Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge branch 'master' into hvm

Browse Source 
Conflicts:
	version_dom0
	version_vm
This commit is contained in:
Marek Marczykowski 2012-03-09 10:19:34 +01:00
commit cd3b40c407
5 changed files with 20 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
network/qubes_firewall
View File

@ -12,13 +12,20 @@ echo $$ >$PIDFILE
trap 'exit 0' SIGTERM trap 'exit 0' SIGTERM
FIRST_TIME=yes
while true; do while true; do
echo "1" > /proc/sys/net/ipv4/ip_forward echo "1" > /proc/sys/net/ipv4/ip_forward
# Wait for changes in xenstore file if [ "$FIRST_TIME" ]; then
/usr/bin/xenstore-watch-qubes $XENSTORE_IPTABLES FIRST_TIME=
TRIGGER=$(/usr/bin/xenstore-read $XENSTORE_IPTABLES) TRIGGER=reload
else
# Wait for changes in xenstore file
/usr/bin/xenstore-watch-qubes $XENSTORE_IPTABLES
TRIGGER=$(/usr/bin/xenstore-read $XENSTORE_IPTABLES)
fi
if ! [ "$TRIGGER" = "reload" ]; then continue ; fi if ! [ "$TRIGGER" = "reload" ]; then continue ; fi

8
network/qubes_netwatcher
View File

@ -18,14 +18,14 @@ while true; do
# thus, no sanitization ready # thus, no sanitization ready
# but be careful when passing it to other shell scripts # but be careful when passing it to other shell scripts
if [[ "$UNTRUSTED_NETCFG" != "$CURR_NETCFG" ]]; then if [[ "$UNTRUSTED_NETCFG" != "$CURR_NETCFG" ]]; then
/sbin/service qubes_firewall stop /sbin/service qubes-firewall stop
/sbin/service qubes_firewall start /sbin/service qubes-firewall start
CURR_NETCFG="$UNTRUSTED_NETCFG" CURR_NETCFG="$UNTRUSTED_NETCFG"
/usr/bin/xenstore-write qubes_netvm_external_ip "$CURR_NETCFG" /usr/bin/xenstore-write qubes_netvm_external_ip "$CURR_NETCFG"
fi fi
/usr/bin/xenstore-watch-qubes /local/domain/$NET_DOMID/qubes_netvm_external_ip /usr/bin/xenstore-watch -n 3 /local/domain/$NET_DOMID/qubes_netvm_external_ip qubes_netvm_domid
else else
/usr/bin/xenstore-watch-qubes qubes_netvm_domid /usr/bin/xenstore-watch -n 2 qubes_netvm_domid
fi fi
done done

12
rpm_spec/core-vm.spec
View File

@ -411,8 +411,8 @@ The Qubes core startup configuration for SysV init (or upstart).
/etc/init.d/qubes_core /etc/init.d/qubes_core
/etc/init.d/qubes_core_appvm /etc/init.d/qubes_core_appvm
/etc/init.d/qubes_core_netvm /etc/init.d/qubes_core_netvm
/etc/init.d/qubes_firewall /etc/init.d/qubes-firewall
/etc/init.d/qubes_netwatcher /etc/init.d/qubes-netwatcher
%post sysvinit %post sysvinit
@ -443,8 +443,8 @@ chkconfig --add qubes_core_appvm || echo "WARNING: Cannot add service qubes_core
chkconfig qubes_core_appvm on || echo "WARNING: Cannot enable service qubes_core!" chkconfig qubes_core_appvm on || echo "WARNING: Cannot enable service qubes_core!"
chkconfig --add qubes_firewall || echo "WARNING: Cannot add service qubes_core!" chkconfig --add qubes_firewall || echo "WARNING: Cannot add service qubes_core!"
chkconfig qubes_firewall on || echo "WARNING: Cannot enable service qubes_core!" chkconfig qubes_firewall on || echo "WARNING: Cannot enable service qubes_core!"
chkconfig --add qubes_netwatcher || echo "WARNING: Cannot add service qubes_core!" chkconfig --add qubes-netwatcher || echo "WARNING: Cannot add service qubes_core!"
chkconfig qubes_netwatcher on || echo "WARNING: Cannot enable service qubes_core!" chkconfig qubes-netwatcher on || echo "WARNING: Cannot enable service qubes_core!"
# TODO: make this not display the silly message about security context... # TODO: make this not display the silly message about security context...
sed -i s/^id:.:initdefault:/id:3:initdefault:/ /etc/inittab sed -i s/^id:.:initdefault:/id:3:initdefault:/ /etc/inittab
@ -455,8 +455,8 @@ if [ "$1" = 0 ] ; then
chkconfig qubes_core off chkconfig qubes_core off
chkconfig qubes_core_netvm off chkconfig qubes_core_netvm off
chkconfig qubes_core_appvm off chkconfig qubes_core_appvm off
chkconfig qubes_firewall off chkconfig qubes-firewall off
chkconfig qubes_netwatcher off chkconfig qubes-netwatcher off
fi fi
%package systemd %package systemd

0
vm-init.d/qubes_firewall → vm-init.d/qubes-firewall
View File

0
vm-init.d/qubes_netwatcher → vm-init.d/qubes-netwatcher
View File