unman
38f44417d6
Move trusty check and locales-all fix inside source-debian-quilt-copy-in
2017-02-13 22:25:47 +00:00
Marek Marczykowski-Górecki
961455657d
Merge remote-tracking branch 'qubesos/pr/38'
...
* qubesos/pr/38:
Reset iptables ACCEPT rule for updates proxy if service is running
2017-02-13 00:03:43 +01:00
Marek Marczykowski-Górecki
08edfa630d
Merge remote-tracking branch 'qubesos/pr/35'
...
* qubesos/pr/35:
Constrain cron and anacron in Ubuntu also
Stop anacron from starting in Debian using existing constraint on cron
2017-02-12 23:59:43 +01:00
Gregorio Guidi
1ca110a9fd
Restore functionality of disable-default-route and disable-dns-server.
2017-02-12 23:53:43 +01:00
unman
8d1b74d732
Apply gschema override preventing previews in nautilus in Debian
2017-02-12 03:06:48 +00:00
unman
59b025a652
Reset iptables ACCEPT rule for updates proxy if service is running
2017-02-11 02:11:53 +00:00
unman
32dc1ad809
Fix build for trusty - locales-all not available
2017-02-09 01:46:53 +00:00
unman
3180d09ff4
Constrain cron and anacron in Ubuntu also
2017-02-06 00:08:33 +00:00
unman
a361fb454c
Stop anacron from starting in Debian using existing constraint on cron
2017-02-05 23:36:27 +00:00
Olivier MEDOC
7787d39b6e
archlinux: add missing qubes-rpc dependencies
2017-01-29 15:37:15 +01:00
Olivier MEDOC
0159cd6a77
archlinux: fix pacman.d dropin not activated if pacman.conf does not already contains qubes markers
2017-01-29 15:27:14 +01:00
Olivier MEDOC
8ba584dfb0
Makefile: enforce mode 750 for directories /etc/sudoers.d and /etc/polkit-1/rules.d
2017-01-29 15:01:01 +01:00
Olivier MEDOC
98b4f1f265
archlinux: fix bash syntax errors
2017-01-29 14:34:50 +01:00
Olivier MEDOC
8584290295
archlinux: update installer script to use systemd preset file
2017-01-29 13:55:35 +01:00
Olivier MEDOC
9890ed191a
archlinux: fix lsb_release missing
2017-01-28 21:20:20 +01:00
Lorenzo
f3a44bdd74
Merge branch 'master' of github.com:lorenzog/qubes-core-agent-linux
2017-01-14 22:21:45 +00:00
Lorenzo
f4af5f320a
Shut down after update only if it's a template.
...
As per discussion in
https://github.com/QubesOS/qubes-issues/issues/2555#issuecomment-271415169
Signed-off-by: Lorenzo <lorenzo.grespan@gmail.com>
2017-01-14 22:20:51 +00:00
Lorenzo
ffefce9e25
Shut down after update only if it's a template.
...
As per discussion in
https://github.com/QubesOS/qubes-issues/issues/2555#issuecomment-271415169
2017-01-14 13:11:27 +00:00
Marek Marczykowski-Górecki
41cd218660
travis: drop debootstrap workaround
...
Move to qubes-builder
Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2017-01-10 12:12:44 +01:00
Marek Marczykowski-Górecki
bb71ddd8cd
Merge remote-tracking branch 'origin/pr/86'
...
* origin/pr/86:
archlinux: fix community repositories URL
2017-01-04 23:13:57 +01:00
Marek Marczykowski-Górecki
12231dab4a
Merge remote-tracking branch 'origin/pr/85'
...
* origin/pr/85:
comment
2017-01-04 23:13:24 +01:00
Olivier MEDOC
d8599d45ba
archlinux: fix community repositories URL
2016-12-28 09:00:38 +01:00
Marek Marczykowski-Górecki
63e02a1340
Merge remote-tracking branch 'qubesos/pr/32'
...
* qubesos/pr/32:
Copied needed sources to build root
2016-12-25 20:44:17 +01:00
Nicklaus McClendon
d1faba7d03
Copied needed sources to build root
2016-12-25 13:33:39 -05:00
Patrick Schleizer
3cc1a855dc
comment
2016-12-21 00:15:12 +01:00
Andrew David Wong
cc7d3fc925
Update Xen bug count in sudoers comment
...
Closes QubesOS/qubes-issues#2480
2016-12-04 16:29:01 -08:00
Marek Marczykowski-Górecki
fb8c356216
version 3.2.15
2016-12-04 22:39:01 +01:00
Marek Marczykowski-Górecki
a9e7f91ca6
Fix detection of dom0 updates
...
dnf stdout messages differ from yum. Handle this particular difference
(info about last metadata check time), but in addition properly use its
exit code - 0 means no updates, 100 means some updates.
Fixes QubesOS/qubes-issues#2096
2016-12-04 22:37:17 +01:00
Marek Marczykowski-Górecki
bb53619d3d
version 3.2.14
2016-12-04 21:57:10 +01:00
Marek Marczykowski-Górecki
7c18322ffa
Merge remote-tracking branch 'qubesos/pr/27'
...
* qubesos/pr/27:
v2: (vm) qvm-move-to-vm: don't "rm -rf" vm name argument
2016-12-04 21:56:11 +01:00
Marek Marczykowski-Górecki
09870c7d80
travis: drop debootstrap workaround
...
