Marek Marczykowski-Górecki
9ea49e3f83
version 2.1.26
2014-01-22 15:17:41 +01:00
Marek Marczykowski-Górecki
361ab0b266
qubes-rpc: introduce services for browsing VM filesystem
...
For now used to select system backup inside of VM.
2014-01-13 05:07:23 +01:00
Marek Marczykowski-Górecki
fd55d48126
Move meminfo-writer to linux-utils repo
...
It is common for both dom0 and VM. So move to linux-specific repo (not
VM-specific).
2014-01-05 05:38:10 +01:00
Marek Marczykowski-Górecki
0daaefb47f
rpm: own /lib/modules only in Fedora >= 19
...
Previously it was owned by filesystem package.
2013-12-22 23:00:21 +01:00
Marek Marczykowski-Górecki
b3081dce07
systemd: disable additional unneeded services
2013-12-17 01:29:26 +01:00
Marek Marczykowski-Górecki
c04d4e4fea
systemd: while disabling service, disable also its activators
...
This time it is for cups, which have socket-based and path-based
activators. When activator tires to start the service which is disabled
by condition file it enters infinite loop (as service wont start, but
will not report an error).
2013-12-16 21:10:37 +01:00
Marek Marczykowski-Górecki
22929bb18f
kernel-placeholder: provide kernel modules mountpoint
...
It is no longer part of 'filesystem' package in Fedora 19.
2013-12-15 05:36:02 +01:00
Marek Marczykowski-Górecki
7dd5a40218
rpm: kernel-placeholder provides kernel-modules-extra
...
Yet another package with kernel-related files already provided by dom0.
2013-12-13 04:40:20 +01:00
Marek Marczykowski-Górecki
3cc566f539
Split R2 yum repository for individual beta releases.
2013-12-06 13:02:22 +01:00
Marek Marczykowski-Górecki
41c701a1ac
Revert "Do not start gnome-settings-daemon in AppVM"
...
This reverts commit 047a7a0b23
.
Actually some g-s-d plugins are helpful, for example notification of low
disk space. Also we've already disabled keyboard plugin.
2013-12-01 02:25:51 +01:00
Marek Marczykowski-Górecki
8f840e10dc
vm-file-editor: add override for mimeinfo *.png entry ( #753 )
...
MIME-info database contains multiple entries for *.png, namely image/png
and image/x-apple-ios-png. The later one doesn't have associated handler
program, but this one is selected by mimeopen tool.
Not sure how this tool should behave in case of multiple matches (IOW is
it a bug in File::MimeInfo perl module used by mimeopen). Instead of
switching to different tool, which probably will break other files
(check #423 ), add override for this particular file type.
2013-11-14 21:38:27 +01:00
Marek Marczykowski-Górecki
639cb51414
Add qubes.{Backup,Restore} services, include them in rpm package
2013-11-09 19:01:57 +01:00
Marek Marczykowski-Górecki
047a7a0b23
Do not start gnome-settings-daemon in AppVM
...
It breaks keyboard layout - sets to own default.
2013-10-23 03:36:56 +02:00
Marek Marczykowski-Górecki
fd224c05a9
Fix for broken network after Fedora update (Fedora #974811 )
...
This should be really done in NetworkManager package, but apparently not
done yet.
https://bugzilla.redhat.com/show_bug.cgi?id=974811
2013-10-11 13:10:49 +02:00
Marek Marczykowski-Górecki
1d41cb4c18
Add qubes.DetachPciDevice for live PCI detach ( #708 )
2013-09-01 01:28:07 +02:00
Marek Marczykowski-Górecki
099971dcd5
fedora: update spec and serial.conf to match /usr/sbin path
2013-08-14 03:53:40 +02:00
Marek Marczykowski
8c9433fc00
yum-proxy: use iptables-restore to set firewall rules
...
Simple iptables sometimes returns EBUSY.
2013-08-05 02:08:52 +02:00
Marek Marczykowski
6b8ebe6e2c
spec: use make install-vm target in %install
...
Thanks to this all distributions will use the same code - no need to
manual synchronization.
2013-04-17 01:52:31 +02:00
Marek Marczykowski
06f1dfb70c
spec: simplify %post logic for udev rules
...
