The Underscores Revolution: xenstore paths
This commit is contained in:
Marek Marczykowski
parent
7686fd5d92
commit
30ca124784
@ -1,6 +1,6 @@
|
||||
#!/bin/sh
|
||||
|
||||
UPDATEABLE=`/usr/bin/xenstore-read qubes_vm_updateable`
|
||||
UPDATEABLE=`/usr/bin/xenstore-read qubes-vm-updateable`
|
||||
|
||||
if [ "$UPDATEABLE" = "True" ]; then
|
||||
/usr/lib/qubes/qrexec_client_vm dom0 qubes.SyncAppMenus /bin/sh /etc/qubes-rpc/qubes.GetAppmenus
|
||||
|
||||
@ -1,8 +1,8 @@
|
||||
#!/bin/sh
|
||||
if [ x$2 == xup ]; then
|
||||
INET=$(/sbin/ip addr show dev $1 | /bin/grep inet)
|
||||
/usr/bin/xenstore-write qubes_netvm_external_ip "$INET"
|
||||
/usr/bin/xenstore-write qubes-netvm-external-ip "$INET"
|
||||
fi
|
||||
if [ x$2 == xdown ]; then
|
||||
/usr/bin/xenstore-write qubes_netvm_external_ip ""
|
||||
/usr/bin/xenstore-write qubes-netvm-external-ip ""
|
||||
fi
|
||||
|
||||
@ -2,9 +2,9 @@
|
||||
set -e
|
||||
|
||||
PIDFILE=/var/run/qubes/qubes-firewall.pid
|
||||
XENSTORE_IPTABLES=qubes_iptables
|
||||
XENSTORE_IPTABLES_HEADER=qubes_iptables_header
|
||||
XENSTORE_ERROR=qubes_iptables_error
|
||||
XENSTORE_IPTABLES=qubes-iptables
|
||||
XENSTORE_IPTABLES_HEADER=qubes-iptables-header
|
||||
XENSTORE_ERROR=qubes-iptables-error
|
||||
OLD_RULES=""
|
||||
# PIDfile handling
|
||||
[[ -e $PIDFILE ]] && kill -s 0 $(<$PIDFILE) 2>/dev/null && exit 0
|
||||
@ -38,8 +38,8 @@ while true; do
|
||||
IPTABLES_SAVE=$(/sbin/iptables-save | sed '/^\*filter/,/^COMMIT/d')
|
||||
OUT=`echo -e "$RULES\n$IPTABLES_SAVE" | /sbin/iptables-restore 2>&1 || true`
|
||||
|
||||
for i in $(xenstore-list qubes_iptables_domainrules) ; do
|
||||
RULES=$(/usr/bin/xenstore-read qubes_iptables_domainrules/"$i")
|
||||
for i in $(xenstore-list qubes-iptables-domainrules) ; do
|
||||
RULES=$(/usr/bin/xenstore-read qubes-iptables-domainrules/"$i")
|
||||
ERRS=`echo -e "$RULES" | /sbin/iptables-restore -n 2>&1 || true`
|
||||
OUT="$OUT$ERRS"
|
||||
done
|
||||
|
||||
@ -11,9 +11,9 @@ echo $$ >$PIDFILE
|
||||
trap 'exit 0' SIGTERM
|
||||
|
||||
while true; do
|
||||
NET_DOMID=$(/usr/bin/xenstore-read qubes_netvm_domid || :)
|
||||
NET_DOMID=$(/usr/bin/xenstore-read qubes-netvm-domid || :)
|
||||
if [[ -n "$NET_DOMID" ]] && [[ $NET_DOMID -gt 0 ]]; then
|
||||
UNTRUSTED_NETCFG=$(/usr/bin/xenstore-read /local/domain/$NET_DOMID/qubes_netvm_external_ip || :)
|
||||
UNTRUSTED_NETCFG=$(/usr/bin/xenstore-read /local/domain/$NET_DOMID/qubes-netvm-external-ip || :)
|
||||
# UNTRUSTED_NETCFG is not parsed in any way
|
||||
# thus, no sanitization ready
|
||||
# but be careful when passing it to other shell scripts
|
||||
@ -21,11 +21,11 @@ while true; do
|
||||
