From e1a6c1ffd5287397988487744e19c8970929a259 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Sat, 1 Oct 2011 02:49:25 +0200 Subject: [PATCH] dom0+vm: introduce 'qubes-service' xenstore dir - enable/disable VM services from dom0 This allows control which services are started in VM by dom0. For some situation vm_type was used, but it isn't enough - i.e. ntpd should be started in one, selected NetVM. --- appvm/qubes_core_appvm | 21 ++++++++++++++++----- common/qubes_core | 4 ++-- proxyvm/init.d/qubes_firewall | 6 +++--- proxyvm/init.d/qubes_netwatcher | 6 +++--- 4 files changed, 24 insertions(+), 13 deletions(-) diff --git a/appvm/qubes_core_appvm b/appvm/qubes_core_appvm index a4c2465..085b544 100755 --- a/appvm/qubes_core_appvm +++ b/appvm/qubes_core_appvm @@ -30,9 +30,17 @@ start() # This script runs only on AppVMs return 0 fi - + # Start AppVM specific services - /sbin/service cups start + start_cups=$(/usr/bin/xenstore-read qubes-service/cups 2> /dev/null) + if [ "$start_cups" != "0" ]; then + /sbin/service cups start + # Allow also notification icon + sed -i -e '/^NotShowIn=.*QUBES/s/;QUBES//' /etc/xdg/autostart/print-applet.desktop + else + # Disable notification icon + sed -i -e '/QUBES/!s/^NotShowIn=.*/\1QUBES;/' /etc/xdg/autostart/print-applet.desktop + fi echo -n $"Executing Qubes Core scripts for AppVM:" @@ -52,9 +60,12 @@ start() echo Back to life. fi - MEM_CHANGE_THRESHOLD_KB=30000 - MEMINFO_DELAY_USEC=100000 - /usr/lib/qubes/meminfo-writer $MEM_CHANGE_THRESHOLD_KB $MEMINFO_DELAY_USEC & + start_meminfo_writer=$(/usr/bin/xenstore-read qubes-service/meminfo-writer) + if [ "$start_meminfo_writer" != "0" ]; then + MEM_CHANGE_THRESHOLD_KB=30000 + MEMINFO_DELAY_USEC=100000 + /usr/lib/qubes/meminfo-writer $MEM_CHANGE_THRESHOLD_KB $MEMINFO_DELAY_USEC & + fi success echo "" diff --git a/common/qubes_core b/common/qubes_core index 7b63241..f04f5eb 100755 --- a/common/qubes_core +++ b/common/qubes_core @@ -77,8 +77,8 @@ start() success echo "" - type=$(/usr/bin/xenstore-read qubes_vm_type) - if [ "$type" == "ProxyVM" ]; then + start_ntpd=$(/usr/bin/xenstore-read qubes-service/ntpd 2> /dev/null) + if [ "$start_ntpd" == "1" ]; then /sbin/service ntpd start fi return 0 diff --git a/proxyvm/init.d/qubes_firewall b/proxyvm/init.d/qubes_firewall index 2d1218e..459e0c4 100755 --- a/proxyvm/init.d/qubes_firewall +++ b/proxyvm/init.d/qubes_firewall @@ -11,7 +11,8 @@ PIDFILE=/var/run/qubes/qubes_firewall.pid start() { type=$(/usr/bin/xenstore-read qubes_vm_type) - if [ "$type" == "ProxyVM" ]; then + start_firewall=$(/usr/bin/xenstore-read qubes-service/qubes-firewall) + if [ -z "$start_firewall" ] && [ "$type" == "ProxyVM" ] || [ "$start_firewall" == "1" ]; then echo -n $"Starting Qubes Firewall monitor:" /sbin/ethtool -K eth0 sg off /usr/sbin/qubes_firewall & @@ -23,8 +24,7 @@ start() stop() { - type=$(/usr/bin/xenstore-read qubes_vm_type) - if [ "$type" == "ProxyVM" ]; then + if [ -r $PIDFILE ]; then echo -n "Stopping Qubes Firewall monitor:" kill -9 $(cat $PIDFILE) 2>/dev/null && success || failure echo "" diff --git a/proxyvm/init.d/qubes_netwatcher b/proxyvm/init.d/qubes_netwatcher index e8d9af4..b5cc1e3 100755 --- a/proxyvm/init.d/qubes_netwatcher +++ b/proxyvm/init.d/qubes_netwatcher @@ -11,7 +11,8 @@ PIDFILE=/var/run/qubes/qubes_netwatcher.pid start() { type=$(/usr/bin/xenstore-read qubes_vm_type) - if [ "$type" == "ProxyVM" ]; then + start_netwatcher=$(/usr/bin/xenstore-read qubes-service/qubes-netwatcher) + if [ -z "$start_netwatcher" ] && [ "$type" == "ProxyVM" ] || [ "$start_netwatcher" == "1" ]; then echo -n $"Starting Qubes Network monitor:" /sbin/ethtool -K eth0 sg off /usr/sbin/qubes_netwatcher & @@ -23,8 +24,7 @@ start() stop() { - type=$(/usr/bin/xenstore-read qubes_vm_type) - if [ "$type" == "ProxyVM" ]; then + if [ -r "$PIDFILE" ]; then echo -n "Stopping Qubes Network monitor:" kill -9 $(cat $PIDFILE) 2>/dev/null && success || failure echo ""