Whitelist any rules file with qubes in name. This will prevent further
mistakes like forgetting about some script, or even not including script
for another package (like qubes-tor currently).
2013-03-26 02:41:18 +01:00
Marek Marczykowski
44fab139f4
Add qrexec back, use qubes-utils libraries for common code
2013-03-20 06:23:44 +01:00
Marek Marczykowski
9e3f844f32
Restore release number to 1
2013-03-19 12:03:30 +01:00
Marek Marczykowski
30ca124784
The Underscores Revolution: xenstore paths
2013-03-14 04:29:15 +01:00
Marek Marczykowski
7686fd5d92
The Underscores Revolution: RPC services
2013-03-14 04:25:31 +01:00
Marek Marczykowski
ecc812f350
The Underscores Revolution: filenames
...
Get rid of underscores in filenames, use dashes instead.
This is first part of cleanup in filenames.
"qubes_rpc" still untouched - will be in separate commit.
2013-03-14 01:07:49 +01:00
Marek Marczykowski
a88c122efa
Move manpages here from separate repo
2013-03-12 17:10:49 +01:00
Marek Marczykowski
34b31c0f71
spec: don't touch sysv services in systemd package
...
Actually it can disable required services which have both sysv and
systemd-style startup scripts.
2013-03-09 03:19:41 +01:00
Marek Marczykowski
f06284d2ba
spec: update dependencies
2013-03-07 05:16:09 +01:00
Marek Marczykowski
dffd7e0457
remove qubes-core-libs and qrexec leftovers
...
They are now in separate repository.
2013-03-07 05:09:13 +01:00
Marek Marczykowski
fb780d7fbc
vm/systemd: disable avahi-daemon
...
Aparently this service have changed name, so make sure it will be disabled also
under new name.
2013-03-03 17:35:54 +01:00
Marek Marczykowski
b18d40fb08
vm: Use nautilus-actions to provide "Copy to other AppVM" etc nautilus commands
...
No more ugly symlink creation at VM startup, nautilus-actions have system-wide
dir (in opposite to nautilus-scripts).
Currently old symlinks are not cleaned up. Maybe it should, but leaving them
have one advantage: will not break existing users behavior.
2013-02-21 16:44:16 +01:00
Marek Marczykowski
14cb955efc
vm/spec: mark some config files with %config(noreplace)
...
Do mark such critical files, which shouldn't be modified by the user.
2013-02-21 07:25:47 +01:00
Marek Marczykowski
58eeda8723
vm/spec: force legacy iptables services
2013-02-12 01:38:30 +01:00
Marek Marczykowski
f965c8fc99
vm: revert /etc/yum.conf exclude config
...
Upgrade of kernel is suppressed by qubes-vm-kernel-placeholder package.
Excluding xorg packages makes more problems than goods (e.g. unable to
install dummy driver, block fedora bugfixes).
2013-02-12 01:38:30 +01:00
Marek Marczykowski
979ce2014b
vm/systemd: disable NetworkManager-wait-online when NM inactive
2013-02-12 01:38:30 +01:00
Marek Marczykowski
cab4689360
vm: require net-tools
...
Needed to setup network in VM
2013-02-12 01:38:30 +01:00
Marek Marczykowski
750859bdc8
vm: move polkit configs from qubes-gui-vm package
2013-02-12 01:38:29 +01:00
Marek Marczykowski
d13e1d4bfd
vm/kernel-placeholder: update provided version
...
Some fc18 packages requires >3.5 kernel, so update kernel-placeholder
appropriate (according to newest available package in unstable
repository).
2013-02-12 01:38:29 +01:00
Olivier Medoc
63da3b15a0
vm/qubes_rpc: implement qubes.WaitForSession
...
RPC call will be used in vm.start function instead of the hardcoded echo > /tmp/qubes-session-waiter
2013-01-11 01:12:23 +01:00
Marek Marczykowski
50809a21c8
qubes-core-vm-kernel-placeholder 1.0-2
2013-01-04 13:23:48 +01:00
Marek Marczykowski
69edb3b029
vm/kernel-placeholder: provide xorg-x11-drv-nouveau to resolve deps problem
2013-01-04 13:23:20 +01:00
Marek Marczykowski
29d2b2e369
spec: generate proper debuginfo packages
...
