Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Rename qubes-yum-proxy service to qubes-updates-proxy

Browse Source 
It is no longer Fedora-only proxy, so rename to not confuse the user.
Also documentation refer to it as "updates proxy" for a long time.
This commit is contained in:
Marek Marczykowski-Górecki 2014-09-27 00:11:10 +02:00
parent 1e842c985d
commit 3f19c89301
9 changed files with 42 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Makefile
View File

@ -120,9 +120,9 @@ install-common:
install -D network/vif-route-qubes $(DESTDIR)/etc/xen/scripts/vif-route-qubes install -D network/vif-route-qubes $(DESTDIR)/etc/xen/scripts/vif-route-qubes
install -m 0400 -D network/iptables $(DESTDIR)/etc/sysconfig/iptables install -m 0400 -D network/iptables $(DESTDIR)/etc/sysconfig/iptables
install -m 0400 -D network/ip6tables $(DESTDIR)/etc/sysconfig/ip6tables install -m 0400 -D network/ip6tables $(DESTDIR)/etc/sysconfig/ip6tables
install -m 0644 -D network/tinyproxy-qubes-yum.conf $(DESTDIR)/etc/tinyproxy/tinyproxy-qubes-yum.conf install -m 0644 -D network/tinyproxy-updates.conf $(DESTDIR)/etc/tinyproxy/tinyproxy-updates.conf
install -m 0644 -D network/filter-qubes-yum $(DESTDIR)/etc/tinyproxy/filter-qubes-yum install -m 0644 -D network/filter-updates $(DESTDIR)/etc/tinyproxy/filter-updates
install -m 0755 -D network/iptables-yum-proxy $(DESTDIR)/usr/lib/qubes/iptables-yum-proxy install -m 0755 -D network/iptables-updates-proxy $(DESTDIR)/usr/lib/qubes/iptables-updates-proxy
install -d $(DESTDIR)/etc/xdg/autostart install -d $(DESTDIR)/etc/xdg/autostart
install -m 0755 network/show-hide-nm-applet.sh $(DESTDIR)/usr/lib/qubes/show-hide-nm-applet.sh install -m 0755 network/show-hide-nm-applet.sh $(DESTDIR)/usr/lib/qubes/show-hide-nm-applet.sh
install -m 0644 network/show-hide-nm-applet.desktop $(DESTDIR)/etc/xdg/autostart/00-qubes-show-hide-nm-applet.desktop install -m 0644 network/show-hide-nm-applet.desktop $(DESTDIR)/etc/xdg/autostart/00-qubes-show-hide-nm-applet.desktop

0
network/filter-qubes-yum → network/filter-updates
View File

0
network/iptables-yum-proxy → network/iptables-updates-proxy
View File

4
network/tinyproxy-qubes-yum.conf → network/tinyproxy-updates.conf
View File

@ -8,7 +8,7 @@ DefaultErrorFile "/usr/share/tinyproxy/default.html"
StatFile "/usr/share/tinyproxy/stats.html" StatFile "/usr/share/tinyproxy/stats.html"
Syslog On Syslog On
LogLevel Notice LogLevel Notice
PidFile "/var/run/tinyproxy/tinyproxy-qubes-yum.pid" PidFile "/var/run/tinyproxy/tinyproxy-updates.pid"
MaxClients 50 MaxClients 50
MinSpareServers 2 MinSpareServers 2
@ -21,7 +21,7 @@ Allow 127.0.0.1
Allow 10.137.0.0/16 Allow 10.137.0.0/16
Filter "/etc/tinyproxy/filter-qubes-yum" Filter "/etc/tinyproxy/filter-updates"
FilterURLs On FilterURLs On
#FilterExtended On #FilterExtended On
#FilterCaseSensitive On #FilterCaseSensitive On

