Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
a90e7e365e
core-admin/qubes/tests
History
Marek Marczykowski-Górecki 3f96c72ee3
api/admin: (ext/admin) limit listing VMs based on qrexec policy 
Various Admin API calls, when directed at dom0, retrieve global system
view instead of a specific VM. This applies to admin.vm.List (called at
dom0 retrieve full VM list) and admin.Events (called at dom0 listen for
events of all the VMs). This makes it tricky to configure a management
VM with access to limited set of VMs only, because many tools require
ability to list VMs, and that would return full list.

Fix this issue by adding a filter to admin.vm.List and admin.Events
calls (using event handlers in AdminExtension) that filters the output
using qrexec policy. This version evaluates policy for each VM or event
(but loads only once). If the performance will be an issue, it can be
optimized later.

Fixes QubesOS/qubes-issues#5509
2020-03-28 03:23:28 +01:00
..
integ tests/salt: don't depend on initial tags set 2020-03-01 22:36:54 +01:00
tools Change license to LGPL v2.1+ 2017-10-12 00:11:50 +02:00
vm tests: Add a test case for QubesVM.is_fully_usable 2020-03-09 00:22:51 -04:00
__init__.py Remove more core2 code 2020-02-15 17:48:32 +00:00
api_admin.py api/admin: (ext/admin) limit listing VMs based on qrexec policy 2020-03-28 03:23:28 +01:00
api_internal.py Add guivm to internal.GetSystemInfo 2020-02-27 18:20:48 +01:00
api_misc.py Fix saving 'updates-available' flag reported by TemplateBasedVM 2019-01-19 03:25:21 +01:00
api.py Change license to LGPL v2.1+ 2017-10-12 00:11:50 +02:00
app.py tests: fix tag name in audiovm test 2020-03-09 01:11:58 +01:00
devices_block.py ext/block: prefer connecting cdrom as xvdd 2019-11-19 14:03:21 +01:00
devices.py Change license to LGPL v2.1+ 2017-10-12 00:11:50 +02:00
events.py events: add support for wildcard event handlers 2018-01-06 00:40:19 +01:00
ext.py Ensure empty service value delete /var/run/qubes-service/ file 2020-03-08 23:08:48 +01:00
extra.py tests: add include and exclude lists for extra tests loader 2019-11-30 04:35:18 +01:00
firewall.py tests/firewall: update future time to be really in the future 2020-03-08 16:35:39 +01:00
init.py remove unused netid code 2017-11-11 02:37:37 +01:00
rpc_import.py import: check exact size of copied data 2020-01-23 09:48:58 +01:00
run.py tests: register syslog logger, log test start 2019-09-29 06:43:34 +02:00
storage_file.py Implement new admin.vm.ImportWithSize API call 2020-01-23 09:47:22 +01:00
storage_kernels.py storage/kernels: fix listing volumes 2019-11-10 01:14:34 +01:00
storage_lvm.py Implement new admin.vm.ImportWithSize API call 2020-01-23 09:47:22 +01:00
storage_reflink.py Implement new admin.vm.ImportWithSize API call 2020-01-23 09:47:22 +01:00
storage.py Correct inconsistent behavior on unavailable usage data 2019-11-15 20:01:43 +01:00
tarwriter.py Change license to LGPL v2.1+ 2017-10-12 00:11:50 +02:00