%setup macro must be present in %prep to set variables required by
find-debuginfo script. Symlink is to place sources in nice
/usr/src/debug/%{name}-%{version} subdir instead of plain /usr/src/debug/core
(which can be ambiguous).
Additionally all packages need to have _builddir pointing at top src dir (in
core-dom0 it was dom0 subdir). And to cheat make about current dir (to have
%{name}-%{version} included in path) chdir must be done by shell, not make - so
can't use make -C.
2012-12-12 04:12:59 +01:00
Marek Marczykowski
fc89e48038
spec: do not build u2mfn not packaged in core-dom0 and core-vm
...
This is packages in core-libs, so build it only there.
2012-12-12 04:10:41 +01:00
Marek Marczykowski
63ede041d8
vm/spec: do not remote 50-qubes_misc.rules during installation
2012-11-22 08:22:52 +01:00
Marek Marczykowski
213380a7c3
vm: setup /dev/xen/evtchn permissions using udev rule
...
This works also when the device is recreated, which is the case in DispVM
(during xl restore).
2012-11-22 00:51:18 +01:00
Marek Marczykowski
d5a2d9d054
vm: load dummy-hcd module to suppress libusb bug
...
libusb crashes when no USB controller is present, load dummy-hcd as workaround.
2012-11-19 17:52:16 +01:00
Marek Marczykowski
16afb1610e
vm: remove qubes-upgrade-vm after upgrade
2012-11-15 21:38:39 +01:00
Marek Marczykowski
fe1f685b50
spec: extract core libs from qubes-core-vm
...
This libs are required by both dom0 and VM so it's better to have it
separately. Previously in VM it was separate package, but dom0 have them
embedded in qubes-core-dom0, but qubes-core-vm-libs package was used to build
qubes-gui-dom0. Now we do not build all packages for all distros (especially do
not build core-vm package for dom0 distro, so gui-dom0 build fails), so make it
explicit which package is needed by which system.
2012-11-14 13:12:51 +01:00
Marek Marczykowski
e432f0e55c
vm/spec: fix NotShowIn entries in autostart desktop files
2012-11-03 05:22:03 +01:00
Marek Marczykowski
65e068f68a
vm/qvm-usb: include vusb-ctl in VM package
2012-10-23 05:45:47 +02:00
Alexandre Bezroutchko
7f7e9999f4
dvp/qvm-usb: converted installer scripts into RPM
2012-10-21 15:10:40 +02:00
Marek Marczykowski
4daa5f56ea
Merge branch 'master-for-hvm' into hvm
...
Conflicts:
dom0/qvm-core/qubes.py
dom0/qvm-tools/qvm-sync-clock
2012-10-04 05:45:41 +02:00
Marek Marczykowski
949222f692
vm/spec: fix adding yum-proxy configuration
...
Do not add entry if already present.
2012-10-04 05:44:20 +02:00
Bruce A Downs
e2caaf0764
vm: Added 'most recently used' feature to 'copy to vm' dialog
...
* replaced zenity to qvm-mru-entry in qubes_rpc/qvm-copy-to-vm.gnome
* added python script qubes_rpc/qvm-mru-entry
* added /usr/bin/qvm-mru-entry to rpm_spec/core-vm.spec
2012-10-04 05:44:19 +02:00
Bruce A Downs
c2a049ef32
vm/spec: mod to core-vm.spec to add test for files
...
core rpm was failing during uninstall attempting to move non-existent files
* /var/lib/qubes/fstab.orig
* /var/lib/qubes/serial.orig
2012-10-04 05:44:19 +02:00
Marek Marczykowski
6345c4570a
vm/iptables: block IPv6 traffic
...
This isn't properly handled by Qubes VMs yet, so block it in all the VMs.
Also restrict access to firewall config.
2012-10-04 05:44:19 +02:00
Marek Marczykowski
da79d38e6f
vm/spec: fix adding yum-proxy configuration
...
Do not add entry if already present.
2012-10-04 05:29:10 +02:00
Marek Marczykowski
0ea16ef21b
dom0+vm/qfile-copy: use setuid instead of policy setting to allow chroot
...
This will allow to not hardcode "root" username in policy, which can be useful
for non-Linux systems.
