Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'qubesos/pr/159'

Browse Source 
* qubesos/pr/159:
  setup-ip: handle default conf if /qubes-mac returns empty value
  setup-ip: only assign IP configuration of Qubes managed iface
  Handle default value for get_iface_from_mac
  Handle default value for get_qubes_managed_iface
  Make ShellCheck happy
  Handle non-default 'eth0' Qubes managed interface
This commit is contained in:
Marek Marczykowski-Górecki 2019-05-25 22:46:28 +02:00
commit da33d87c23
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724
6 changed files with 134 additions and 87 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
init/functions
View File

@ -128,6 +128,36 @@ umount_retry() {
return 0 return 0
} }
get_mac_from_iface() {
local iface="$1"
local mac
if [ "x$iface" != "x" ]; then
mac="$(cat "/sys/class/net/$iface/address")"
fi
echo "$mac"
}
get_iface_from_mac() {
local mac="$1"
local iface
if [ "x$mac" != "x" ]; then
iface="$(ip -o link | grep -i "$mac" | awk '{print $2}' | cut -d ':' -f1)"
fi
echo "$iface"
}
get_qubes_managed_iface() {
local mac
local qubes_iface
mac="$(qubesdb-read /qubes-mac)"
qubes_iface="$(get_iface_from_mac "$mac")"
if [ "x$qubes_iface" != "x" ]; then
echo "$qubes_iface"
else
echo eth0
fi
}
initialize_home() { initialize_home() {
local home_root local home_root
local mode local mode

11
network/network-manager-prepare-conf-dir
View File

@ -1,5 +1,9 @@
#!/bin/sh #!/bin/sh
# Source Qubes library.
# shellcheck source=init/functions
. /usr/lib/qubes/init/functions
NM_CONFIG_DIR=/etc/NetworkManager/system-connections NM_CONFIG_DIR=/etc/NetworkManager/system-connections
if [ -d $NM_CONFIG_DIR ] && [ ! -h $NM_CONFIG_DIR ]; then if [ -d $NM_CONFIG_DIR ] && [ ! -h $NM_CONFIG_DIR ]; then
mkdir -p /rw/config/NM-system-connections mkdir -p /rw/config/NM-system-connections
@ -20,10 +24,11 @@ sed -r -i -e "s/^#?plugins=.*/plugins=keyfile/" /etc/NetworkManager/NetworkManag
# starting NetworkManager, otherwise it will try default DHCP configuration # starting NetworkManager, otherwise it will try default DHCP configuration
# first and only after a timeout fallback to static one - introducing delay in # first and only after a timeout fallback to static one - introducing delay in
# network connectivity # network connectivity
export INTERFACE=eth0 INTERFACE="$(get_qubes_managed_iface)"
export INTERFACE
if qubesdb-read /qubes-ip >/dev/null 2>/dev/null && if qubesdb-read /qubes-ip >/dev/null 2>/dev/null &&
[ -e /sys/class/net/$INTERFACE ] && [ -e "/sys/class/net/$INTERFACE" ] &&
[ ! -r /etc/NetworkManager/system-connections/qubes-uplink-$INTERFACE ]; then [ ! -r "/etc/NetworkManager/system-connections/qubes-uplink-$INTERFACE" ]; then
/usr/lib/qubes/setup-ip /usr/lib/qubes/setup-ip
fi fi

11
network/setup-ip
View File

@ -6,8 +6,12 @@
have_qubesdb || exit 0 have_qubesdb || exit 0
ip=$(/usr/bin/qubesdb-read /qubes-ip 2> /dev/null) mac="$(/usr/bin/qubesdb-read /qubes-mac 2> /dev/null)"
ip6=$(/usr/bin/qubesdb-read /qubes-ip6 2> /dev/null) current_mac="$(get_mac_from_iface "$INTERFACE")"
if [ "$mac" = "$current_mac" ] || [ "x$mac" = "x" ] ; then
ip="$(/usr/bin/qubesdb-read /qubes-ip 2> /dev/null)"
ip6="$(/usr/bin/qubesdb-read /qubes-ip6 2> /dev/null)"
if [ "x$ip" != x ]; then if [ "x$ip" != x ]; then
#netmask=$(/usr/bin/qubesdb-read /qubes-netmask) #netmask=$(/usr/bin/qubesdb-read /qubes-netmask)
gateway=$(/usr/bin/qubesdb-read /qubes-gateway) gateway=$(/usr/bin/qubesdb-read /qubes-gateway)
@ -18,7 +22,7 @@ if [ "x$ip" != x ]; then
/sbin/ethtool -K "$INTERFACE" tx off /sbin/ethtool -K "$INTERFACE" tx off
# If NetworkManager is enabled, let it configure the network # If NetworkManager is enabled, let it configure the network
if qsvc network-manager ; then if qsvc network-manager ; then
nm_config=/etc/NetworkManager/system-connections/qubes-uplink-$INTERFACE nm_config="/etc/NetworkManager/system-connections/qubes-uplink-$INTERFACE"
cat > "$nm_config" <<__EOF__ cat > "$nm_config" <<__EOF__
[802-3-ethernet] [802-3-ethernet]
duplex=full duplex=full
@ -128,3 +132,4 @@ __EOF__
fi fi
fi fi
fi fi
fi

2
vm-init.d/qubes-firewall
View File

@ -19,7 +19,7 @@ start()
if qsvc qubes-firewall ; then if qsvc qubes-firewall ; then
echo -n $"Starting Qubes Firewall monitor:" echo -n $"Starting Qubes Firewall monitor:"
/sbin/ethtool -K eth0 sg off /sbin/ethtool -K "$(get_qubes_managed_iface)" sg off
/usr/sbin/qubes-firewall & /usr/sbin/qubes-firewall &
success success
echo "" echo ""

5
vm-systemd/misc-post.sh
View File

@ -15,7 +15,10 @@ fi
# DispVM (to override DispVM-template IP) and in case when qubes-ip was # DispVM (to override DispVM-template IP) and in case when qubes-ip was
# called by udev before loading evtchn kernel module - in which case # called by udev before loading evtchn kernel module - in which case
# qubesdb-read fails # qubesdb-read fails
INTERFACE=eth0 /usr/lib/qubes/setup-ip QUBES_MANAGED_IFACE="$(get_qubes_managed_iface)"
if [ "x$QUBES_MANAGED_IFACE" != "x" ]; then
INTERFACE="$QUBES_MANAGED_IFACE" /usr/lib/qubes/setup-ip
fi
if [ -x /rw/config/rc.local ] ; then if [ -x /rw/config/rc.local ] ; then
/rw/config/rc.local /rw/config/rc.local

6
vm-systemd/network-proxy-setup.sh
View File

@ -1,5 +1,9 @@
#!/bin/sh #!/bin/sh
# Source Qubes library.
# shellcheck source=init/functions
. /usr/lib/qubes/init/functions
# Setup gateway for all the VMs this netVM is serviceing... # Setup gateway for all the VMs this netVM is serviceing...
network=$(qubesdb-read /qubes-netvm-network 2>/dev/null) network=$(qubesdb-read /qubes-netvm-network 2>/dev/null)
if [ "x$network" != "x" ]; then if [ "x$network" != "x" ]; then
@ -24,5 +28,5 @@ if [ "x$network" != "x" ]; then
if [ -n "$gateway6" ]; then if [ -n "$gateway6" ]; then
echo 1 > /proc/sys/net/ipv6/conf/all/forwarding echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
fi fi
/sbin/ethtool -K eth0 sg off || true /sbin/ethtool -K "$(get_qubes_managed_iface)" sg off || true
fi fi