Move to qubes-builder
2016-12-04 21:28:13 +01:00
Rusty Bird
0d243250f2
v2: (vm) qvm-move-to-vm: don't "rm -rf" vm name argument
...
Fixes QubesOS/qubes-issues#2472 from commit
3f600d03fa
2016-12-04 16:50:59 +00:00
Marek Marczykowski-Górecki
41e3d591ef
Merge remote-tracking branch 'qubesos/pr/25'
...
* qubesos/pr/25:
Add systemd override for haveged in xenial and stretch. (#2161 ) Reenable haveged.service after debian package installation
Fixes QubesOS/qubes-issues#2161
2016-11-28 15:02:32 +01:00
Marek Marczykowski-Górecki
938d184ef4
version 3.2.13
2016-11-18 01:59:25 +01:00
Marek Marczykowski-Górecki
a69acdabbf
Merge remote-tracking branch 'qubesos/pr/24'
...
* qubesos/pr/24:
Initialize home_volatile for disposable VMs.
2016-11-17 09:33:02 +01:00
Marek Marczykowski-Górecki
dbcd3e5f0a
Write random seed directly to /dev/urandom
...
Don't store it in some variable, as may contain non-ASCII or control
characters (or starts with '-').
2016-11-17 09:30:49 +01:00
Marek Marczykowski-Górecki
cc2fb303cb
Merge remote-tracking branch 'origin/pr/84'
...
* origin/pr/84:
fix reload_random_seed error handling
2016-11-17 09:30:14 +01:00
unman
58febd6d20
Add systemd override for haveged in xenial and stretch. ( #2161 )
...
Reenable haveged.service after debian package installation
2016-11-14 02:33:20 +00:00
Patrick Schleizer
b1f418ca76
fix reload_random_seed error handling
...
https://github.com/QubesOS/qubes-core-agent-linux/pull/21#pullrequestreview-8302473
2016-11-13 23:37:49 +01:00
Manuel Amador (Rudd-O)
6ca10b42eb
Initialize home_volatile for disposable VMs.
2016-11-13 21:20:46 +00:00
Marek Marczykowski-Górecki
3050852cbb
Prefer powerpill to update Archlinux VM
...
This is the recommended way to connect through update proxy.
2016-11-12 22:30:37 +01:00
Marek Marczykowski-Górecki
6ba1d2ff78
Ask to shutdown the template after performing update
...
Fixes QubesOS/qubes-issues#2431
2016-11-12 22:27:20 +01:00
Marek Marczykowski-Górecki
7fa4115aba
Refactor qubes.InstallUpdatesGUI to reduce code duplication
...
QubesOS/qubes-issues#2431
2016-11-12 22:21:42 +01:00
Jean-Philippe Ouellet
0fb3e503d3
Keep Makefile DRY
2016-11-10 06:49:01 -05:00
Marek Marczykowski-Górecki
24b726a3bf
network: use /32 netmask on internal IPs in NAT providing namespace
...
Use /32 inside network namespace too. Otherwise inter-VM traffic is
broken - as all VMs seems to be in a single /24 subnet, but in fact are
not.
QubesOS/qubes-issues#1143
2016-11-01 00:22:19 +01:00
Marek Marczykowski-Górecki
c8213ea55a
network: properly handle DNS addresses in vif-qubes-nat.sh
...
Core3 no longer reuse netvm own IP for primary DNS. At the same time,
disable dropping traffic to netvm itself because it breaks DNS (as one
of blocked things). This allows VM to learn real netvm IP, but:
- this mechanism is not intended to avoid detection from already
compromised VM, only about unintentional leaks
- this can be prevented using vif-qubes-nat.sh on the netvm itself (so
it will also have hidden its own IP)
QubesOS/qubes-issues#1143
2016-11-01 00:22:08 +01:00
Marek Marczykowski-Górecki
c75b6519c5
network: keep the same MAC on vif interfaces
...
Even when it's veth pair into network namespace doing NAT.
QubesOS/qubes-issues#1143
2016-11-01 00:13:47 +01:00
Marek Marczykowski-Górecki
1c42a06238
network: integrate vif-route-qubes-nat into vif-route-qubes
...
Since 'script' xenstore entry no longer allows passing arguments
(actually this always was a side effect, not intended behaviour), we
need to pass additional parameters some other way. Natural choice for
Qubes-specific script is to use QubesDB.
And since those parameters are passed some other way, it is no longer
necessary to keep it as separate script.
Fixes QubesOS/qubes-issues#1143
2016-10-31 00:40:32 +01:00
Marek Marczykowski-Górecki
696a0918d5
Revert "network: disable proxy_arp"
...
Proxy ARP apparently is still needed for HVMs.
This reverts commit fa8b05a83cFixes QubesOS/qubes-issues#1421
2016-10-30 20:42:00 +01:00
Marek Marczykowski-Górecki
938af2c7fd
network: change vif-route-qubes-nat parameters
...
Keep "main" IP (the one in xenstore) as the one seen by the netvm, and
pass the "fake" one (the one seen by the VM) as script parameter.
Fixes QubesOS/qubes-issues#1143
2016-10-29 22:28:57 +02:00
