Marek Marczykowski-Górecki
7953af970d
backups: fix buffer overflow in tar2qfile
...
Buffer for directory headers history was too small. This can be
exploitable by some attacker capable of controlling backup stream, but
it isn't any security problem. We don't assume this part of backup
system to be trusted, the attacker can at most prevent user from
restoring some data, but will neither gain access to them, or compromise
any other Qubes component. This is equivalent to bug in any other tool
used in backup vm (like FTP client) and the Qubes backup system is
designed specifically to minimize impact of such bugs.
2014-02-05 15:16:42 +01:00
Marek Marczykowski-Górecki
e9eb43e026
Merge branch 'fc20-queue'
2014-02-05 15:16:36 +01:00
Marek Marczykowski-Górecki
502c51d3f1
version 2.1.27
2014-02-02 13:38:07 +01:00
Marek Marczykowski-Górecki
4d2094b16c
Do not unconditionally hide nm-appet in Fedora >= 20 ( #774 )
...
This is first step of #774 - when NetworkManager enabled, show nm-applet
icon. Still NetworkManager need some configuration to not break ProxyVM
eth0.
2014-02-02 13:37:00 +01:00
Marek Marczykowski-Górecki
c647862fc0
rpm: do not fail on non-existing /etc/init/serial.conf
...
This file is obsolete for a long time, so use it only if found in the
system (perhaps still useful in other distros).
2014-02-02 13:37:00 +01:00
Marek Marczykowski-Górecki
39eca94200
backups: fix timestamp in backup filename (once again...)
2014-02-02 13:36:59 +01:00
Marek Marczykowski-Górecki
66b5d686f5
rpm: require gnome-packagekit-updater on Fedora 20+
...
gpk-update-viewer is no longer a part of gnome-packagekit package.
2014-02-02 13:36:59 +01:00
Marek Marczykowski-Górecki
0123719646
systemd: fix handling of .path units overrides
2014-02-02 13:36:59 +01:00
Marek Marczykowski-Górecki
fc04408c7a
systemd: disable ModemManager in non-NetVM
...
Previously ModemManager was started by NetworkManager, but in fc20+ it
is a separate service, so disable it when not needed.
2014-02-02 13:36:59 +01:00
Marek Marczykowski-Górecki
85f4e494e8
Hide nm-applet when NetworkManager is disabled
...
It isn't done automatically by nm-applet itself since nm-applet 0.9.9.0
(fc19+), this one commit:
https://git.gnome.org/browse/network-manager-applet/commit?id=276a702000ee9e509321891f5ffa9789acfb053c
At the same time they've introduced option to manually hide the icon:
https://git.gnome.org/browse/network-manager-applet/commit?id=e7331a3f33ab422ea6c1bbc015ad44d8d9c83bc3
2014-02-02 13:36:59 +01:00
Olivier MEDOC
312edc6320
archlinux: fix typo in install script
2014-01-23 07:02:25 +01:00
Olivier MEDOC
973c688c10
archlinux: update install script based on spec file
2014-01-23 07:02:25 +01:00
Marek Marczykowski-Górecki
9ea49e3f83
version 2.1.26
2014-01-22 15:17:41 +01:00
Marek Marczykowski-Górecki
ee271a43c9
Merge branch 'master' of git://git.qubes-os.org/joanna/core-agent-linux
2014-01-16 04:23:52 +01:00
Marek Marczykowski-Górecki
66ef7696ac
backups: change data/time delimiter in filename according to ISO 8601
2014-01-15 04:33:18 +01:00
Marek Marczykowski-Górecki
2b80dfef17
backups: fix backup timestamp
2014-01-13 05:08:05 +01:00
Marek Marczykowski-Górecki
361ab0b266
qubes-rpc: introduce services for browsing VM filesystem
...
For now used to select system backup inside of VM.
2014-01-13 05:07:23 +01:00
Joanna Rutkowska
c64a33da3f
version 2.1.25.1
2014-01-10 10:01:34 +01:00
Marek Marczykowski-Górecki
4e98a28017
dom0-updates: ignore "Obsoleting" word in package list
...
Apparently -q option do not disable all the headers.
2014-01-10 03:35:04 +01:00
Marek Marczykowski-Górecki
6e599567e0
tar2qfile: retry if lseek() returns EAGAIN
...
... even though it shouldn't. Apparently it is happening. See #764
comments for details.
