Commit Graph

262 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
5ddc118429
Merge remote-tracking branch 'origin/pr/266'
* origin/pr/266:
  Only allow known-safe characters in socket paths
2020-12-01 03:57:57 +01:00
Demi Marie Obenour
06d84b5198
Only allow known-safe characters in socket paths
The socket path will be included in a shell command and then as a socat
argument, so only allow a small subset of known-safe characters.  In
practice, this has not been a problem because mktemp doesn’t include
these characters in its output.
2020-11-27 15:25:29 -05:00
ejose19
489fde7cb3
Replace custom script reloading with sourcing /etc/profile in qubes.GetAppmenus 2020-11-26 14:45:57 -03:00
Marek Marczykowski-Górecki
e9466dd04f
Merge remote-tracking branch 'origin/pr/236'
* origin/pr/236:
  qvm-template: Add qubes.Template{Search,Download} files to the package.
  qubes.Template*: Add --refresh option and allow DNF cache to be used.
  qubes.Template*: Invoke curl with --silent.
  qubes.Template*: Change separator from : to | and include additional metadata.
  Fix shell quoting.
  Remove repofrompath.
  New qrexec calls for interacting with template repos.
2020-09-17 03:08:56 +02:00
Marek Marczykowski-Górecki
fee8f6cfef
Merge remote-tracking branch 'origin/pr/246'
* origin/pr/246:
  Advertise apparmor support
2020-09-17 02:57:27 +02:00
herypt
9271763a6f
Advertise apparmor support 2020-09-02 14:37:25 +02:00
Artur Puzio
21864ab563
Skip IGD when unbinding device drivers on suspend 2020-08-25 17:08:38 +02:00
WillyPillow
e83408d601
qvm-template: Add qubes.Template{Search,Download} files to the package. 2020-08-25 11:11:24 +08:00
Marek Marczykowski-Górecki
8066129445
Add services for paranoid backup restore mode
Add a pair of services:
1. qubes.RegisterBackupLocation - called by dom0, registers what backup
location (including both file and command options) can be accessed.
Registered location gets an ID returned to the caller. The location (and
its ID) is valid as long as the service call remains open.

2. qubes.RestoreById - called by restoring DispVM to retrieve the backup
content. The service expects location ID as an argument, and then list
of files/directories (separated with spaces) on the first line of stdin.
This is very similar to qubes.Restore service, with exception for the
archive location control.

QubesOS/qubes-issues#5310
2020-08-03 03:43:09 +02:00
Marek Marczykowski-Górecki
7c261f45da
qfile-unpacker: add option (-w) to wait for disk space before extracting
Add -w MARGIN option to always leave at least MARGIN bytes of free
space.

QubesOS/qubes-issues#4791
2020-08-03 03:25:37 +02:00
Marek Marczykowski-Górecki
13eef467bf
tar2qfile: fix argument parser
There is only one input, other arguments are files/directories to
extract. There is no need for a loop.
2020-08-03 03:25:36 +02:00
Marek Marczykowski-Górecki
cee32d4f90
qfile-unpacker: add option for custom user and target directory
QubesOS/qubes-issues#930
2020-08-03 03:25:36 +02:00
WillyPillow
b0edd5f209 qubes.Template*: Add --refresh option and allow DNF cache to be used. 2020-07-29 20:02:47 +08:00
WillyPillow
9bedf50786 qubes.Template*: Invoke curl with --silent. 2020-07-29 20:02:42 +08:00
WillyPillow
686d0d3c12 qubes.Template*: Change separator from : to | and include additional metadata. 2020-07-29 20:02:36 +08:00
WillyPillow
e91f2eb6f4
Fix shell quoting. 2020-07-04 01:11:53 +08:00
WillyPillow
1d65c5ee01
Remove repofrompath. 2020-07-04 01:10:24 +08:00
WillyPillow
d1f27749a9
New qrexec calls for interacting with template repos.
See <https://gist.github.com/WillyPillow/b8a643ddbd9235a97bc187e6e44b16e4> for details.
2020-07-03 02:22:04 +08:00
Marta Marczykowska-Górecka
6e724f76f0
fixed qubes.GetAppmenus ignoring some correct .desktop files
.desktop files can have spaces around '=' symbols; previously
GetAppmenus discarded such files.

