Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Handle non-default 'eth0' Qubes managed interface

Browse Source
This commit is contained in:
Frédéric Pierret (fepitre) 2019-05-12 23:29:48 +02:00
parent 0aae0c189c
commit 0ce79d4895
No known key found for this signature in database
GPG Key ID: 484010B5CDC576E2
5 changed files with 30 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
init/functions
View File

@ -128,6 +128,21 @@ umount_retry() {
return 0 return 0
} }
get_iface_from_mac() {
local mac="$1"
local iface
iface="$(ip -o link | grep -i "$mac" | awk '{print $2}' | cut -d ':' -f1)"
echo "$iface"
}
get_qubes_managed_iface() {
local mac
local qubes_iface
mac="$(qubesdb-read /qubes-mac)"
qubes_iface="$(get_iface_from_mac "$mac")"
echo "$qubes_iface"
}
initialize_home() { initialize_home() {
local home_root local home_root
local mode local mode

6
network/network-manager-prepare-conf-dir
View File

@ -1,5 +1,9 @@
#!/bin/sh #!/bin/sh
# Source Qubes library.
# shellcheck source=init/functions
. /usr/lib/qubes/init/functions
NM_CONFIG_DIR=/etc/NetworkManager/system-connections NM_CONFIG_DIR=/etc/NetworkManager/system-connections
if [ -d $NM_CONFIG_DIR ] && [ ! -h $NM_CONFIG_DIR ]; then if [ -d $NM_CONFIG_DIR ] && [ ! -h $NM_CONFIG_DIR ]; then
mkdir -p /rw/config/NM-system-connections mkdir -p /rw/config/NM-system-connections
@ -20,7 +24,7 @@ sed -r -i -e "s/^#?plugins=.*/plugins=keyfile/" /etc/NetworkManager/NetworkManag
# starting NetworkManager, otherwise it will try default DHCP configuration # starting NetworkManager, otherwise it will try default DHCP configuration
# first and only after a timeout fallback to static one - introducing delay in # first and only after a timeout fallback to static one - introducing delay in
# network connectivity # network connectivity
export INTERFACE=eth0 export INTERFACE="$(get_qubes_managed_iface)"
if qubesdb-read /qubes-ip >/dev/null 2>/dev/null && if qubesdb-read /qubes-ip >/dev/null 2>/dev/null &&
[ -e /sys/class/net/$INTERFACE ] && [ -e /sys/class/net/$INTERFACE ] &&
[ ! -r /etc/NetworkManager/system-connections/qubes-uplink-$INTERFACE ]; then [ ! -r /etc/NetworkManager/system-connections/qubes-uplink-$INTERFACE ]; then

2
vm-init.d/qubes-firewall
View File

@ -19,7 +19,7 @@ start()
if qsvc qubes-firewall ; then if qsvc qubes-firewall ; then
echo -n $"Starting Qubes Firewall monitor:" echo -n $"Starting Qubes Firewall monitor:"
/sbin/ethtool -K eth0 sg off /sbin/ethtool -K "$(get_qubes_managed_iface)" sg off
/usr/sbin/qubes-firewall & /usr/sbin/qubes-firewall &
success success
echo "" echo ""

5
vm-systemd/misc-post.sh
View File

@ -15,7 +15,10 @@ fi
# DispVM (to override DispVM-template IP) and in case when qubes-ip was # DispVM (to override DispVM-template IP) and in case when qubes-ip was
# called by udev before loading evtchn kernel module - in which case # called by udev before loading evtchn kernel module - in which case
# qubesdb-read fails # qubesdb-read fails
INTERFACE=eth0 /usr/lib/qubes/setup-ip QUBES_MANAGED_IFACE="$(get_qubes_managed_iface)"
if [ "x$QUBES_MANAGED_IFACE" != "x" ]; then
INTERFACE="$QUBES_MANAGED_IFACE" /usr/lib/qubes/setup-ip
fi
if [ -x /rw/config/rc.local ] ; then if [ -x /rw/config/rc.local ] ; then
/rw/config/rc.local /rw/config/rc.local

6
vm-systemd/network-proxy-setup.sh
View File

@ -1,5 +1,9 @@
#!/bin/sh #!/bin/sh
# Source Qubes library.
# shellcheck source=init/functions
. /usr/lib/qubes/init/functions
# Setup gateway for all the VMs this netVM is serviceing... # Setup gateway for all the VMs this netVM is serviceing...
network=$(qubesdb-read /qubes-netvm-network 2>/dev/null) network=$(qubesdb-read /qubes-netvm-network 2>/dev/null)
if [ "x$network" != "x" ]; then if [ "x$network" != "x" ]; then
@ -24,5 +28,5 @@ if [ "x$network" != "x" ]; then
if [ -n "$gateway6" ]; then if [ -n "$gateway6" ]; then
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
fi fi
/sbin/ethtool -K eth0 sg off || true /sbin/ethtool -K "$(get_qubes_managed_iface)" sg off || true
fi fi