Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
2,042 Commits 1 Branch 0 Tags 6.4 MiB
2a006b6c09
Commit Graph

2042 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marek Marczykowski-Górecki
f4d53fb7e6
Include Qubes Master Key in the VM template 
It is useful to verify other qubes-related keys.

Fixes QubesOS/qubes-issues#1614
 2016-07-17 04:26:01 +02:00
Marek Marczykowski-Górecki
65f0b26600
systemd: plug random seed loading into systemd-random-seed 
Reuse its dependencies to make sure it is loaded early enough.

Reported by @adrelanos
Fixes QubesOS/qubes-issues#1761
 2016-07-17 04:26:01 +02:00
Marek Marczykowski-Górecki
9b362a6d7d
systemd: don't mark updates check service failed 
Even if update check fails for some reason (network problem, apt-get lock
being held etc), don't mark the service as failed. The update check
mechanism is designed this way to not worry about such single failures
- other VM(s) may still check and report updates availability.

Fixes QubesOS/qubes-issues#1889
 2016-07-16 15:30:40 +02:00
Marek Marczykowski-Górecki
10cadc58a0
Revert "systemd: preset xendriverdomain on update" 
This doesn't help when xen update is installed after this one. So, deal
with it in xen %post itself.
This reverts commit f2257e1e3b.

QubesOS/qubes-issues#2141
 2016-07-16 01:37:12 +02:00
Marek Marczykowski-Górecki
40d5f85b36
dom0-updates: fix cleaning downloaded packages 2016-07-15 11:27:35 +02:00
Marek Marczykowski-Górecki
8781a5c588
version 3.2.7 2016-07-13 22:43:06 +02:00
Marek Marczykowski-Górecki
6cf30bff29
Merge remote-tracking branch 'origin/pr/66' 
* origin/pr/66:
  fixed qubes-core-agent upgrading double package manager lock

  Fixes QubesOS/qubes-issues#1889
 2016-07-13 22:38:25 +02:00
Marek Marczykowski-Górecki
0eb1f7c679
Merge remote-tracking branch 'origin/pr/77' 
* origin/pr/77:
  archlinux: fix update-proxy-configs to use pacman.d drop-ins
  archlinux: ensure repositories are the last pacman.d files included
  archlinux: Setup default package repository
  archlinux: switch to usage of pacman.d drop-ins
 2016-07-13 22:25:26 +02:00
Marek Marczykowski-Górecki
4996dd7609
rpm: fix misleading systemd warnings during upgrade 
systemctl preset output lengthy warning when trying to operate on
non-existing unit. This preset action is meant to disable unit, so it's
even better it doesn't exists.
 2016-07-13 22:13:17 +02:00
Marek Marczykowski-Górecki
f2257e1e3b
systemd: preset xendriverdomain on update 
Make sure it is enabled, regardless of update installation order.
 2016-07-13 21:48:42 +02:00
Marek Marczykowski-Górecki
e7b1711e21
version 3.2.6 2016-07-13 04:38:18 +02:00
Olivier MEDOC
7cea09711a archlinux: fix update-proxy-configs to use pacman.d drop-ins 2016-07-12 11:38:14 +02:00
Olivier MEDOC
a346de7e46 archlinux: ensure repositories are the last pacman.d files included 2016-07-12 11:25:03 +02:00
Olivier MEDOC
d449d75162 archlinux: Setup default package repository 2016-07-12 11:20:12 +02:00
Marek Marczykowski-Górecki
b8b3433d3f
Merge remote-tracking branch 'origin/pr/77' 
* origin/pr/77:
  archlinux: remove unnecessary glib-compile-scheme
  archlinux: provide automatic qubes-trigger-sync-appmenus through pacman hooks
  archlinux: update installer script in prevision of pacman.d drop-ins
 2016-07-12 06:32:23 +02:00
Olivier MEDOC
b6a6d4e4e0 archlinux: switch to usage of pacman.d drop-ins 2016-07-11 17:21:55 +02:00
Olivier MEDOC
245c6d1716 archlinux: remove unnecessary glib-compile-scheme 
This is now automatically handled through pacman hooks
 2016-07-11 15:32:36 +02:00
Olivier MEDOC
c82b82d7b4 archlinux: provide automatic qubes-trigger-sync-appmenus through pacman hooks 2016-07-11 15:29:31 +02:00
Olivier MEDOC
051d806f0a archlinux: update installer script in prevision of pacman.d drop-ins 2016-07-11 15:15:45 +02:00
Marek Marczykowski-Górecki
d4ae97ec2b
Merge remote-tracking branch 'origin/pr/75' 
* origin/pr/75:
  add comment
 2016-07-10 17:18:47 +02:00
Marek Marczykowski-Górecki
835d8730ba
Merge remote-tracking branch 'origin/pr/76' 
* origin/pr/76:
  add comment
 2016-07-10 17:18:42 +02:00
Marek Marczykowski-Górecki
6bd6380918
Merge remote-tracking branch 'qubesos/pr/18' 
* qubesos/pr/18:
  Enable xendriverdomain.service in 75-qubes-vm.preset
  Remove 'if true' wrapper from 06a0d30d50
  *Do* block until good random is available again
  dvm, then xendriverdomain, then qrexec-agent
 2016-07-10 17:17:11 +02:00
Rusty Bird
0cc4803a9d
Enable xendriverdomain.service in 75-qubes-vm.preset 2016-07-03 05:00:29 +00:00
Patrick Schleizer
80e68e90d9 add comment 
link to feature request 'implement /etc/PackageKit/conf.d'
 2016-07-02 23:40:11 +02:00
Patrick Schleizer
62d5b96355 add comment 
link to feature request 'implement /etc/dnf.conf.d drop-in configuration folder'
 2016-07-02 23:19:40 +02:00
Rusty Bird
ae1a334a1d
Remove 'if true' wrapper from 06a0d30d50 2016-07-01 16:01:48 +00:00
Rusty Bird
cb55dfa6ae
*Do* block until good random is available again 2016-07-01 16:01:47 +00:00
Rusty Bird
fbf4c93730
dvm, then xendriverdomain, then qrexec-agent 
Fixes QubesOS/qubes-issues#2126
Fixes QubesOS/qubes-issues#1990
 2016-07-01 16:01:47 +00:00
Marek Marczykowski-Górecki
f6742fba01
Merge remote-tracking branch 'qubesos/pr/17' 
* qubesos/pr/17:
  Order network management units after network-pre.target
 2016-06-30 22:22:07 +02:00
Rusty Bird
ca03e093f7
Order network management units after network-pre.target 
Network management software should order itself after network-pre.target
(man 7 systemd.special) so that other units can order themselves before
the *beginning* of network initialization. (qubes-misc-post too because
it calls setup-ip.)