/sbin/service qubes-firewall stop
|
||||
/sbin/service qubes-firewall start
|
||||
CURR_NETCFG="$UNTRUSTED_NETCFG"
|
||||
/usr/bin/xenstore-write qubes_netvm_external_ip "$CURR_NETCFG"
|
||||
/usr/bin/xenstore-write qubes-netvm-external-ip "$CURR_NETCFG"
|
||||
fi
|
||||
|
||||
/usr/bin/xenstore-watch -n 3 /local/domain/$NET_DOMID/qubes_netvm_external_ip qubes_netvm_domid
|
||||
/usr/bin/xenstore-watch -n 3 /local/domain/$NET_DOMID/qubes-netvm-external-ip qubes-netvm-domid
|
||||
else
|
||||
/usr/bin/xenstore-watch -n 2 qubes_netvm_domid
|
||||
/usr/bin/xenstore-watch -n 2 qubes-netvm-domid
|
||||
fi
|
||||
done
|
||||
|
||||
@ -1,10 +1,10 @@
|
||||
#!/bin/sh
|
||||
|
||||
ip=`/usr/bin/xenstore-read qubes_ip 2> /dev/null`
|
||||
ip=`/usr/bin/xenstore-read qubes-ip 2> /dev/null`
|
||||
if [ x$ip != x ]; then
|
||||
netmask=`/usr/bin/xenstore-read qubes_netmask`
|
||||
gateway=`/usr/bin/xenstore-read qubes_gateway`
|
||||
secondary_dns=`/usr/bin/xenstore-read qubes_secondary_dns`
|
||||
netmask=`/usr/bin/xenstore-read qubes-netmask`
|
||||
gateway=`/usr/bin/xenstore-read qubes-gateway`
|
||||
secondary_dns=`/usr/bin/xenstore-read qubes-secondary-dns`
|
||||
/sbin/ifconfig $INTERFACE $ip netmask 255.255.255.255
|
||||
/sbin/ifconfig $INTERFACE up
|
||||
/sbin/route add -host $gateway dev $INTERFACE
|
||||
@ -13,11 +13,11 @@ if [ x$ip != x ]; then
|
||||
/sbin/ethtool -K $INTERFACE tx off
|
||||
echo "nameserver $gateway" > /etc/resolv.conf
|
||||
echo "nameserver $secondary_dns" >> /etc/resolv.conf
|
||||
network=$(/usr/bin/xenstore-read qubes_netvm_network 2>/dev/null)
|
||||
network=$(/usr/bin/xenstore-read qubes-netvm-network 2>/dev/null)
|
||||
if [ "x$network" != "x" ]; then
|
||||
gateway=$(/usr/bin/xenstore-read qubes_netvm_gateway)
|
||||
netmask=$(/usr/bin/xenstore-read qubes_netvm_netmask)
|
||||
secondary_dns=$(/usr/bin/xenstore-read qubes_netvm_secondary_dns)
|
||||
gateway=$(/usr/bin/xenstore-read qubes-netvm-gateway)
|
||||
netmask=$(/usr/bin/xenstore-read qubes-netvm-netmask)
|
||||
secondary_dns=$(/usr/bin/xenstore-read qubes-netvm-secondary-dns)
|
||||
echo "NS1=$gateway" > /var/run/qubes/qubes-ns
|
||||
echo "NS2=$secondary_dns" >> /var/run/qubes/qubes-ns
|
||||
/usr/lib/qubes/qubes-setup-dnat-to-ns
|
||||
|
||||
@ -24,7 +24,7 @@
|
||||
|
||||
Name: qubes-core-vm
|
||||
Version: %{version}
|
||||
Release: 1%{dist}
|
||||
Release: 1.1%{dist}
|
||||
Summary: The Qubes core files for VM
|
||||
|
||||
Group: Qubes
|
||||
|
||||
@ -39,7 +39,7 @@ start()
|
||||
fi
|
||||
|
||||
yum_proxy_setup=$(/usr/bin/xenstore-read qubes-service/yum-proxy-setup 2> /dev/null)
|
||||
type=$(/usr/bin/xenstore-read qubes_vm_type)
