Commit Graph

1824 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
51e2d6d356
qrexec: make sure that all the pipes/sockets are closed on cleanup
This will ensure that the child process will receive info that the
connection is closed. Otherwise it could hang on write() or in some
cases read() - on its stdin/stdout.

Thanks @adrelanos for help with debugging.
2015-08-08 01:52:59 +02:00
Patrick Schleizer
f73484f750 fixed "in place upgrade issue - base-passwd debconf interative question asks 'Remove group "qubes"'"
(reported by @adrelanos)
fixed by no longer using static gid (fix suggested by @marmarek)
https://github.com/QubesOS/qubes-issues/issues/1105
2015-08-08 00:54:49 +02:00
Marek Marczykowski-Górecki
cc83b8d344
qrexec: fix exit code from qrexec-client-vm
It should be remote process exit code, not the local one.
Also do not 'return' from the middle of the look, just use 'break' to
execute common cleanup code (which will be introduced in next commit).
2015-08-07 21:36:49 +02:00
Jason Mehring
a5ee90b420 qubes-desktop-run: Activate via DBUS when desktop file contains DBusActivatable 2015-08-07 11:58:13 -04:00
Jason Mehring
edc9dd404d fedora: Use 'slider' org.mate.NotificationDaemon theme 2015-08-07 09:20:44 -04:00
Jason Mehring
c4718c1675 debian: Switch to using org.mate.NotificationDaemon by default to eliminate popups not closing
- uses 'slider' theme
2015-08-07 09:20:18 -04:00
Jason Mehring
0c62c58d75 debian: qubes-desktop-file-install: Add misssing depend to contol 2015-08-07 09:15:40 -04:00
Jason Mehring
e2b4961c5b debian: Reformat depends in control for better readability 2015-08-07 09:15:40 -04:00
Jason Mehring
b6c19fc2ef qubes-desktop-file-install: Manages xdg desktop entry files
qubes-desktop-file-install is called by qubes-triggers-desktop-file-install. It's
arguments are based on the Gnome desktop-install-file utility to allow it to be replaced
by same.  Currently the Gnome utility can not be used since it automatically validates
the .desktop entry files with no option to skip validation and will fail on some third
party .desktop files that are not formed properly.

A single trigger script is shared between Fedora, Debian.  This script is used by the
package managers triggers and will copy original .desktop files from `/etc/xdg/autostart`
to `/usr/share/qubes/xdg/autostart` and modify the OnlyShownIn / NotShownIn, etc.  The
original .desktop files are left untouched and left in place.

Qubes modifies the XDG_CONFIG_DIRS to first include the `/usr/share/qubes/xdg`
directory (XDG_CONFIG_DIRS=/usr/share/qubes/xdg:/etc/xdg).

If a package gets removed, it's desktop entry is also removed from the /usr/share/qubes/xdg
directory.