2012-08-18 21:17:07 +02:00
Marek Marczykowski
32405af775
vm/kernel-placeholder: simplify upgrade
2012-07-30 23:16:05 +02:00
Marek Marczykowski
077c74782c
vm: kernel-placeholder package to inhibit real kernel pkg in VM ( #645 )
...
Some packages depends on kernel (ex fuse, pulseaudio), but kernel in VM is
managed by dom0. Any hack like exlude or so on will break some things, so
install empty placeholder package to fulfill dependencies.
2012-07-23 23:17:50 +02:00
Marek Marczykowski
c8f3f737f5
Revert "vm/spec: disable pam_systemd globally ( #607 )" ( #626 )
...
This reverts commit 8ec4b6963b71b95bc0cda6dd80d99bf60aa9caec.
This caused regression (#626 ).
Conflicts:
rpm_spec/core-vm.spec
2012-07-16 13:36:08 +02:00
Marek Marczykowski
8129032c9e
vm: implement qubes.GetAppmenus to reduce code duplication
...
As one-liner services are now real one-line, just do it.
2012-07-15 02:41:23 +02:00
Marek Marczykowski
55130c0dee
vm: simplify qubes.VMShell service
...
Now additional wrapper not required to skip cmdline argument
2012-07-15 02:41:23 +02:00
Marek Marczykowski
bec4afc919
vm: export SuspendPre and SuspendPost qrexec services ( #617 )
...
1. Try to use NetworkManager sleep command instead of shutting it down
2. Move sleep action details (which is VM-specific) to VM
3. Export it as qrexec service(s)
2012-07-13 14:44:11 +02:00
Marek Marczykowski
3af500fc80
vm: provide dispvm-dotfiles and dispvm-prerun.sh in rpm package ( #620 )
2012-07-12 14:22:44 +02:00
Marek Marczykowski
c336586fae
vm/systemd: disable additional useless services ( #620 )
...
Most of them relay on direct network acces, which isn't true on Qubes.
2012-07-12 03:56:09 +02:00
Marek Marczykowski
654fb64a74
vm/spec: remove dupplicated commnds, suppress error message
2012-07-12 03:56:09 +02:00
Marek Marczykowski
5ee694f4d3
vm/spec: disable pam_systemd only in trigger
...
The %post part is unnecessary.
2012-07-09 15:54:33 +02:00
Marek Marczykowski
f0cdcdae34
vm: disable D-Bus activation of NetworkManager ( #610 )
2012-07-05 01:43:32 +02:00
Marek Marczykowski
0cd7a783d4
vm/spec: disable pam_systemd globally ( #607 )
...
Actually all /etc/pam.d/ files containing pam_systemd.so are autogenerated by
authconfig, so "removing" pam_systemd.so file as not elegant solution, seems to
be much more realiable.
2012-07-05 01:43:32 +02:00
Marek Marczykowski
9efee9324f
vm/spec: fix enabling NetworkManager SystemD service
2012-06-26 03:43:36 +02:00
Marek Marczykowski
77ccf99b88
vm/spec: fix error messages
2012-06-26 03:43:36 +02:00
Marek Marczykowski
47e49d0fd6
vm/spec: fix enabling of qubes-firewall SysV service
2012-06-26 03:43:36 +02:00
Marek Marczykowski
1fdaa847c4
vm: RPC service for NTP time sync ( #603 )
2012-06-23 00:37:47 +02:00
Marek Marczykowski
64a9c54ba6
vm: enable yum-qubes-hooks plugin ( #592 )
2012-06-11 22:35:44 +02:00
Marek Marczykowski
3e89b33209
vm/spec: create firmware symlink only when needed
...
On new systems, like FC16+, firmware is provided by separate package (like
linux-firmware), so no longer need to get it from kernel package.
2012-06-06 03:00:05 +02:00
Marek Marczykowski
baf95fb765
vm/spec: depend on ethtool _package_
2012-06-06 02:59:07 +02:00
Marek Marczykowski
06c4d57b60
vm: yum plugin to notify dom0 about installed updates ( #592 )
2012-06-05 21:21:53 +02:00
Marek Marczykowski
55f99e23db
makefile: rename vchan Makefile to not conflict with windows build
2012-06-05 21:21:53 +02:00
Marek Marczykowski
9930a89fb1
vm/qubes-yum-proxy: setup yum to use qubes-yum-proxy ( #568 )
...