|
||||
type=$(/usr/bin/xenstore-read qubes-vm-type)
|
||||
if [ "$yum_proxy_setup" != "0" ] || [ -z "$yum_proxy_setup" -a "$type" == "TemplateVM" ]; then
|
||||
echo proxy=http://10.137.255.254:8082/ > /etc/yum.conf.d/qubes-proxy.conf
|
||||
else
|
||||
@ -47,7 +47,7 @@ start()
|
||||
fi
|
||||
|
||||
# Set IP address again (besides action in udev rules); this is needed by
|
||||
# DispVM (to override DispVM-template IP) and in case when qubes_ip was
|
||||
# DispVM (to override DispVM-template IP) and in case when qubes-ip was
|
||||
# called by udev before loading evtchn kernel module - in which case
|
||||
# xenstore-read fails
|
||||
INTERFACE=eth0 /usr/lib/qubes/setup-ip
|
||||
@ -70,7 +70,7 @@ start()
|
||||
mkdir -p /rw/usrlocal
|
||||
cp -a /usr/local.orig/* /rw/usrlocal
|
||||
|
||||
touch /var/lib/qubes/first_boot_completed
|
||||
touch /var/lib/qubes/first-boot-completed
|
||||
fi
|
||||
fi
|
||||
if [ -L /home ]; then
|
||||
|
||||
@ -8,7 +8,7 @@
|
||||
|
||||
possibly_run_save_script()
|
||||
{
|
||||
ENCODED_SCRIPT=$(xenstore-read qubes_save_script)
|
||||
ENCODED_SCRIPT=$(xenstore-read qubes-save-script)
|
||||
if [ -z "$ENCODED_SCRIPT" ] ; then return ; fi
|
||||
echo $ENCODED_SCRIPT|perl -e 'use MIME::Base64 qw(decode_base64); local($/) = undef;print decode_base64(<STDIN>)' >/tmp/qubes_save_script
|
||||
chmod 755 /tmp/qubes_save_script
|
||||
@ -25,7 +25,7 @@ start()
|
||||
exit 1
|
||||
fi
|
||||
|
||||
type=$(/usr/bin/xenstore-read qubes_vm_type)
|
||||
type=$(/usr/bin/xenstore-read qubes-vm-type)
|
||||
if [ "$type" != "AppVM" -a "$type" != "DisposableVM" -a "$type" != "TemplateVM" ]; then
|
||||
# This script runs only on AppVMs
|
||||
return 0
|
||||
@ -44,7 +44,7 @@ start()
|
||||
|
||||
echo -n $"Executing Qubes Core scripts for AppVM:"
|
||||
|
||||
if xenstore-read qubes_save_request 2>/dev/null ; then
|
||||
if xenstore-read qubes-save-request 2>/dev/null ; then
|
||||
if [ -L /home ]; then
|
||||
rm /home
|
||||
mkdir /home
|
||||
@ -56,11 +56,11 @@ start()
|
||||
umount /rw
|
||||
dmesg -c >/dev/null
|
||||
free | grep Mem: |
|
||||
(read a b c d ; xenstore-write device/qubes_used_mem $c)
|
||||
(read a b c d ; xenstore-write device/qubes-used-mem $c)
|
||||
# we're still running in DispVM template
|
||||
echo "Waiting for save/restore..."
|
||||
# ... wait until qubes_restore.c (in Dom0) recreates VM-specific keys
|
||||
while ! xenstore-read qubes_restore_complete 2>/dev/null ; do
|
||||
# ... wait until qubes-restore.c (in Dom0) recreates VM-specific keys
|
||||
while ! xenstore-read qubes-restore-complete 2>/dev/null ; do
|
||||
usleep 10
|
||||
done
|
||||
echo Back to life.