'qubes-desktop-file-install' options:
   --dir DIR                          Install desktop files to the DIR directory (default: <FILE>)
   --force                            Force overwrite of existing desktop files (default: False)
   --remove-show-in                   Remove the "OnlyShowIn" and "NotShowIn" entries from the desktop file (default: False)
   --remove-key KEY                   Remove the KEY key from the desktop files, if present
   --set-key (KEY VALUE)              Set the KEY key to VALUE
   --remove-only-show-in ENVIRONMENT  Remove ENVIRONMENT from the list of desktop environment where the desktop files should be displayed
   --add-only-show-in ENVIRONMENT     Add ENVIRONMENT to the list of desktop environment where the desktop files should be displayed
   --remove-not-show-in ENVIRONMENT   Remove ENVIRONMENT from the list of desktop environment where the desktop files should not be displayed
   --add-not-show-in ENVIRONMENT      Add ENVIRONMENT to the list of desktop environment where the desktop files should not be displayed
2015-08-07 09:15:30 -04:00
Marek Marczykowski-Górecki
e9e38c04a2
fedora: fix default locale generation
If /etc/locale/conf contains LANG="en_US.UTF-8" (with quotes), it was
improperly parsed.
2015-08-04 23:20:11 +02:00
Marek Marczykowski-Górecki
1ca8b51c03
fedora: simulate preset-all only on first install, not upgrade 2015-08-04 20:42:14 +02:00
Marek Marczykowski-Górecki
050bfe42db
fedora: do not own dropins directories
It may cause conflicts in the future
2015-08-04 18:49:02 +02:00
Marek Marczykowski-Górecki
1287decd20
archlinux: remove installOverridenServices as now handled by systemd dropins 2015-08-04 17:26:44 +02:00
Jason Mehring
b3a692b8cc vm-systemd: Add systemd drop-in support which include conditionals to prevent services from starting
Added all the drop-ins and remove older .service overrides
2015-08-04 10:32:41 -04:00
Jason Mehring
579f731e5e Re-aranged qubes-vm.preset to indicate which services are specificly for Fedora only 2015-08-04 10:32:41 -04:00
Jason Mehring
f95c3990ba debian: Add systemd drop-in support which include conditionals to prevent services from starting
Modified postinst to use drop-ins and removed old code that was using overrides
2015-08-04 10:32:29 -04:00
Jason Mehring
9c53ed7d47 fedora: Add systemd drop-in support which include conditionals to prevent services from starting
Modified core-vm.spec to use drop-ins and removed old code that was using overrides
2015-08-04 10:32:20 -04:00
Jason Mehring
e8d45665f9 Makefile: Add systemd drop-in support which include conditionals to prevent services from starting 2015-08-04 10:32:00 -04:00
Jason Mehring
511b2f9339
debian: Added cups, system-config-printer to Recommends 2015-08-02 17:45:50 -04:00
Jason Mehring
a006fdff86
debian: remove cups/print-applet triggers 2015-08-02 17:45:45 -04:00
Jason Mehring
cba9e8f5ca
Remove '.service' from systemd enable loop as unit_name already contains .service in name 2015-08-02 17:45:40 -04:00
Jason Mehring
8d7d13fb17
debian: Change triggers to use interest-await (execute triggers after all packages installed) 2015-08-02 17:45:36 -04:00
Jason Mehring
bd47b0cfdc
Use 'which' to locate fuser since fuser path is different in Fedora and Debian 2015-08-02 17:45:31 -04:00
Jason Mehring
d04e5b5039
debian: Comment out deb-src line in qubes-r3.list 2015-08-02 17:45:26 -04:00
Jason Mehring
15f1df4947
debian: Renamed incorrect filename: 00notiy-hook -> 00notify-hook 2015-08-02 17:45:21 -04:00
Patrick Schleizer
9b05427596 removed iptables-persistent from Depends to improve usablity (avoid redundant debconf question) 2015-08-02 21:44:51 +02:00
Marek Marczykowski-Górecki
b9a907c241
Merge remote-tracking branch 'origin/pr/9'
* origin/pr/9:
  archlinux: ensure python2 is used for all scripts and fix dependencies for qubes-desktop-run
  archlinux: enabled configuration of all core agent dependencies
  archlinux: pulseaudio should be configured in gui agent and will break installation of pulseaudio if installed in core-agent-linux
  archlinux: fix syntax errors in install file
  archlinux: reorganize install script to make it more easily compareable with the .spec file
  archlinux: update dependency list based on .spec file