Relevant for QubesOS/qubes-issues#2108
 2016-06-30 16:20:47 +00:00
Marek Marczykowski-Górecki
9aeecb91f3
dom0-updates: use dnf --best --allowerasing 
Otherwise `dnf install` do not want to upgrade existing packages, or
upgrading other packages to satisfy dependencies.

Fixes QubesOS/qubes-issues#2100
 2016-06-21 04:33:46 +02:00
Wojtek Porczyk
5261f936b2 misc: add qvm-features-request 
This tool is used to request features from template.

QubesOS/qubes-issues#1637
 2016-06-13 14:19:00 +02:00
Patrick Schleizer
191b2a4cd9
Do not start tor@default service in TemplateVM. 
Not doing that already for the tor service.

Since the actual tor service was renamed to tor@default by upstream.
 2016-06-11 13:46:58 +00:00
Marek Marczykowski-Górecki
d47a89ec76
version 3.2.5 2016-06-06 00:18:54 +02:00
Marek Marczykowski-Górecki
762189a0ae
debian: add missing pkg-config build depends 2016-06-05 22:32:54 +02:00
Marek Marczykowski-Górecki
ac614c80c1
travis: add fc24 build 
QubesOS/qubes-issues#1926
 2016-06-05 22:32:43 +02:00
Marek Marczykowski-Górecki
49304180c3
version 3.2.4 2016-06-05 22:10:58 +02:00
Marek Marczykowski-Górecki
171b4f8a06
travis: initial version 
QubesOS/qubes-issues#1926
 2016-06-01 22:58:42 +02:00
Marek Marczykowski-Górecki
be2c9313a4
Merge remote-tracking branch 'qubesos/pr/15' 
* qubesos/pr/15:
  Fall back to gnome utilities if kdialog not present

Fixes QubesOS/qubes-issue#1429
 2016-06-01 22:56:24 +02:00
Marek Marczykowski-Górecki
520894e623
Prefer 'dnf' over 'yum' for template update 
QubesOS/qubes-issues#1282
 2016-06-01 05:10:40 +02:00
Marek Marczykowski-Górecki
07c442f534
dom0-updates: use dnf when available 
Since yum-deprecated is slowly removed from Fedora (in Fedora 23 is not
installed by default), we're forced to migrate to dnf. The main problem
with dnf here is lack of --downloaddir option
(https://bugzilla.redhat.com/show_bug.cgi?id=1279001). As nobody is
going to implement it, simply extract downloaded packages from cache
directory (thanks to provided config file, it is always /var/cache/yum).

This basically replaces "dom0-updates: use yum-deprecated instead of dnf
in all calls" with a set of workarounds for dnf missing parts.

Related to QubesOS/qubes-issues#1574
 2016-06-01 05:10:18 +02:00
unman
8471605e6d Fall back to gnome utilities if kdialog not present 2016-06-01 02:55:25 +01:00
Patrick Schleizer
3db93cdc87 fix indent 2016-05-19 21:12:16 +02:00
Marek Marczykowski-Górecki
2fa8c76eec
version 3.2.3 2016-05-18 23:43:23 +02:00
Marek Marczykowski-Górecki
7378ec326a
Update repository definitions for R3.2 2016-05-18 23:42:43 +02:00
Marek Marczykowski-Górecki
4cb4d656c4
Cleanup R3.1->R3.2 transitional package 2016-05-18 23:42:17 +02:00
Marek Marczykowski-Górecki
4c1ae75e35
version 3.2.2 2016-05-18 03:00:12 +02:00
Marek Marczykowski-Górecki
19921274e1
Implement qubes.OpenURL service instead of wrapping URLs in HTML 
This have many advantages:
 - prevent XSS (QubesOS/qubes-issues#1462)
 - use default browser instead of default HTML viewer
 - better qrexec policy control
 - easier to control where are opened files vs URLs

For now allow only http(s):// and ftp:// addresses (especially prevent
file://). But this list can be easily extended.

QubesOS/qubes-issues#1462
Fixes QubesOS/qubes-issues#1487
 2016-05-18 01:32:54 +02:00
Marek Marczykowski-Górecki
ff2678d2f5
qvm-open-in-vm: escape URL when wrapping it in HTML 
Thanks @v6ak for the report and solution.

Fixes QubesOS/qubes-issues#1462
 2016-05-17 22:06:41 +02:00
Marek Marczykowski-Górecki
817606a09d
Merge remote-tracking branch 'origin/pr/72' 
* origin/pr/72:
  systemd: order units checking for qubes-service after qubes-sysinit
 2016-05-17 21:16:02 +02:00