Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,170 Commits 1 Branch 0 Tags 6.4 MiB
5fcf7505fc
Commit Graph

1170 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marek Marczykowski
4c0849890c NetVM, AppVM, ProxyVM from single template - VM side (missing files...) 2011-03-11 01:42:42 +01:00
Marek Marczykowski
c87b15ba2a NetVM, AppVM, ProxyVM from single template - VM side 
Modify VM packages to:
- do not conflicts
- starts services if its VM type need it

Added core-proxyvm (firewall) and core-commonvm (common parts) packages.
 2011-03-11 01:38:04 +01:00
Rafal Wojtczuk
7342404846 Added dvm_file_editor. 
It works with qrexec - reads/writes data from stdin/stdout.
 2011-03-10 16:50:40 +01:00
Marek Marczykowski
f5e526f2c3 .gitignore 2011-03-10 16:23:45 +01:00
Marek Marczykowski
67b6217308 Add 30-qubes_external_ip to netvm.spec 2011-03-10 16:09:37 +01:00
Marek Marczykowski
382b90c543 Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/smoku/core 
Conflicts:
	dom0/qvm-core/qubes.py
 2011-03-10 16:05:48 +01:00
Rafal Wojtczuk
9f3fcc862a Implemented mechanism to trigger predefined execution in dom0. 
Processes in AppVM can ask qrexec-agent to send a
MSG_AGENT_TO_SERVER_TRIGGER_EXEC message to qrexec-daemon.
The latter will execute predefined program. It is useful for
the purpose of file copy; the predefined program will create
a connected qfile-daemon<->qfile-agent pair.
 2011-03-10 15:41:31 +01:00
Marek Marczykowski
07abd184ab Merge tag 'smk_a8cef51b' of ssh://git.qubes-os.org/var/lib/qubes/git/smoku/core 
Conflicts:
	dom0/qvm-core/qubes.py
	dom0/qvm-tools/qvm-ls
 2011-03-10 14:14:48 +01:00
Tomasz Sterna
76bf222dd2 Added FirewallVM related VM scripts 2011-03-09 20:50:13 +01:00
Tomasz Sterna
e686391de1 Added AppVM version of xenstore-watch. 2011-03-09 17:51:05 +01:00
Marek Marczykowski
223f14e21c Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/marmarek/core 
Conflicts:
	dom0/qvm-core/qubes.py
	dom0/qvm-tools/qvm-prefs
	dom0/qvm-tools/qvm-template-commit
 2011-03-09 17:23:32 +01:00
Rafal Wojtczuk
06c0bd007c Moved vchan and u2mfn code to core. 2011-03-08 12:24:47 +01:00
Rafal Wojtczuk
ffb0fe1d87 added "make -C qrexec clean" 2011-03-07 16:13:15 +01:00
Marek Marczykowski
45f70b4e02 gitignore files - add build products 2011-03-06 14:06:24 +01:00
Marek Marczykowski
dc5b65c23d Add BR to core-appvm.spec 2011-03-06 14:06:24 +01:00
Marek Marczykowski
1b9aec1efd Add backup files to gitignore 2011-03-06 14:06:24 +01:00
Marek Marczykowski
24ed4df11c block-snapshot fixes 2011-03-06 14:06:23 +01:00
Rafal Wojtczuk
0f655f9344 Start qrexec daemon and agent 2011-03-04 17:19:51 +01:00
Rafal Wojtczuk
f3428531a8 qrexec* tools, initial version 2011-03-04 16:32:58 +01:00
Marek Marczykowski
088adcc95f gitignore files - add build products 2011-03-02 11:58:22 +01:00
Marek Marczykowski
ee5542ee43 Add BR to core-appvm.spec 2011-03-02 11:55:54 +01:00
Marek Marczykowski
8fa18c4658 Add backup files to gitignore 2011-03-02 11:51:57 +01:00
Marek Marczykowski
2aec587027 block-snapshot fixes 2011-03-02 11:51:43 +01:00
Marek Marczykowski
e0b50db2ee Update TemplateVM with running AppVM: part 1 
snapshot and origin device type for xen
 2011-02-26 03:42:55 +01:00
Joanna Rutkowska
2729c6447b version 1.3.13 2010-10-04 19:38:18 +02:00
Joanna Rutkowska
04885a8bd8 Fixed the logic for /home and /usr/local linking/copying for AppVMs 
We assume that the template's root fs already has the following symlinks:
/home -> /rw/home
/usr/local -> /rw/usrlocal
 2010-10-04 19:36:54 +02:00
Joanna Rutkowska
dc297fda77 version 1.3.8 2010-09-30 19:28:31 +02:00
Rafal Wojtczuk
07fe7804d7 Allow numbers in vmname in qubes_penctl. 2010-09-27 17:52:10 +02:00
Joanna Rutkowska
2f92d0156b Merge branch 'qmemman' of git://qubes-os.org/rafal/core 
Conflicts:
	dom0/qvm-core/qubes.py
 2010-09-23 12:31:25 +02:00
Joanna Rutkowska
b3fae338ed version 1.3.4 2010-09-17 17:50:38 +02:00
Joanna Rutkowska
60b0eb28e8 Merge branch 'ticket4' of git://qubes-os.org/rafal/core 2010-09-17 17:30:36 +02:00
Rafal Wojtczuk
2c23edd1ee Require NetworkManager >= 0.8.1-1 
Unfortunately, config files layout changes with NM version; therefore
require >= 0.8.1-1.
