Marek Marczykowski-Górecki
f1a997c1c4
systemd: reexec systemd to ensure right version is running
...
SystemD version can differ from initramfs one (which is build in dom0
build environment), so reexec it at startup.
This fixes systemd-212 archlinux issue.
2014-04-23 01:50:21 +02:00
Marek Marczykowski-Górecki
6d3c73c741
systemd: relax qubes-sysinit dependencies
...
It doesn't need all local filesystems, only /, /run, /proc/xen and loaded
modules.
2014-04-23 01:32:31 +02:00
Marek Marczykowski-Górecki
12080a42a2
rpm: do not disable abrt-applet autostart
2014-04-23 01:31:57 +02:00
Marek Marczykowski-Górecki
bd6ba19407
Enable compiler optimization.
2014-04-22 00:57:36 +02:00
Marek Marczykowski-Górecki
8018b9d3ee
Fix compiler warnings.
...
Mostly harmless cases of warn_unused_result.
2014-04-22 00:56:52 +02:00
Marek Marczykowski-Górecki
0fad94a21f
version 2.1.33
2014-04-15 04:11:13 +02:00
Marek Marczykowski-Górecki
efe7612fbf
dom0-updates: confirm yum transaction (yum -y)
...
Otherwise yum waits for confirmation, without showing the prompt.
2014-04-15 04:09:53 +02:00
Marek Marczykowski-Górecki
7966e2d6c9
version 2.1.32
2014-04-10 04:16:28 +02:00
Marek Marczykowski-Górecki
3b55facb2e
Update repo file for R2rc1 repo
2014-04-10 04:08:49 +02:00
Marek Marczykowski-Górecki
3558419612
version 2.1.31
2014-04-05 00:36:03 +02:00
Marek Marczykowski-Górecki
a4fc4822ef
dom0-updates: use yum --downloadonly instead of yumdownloader
...
This better handles dependencies (especially of "Obsolete:" type).
Unfortunately yum install/upgrade checks if running as root. Because we
are only downloading packages, using local "system root" (--installroot
option) no real root access is requires, so use fakeroot to mute yum
error.
2014-03-28 06:52:31 +01:00
Marek Marczykowski-Górecki
0dd45655e3
init: remove rc.local-early reference
...
It can't work - there is no /rw mounted at this VM startup stage.
2014-03-28 05:12:48 +01:00
Marek Marczykowski-Górecki
e88b6e38be
network: suppress NetworkManager from touching inter-vm interfaces ( #774 )
...
Those interfaces are configured by qubes scripts (based on xenstore data
filled by qubes core).
2014-03-28 02:57:12 +01:00
Marek Marczykowski-Górecki
4c3d5a46c2
firewall: replace deprecated "state" iptables module with "conntrack"
2014-03-28 02:56:43 +01:00
Marek Marczykowski-Górecki
f2ff044539
yum-proxy: fix iptables rules order
...
Add the rules at the beginning of chain, so before final REJECT rule.
2014-03-26 00:02:10 +01:00
Marek Marczykowski-Górecki
fe64539789
Implement "Move to VM" action ( #725 )
2014-03-24 05:19:16 +01:00
Marek Marczykowski-Górecki
4be9c7895a
version 2.1.30
2014-03-10 01:04:11 +01:00
Marek Marczykowski-Górecki
226282bd90
rpm: enable notification-daemon
...
Without it explicitly enabled, notify-send (used by qubes-firewall) does
nothing.
2014-02-22 01:24:13 +01:00
Marek Marczykowski-Górecki
a19ef6d0db
qubes-firewall: log errors to stderr -> syslog
...
Not only display as notifications (which may be easily missed).
2014-02-22 01:23:27 +01:00
Marek Marczykowski-Górecki
0d3ed747b4
suspend-prepare: call NM D-Bus interface directly
...
nmcli doesn't seem to have stable API, especially "nmcli nm sleep"
doesn't work anymore in Fedora 20.
2014-02-21 18:42:12 +01:00
Marek Marczykowski-Górecki
9d618cac15
yum-proxy: automatically restart the service on failure
2014-02-21 13:30:07 +01:00
Marek Marczykowski-Górecki
18ed540158
yum-proxy: fix stop command - iptables-restore do not accept -D
...
iptables-restore format accept only "-A" command, so remove the rules
with direct call to iptables
2014-02-21 13:28:49 +01:00
Marek Marczykowski-Górecki
98e5ffac8c
version 2.1.29
2014-02-20 01:01:56 +01:00
Marek Marczykowski-Górecki
f8b1a6c562
qrexec: use proper unsigned type instead of muting compiler warning
2014-02-19 20:53:54 +01:00
Olivier MEDOC
3dcb434142
archlinux: move xinitrc bugfix to qubes-gui-agent
2014-02-16 21:17:39 +01:00
Olivier MEDOC
59ea1741dd
archlinux: fixes for working user session
2014-02-16 21:13:53 +01:00
Marek Marczykowski-Górecki
c632f0d067
Add -Wextra -Werror to all C code
2014-02-16 11:34:22 +01:00
Olivier MEDOC
d931ba237e
archlinux: ensure /lib/modules is mounted before xenfs using a systemd service
...
This systemd service is not disruptive to the boot process if it fails to mount /lib/modules (because it has been mounted before systemd switched the root directory to the real one).
