Marek Marczykowski
f33d2e4f42
vm/iptables: block IPv6 traffic
...
This isn't properly handled by Qubes VMs yet, so block it in all the VMs.
Also restrict access to firewall config.
2012-09-25 16:14:06 +02:00
Marek Marczykowski
6b50f834e5
vm/yum-proxy: one more regexp fix
2012-09-25 15:08:06 +02:00
Marek Marczykowski
299a233078
vm/yum-proxy: filter regexp: add missing ^$ marks, remove unneded .* at the beginning
...
Reported-by: Igor Bukanov <igor@mir2.org>
2012-09-25 13:37:59 +02:00
Marek Marczykowski
fccb6d31c6
vm/systemd: early user-configurable init script
2012-09-23 23:28:58 +02:00
Marek Marczykowski
2d67d70d44
vm/yum-proxy: allow pkgtags repodata
2012-09-19 12:55:45 +02:00
Joanna Rutkowska
d5750dc12d
version 1.7.45
2012-08-29 10:48:23 +02:00
Marek Marczykowski
4fa5afb886
vm/filecopy: close stdin when no more data will be read
...
This will allow qrexec_agent drop the data instead of buffering it.
2012-08-27 00:48:35 +02:00
Marek Marczykowski
1ae20c65af
vm/filecopy: add one missing write() error checking
2012-08-27 00:48:35 +02:00
Marek Marczykowski
13e973a591
vm+dom0/filecopy-unpacker: send errors to qfile-agent istead of local message ( #239 )
...
Because unpacker no longer require GUI access, there is no need for separate
process for error reporting. Which greatly simplify the code.
2012-08-25 02:09:45 +02:00
Marek Marczykowski
2903de54ae
vm/filecopy-agent: check for unpacker errors during transfer ( #239 )
...
If unpacker encounter error it sends result header immediately - detect it as
soon as possible and do not send rest of file(s).
2012-08-25 01:26:19 +02:00
Marek Marczykowski
591a89c9d2
vm/filecopy: support nonblocking fd in read_all
...
This will be needed to (non blocking) check if data is available on pipe -
especially to receive possible error from the other end (which will be
introduced sometime later).
2012-08-25 01:22:00 +02:00
Marek Marczykowski
4ca3961684
vm/filecopy: close unused fds in parent process
2012-08-25 01:19:47 +02:00
Marek Marczykowski
bff7ee6f25
vm/qubes-rpc: move set_(non)?block to ioall.c as can be used not only in qrexec
2012-08-25 01:11:22 +02:00
Marek Marczykowski
373e778646
vm/filecopy: remove duplicated error reporting
...
Each write_all is check for errors (when it makes sense) with own perror call,
so don't dupplicate messages.
2012-08-25 01:06:25 +02:00
Joanna Rutkowska
62b4a7e9d8
Merge branch 'hvm' of 10.141.1.101:/var/lib/qubes/git/marmarek/core into hvm
2012-08-24 15:12:07 +02:00
Marek Marczykowski
08c75542f8
Merge branch 'master' into hvm
...
Conflicts:
dom0/qvm-tools/qvm-create
version_dom0
2012-08-23 11:11:59 +02:00
Marek Marczykowski
0c6371485e
Merge remote-tracking branch 'joanna-pro/hvm' into hvm
2012-08-18 21:24:01 +02:00
Marek Marczykowski
0ea16ef21b
dom0+vm/qfile-copy: use setuid instead of policy setting to allow chroot
...
This will allow to not hardcode "root" username in policy, which can be useful
for non-Linux systems.
2012-08-18 21:17:07 +02:00
Marek Marczykowski
7c64f909be
Merge remote-tracking branch 'alex/hvm' into hvm
2012-08-17 17:44:37 +02:00
Joanna Rutkowska
d1ffa58be3
version 1.7.43
2012-08-10 14:45:19 +02:00
Marek Marczykowski
220c84cc61
vm: ignore additional actions in *.desktop files ( #631 )
2012-08-10 11:08:05 +02:00
Marek Marczykowski
d61c7a4e21
vm: ignore additional actions in *.desktop files ( #631 )
2012-08-10 11:06:58 +02:00
Joanna Rutkowska
2d9a31efca
Merge branch 'hvm' of 10.141.1.101:/var/lib/qubes/git/marmarek/core into hvm
2012-08-07 16:36:09 +02:00
Marek Marczykowski
2dda902bdd
Merge branch 'master' into hvm
2012-08-06 15:00:02 +02:00
Marek Marczykowski
f33fca9d95
vm/updates-proxy: fix regexp ( #643 )
2012-08-06 14:59:10 +02:00
Marek Marczykowski
44dfcaf20c
Merge remote-tracking branch 'alex/hvm' into hvm
2012-08-03 02:06:09 +02:00
Marek Marczykowski
cfbc18574d
Merge branch 'master' into hvm
...
