Vincent Penquerc'h
393553c7bb
vm-file-editor: #include <sys/time.h> for gettimeofday
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
c171f47ba8
vm-file-editor: put temporary files in per domain subdirectories
...
This avoids the possibility that incoming files may match
an existing file in /tmp (whether from the target VM, or a
third VM that's also sent a file for editing), as well as
possible file leaks between domains.
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
9a4b1efa61
core-agent-linux: misc const/void fixups
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
214365e272
vm-file-editor: hide | in filename
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
47c657b123
vm-file-editor: close output when done writing
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
81e9f967be
vm-file-editor: do not overwite an existing file
...
Either a housekeeping file from that VM, or a similarly named
one being edited from a third VM.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
11b8f9be20
vm-file-editor: fix potential buffer overflow
...
If we're being sent something without a zero byte, we
could happily read off the end of the buffer. Interestingly,
the write part was checking for the max bound.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
c9a25b8915
vm-file-editor: fix incorrect time display
...
It's used only for display, and never parsed, but still.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
a4b3a0c955
qopen-in-vm: ensure we can't mistake a non empty file for an empty one
...
st_size is off_t, which may be larger than int.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
38c0ea3128
qopen-in-vm: fix read overflow
...
That one would also send more data to the other VM that what we
intended: the start of the env var data (which in similar code
on my host includes the GPG agent socket path, XDG session cookie,
and more.
The other side expects a fixed size though, so pad with NULs.
Interestingly, the original code was not vulnerable as it was
callocing enough space.
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
5af6f0ff7f
qopen-in-vm: close output when we're done writing to it
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
511b614f56
qrexec-agent: catch failure to deliver signal
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
1dfd1d0e70
qrexec-agent: fix array read underflow
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
b2e84900a3
qrexec-agent: fix file leak on read error
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
c14f810067
qrexec-agent: pass an int pointer to sscanf to match %d
...
and check for 16 bit unsigned range after that.
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
4823490e70
qfile-unpacker: some error checking
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
475421b2e2
core-agent-linux: misc const fixups
2014-01-06 17:57:40 +01:00
Marek Marczykowski-Górecki
4a4e81f010
Merge remote-tracking branch 'joanna/master'
2014-01-06 17:57:08 +01:00
Marek Marczykowski-Górecki
fd55d48126
Move meminfo-writer to linux-utils repo
...
It is common for both dom0 and VM. So move to linux-specific repo (not
VM-specific).
2014-01-05 05:38:10 +01:00
Marek Marczykowski-Górecki
0daaefb47f
rpm: own /lib/modules only in Fedora >= 19
...
Previously it was owned by filesystem package.
2013-12-22 23:00:21 +01:00
Joanna Rutkowska
0341677a0e
version 2.1.24
2013-12-18 12:03:34 +01:00
Marek Marczykowski-Górecki
b3081dce07
systemd: disable additional unneeded services
2013-12-17 01:29:26 +01:00
Marek Marczykowski-Górecki
c04d4e4fea
systemd: while disabling service, disable also its activators
...
This time it is for cups, which have socket-based and path-based
activators. When activator tires to start the service which is disabled
by condition file it enters infinite loop (as service wont start, but
will not report an error).
2013-12-16 21:10:37 +01:00
Marek Marczykowski-Górecki
a0f3ce9e93
Hide errors from qubes.WaitForSession
...
Especially "Killed" message, which is normal as 'sleep' is signalled with
SIGKILL once session is ready.
2013-12-15 05:36:43 +01:00
Marek Marczykowski-Górecki
22929bb18f
kernel-placeholder: provide kernel modules mountpoint
...
It is no longer part of 'filesystem' package in Fedora 19.
2013-12-15 05:36:02 +01:00
Marek Marczykowski-Górecki
7dd5a40218
rpm: kernel-placeholder provides kernel-modules-extra
...
Yet another package with kernel-related files already provided by dom0.