18
rpm_spec/core-vm.spec
View File

@ -325,8 +325,8 @@ rm -f %{name}-%{version}
%config(noreplace) /etc/sysconfig/ip6tables %config(noreplace) /etc/sysconfig/ip6tables
/etc/sysconfig/modules/qubes-core.modules /etc/sysconfig/modules/qubes-core.modules
/etc/sysconfig/modules/qubes-misc.modules /etc/sysconfig/modules/qubes-misc.modules
%config(noreplace) /etc/tinyproxy/filter-qubes-yum %config(noreplace) /etc/tinyproxy/filter-updates
%config(noreplace) /etc/tinyproxy/tinyproxy-qubes-yum.conf %config(noreplace) /etc/tinyproxy/tinyproxy-updates.conf
%config(noreplace) /etc/udev/rules.d/50-qubes-misc.rules %config(noreplace) /etc/udev/rules.d/50-qubes-misc.rules
%config(noreplace) /etc/udev/rules.d/99-qubes-network.rules %config(noreplace) /etc/udev/rules.d/99-qubes-network.rules
/etc/xdg/autostart/00-qubes-show-hide-nm-applet.desktop /etc/xdg/autostart/00-qubes-show-hide-nm-applet.desktop
@ -372,7 +372,7 @@ rm -f %{name}-%{version}
/usr/lib/qubes/tar2qfile /usr/lib/qubes/tar2qfile
/usr/lib/qubes/vm-file-editor /usr/lib/qubes/vm-file-editor
/usr/lib/qubes/wrap-in-html-if-url.sh /usr/lib/qubes/wrap-in-html-if-url.sh
/usr/lib/qubes/iptables-yum-proxy /usr/lib/qubes/iptables-updates-proxy
/usr/lib/qubes/close-window /usr/lib/qubes/close-window
/usr/lib/yum-plugins/yum-qubes-hooks.py* /usr/lib/yum-plugins/yum-qubes-hooks.py*
/usr/sbin/qubes-firewall /usr/sbin/qubes-firewall
@ -407,7 +407,7 @@ The Qubes core startup configuration for SysV init (or upstart).
/etc/init.d/qubes-core-netvm /etc/init.d/qubes-core-netvm
/etc/init.d/qubes-firewall /etc/init.d/qubes-firewall
/etc/init.d/qubes-netwatcher /etc/init.d/qubes-netwatcher
/etc/init.d/qubes-yum-proxy /etc/init.d/qubes-updates-proxy
/etc/init.d/qubes-qrexec-agent /etc/init.d/qubes-qrexec-agent
%post sysvinit %post sysvinit
@ -442,8 +442,8 @@ chkconfig --add qubes-firewall || echo "WARNING: Cannot add service qubes-firewa
chkconfig qubes-firewall on || echo "WARNING: Cannot enable service qubes-firewall!" chkconfig qubes-firewall on || echo "WARNING: Cannot enable service qubes-firewall!"
chkconfig --add qubes-netwatcher || echo "WARNING: Cannot add service qubes-netwatcher!" chkconfig --add qubes-netwatcher || echo "WARNING: Cannot add service qubes-netwatcher!"
chkconfig qubes-netwatcher on || echo "WARNING: Cannot enable service qubes-netwatcher!" chkconfig qubes-netwatcher on || echo "WARNING: Cannot enable service qubes-netwatcher!"
chkconfig --add qubes-yum-proxy || echo "WARNING: Cannot add service qubes-yum-proxy!" chkconfig --add qubes-updates-proxy || echo "WARNING: Cannot add service qubes-updates-proxy!"
chkconfig qubes-yum-proxy on || echo "WARNING: Cannot enable service qubes-yum-proxy!" chkconfig qubes-updates-proxy on || echo "WARNING: Cannot enable service qubes-updates-proxy!"
chkconfig --add qubes-qrexec-agent || echo "WARNING: Cannot add service qubes-qrexec-agent!" chkconfig --add qubes-qrexec-agent || echo "WARNING: Cannot add service qubes-qrexec-agent!"
chkconfig qubes-qrexec-agent on || echo "WARNING: Cannot enable service qubes-qrexec-agent!" chkconfig qubes-qrexec-agent on || echo "WARNING: Cannot enable service qubes-qrexec-agent!"
@ -458,7 +458,7 @@ if [ "$1" = 0 ] ; then
chkconfig qubes-core-appvm off chkconfig qubes-core-appvm off
chkconfig qubes-firewall off chkconfig qubes-firewall off
chkconfig qubes-netwatcher off chkconfig qubes-netwatcher off
chkconfig qubes-yum-proxy off chkconfig qubes-updates-proxy off
chkconfig qubes-qrexec-agent off chkconfig qubes-qrexec-agent off
fi fi
@ -487,7 +487,7 @@ The Qubes core startup configuration for SystemD init.
/lib/systemd/system/qubes-sysinit.service /lib/systemd/system/qubes-sysinit.service
/lib/systemd/system/qubes-update-check.service /lib/systemd/system/qubes-update-check.service
/lib/systemd/system/qubes-update-check.timer /lib/systemd/system/qubes-update-check.timer
/lib/systemd/system/qubes-yum-proxy.service /lib/systemd/system/qubes-updates-proxy.service
/lib/systemd/system/qubes-qrexec-agent.service /lib/systemd/system/qubes-qrexec-agent.service
%dir /usr/lib/qubes/init %dir /usr/lib/qubes/init
/usr/lib/qubes/init/prepare-dvm.sh /usr/lib/qubes/init/prepare-dvm.sh
@ -512,7 +512,7 @@ The Qubes core startup configuration for SystemD init.
%post systemd %post systemd
for srv in qubes-dvm qubes-sysinit qubes-misc-post qubes-netwatcher qubes-network qubes-firewall qubes-yum-proxy qubes-qrexec-agent; do for srv in qubes-dvm qubes-sysinit qubes-misc-post qubes-netwatcher qubes-network qubes-firewall qubes-updates-proxy qubes-qrexec-agent; do
/bin/systemctl enable $srv.service 2> /dev/null /bin/systemctl enable $srv.service 2> /dev/null
done done