The simplest way is just add proxy=... entry to /etc/yum.conf, but sometimes it
is reasonable to bypass the proxy. Some examples:
- usage of non-standard repos with some exotic file layout, which will be
blocked by the proxy
- usage of repos not-accessible via proxy (eg only via VPN stared in VpnVM)
This commit introduces 'yum-proxy-setup' pseudo-service, which can be
controlled via standard qvm-service or qubes-manager. When enabled - yum will
be configured at VM startup to use qubes proxy, otherwise - to connect directly
(proxy setting will be cleared).
2012-05-31 03:11:44 +02:00
Marek Marczykowski
0430e5186b
vm: qubes-yum-proxy service ( #568 )
...
Introduce proxy service, which allow only http(s) traffic to yum repos. The
filter rules are based on URL regexp, so it isn't full-featured content
inspection and can be easy bypassed, but should be enough to prevent some
erroneus user actions (like clicking on invalid link).
It is set up to intercept connections to 10.137.255.254:8082, so VM can connect
to this IP regardless of VM in which proxy is running. By default it is
started in every NetVM, but this can be changed using qvm-service or
qubes-manager (as always).
2012-05-31 03:11:43 +02:00
Marek Marczykowski
542cd42d04
vm/spec: remove executable perm where not needed
2012-05-31 03:11:43 +02:00
Marek Marczykowski
be05968bd1
vm/spec: fix /etc/hosts if it was broken by previous version
2012-05-08 23:44:07 +02:00
Marek Marczykowski
bd8977c824
vm: notify dom0 when updates available in VM ( #475 )
2012-05-02 00:09:00 +02:00
Marek Marczykowski
4401c3e525
vm/init.d: make firewall and netwatcher service consistent with systemd
2012-03-09 01:50:18 +01:00
Marek Marczykowski
c3ee25ef10
vm/mimeopen: save mimetype defaults for DispVM ( #423 )
2012-02-06 19:08:08 +01:00
Marek Marczykowski
431e350ffe
vm/spec: fix file permissions
2012-02-06 12:58:02 +01:00
Marek Marczykowski
f3e187f672
vm/spec: do not complain about missing serial.conf
2012-01-30 14:22:35 +01:00
Marek Marczykowski
85e6704037
vm/network: symlink NetworkManager system-connection to /rw ( #425 )
...
In FC15, NetworkManager by default uses global connections ("Available to all users"). Save them in /rw instead of /etc, to preserve them across reboots.
2012-01-30 14:20:02 +01:00
Marek Marczykowski
5ec2c4c4bb
vm/spec: hide diagnostics from systemctl
2012-01-18 17:24:04 +01:00
Marek Marczykowski
1a71d29cd4
vm: enable qubes-firewall ( #424 )
2012-01-18 13:37:31 +01:00
Marek Marczykowski
0e1278205c
spec: fix build order
2012-01-15 17:36:22 +01:00
Marek Marczykowski
33f50950ec
vm/systemd: enable ntpd and NetworkManager services
2012-01-14 01:40:54 +01:00
Marek Marczykowski
4a73aa5da6
vm/systemd: add some package requirements according to Fedora documentation
2012-01-14 01:40:10 +01:00
Marek Marczykowski
9129f74603
vm: disable some autostart applications
2012-01-14 01:39:43 +01:00
Marek Marczykowski
d3e1bf36bf
vm: disable silent automatic update *installation* in FC15 ( #415 )
...
Do not silently download and install updates, especially in NonUpdateableVM.
2012-01-14 01:37:22 +01:00
Marek Marczykowski
5e0cde15de
vm/init: introduce SystemD startup scripts
2012-01-10 12:10:16 +01:00
Marek Marczykowski
5573200c9d
vm/spec: split SysV init scripts into separate subpackage
2012-01-10 12:09:09 +01:00
Marek Marczykowski
a25d3be356
vm/spec: add Obsoletes header for smooth upgrade
2012-01-10 11:23:27 +01:00
Marek Marczykowski
240d35259f
vm(+dom0): major rearrage VM files in repo; merge core-*vm packages
2012-01-06 21:31:12 +01:00
Marek Marczykowski
65b6675ca1
vm: disable cron also using systemctl
...
This is needed for FC15
2011-12-30 23:53:46 +01:00