references QubesOS/qubes-issues#5692
2020-06-03 18:27:34 +02:00
Marek Marczykowski-Górecki
707d4cad8b
qubes.ShowInTerminal needs a graphical session running
This specifically fixes qvm-console-dispvm tool, which uses
qubes.ShowInTerminal to show the actual console. This service uses
xterm, so it needs X session running already.

Fixes QubesOS/qubes-issues#5805
2020-05-09 05:13:14 +02:00
Rusty Bird
25b304ccf3
qvm-run-vm: fix comment
While stderr isn't connected to the local_program argument (qrun-in-vm)
of qrexec-client-vm, it *is* connected (by qrexec-client-vm itself) to
the command the user passed to *to qvm-run-vm*.
2020-05-06 14:46:15 +00:00
Rusty Bird
ce3c1cfb7c
qvm-run-vm: translate --dispvm to modern @dispvm syntax 2020-05-06 14:46:14 +00:00
Rusty Bird
5c7d06b46e
qvm-run-vm: add +WaitForSession for modern @dispvm syntax too 2020-05-06 14:46:13 +00:00
Rusty Bird
cd3d870fd0
qubes.Restore: remove bashism found by new ShellCheck 2020-02-26 18:47:44 +00:00
Saswat Padhi
f96c00d975
signed 2020-02-08 04:01:48 -08:00
Saswat Padhi
600df100df qubes.GetAppmenus: skip unreadable .desktop files 2020-02-08 10:13:41 +00:00
Amadeusz Piotr Żołnowski
4de377bc3b
Split items in misc directory by topic 2020-02-04 23:59:09 +00:00
Pawel Marczewski
9db6e4e2cc
Advertise qubes.VMExec support as a feature 2020-01-24 18:45:17 +01:00
Pawel Marczewski
738548a8e4
Add qubes.VMExec call, for running a single command
With a VMExecGUI variant that waits for a session.

See QubesOS/qubes-issues#4850.
2020-01-24 18:44:45 +01:00
Marek Marczykowski-Górecki
d2087c5abf
Merge remote-tracking branch 'origin/pr/203'
* origin/pr/203:
  Added "QubesIncoming" shortcut to Nautilus
2020-01-16 04:24:07 +01:00
Marta Marczykowska-Górecka
fd6e551ebe
Added "QubesIncoming" shortcut to Nautilus
A small script will add the QubesIncoming shortcut to Nautilus file pane
on the first use of qvm-copy to a given VM. The shortcut will not be recreated if
deleted.

fixes QubesOS/qubes-issues#2229
2020-01-13 16:45:41 +01:00
Marek Marczykowski-Górecki
cc68f165bc
Merge remote-tracking branch 'origin/pr/199'
* origin/pr/199:
  qubes.GetAppmenus: handle home directory properly in case of sudo
  Silence shellcheck
  GetAppmenus: ensure right app directories
2020-01-09 01:38:12 +01:00
Pawel Marczewski
418a5ec6e3
qubes.GetAppmenus: handle home directory properly in case of sudo 2020-01-08 17:05:32 +01:00
Pawel Marczewski
2df17a4790
Silence shellcheck
See https://github.com/koalaman/shellcheck/wiki/SC1090
2020-01-08 10:29:36 +01:00
Marek Marczykowski-Górecki
cf2c91bc79
Merge remote-tracking branch 'origin/pr/200'
* origin/pr/200:
  Make the file copy operation respect default_user
2020-01-08 02:21:59 +01:00
Pawel Marczewski
e78edba725
Make the file copy operation respect default_user
Previously, both file path and username were hardcoded.