22
vm-init.d/qubes-yum-proxy → vm-init.d/qubes-updates-proxy
View File

@ -1,14 +1,14 @@
#!/bin/sh #!/bin/sh
# #
# tinyproxy Startup script for the tinyproxy server as Qubes yum proxy # tinyproxy Startup script for the tinyproxy server as Qubes updates proxy
# #
# chkconfig: - 85 15 # chkconfig: - 85 15
# description: small, efficient HTTP/SSL proxy daemon # description: small, efficient HTTP/SSL proxy daemon
# #
# processname: tinyproxy # processname: tinyproxy
# config: /etc/tinyproxy/tinyproxy-qubes-yum.conf # config: /etc/tinyproxy/tinyproxy-updates.conf
# config: /etc/sysconfig/tinyproxy-qubes-yum # config: /etc/sysconfig/tinyproxy-updates
# pidfile: /var/run/tinyproxy/tinyproxy-qubes-yum.pid # pidfile: /var/run/tinyproxy/tinyproxy-updates.pid
# #
# Note: pidfile is created by tinyproxy in its config # Note: pidfile is created by tinyproxy in its config
# see PidFile in the configuration file. # see PidFile in the configuration file.
@ -24,17 +24,17 @@
exec="/usr/sbin/tinyproxy" exec="/usr/sbin/tinyproxy"
prog=$(basename $exec) prog=$(basename $exec)
config="/etc/tinyproxy/tinyproxy-qubes-yum.conf" config="/etc/tinyproxy/tinyproxy-updates.conf"
pidfile="/var/run/tinyproxy/tinyproxy-qubes-yum.pid" pidfile="/var/run/tinyproxy/tinyproxy-updates.pid"
[ -e /etc/sysconfig/tinyproxy-qubes-yum ] && . /etc/sysconfig/tinyproxy-qubes-yum [ -e /etc/sysconfig/tinyproxy-updates ] && . /etc/sysconfig/tinyproxy-updates
lockfile=/var/lock/subsys/tinyproxy-qubes-yum lockfile=/var/lock/subsys/tinyproxy-updates
start() { start() {
type=`/usr/bin/xenstore-read qubes-vm-type` type=`/usr/bin/xenstore-read qubes-vm-type`
start_yum_proxy=`/usr/bin/xenstore-read qubes-service/qubes-yum-proxy 2>/dev/null` start_updates_proxy=`/usr/bin/xenstore-read qubes-service/qubes-updates-proxy 2>/dev/null`
if [ -z "$start_yum_proxy" ] && [ "$type" != "NetVM" ] || [ "$start_yum_proxy" != "1" ]; then if [ -z "$start_updates_proxy" ] && [ "$type" != "NetVM" ] || [ "$start_updates_proxy" != "1" ]; then
# Yum proxy disabled # Yum proxy disabled
exit 0 exit 0
fi fi
@ -45,7 +45,7 @@ start() {
/sbin/iptables -I INPUT -i vif+ -p tcp --dport 8082 -j ACCEPT /sbin/iptables -I INPUT -i vif+ -p tcp --dport 8082 -j ACCEPT
/sbin/iptables -t nat -A PR-QBS-SERVICES -i vif+ -d 10.137.255.254 -p tcp --dport 8082 -j REDIRECT /sbin/iptables -t nat -A PR-QBS-SERVICES -i vif+ -d 10.137.255.254 -p tcp --dport 8082 -j REDIRECT
echo -n $"Starting $prog (as Qubes yum proxy): " echo -n $"Starting $prog (as Qubes updates proxy): "
daemon $exec -c $config daemon $exec -c $config
retval=$? retval=$?
echo echo