|
||||
|
||||
@ -13,7 +13,7 @@ start()
|
||||
exit 1
|
||||
fi
|
||||
|
||||
type=$(/usr/bin/xenstore-read qubes_vm_type)
|
||||
type=$(/usr/bin/xenstore-read qubes-vm-type)
|
||||
if [ "$type" == "NetVM" ]; then
|
||||
/usr/lib/qubes/network-manager-prepare-conf-dir
|
||||
/sbin/service NetworkManager start
|
||||
@ -22,11 +22,11 @@ start()
|
||||
echo -n $"Executing Qubes Core scripts NetVM:"
|
||||
|
||||
# Setup gateway for all the VMs this netVM is serviceing...
|
||||
network=$(/usr/bin/xenstore-read qubes_netvm_network 2>/dev/null)
|
||||
network=$(/usr/bin/xenstore-read qubes-netvm-network 2>/dev/null)
|
||||
if [ "x$network" != "x" ]; then
|
||||
gateway=$(/usr/bin/xenstore-read qubes_netvm_gateway)
|
||||
netmask=$(/usr/bin/xenstore-read qubes_netvm_netmask)
|
||||
secondary_dns=$(/usr/bin/xenstore-read qubes_netvm_secondary_dns)
|
||||
gateway=$(/usr/bin/xenstore-read qubes-netvm-gateway)
|
||||
netmask=$(/usr/bin/xenstore-read qubes-netvm-netmask)
|
||||
secondary_dns=$(/usr/bin/xenstore-read qubes-netvm-secondary-dns)
|
||||
modprobe netbk 2> /dev/null || modprobe xen-netback
|
||||
echo "NS1=$gateway" > /var/run/qubes/qubes-ns
|
||||
echo "NS2=$secondary_dns" >> /var/run/qubes/qubes-ns
|
||||
|
||||
@ -10,7 +10,7 @@ PIDFILE=/var/run/qubes/qubes-firewall.pid
|
||||
|
||||
start()
|
||||
{
|
||||
type=$(/usr/bin/xenstore-read qubes_vm_type)
|
||||
type=$(/usr/bin/xenstore-read qubes-vm-type)
|
||||
start_firewall=$(/usr/bin/xenstore-read qubes-service/qubes-firewall 2> /dev/null)
|
||||
if [ -z "$start_firewall" ] && [ "$type" == "ProxyVM" ] || [ "$start_firewall" == "1" ]; then
|
||||
echo -n $"Starting Qubes Firewall monitor:"
|
||||
|
||||
@ -10,7 +10,7 @@ PIDFILE=/var/run/qubes/qubes-netwatcher.pid
|
||||
|
||||
start()
|
||||
{
|
||||
type=$(/usr/bin/xenstore-read qubes_vm_type)
|
||||
type=$(/usr/bin/xenstore-read qubes-vm-type)
|
||||
start_netwatcher=$(/usr/bin/xenstore-read qubes-service/qubes-netwatcher 2>/dev/null)
|
||||
if [ -z "$start_netwatcher" ] && [ "$type" == "ProxyVM" ] || [ "$start_netwatcher" == "1" ]; then
|
||||
echo -n $"Starting Qubes Network monitor:"
|
||||
|
||||
@ -32,7 +32,7 @@ pidfile="/var/run/tinyproxy/tinyproxy-qubes-yum.pid"
|
||||
lockfile=/var/lock/subsys/tinyproxy-qubes-yum
|
||||
|
||||
start() {
|
||||
type=`/usr/bin/xenstore-read qubes_vm_type`
|
||||
type=`/usr/bin/xenstore-read qubes-vm-type`
|
||||
start_yum_proxy=`/usr/bin/xenstore-read qubes-service/qubes-yum-proxy 2>/dev/null`
|
||||
if [ -z "$start_yum_proxy" ] && [ "$type" != "NetVM" ] || [ "$start_yum_proxy" != "1" ]; then