The advantage is that it will boot /usr/lib/modules even if dracut doesn't handle root switch pre-hook, which is the case on archlinux.
It then allows booting an archlinux AppVM using an archlinux kernel.
2014-02-08 23:16:52 +01:00
Olivier MEDOC
6547577ce9
archlinux: fix bugs in added package install/remove commands
2014-02-08 23:16:00 +01:00
Olivier MEDOC
e0a00899cf
archlinux: fixes in package uninstall trigger and disable additionnal qubes services
2014-02-08 23:15:14 +01:00
Olivier MEDOC
6757337bd3
archlinux: forgot to enable qubes-sysinit when installing package
2014-02-08 23:14:34 +01:00
Marek Marczykowski-Górecki
8acad1b78d
rpm: disable (standard) pulseaudio autostart on its upgrade
...
Not only on initial template installation.
2014-02-08 10:22:28 +01:00
Marek Marczykowski-Górecki
8e38b36012
version 2.1.28
2014-02-07 05:50:49 +01:00
Marek Marczykowski-Górecki
3cc9d0f329
Merge branch 'appicons'
...
Conflicts:
rpm_spec/core-vm.spec
2014-02-07 05:50:07 +01:00
Marek Marczykowski-Górecki
c0c914faab
Merge remote-tracking branch 'woju/master' into appicons
2014-02-07 05:48:18 +01:00
Marek Marczykowski-Górecki
ededdf32ec
rpm: BR:qubes-utils-devel >= 2.0.5 - because of slight API change
...
Note that R: will be generated automatically (on library name).
2014-02-07 05:36:22 +01:00
Marek Marczykowski-Górecki
75b1e24bab
qubes-rpc, qrexec: register callbacks for qrexec-lib
...
Now qrexec-lib do not use exported symbols of particular names, but
explicitly registered callbacks.
2014-02-07 05:36:15 +01:00
Marek Marczykowski-Górecki
d660f260b8
Hide nm-applet when NetworkManager is disabled (retry)
...
It isn't done automatically by nm-applet itself since nm-applet 0.9.9.0
(fc19+), this one commit:
https://git.gnome.org/browse/network-manager-applet/commit?id=276a702000ee9e509321891f5ffa9789acfb053c
At the same time they've introduced option to manually hide the icon:
https://git.gnome.org/browse/network-manager-applet/commit?id=e7331a3f33ab422ea6c1bbc015ad44d8d9c83bc3
2014-02-07 02:16:39 +01:00
Marek Marczykowski-Górecki
7d4c19fe23
rpm: fix rpmbuild warning about ghost files
2014-02-07 02:10:47 +01:00
Marek Marczykowski-Górecki
f54e44ac8f
Fix compile warning
2014-02-07 02:10:13 +01:00
Marek Marczykowski-Górecki
e6b1769549
rpm: fix qfile-unpacker permissions
...
So rpmbuild will be able to create debuginfo and store stipped version.
2014-02-07 02:09:15 +01:00
Marek Marczykowski-Górecki
c86581ace4
Revert "Hide nm-applet when NetworkManager is disabled"
...
This reverts commit 85f4e494e8
.
This way isn't effective - the command is called too early.
2014-02-07 00:01:06 +01:00
Marek Marczykowski-Górecki
58496dbac0
rpm: move serial.conf to /usr/share/qubes
...
It isn't executable file...
2014-02-06 23:56:18 +01:00
Marek Marczykowski-Górecki
06ced31ab5
rpm: typo fix in spec file
...
This is fix for commit 4d2094b16c
.
2014-02-06 06:18:25 +01:00
Marek Marczykowski-Górecki
7953af970d
backups: fix buffer overflow in tar2qfile
...
Buffer for directory headers history was too small. This can be
exploitable by some attacker capable of controlling backup stream, but
it isn't any security problem. We don't assume this part of backup
system to be trusted, the attacker can at most prevent user from
restoring some data, but will neither gain access to them, or compromise
any other Qubes component. This is equivalent to bug in any other tool
used in backup vm (like FTP client) and the Qubes backup system is
designed specifically to minimize impact of such bugs.
2014-02-05 15:16:42 +01:00
Marek Marczykowski-Górecki
e9eb43e026
Merge branch 'fc20-queue'
2014-02-05 15:16:36 +01:00
Wojciech Zygmunt Porczyk
27632a0b3b
qubes.GetImageRGBA: bugfixes
...
- when icon is not found in hicolor theme, search for in in other themes
- added -follow to find
2014-02-04 00:36:30 +01:00
Marek Marczykowski-Górecki
502c51d3f1
version 2.1.27
2014-02-02 13:38:07 +01:00
Marek Marczykowski-Górecki
4d2094b16c
Do not unconditionally hide nm-appet in Fedora >= 20 ( #774 )
...
This is first step of #774 - when NetworkManager enabled, show nm-applet
icon. Still NetworkManager need some configuration to not break ProxyVM
eth0.
2014-02-02 13:37:00 +01:00
Marek Marczykowski-Górecki
c647862fc0
rpm: do not fail on non-existing /etc/init/serial.conf
...
This file is obsolete for a long time, so use it only if found in the
system (perhaps still useful in other distros).
2014-02-02 13:37:00 +01:00