This should also prevent NM from messing with VIF interfaces on suspend/resume.
 2010-09-17 15:16:01 +02:00
Joanna Rutkowska
e7cb27de3e version 1.3.3 2010-09-16 20:12:16 +02:00
Joanna Rutkowska
4f8ff21fb6 Merge branch 'qmemman' of git://qubes-os.org/rafal/core 2010-09-16 20:01:40 +02:00
Joanna Rutkowska
432d978d93 version 1.3.1 2010-09-16 17:01:15 +02:00
Joanna Rutkowska
c44f58f180 Merge branch 'comment1' of git://qubes-os.org/rafal/core 
Conflicts:
	dom0/restore/qubes_restore.c
 2010-09-16 15:55:35 +02:00
Joanna Rutkowska
17481e715a Make 'make clean' clean all the object files 2010-09-15 15:36:04 +02:00
Joanna Rutkowska
1328cce87e core-appvm.spec: create 'user' user in %pre instead of in %post 
... otherwsie rpm -i throws an error when trying to set permissions for
/home_volatile/user, as the user 'user' doesn't exist when the %files section
is being processed during rpm install (if this is a first install of the rpm).
 2010-09-15 15:33:09 +02:00
Joanna Rutkowska
07967155d5 version 1.3.0 2010-09-13 17:21:26 +02:00
Joanna Rutkowska
2a6356a6dd Merge branch 'qmemman' of git://qubes-os.org/rafal/core 2010-09-13 15:05:13 +02:00
Rafal Wojtczuk
6d764ef50d qmemman: save a syscall in meminfo-writer via use of "pread" 2010-09-10 14:53:41 +02:00
Rafal Wojtczuk
a2136c3d2b Compile meminfo-writer with -O3 2010-09-10 11:38:06 +02:00
Rafal Wojtczuk
02b8e51341 qmemman: when a AppVM is low on memory, allow small adjustments 
A small AppVM (say, with 100MB total) can go below prefmem, and
still not be assigned memory, because of the MIN_TOTAL_MEMORY_TRANSFER
threshold.
So, if AppVM is below prefmem, allow for smaller mem-sets.
 2010-09-10 11:35:30 +02:00
Rafal Wojtczuk
555be9b857 qmemman: offload some processing to meminfo-writer 
Make meminfo-writer compute used memory, and report to qmemman only if
it has changed significantly enough. As it is written in C, its code is
much faster that qmemman-server; also in the idle case, it saves on xenstore
communication overhead. Allows to send updates up to 10 times per second,
with CPU load on the VM below 0.1%.
 2010-09-09 17:51:53 +02:00
Rafal Wojtczuk
f810fbb547 Tell Network Manager to keep hands off vif interfaces 
...somehow indirectly, by specifying the mac; unfortunately I do not
see any other way.
 2010-09-07 13:18:08 +02:00
Rafal Wojtczuk
81a57ec32b Use vif-route-qubes. 2010-09-06 17:24:12 +02:00
Rafal Wojtczuk
23e11f5f6f Switch to routed VM network (instead of bridging) 
No headache from layer 2 attacks.
 2010-09-06 17:07:42 +02:00
Rafal Wojtczuk
c0f47663c8 Unify dom0 and netvm sysconfig/iptables 
Plus:
- dedicated chain for DNAT to nameservers
- prevent intervm networking. Can be conveniently overriden in necessary cases
by inserting ACCEPT clauses (per VM, probably) at the top of FORWARD
 2010-09-06 15:10:01 +02:00
Rafal Wojtczuk
7ff498c43b qmemman: make meminfo-writer a C program 2010-09-03 16:23:09 +02:00
Rafal Wojtczuk
ebbefaabc2 Fix restore completion detection in appvm/qubes_core 2010-08-30 11:43:30 +02:00