From bd8977c82438e5bce44312443cc09ba330519158 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Tue, 1 May 2012 01:14:04 +0200 Subject: [PATCH 1/4] vm: notify dom0 when updates available in VM (#475) --- rpm_spec/core-vm.spec | 5 +++++ vm-systemd/qubes-sysinit.sh | 6 +++--- vm-systemd/qubes-update-check.service | 7 +++++++ vm-systemd/qubes-update-check.timer | 11 +++++++++++ 4 files changed, 26 insertions(+), 3 deletions(-) create mode 100644 vm-systemd/qubes-update-check.service create mode 100644 vm-systemd/qubes-update-check.timer diff --git a/rpm_spec/core-vm.spec b/rpm_spec/core-vm.spec index c11b699..3158b57 100644 --- a/rpm_spec/core-vm.spec +++ b/rpm_spec/core-vm.spec @@ -87,6 +87,7 @@ install vm-init.d/* $RPM_BUILD_ROOT/etc/init.d/ install -d $RPM_BUILD_ROOT/lib/systemd/system $RPM_BUILD_ROOT/usr/lib/qubes/init install -m 0755 vm-systemd/*.sh $RPM_BUILD_ROOT/usr/lib/qubes/init/ install -m 0644 vm-systemd/qubes-*.service $RPM_BUILD_ROOT/lib/systemd/system/ +install -m 0644 vm-systemd/qubes-*.timer $RPM_BUILD_ROOT/lib/systemd/system/ install -m 0644 vm-systemd/NetworkManager.service $RPM_BUILD_ROOT/usr/lib/qubes/init/ install -m 0644 vm-systemd/cups.service $RPM_BUILD_ROOT/usr/lib/qubes/init/ install -m 0644 vm-systemd/ntpd.service $RPM_BUILD_ROOT/usr/lib/qubes/init/ @@ -484,6 +485,8 @@ The Qubes core startup configuration for SystemD init. /lib/systemd/system/qubes-netwatcher.service /lib/systemd/system/qubes-network.service /lib/systemd/system/qubes-sysinit.service +/lib/systemd/system/qubes-update-check.service +/lib/systemd/system/qubes-update-check.timer %dir /usr/lib/qubes/init /usr/lib/qubes/init/prepare-dvm.sh /usr/lib/qubes/init/network-proxy-setup.sh @@ -502,6 +505,8 @@ for srv in qubes-dvm qubes-meminfo-writer qubes-qrexec-agent qubes-sysinit qubes /bin/systemctl enable $srv.service 2> /dev/null done +/bin/systemctl enable qubes-update-check.timer 2> /dev/null + # Install overriden services only when original exists for srv in cups NetworkManager ntpd; do if [ -f /lib/systemd/system/$srv.service ]; then diff --git a/vm-systemd/qubes-sysinit.sh b/vm-systemd/qubes-sysinit.sh index 65c3606..d78929c 100755 --- a/vm-systemd/qubes-sysinit.sh +++ b/vm-systemd/qubes-sysinit.sh @@ -1,9 +1,9 @@ #!/bin/sh # List of services enabled by default (in case of absence of xenstore entry) -DEFAULT_ENABLED_NETVM="network-manager qubes-network" -DEFAULT_ENABLED_PROXYVM="meminfo-writer qubes-network qubes-firewall qubes-netwatcher" -DEFAULT_ENABLED_APPVM="meminfo-writer cups" +DEFAULT_ENABLED_NETVM="network-manager qubes-network qubes-update-check" +DEFAULT_ENABLED_PROXYVM="meminfo-writer qubes-network qubes-firewall qubes-netwatcher qubes-update-check" +DEFAULT_ENABLED_APPVM="meminfo-writer cups qubes-update-check" DEFAULT_ENABLED_TEMPLATEVM=$DEFAULT_ENABLED_APPVM DEFAULT_ENABLED="meminfo-writer" diff --git a/vm-systemd/qubes-update-check.service b/vm-systemd/qubes-update-check.service new file mode 100644 index 0000000..5566eda --- /dev/null +++ b/vm-systemd/qubes-update-check.service @@ -0,0 +1,7 @@ +[Unit] +Description=Qubes check for VM updates and notify dom0 +ConditionPathExists=/var/run/qubes-service/qubes-update-check + +[Service] +Type=oneshot +ExecStart=/usr/lib/qubes/qrexec_client_vm dom0 qubes.NotifyUpdates /bin/sh -c 'yum -q check-update|wc -l' diff --git a/vm-systemd/qubes-update-check.timer b/vm-systemd/qubes-update-check.timer new file mode 100644 index 0000000..d63cf45 --- /dev/null +++ b/vm-systemd/qubes-update-check.timer @@ -0,0 +1,11 @@ +[Unit] +Description=Periodically check for updates +ConditionPathExists=/var/run/qubes-service/qubes-update-check + +[Timer] +OnBootSec=5min +OnUnitActiveSec=2d + +[Install] +WantedBy=multi-user.target + From ab0b4b40307ba333537079b54055e8784cca661f Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Tue, 1 May 2012 23:48:25 +0200 Subject: [PATCH 2/4] vm: include /proc/xen in fstab (#466) --- misc/fstab | 1 + 1 file changed, 1 insertion(+) diff --git a/misc/fstab b/misc/fstab index 877e6e4..b7d0fee 100644 --- a/misc/fstab +++ b/misc/fstab @@ -13,4 +13,5 @@ tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 +xen /proc/xen xenfs defaults 0 0 /dev/xvdi /mnt/removable auto noauto,user,rw 0 0 From e654e5b85140f4cddf98e491e3de7800362ce21f Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Tue, 1 May 2012 23:48:45 +0200 Subject: [PATCH 3/4] vm/systemd: do not depend on proc-xen.mount (#466) local-fs.target already covers /proc/xen --- vm-systemd/qubes-sysinit.service | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/vm-systemd/qubes-sysinit.service b/vm-systemd/qubes-sysinit.service index c6ca7a0..29bb1e4 100644 --- a/vm-systemd/qubes-sysinit.service +++ b/vm-systemd/qubes-sysinit.service @@ -2,7 +2,7 @@ Description=Init Qubes Services settings DefaultDependencies=no Before=sysinit.target -After=local-fs.target proc-xen.mount +After=local-fs.target [Service] Type=oneshot From 65e3c1d13ec9878977a8a7cc54ec21aaa3537509 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Tue, 8 May 2012 13:20:14 +0200 Subject: [PATCH 4/4] version 1.7.21 --- version_vm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version_vm b/version_vm index ddb0f97..7bc3ecf 100644 --- a/version_vm +++ b/version_vm @@ -1 +1 @@ -1.7.20 +1.7.21