2014-01-10 03:33:55 +01:00
Marek Marczykowski-Górecki
1b9be23684
version 2.1.25
2014-01-06 18:32:13 +01:00
Marek Marczykowski-Górecki
92aac6a92e
Remove copy of ioall.c - use the one from linux-utils
2014-01-06 18:32:13 +01:00
Vincent Penquerc'h
df7c431d0b
qfile-utils: do not write a random extra byte
...
readlink(2) does not write a terminating NUL, and the read side
will already place a NUL after whatever it receives.
While it seems odd that this would be buggy (ie, synlinks on
the ohter side would be pointing to the wrong filename, though
I guess if we're lucky and the stack had a 0 byte at the right
place, symlink(2) would do what was expected), my reading of
the code tells me this patch is right. Needs testing to double
check.
2014-01-06 17:57:43 +01:00
Vincent Penquerc'h
960c85587f
gui-fatal: fix message leak, since the dialog may not be fatal
2014-01-06 17:57:43 +01:00
Vincent Penquerc'h
3e8c0372c2
gui-fatal: use fully qualified paths to kdialog/zenity
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
73adfc88e3
gui-fatal: add \n to message on stderr
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
393553c7bb
vm-file-editor: #include <sys/time.h> for gettimeofday
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
c171f47ba8
vm-file-editor: put temporary files in per domain subdirectories
...
This avoids the possibility that incoming files may match
an existing file in /tmp (whether from the target VM, or a
third VM that's also sent a file for editing), as well as
possible file leaks between domains.
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
9a4b1efa61
core-agent-linux: misc const/void fixups
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
214365e272
vm-file-editor: hide | in filename
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
47c657b123
vm-file-editor: close output when done writing
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
81e9f967be
vm-file-editor: do not overwite an existing file
...
Either a housekeeping file from that VM, or a similarly named
one being edited from a third VM.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
11b8f9be20
vm-file-editor: fix potential buffer overflow
...
If we're being sent something without a zero byte, we
could happily read off the end of the buffer. Interestingly,
the write part was checking for the max bound.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
c9a25b8915
vm-file-editor: fix incorrect time display
...
It's used only for display, and never parsed, but still.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
a4b3a0c955
qopen-in-vm: ensure we can't mistake a non empty file for an empty one
...
st_size is off_t, which may be larger than int.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
38c0ea3128
qopen-in-vm: fix read overflow
...
That one would also send more data to the other VM that what we
intended: the start of the env var data (which in similar code
on my host includes the GPG agent socket path, XDG session cookie,
and more.
The other side expects a fixed size though, so pad with NULs.
Interestingly, the original code was not vulnerable as it was
callocing enough space.
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
5af6f0ff7f
qopen-in-vm: close output when we're done writing to it
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
511b614f56
qrexec-agent: catch failure to deliver signal
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
1dfd1d0e70
qrexec-agent: fix array read underflow
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
b2e84900a3
qrexec-agent: fix file leak on read error
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
c14f810067
qrexec-agent: pass an int pointer to sscanf to match %d
...
and check for 16 bit unsigned range after that.
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
4823490e70
qfile-unpacker: some error checking
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
475421b2e2
core-agent-linux: misc const fixups
2014-01-06 17:57:40 +01:00
Marek Marczykowski-Górecki
4a4e81f010
Merge remote-tracking branch 'joanna/master'
2014-01-06 17:57:08 +01:00
Marek Marczykowski-Górecki
fd55d48126
Move meminfo-writer to linux-utils repo
...
It is common for both dom0 and VM. So move to linux-specific repo (not
VM-specific).
2014-01-05 05:38:10 +01:00
Marek Marczykowski-Górecki
0daaefb47f
rpm: own /lib/modules only in Fedora >= 19
...
Previously it was owned by filesystem package.
2013-12-22 23:00:21 +01:00
Joanna Rutkowska
0341677a0e
version 2.1.24
2013-12-18 12:03:34 +01:00
Marek Marczykowski-Górecki
b3081dce07
systemd: disable additional unneeded services
2013-12-17 01:29:26 +01:00
Marek Marczykowski-Górecki
c04d4e4fea
systemd: while disabling service, disable also its activators
...
This time it is for cups, which have socket-based and path-based
activators. When activator tires to start the service which is disabled
by condition file it enters infinite loop (as service wont start, but
will not report an error).
2013-12-16 21:10:37 +01:00
Marek Marczykowski-Górecki
a0f3ce9e93
Hide errors from qubes.WaitForSession
...
Especially "Killed" message, which is normal as 'sleep' is signalled with
SIGKILL once session is ready.
2013-12-15 05:36:43 +01:00