2
vm-systemd/qubes-sysinit.sh
View File

@ -1,7 +1,7 @@
#!/bin/sh #!/bin/sh
# List of services enabled by default (in case of absence of xenstore entry) # List of services enabled by default (in case of absence of xenstore entry)
DEFAULT_ENABLED_NETVM="network-manager qubes-network qubes-update-check qubes-yum-proxy" DEFAULT_ENABLED_NETVM="network-manager qubes-network qubes-update-check qubes-updates-proxy"
DEFAULT_ENABLED_PROXYVM="meminfo-writer qubes-network qubes-firewall qubes-netwatcher qubes-update-check" DEFAULT_ENABLED_PROXYVM="meminfo-writer qubes-network qubes-firewall qubes-netwatcher qubes-update-check"
DEFAULT_ENABLED_APPVM="meminfo-writer cups qubes-update-check" DEFAULT_ENABLED_APPVM="meminfo-writer cups qubes-update-check"
DEFAULT_ENABLED_TEMPLATEVM="$DEFAULT_ENABLED_APPVM yum-proxy-setup" DEFAULT_ENABLED_TEMPLATEVM="$DEFAULT_ENABLED_APPVM yum-proxy-setup"

16
vm-systemd/qubes-updates-proxy.service Normal file
View File

@ -0,0 +1,16 @@
[Unit]
Description=Qubes updates proxy (tinyproxy)
ConditionPathExists=|/var/run/qubes-service/qubes-yum-proxy
ConditionPathExists=|/var/run/qubes-service/qubes-updates-proxy
After=iptables.service
[Service]
ExecStartPre=/usr/bin/install -d --owner tinyproxy --group tinyproxy /var/run/tinyproxy
ExecStartPre=/usr/lib/qubes/iptables-updates-proxy start
ExecStart=/usr/sbin/tinyproxy -d -c /etc/tinyproxy/tinyproxy-updates.conf
ExecStopPost=/usr/lib/qubes/iptables-updates-proxy stop
Restart=on-failure
RestartSec=5s
[Install]
WantedBy=multi-user.target

15
vm-systemd/qubes-yum-proxy.service
View File

@ -1,15 +0,0 @@
[Unit]
Description=Qubes yum proxy (tinyproxy)
ConditionPathExists=/var/run/qubes-service/qubes-yum-proxy
After=iptables.service
[Service]
ExecStartPre=/usr/bin/install -d --owner tinyproxy --group tinyproxy /var/run/tinyproxy
ExecStartPre=/usr/lib/qubes/iptables-yum-proxy start
ExecStart=/usr/sbin/tinyproxy -d -c /etc/tinyproxy/tinyproxy-qubes-yum.conf
ExecStopPost=/usr/lib/qubes/iptables-yum-proxy stop
Restart=on-failure
RestartSec=5s
[Install]
WantedBy=multi-user.target