2015-08-02 17:42:47 +02:00
Olivier MEDOC
f2c9a9320c archlinux: ensure python2 is used for all scripts and fix dependencies for qubes-desktop-run 2015-07-30 15:54:41 +02:00
Olivier MEDOC
2cfd4e6a13 archlinux: enabled configuration of all core agent dependencies 2015-07-28 16:12:07 +02:00
Olivier MEDOC
20c7f85f1f archlinux: pulseaudio should be configured in gui agent and will break installation of pulseaudio if installed in core-agent-linux 2015-07-28 16:11:16 +02:00
Olivier MEDOC
bceca326d8 Merge branch 'master' into archfix-201507 2015-07-28 09:14:00 +02:00
Patrick Schleizer
e1e5162720 also inform in cli if no new updates are available 2015-07-19 01:59:07 +02:00
Marek Marczykowski-Górecki
51d55c03dc
debian: fix permissions of /var/lib/qubes/dom0-updates
qubesos/qubes-issues#1029
2015-07-18 15:06:40 +02:00
Olivier MEDOC
78dcdd0f6a archlinux: fix syntax errors in install file 2015-07-14 08:09:11 +02:00
Olivier MEDOC
d84c07295b archlinux: reorganize install script to make it more easily compareable with the .spec file 2015-07-08 15:01:21 +02:00
Olivier MEDOC
0373f1cdfb archlinux: update dependency list based on .spec file 2015-07-08 15:00:50 +02:00
Marek Marczykowski-Górecki
916824eb3f qubes-core-vm-kernel-placeholder 1.0-3 2015-07-08 06:09:12 +02:00
Marek Marczykowski-Górecki
3491c1401b kernel-placeholder: prevent xl2tpd from pulling kernel packages 2015-07-02 17:51:12 +02:00
Marek Marczykowski-Górecki
a122380624 version 3.0.13 2015-07-01 07:05:53 +02:00
Marek Marczykowski-Górecki
4e44008607 network: disable tx csum offload on vif interfaces
It doesn't work with HVMs - more precisely with (ancient) qemu in
stubdomain.
2015-07-01 04:53:31 +02:00
Marek Marczykowski-Górecki
13c078ddbd network: guard iptables call with manual lock
Apparently even iptables-restore does not handle concurrent firewall
updates. This is especially a problem in case of HVM, which have two
network interfaces (one through stubom and the other direct) added at
the same time.
2015-07-01 01:25:00 +02:00
Marek Marczykowski-Górecki
2bfc6edddc network: use iptables-restore instead of iptables --wait
The later one is present only in latest iptables version - especially
debian does not have it. But we need to handle "Device or resources
busy" problem somehow.
2015-06-27 04:55:56 +02:00
Marek Marczykowski-Górecki
5176228abc fedora/systemd: fix service enabling code
Do not try to enable qubes-update-check.service, it is meant to be
started by qubes-update-check.timer (which is correctly enabled).
2015-06-26 19:57:44 +02:00
Marek Marczykowski-Górecki
3aca3f8c48 fedora: ensure that /etc/sysconfig/iptables exists (Fedora 20)
Even when iptables.service is configured to use different file, the
service would not start when there is no /etc/sysconfig/iptables. Fedora
20 package does not provide it.
2015-06-26 19:54:22 +02:00
Marek Marczykowski-Górecki
ea0615d4da version 3.0.12 2015-06-23 20:06:23 +02:00
Marek Marczykowski-Górecki
549761a144 Do not override file pointed by /etc/localtime symlink
On Fedora 21 (and probably others) /etc/localtime is no longer file
copy, but a symlink to original timezone file. Using `cp` to change
timezone here would override original file instead of just changing the
timezone.

Details:
https://groups.google.com/d/msgid/qubes-users/4a0de9457e08b93d1a39ac4cdbc6b632%40ruggedinbox.com
2015-06-23 19:59:17 +02:00
Marek Marczykowski-Górecki
0382f84eae rpm: improve setting iptables rules
Instead of overriding /etc/sysconfig/ip{,6}tables, store qubes rules in
/etc/sysconfig/iptables.qubes and configure the service to use that file
instead. This will prevent conflict on that file and also handle upgrades.
2015-06-19 09:42:55 +02:00
Marek Marczykowski-Górecki
b368ffe5c6 fedora, debian: make sure that default locale is generated
Otherwise some GUI applications would not start.
2015-06-16 02:27:23 +02:00
Marek Marczykowski-Górecki
3fdb67ac2b dom0-updates: make the tool working on Debian
Restore support for older yum: no --downloadonly option, so use
yumdownloader.
Also add some a code to handle some Debian quirks - especially default
rpmdb location in user home...
2015-06-16 02:22:42 +02:00
Marek Marczykowski-Górecki
cdebf33cf6 version 3.0.11 2015-06-11 04:06:26 +02:00