Fixes QubesOS/qubes-issues#5385.
2020-01-07 16:54:19 +01:00
Pawel Marczewski
552b6de862
GetAppmenus: ensure right app directories
The script depends on XDG_DATA_DIRS environment variable
being set up correctly, which is not the case when it is
running under sudo. As a result, a post-install trigger
for apt could remove application entries from other sources
(Snap, Flatpak).

Fixes QubesOS/qubes-issues#5477.
2020-01-07 15:45:05 +01:00
Pawel Marczewski
03621e5792
StartApp: remove workaround for .desktop suffix
The workaround is no longer necessary, and it breaks when
the app name itself contains .desktop (such as org.telegram.desktop).

Fixes QubesOS/qubes-issues#5408.
2020-01-07 13:06:57 +01:00
Frédéric Pierret (fepitre)
71ef524dec
vm-file-editor: drop old wait-for-session mechanism 2019-11-11 16:08:28 +01:00
Frédéric Pierret (fepitre)
a44e73900e
qubes.WaitForSession: refactor by waiting for qrexec-fork-server socket 2019-11-02 23:11:32 +01:00
Amadeusz Piotr Żołnowski
c104d73a85
Don't clean tilda files in qubes-rpc
These are not created by build system, but by some editors. Developers
should deal with extra files created by theirs editors outside of build
files.
2019-10-21 22:45:36 +01:00
Marek Marczykowski-Górecki
e43e262b2d
Merge remote-tracking branch 'origin/pr/188'
* origin/pr/188:
  Use built-in rules in qubes-rpc makefile
  Ignore build result: tar2qfile
  Remove no longer needed xorg-preload-apps.conf
  Move qubes-rpc installation from the root Makefile to qubes-rpc Makefile
2019-10-21 00:45:47 +02:00
Amadeusz Piotr Żołnowski
863c7e130f
Use built-in rules in qubes-rpc makefile
That allows a build system to customize compiler and linker and pass
extra flags to these.

Remove `-g` as default flag and enable it only when `DEBUG` variable is
set.
2019-10-20 09:12:08 +01:00
Amadeusz Piotr Żołnowski
e98d9332fa
Ignore build result: tar2qfile 2019-10-20 09:12:08 +01:00
Amadeusz Piotr Żołnowski
3152c609a9
Move qubes-rpc installation from the root Makefile to qubes-rpc Makefile
qubes-rpc has its own Makefile that's responsible for building some
executables. The root Makefile was installing qubes-rpc files. To make
qubes-rpc a bit more indepdent from core-agent root Makefile and to ease
potential maintainer work on packaging qubes-rpc separately, the
installation has been moved to qubes-rpc Makefile. Moreover that should
make the Makefiles easier to read and maintain.
2019-10-20 09:12:07 +01:00
Marek Marczykowski-Górecki
3c47a7890f
Merge branch 'fc31'
* fc31:
  rpm: switch deps to python3-setuptools on CentOS too
  debian: switch to python3
  Use spaces in xdg-icon script
  Convert other scripts to python3
  Convert qubesagent module to python3
  Minor codestyle fix in qubesadmin/firewall.py
  Require python setuptools
  Update python2 dependencies to python3 and clean deprecated requirements
2019-10-06 07:00:10 +02:00
Marek Marczykowski-Górecki
274c950af7
Use spaces in xdg-icon script 2019-09-19 04:57:55 +02:00
Marek Marczykowski-Górecki
5c9903db46
Convert other scripts to python3
QubesOS/qubes-issues#5289
2019-09-19 04:57:55 +02:00
Marta Marczykowska-Górecka
dffe0b2f1a
Make qvm-copy/move[-to-vm] one script
Instead of two scripts calling one another, now it's
only one script, with added variable names inside for clarity.
Also hopefully finally fixes the help messages for good.

fixes QubesOS/qubes-issues#4058
2019-09-09 22:03:48 +02:00
Frédéric Pierret (fepitre)
e27296da3c
Allow creating TCP sockets between qubes
QubesOS/qubes-issues#2148
2019-08-08 15:48:37 +02:00