|
||||
# Yum proxy disabled
|
||||
|
||||
@ -7,7 +7,7 @@ else
|
||||
fi
|
||||
|
||||
# Set IP address again (besides action in udev rules); this is needed by
|
||||
# DispVM (to override DispVM-template IP) and in case when qubes_ip was
|
||||
# DispVM (to override DispVM-template IP) and in case when qubes-ip was
|
||||
# called by udev before loading evtchn kernel module - in which case
|
||||
# xenstore-read fails
|
||||
INTERFACE=eth0 /usr/lib/qubes/setup-ip
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
#!/bin/sh
|
||||
|
||||
# Setup gateway for all the VMs this netVM is serviceing...
|
||||
network=$(/usr/bin/xenstore-read qubes_netvm_network 2>/dev/null)
|
||||
network=$(/usr/bin/xenstore-read qubes-netvm-network 2>/dev/null)
|
||||
if [ "x$network" != "x" ]; then
|
||||
gateway=$(/usr/bin/xenstore-read qubes_netvm_gateway)
|
||||
netmask=$(/usr/bin/xenstore-read qubes_netvm_netmask)
|
||||
secondary_dns=$(/usr/bin/xenstore-read qubes_netvm_secondary_dns)
|
||||
gateway=$(/usr/bin/xenstore-read qubes-netvm-gateway)
|
||||
netmask=$(/usr/bin/xenstore-read qubes-netvm-netmask)
|
||||
secondary_dns=$(/usr/bin/xenstore-read qubes-netvm-secondary-dns)
|
||||
modprobe netbk 2> /dev/null || modprobe xen-netback
|
||||
echo "NS1=$gateway" > /var/run/qubes/qubes-ns
|
||||
echo "NS2=$secondary_dns" >> /var/run/qubes/qubes-ns
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
possibly_run_save_script()
|
||||
{
|
||||
ENCODED_SCRIPT=$(xenstore-read qubes_save_script)
|
||||
ENCODED_SCRIPT=$(xenstore-read qubes-save-script)
|
||||
if [ -z "$ENCODED_SCRIPT" ] ; then return ; fi
|
||||
echo $ENCODED_SCRIPT|perl -e 'use MIME::Base64 qw(decode_base64); local($/) = undef;print decode_base64(<STDIN>)' >/tmp/qubes_save_script
|
||||
chmod 755 /tmp/qubes_save_script
|
||||
@ -12,7 +12,7 @@ possibly_run_save_script()
|
||||
killall Xorg
|
||||
}
|
||||
|
||||
if xenstore-read qubes_save_request 2>/dev/null ; then
|
||||
if xenstore-read qubes-save-request 2>/dev/null ; then
|
||||
if [ -L /home ]; then
|
||||
rm /home
|
||||
mkdir /home
|
||||
@ -24,11 +24,11 @@ if xenstore-read qubes_save_request 2>/dev/null ; then
|
||||
umount /rw
|
||||
dmesg -c >/dev/null
|
||||
free | grep Mem: |
|
||||
(read a b c d ; xenstore-write device/qubes_used_mem $c)
|
||||
(read a b c d ; xenstore-write device/qubes-used-mem $c)
|
||||
# we're still running in DispVM template
|
||||
echo "Waiting for save/restore..."
|
||||
# ... wait until qubes_restore.c (in Dom0) recreates VM-specific keys
|
||||
while ! xenstore-read qubes_restore_complete 2>/dev/null ; do
|
||||
# ... wait until qubes-restore.c (in Dom0) recreates VM-specific keys
|
||||
while ! xenstore-read qubes-restore-complete 2>/dev/null ; do
|
||||
usleep 10
|
||||
done
|
||||
echo Back to life.
|
||||
|
||||
@ -29,7 +29,7 @@ chmod 666 /proc/xen/xenbus
|
||||
chmod 666 /proc/u2mfn
|
||||
|
||||
# Set default services depending on VM type
|
||||
TYPE=`$XS_READ qubes_vm_type 2> /dev/null`
|
||||
TYPE=`$XS_READ qubes-vm-type 2> /dev/null`
|
||||
[ "$TYPE" == "AppVM" ] && DEFAULT_ENABLED=$DEFAULT_ENABLED_APPVM
|
||||
[ "$TYPE" == "NetVM" ] && DEFAULT_ENABLED=$DEFAULT_ENABLED_NETVM
|
||||
[ "$TYPE" == "ProxyVM" ] && DEFAULT_ENABLED=$DEFAULT_ENABLED_PROXYVM
|
||||
|
||||
Loading…
Reference in New Issue
Block a user