Conflicts:
version_dom0
2012-08-01 00:55:05 +02:00
Marek Marczykowski
32405af775
vm/kernel-placeholder: simplify upgrade
2012-07-30 23:16:05 +02:00
Joanna Rutkowska
ad3ee16d4a
version 1.7.42
2012-07-30 16:59:19 +02:00
Marek Marczykowski
c7b8ea57f8
Merge remote-tracking branch 'alex/hvm' into hvm
2012-07-25 02:56:51 +02:00
Marek Marczykowski
6cbbc8afee
Merge branch 'master' into hvm
...
Conflicts:
dom0/init.d/qubes_core
rpm_spec/core-dom0.spec
version_dom0
2012-07-25 02:52:00 +02:00
Marek Marczykowski
077c74782c
vm: kernel-placeholder package to inhibit real kernel pkg in VM ( #645 )
...
Some packages depends on kernel (ex fuse, pulseaudio), but kernel in VM is
managed by dom0. Any hack like exlude or so on will break some things, so
install empty placeholder package to fulfill dependencies.
2012-07-23 23:17:50 +02:00
Marek Marczykowski
8f49a3d213
Merge remote-tracking branch 'joanna/master'
2012-07-23 22:16:42 +02:00
Marek Marczykowski
aa1b1e86a8
vm/prepare-dvm: wait for Xorg in more deterministic way ( #636 )
2012-07-22 01:23:45 +02:00
Marek Marczykowski
861b522d5c
Merge branch 'master' of git://git.qubes-os.org/joanna/core
...
on (#635 )
Parse config and setup socket before fork.
2012-07-20 23:01:06 +02:00
Joanna Rutkowska
574393410a
Merge branch 'hvm' of 10.141.1.101:/var/lib/qubes/git/marmarek/core into hvm
2012-07-20 19:46:06 +02:00
Joanna Rutkowska
f0ca597814
Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core
2012-07-20 16:45:35 +02:00
Marek Marczykowski
9e72a46e8c
dom0/meminfo-writer: fork into background after first info sent to qmemman ( #635 )
2012-07-20 16:42:12 +02:00
Marek Marczykowski
49072ce570
dom0/meminfo-writer: fork into background after first info sent to qmemman ( #635 )
2012-07-20 16:41:26 +02:00
Joanna Rutkowska
a353794031
Merge branch 'hvm' of 10.141.1.101:/var/lib/qubes/git/marmarek/core into hvm
2012-07-18 10:59:01 +02:00
Marek Marczykowski
41f672a748
Merge remote-tracking branch 'alex/hvm' into hvm
2012-07-17 16:29:23 +02:00
Joanna Rutkowska
c75b5fcabc
version 1.7.36
2012-07-16 14:29:31 +02:00
Joanna Rutkowska
499e9cca8d
Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core
2012-07-16 14:25:11 +02:00
Joanna Rutkowska
0e49436ef4
version 1.7.35
2012-07-16 14:24:52 +02:00
Marek Marczykowski
c8f3f737f5
Revert "vm/spec: disable pam_systemd globally ( #607 )" ( #626 )
...
This reverts commit 8ec4b6963b71b95bc0cda6dd80d99bf60aa9caec.
This caused regression (#626 ).
Conflicts:
rpm_spec/core-vm.spec
2012-07-16 13:36:08 +02:00
Marek Marczykowski
f9c1c7e986
Revert "vm/spec: disable pam_systemd globally ( #607 )" ( #626 )
...
This reverts commit 8ec4b6963b71b95bc0cda6dd80d99bf60aa9caec.
This caused regression (#626 ).
Conflicts:
rpm_spec/core-vm.spec
2012-07-16 12:49:41 +02:00
Marek Marczykowski
8129032c9e
vm: implement qubes.GetAppmenus to reduce code duplication
...
As one-liner services are now real one-line, just do it.
2012-07-15 02:41:23 +02:00
Marek Marczykowski
55130c0dee
vm: simplify qubes.VMShell service
...
Now additional wrapper not required to skip cmdline argument
2012-07-15 02:41:23 +02:00
Marek Marczykowski
58a12f951c
dom0+vm/qrexec-services: pass remote domain via env variable not argument
...
Most qrexec services doesn't use remote domain name, as policy is enforced
earlier. So pass it in way that will allow use of generic command as qrexec
service.
2012-07-15 02:41:23 +02:00
Marek Marczykowski
294e3c6369
vm: implement qubes.GetAppmenus to reduce code duplication
...
As one-liner services are now real one-line, just do it.
2012-07-15 02:26:09 +02:00