admin.vm.List (called at
dom0 retrieve full VM list) and admin.Events (called at dom0 listen for
events of all the VMs). This makes it tricky to configure a management
VM with access to limited set of VMs only, because many tools require
ability to list VMs, and that would return full list.

Fix this issue by adding a filter to admin.vm.List and admin.Events
calls (using event handlers in AdminExtension) that filters the output
using qrexec policy. This version evaluates policy for each VM or event
(but loads only once). If the performance will be an issue, it can be
optimized later.

Fixes QubesOS/qubes-issues#5509
2020-03-28 03:23:28 +01:00
ci Move pylint configuration into standard location 2019-09-27 16:29:20 +02:00
contrib Remove python2 compat __future__ imports 2020-02-15 17:33:34 +00:00
doc doc/tests: extend qubes-specific quirks in tests 2019-11-30 04:38:10 +01:00
etc Replace pool config parsing logic 2016-04-25 07:16:37 +02:00
linux cleanup-dispvms: fix python shebang 2019-11-22 21:39:35 +01:00
qubes api/admin: (ext/admin) limit listing VMs based on qrexec policy 2020-03-28 03:23:28 +01:00
qubes-rpc import: check exact size of copied data 2020-01-23 09:48:58 +01:00
qubes-rpc-policy Add policy for qubes.VMExecGUI 2020-01-24 19:07:40 +01:00
qvm-tools qvm-sync-clock: Do not fail if clockvm is not set 2020-03-08 22:39:11 -04:00
relaxng Change license to LGPL v2.1+ 2017-10-12 00:11:50 +02:00
rpm_spec Support for AudioVM 2020-03-08 17:05:33 +01:00
templates Pass network parameters to linux-stubdom 2020-01-29 09:45:05 +01:00
test-packages Fix starting VM with kernel=None 2017-12-14 23:26:52 +01:00
.gitignore run-tests: Script for running tests in repo 2016-04-20 13:54:56 +02:00
.pylintrc pylint: disable import-outside-toplevel 2019-09-27 16:29:20 +02:00
.travis.yml travis: switch to dom0 Fedora 31 2020-01-11 11:38:06 +01:00
installer.wxs windows/installer: configurable destination directory 2014-11-19 12:50:31 +01:00
LICENSE Change license to LGPL v2.1+ 2017-10-12 00:11:50 +02:00
Makefile Add policy for qubes.VMExecGUI 2020-01-24 19:07:40 +01:00
Makefile.builder rpm: integrate -doc package into main one 2017-05-12 18:43:35 +02:00
README.md Update readme 2017-10-16 04:16:23 +02:00
run-tests tests: rearrage LVM thin tests to run at least some in devel env 2017-05-12 18:10:17 +02:00
setup.cfg Add yapf configuration to setup.cfg 2016-07-21 12:11:34 +02:00
setup.py Support for AudioVM 2020-03-08 17:05:33 +01:00
version version 4.1.8 2020-01-27 17:28:15 +01:00

README.md

Qubes core, version 3

Build Status

This is master branch of the Qubes OS core.

API documentation is available: https://dev.qubes-os.org/projects/core-admin/en/latest/.