qrexec: implement qvm-run command for AppVMs

It is build upon qrexec2, qubes.VMShell command. So, in order to e.g.
start firefox in a fresh dispVM, do
qvm-run '$dispvm' firefox http://www.qubes-os.org
This commit is contained in:
Rafal Wojtczuk 2011-08-29 16:46:44 +02:00
parent 81917388ef
commit 1a24c19702
6 changed files with 51 additions and 0 deletions

4
appvm/qrun-in-vm Executable file
View File

@ -0,0 +1,4 @@
#!/bin/sh
# pass aguments to the remote stdin, shovel back the remote output
echo "$@"
exec /bin/cat >&$SAVED_FD_1

1
appvm/qubes.VMShell Normal file
View File

@ -0,0 +1 @@
/usr/lib/qubes/vm-shell

View File

@ -0,0 +1,7 @@
## Note that policy parsing stops at the first match,
## so adding anything below "$anyvm $anyvm action" line will have no effect
## Please use a single # to start your custom comments
$anyvm $dispvm allow
$anyvm $anyvm ask

29
appvm/qvm-run Executable file
View File

@ -0,0 +1,29 @@
#!/bin/bash
#
# The Qubes OS Project, http://www.qubes-os.org
#
# Copyright (C) 2010 Rafal Wojtczuk <rafal@invisiblethingslab.com>
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
#
if [ $# -lt 2 ] ; then
echo "Usage: $0 vmname command arguments"
exit 1
fi
VMNAME=$1
shift
exec /usr/lib/qubes/qrexec_client_vm $VMNAME qubes.VMShell "/usr/lib/qubes/qrun-in-vm" "$@"

3
appvm/vm-shell Executable file
View File

@ -0,0 +1,3 @@
#!/bin/sh
# just ignore the cmdline argument (the remote vm name)
exec /bin/bash

View File

@ -77,6 +77,7 @@ mkdir -p $RPM_BUILD_ROOT/usr/bin
cp qubes_timestamp qvm-open-in-dvm2 $RPM_BUILD_ROOT/usr/bin cp qubes_timestamp qvm-open-in-dvm2 $RPM_BUILD_ROOT/usr/bin
cp qvm-open-in-vm $RPM_BUILD_ROOT/usr/bin cp qvm-open-in-vm $RPM_BUILD_ROOT/usr/bin
cp qvm-copy-to-vm $RPM_BUILD_ROOT/usr/bin cp qvm-copy-to-vm $RPM_BUILD_ROOT/usr/bin
cp qvm-run $RPM_BUILD_ROOT/usr/bin
mkdir -p $RPM_BUILD_ROOT/usr/lib/qubes mkdir -p $RPM_BUILD_ROOT/usr/lib/qubes
cp qvm-copy-to-vm2.kde $RPM_BUILD_ROOT/usr/lib/qubes cp qvm-copy-to-vm2.kde $RPM_BUILD_ROOT/usr/lib/qubes
cp qvm-copy-to-vm2.gnome $RPM_BUILD_ROOT/usr/lib/qubes cp qvm-copy-to-vm2.gnome $RPM_BUILD_ROOT/usr/lib/qubes
@ -84,6 +85,7 @@ cp ../qrexec/qrexec_agent $RPM_BUILD_ROOT/usr/lib/qubes
cp ../qrexec/qrexec_client_vm $RPM_BUILD_ROOT/usr/lib/qubes cp ../qrexec/qrexec_client_vm $RPM_BUILD_ROOT/usr/lib/qubes
cp ../qrexec/qubes_rpc_multiplexer $RPM_BUILD_ROOT/usr/lib/qubes cp ../qrexec/qubes_rpc_multiplexer $RPM_BUILD_ROOT/usr/lib/qubes
cp vm-file-editor qfile-agent qopen-in-vm qfile-unpacker $RPM_BUILD_ROOT/usr/lib/qubes cp vm-file-editor qfile-agent qopen-in-vm qfile-unpacker $RPM_BUILD_ROOT/usr/lib/qubes
cp vm-shell qrun-in-vm $RPM_BUILD_ROOT/usr/lib/qubes
cp ../common/meminfo-writer $RPM_BUILD_ROOT/usr/lib/qubes cp ../common/meminfo-writer $RPM_BUILD_ROOT/usr/lib/qubes
mkdir -p $RPM_BUILD_ROOT/%{kde_service_dir} mkdir -p $RPM_BUILD_ROOT/%{kde_service_dir}
cp qvm-copy.desktop qvm-dvm.desktop $RPM_BUILD_ROOT/%{kde_service_dir} cp qvm-copy.desktop qvm-dvm.desktop $RPM_BUILD_ROOT/%{kde_service_dir}
@ -91,6 +93,7 @@ mkdir -p $RPM_BUILD_ROOT/mnt/removable
mkdir -p $RPM_BUILD_ROOT/etc/qubes_rpc mkdir -p $RPM_BUILD_ROOT/etc/qubes_rpc
cp qubes.Filecopy $RPM_BUILD_ROOT/etc/qubes_rpc cp qubes.Filecopy $RPM_BUILD_ROOT/etc/qubes_rpc
cp qubes.OpenInVM $RPM_BUILD_ROOT/etc/qubes_rpc cp qubes.OpenInVM $RPM_BUILD_ROOT/etc/qubes_rpc
cp qubes.VMShell $RPM_BUILD_ROOT/etc/qubes_rpc
mkdir -p $RPM_BUILD_ROOT/var/lib/qubes/dom0-updates mkdir -p $RPM_BUILD_ROOT/var/lib/qubes/dom0-updates
mkdir -p $RPM_BUILD_ROOT/etc/X11 mkdir -p $RPM_BUILD_ROOT/etc/X11
@ -143,6 +146,7 @@ rm -rf $RPM_BUILD_ROOT
/usr/lib/qubes/qvm-copy-to-vm2.gnome /usr/lib/qubes/qvm-copy-to-vm2.gnome
/usr/bin/qvm-open-in-dvm2 /usr/bin/qvm-open-in-dvm2
/usr/bin/qvm-open-in-vm /usr/bin/qvm-open-in-vm
/usr/bin/qvm-run
/usr/lib/qubes/meminfo-writer /usr/lib/qubes/meminfo-writer
/usr/lib/qubes/vm-file-editor /usr/lib/qubes/vm-file-editor
%{kde_service_dir}/qvm-copy.desktop %{kde_service_dir}/qvm-copy.desktop
@ -153,10 +157,13 @@ rm -rf $RPM_BUILD_ROOT
/usr/lib/qubes/qfile-agent /usr/lib/qubes/qfile-agent
/usr/lib/qubes/qopen-in-vm /usr/lib/qubes/qopen-in-vm
/usr/lib/qubes/qfile-unpacker /usr/lib/qubes/qfile-unpacker
/usr/lib/qubes/vm-shell
/usr/lib/qubes/qrun-in-vm
%dir /mnt/removable %dir /mnt/removable
%dir /etc/qubes_rpc %dir /etc/qubes_rpc
/etc/qubes_rpc/qubes.Filecopy /etc/qubes_rpc/qubes.Filecopy
/etc/qubes_rpc/qubes.OpenInVM /etc/qubes_rpc/qubes.OpenInVM
/etc/qubes_rpc/qubes.VMShell
/usr/bin/qubes_timestamp /usr/bin/qubes_timestamp
%dir /home_volatile %dir /home_volatile
%attr(700,user,user) /home_volatile/user %attr(700,user,user) /home_volatile/user