2013-12-13 04:40:20 +01:00
Marek Marczykowski-Górecki
4c78388776
version 2.1.23
2013-12-08 19:22:11 +01:00
Marek Marczykowski-Górecki
dee9c6782f
Disable r2-beta2 repo on r2-beta3 system
2013-12-08 19:21:21 +01:00
Joanna Rutkowska
bfef08e412
version 2.1.22
2013-12-06 19:04:49 +01:00
Marek Marczykowski-Górecki
3cc566f539
Split R2 yum repository for individual beta releases.
2013-12-06 13:02:22 +01:00
Joanna Rutkowska
f2656f4e51
version 2.1.21
2013-12-04 16:04:38 +01:00
Olivier MEDOC
f7a956ef2e
archlinux: fixes due to new archlinux releases
2013-12-03 18:07:01 +01:00
Joanna Rutkowska
65badd1faa
version 2.1.20
2013-12-02 15:18:11 +01:00
Marek Marczykowski-Górecki
41c701a1ac
Revert "Do not start gnome-settings-daemon in AppVM"
...
This reverts commit 047a7a0b23
.
Actually some g-s-d plugins are helpful, for example notification of low
disk space. Also we've already disabled keyboard plugin.
2013-12-01 02:25:51 +01:00
Marek Marczykowski-Górecki
e3e96dba74
Merge branch 'new-backups'
2013-11-29 04:02:43 +01:00
Marek Marczykowski-Górecki
6c3c3e717d
tar2qfile: use lseek() to skip unwanted data if possible
...
When reading from file it is much faster.
2013-11-25 02:28:35 +01:00
Marek Marczykowski-Górecki
3c92cdba22
tar2qfile: use read_all() instead of read()
...
read() syscall do not guarantee to read as much data as requested. This
is especially important when reading from pipe - remote end can produce
data slower than we are reading them. Use read_all() helper to always
get requested amount of data.
2013-11-25 02:24:21 +01:00
Marek Marczykowski-Górecki
9b859c9ac5
qubes-rpc: save one syscall on each data block
...
read_all/write_all calls set_* on every call, so this can be
noticeable performance improvement.
2013-11-25 02:11:45 +01:00
Marek Marczykowski-Górecki
4010ddaab5
minor whitespace fix
2013-11-24 04:45:36 +01:00
Marek Marczykowski-Górecki
03923ae548
tar2qfile: disable debug messages
2013-11-24 04:45:14 +01:00
Marek Marczykowski-Górecki
dba3571883
tar2qfile: send EOF marker
2013-11-24 04:44:19 +01:00
Marek Marczykowski-Górecki
584df6986e
tar2qfile: fix compile warnings
2013-11-24 04:44:19 +01:00
Marek Marczykowski-Górecki
52d696a0c3
tar2qfile: fix padding handling
2013-11-24 04:44:18 +01:00
Marek Marczykowski-Górecki
3c43f20d9e
tar2qfile: terminate parsing when all requested files/dirs found
...
Assume that all the files of directory are in continuous block (which is
true in case of qvm-backup stream). This will allow to terminate before
getting to the file end - especially useful when only qubes.xml
requested.
2013-11-24 04:43:53 +01:00
Olivier MEDOC
42c40d399b
restore: improve error handling
2013-11-23 02:48:50 +01:00
Olivier MEDOC
ae776521b0
tar2qfile: forgot to pass a parameter in tar_read function
2013-11-23 02:48:42 +01:00
Olivier MEDOC
8e853c752c
tar2qfile: fixed a bug when file contained in tar is a multiple of 512 bytes
2013-11-23 02:48:42 +01:00
Olivier MEDOC
8a1f87d0ed
tar2qfile: starting cleanup to get rid of the stat structure which is not required during conversion
2013-11-23 02:48:42 +01:00
Olivier MEDOC
91b84d863c
tar2qfile: add filtering options to tar2qfile
2013-11-23 02:48:41 +01:00
Olivier MEDOC
fa6bb43c62
backup: Use paths sent from dom0 to filter files that should be extracted
2013-11-23 02:45:25 +01:00