Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
2,581 Commits 1 Branch 0 Tags 6.4 MiB
a695902d68
Commit Graph

2581 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Marek Marczykowski-Górecki
3c1de3b4f4
Merge remote-tracking branch 'origin/pr/207' 
* origin/pr/207:
  qubes-run-terminal: use gnome-terminal --wait, if supported
 2020-01-24 01:53:33 +01:00
Pawel Marczewski
6f4d6dc9bb
qubes-run-terminal: use gnome-terminal --wait, if supported 
Fixes QubesOS/qubes-issues#4606.
 2020-01-23 11:51:56 +01:00
Marek Marczykowski-Górecki
c997008e2f
version 4.1.7 2020-01-17 05:12:04 +01:00
AJ Jordan
52d1051137
Fix typo 2020-01-16 14:12:01 -05:00
Marek Marczykowski-Górecki
3adec4b952
Merge remote-tracking branch 'origin/pr/205' 
* origin/pr/205:
  qubes-session-autostart: handle error when reading a directory
 2020-01-16 04:25:00 +01:00
Marek Marczykowski-Górecki
d2087c5abf
Merge remote-tracking branch 'origin/pr/203' 
* origin/pr/203:
  Added "QubesIncoming" shortcut to Nautilus
 2020-01-16 04:24:07 +01:00
Marek Marczykowski-Górecki
f40c4ea9eb
Merge remote-tracking branch 'origin/pr/201' 
* origin/pr/201:
  update_connected_ips: set iptables policy to drop while updating
  update_connected_ips: reload nftables using one command
  get_connected_ips: handle empty and missing keys, add tests
  update_connected_ips: correctly handle byte-string
  firewall: fix family / family_name
  qubes-firewall: correctly handle empty connected-ips list
  Update tests for anti-spoofing, add test for the method itself
  Update rule priorities for anti-spoofing
  Update firewall tests
  qubes-firewall: add anti-spoofing rules for connected machines
 2020-01-16 04:22:03 +01:00
unman
af20dbc3db
Disable package caching in apt operations 2020-01-15 18:47:53 +00:00
Pawel Marczewski
22a309d154
qubes-session-autostart: handle error when reading a directory 
Fixes QubesOS/qubes-issues#5043.
 2020-01-15 11:20:21 +01:00
Frédéric Pierret (fepitre)
9d7a3f2cb9
qubes-sysinit: set GUI_OPTS in gui-agent-linux 2020-01-14 17:57:08 +01:00
Pawel Marczewski
e6eee9f4e0
update_connected_ips: set iptables policy to drop while updating 2020-01-14 11:46:23 +01:00
Pawel Marczewski
a12e72b89c
update_connected_ips: reload nftables using one command 
Get rid of race condition between flushing the chains
and adding new rules.
 2020-01-14 10:46:51 +01:00
Pawel Marczewski
4aace50313
get_connected_ips: handle empty and missing keys, add tests 2020-01-14 10:23:41 +01:00
Pawel Marczewski
e43fd2fc5a
update_connected_ips: correctly handle byte-string 2020-01-14 10:14:00 +01:00
Pawel Marczewski
39885a4329
firewall: fix family / family_name 2020-01-13 16:47:49 +01:00
Marta Marczykowska-Górecka
fd6e551ebe
Added "QubesIncoming" shortcut to Nautilus 
A small script will add the QubesIncoming shortcut to Nautilus file pane
on the first use of qvm-copy to a given VM. The shortcut will not be recreated if
deleted.

fixes QubesOS/qubes-issues#2229
 2020-01-13 16:45:41 +01:00
Pawel Marczewski
00fbb956b4
qubes-firewall: correctly handle empty connected-ips list 2020-01-13 14:43:05 +01:00
Frédéric Pierret (fepitre)
eac2e79483
travis: switch to dom0 Fedora 31 
QubesOS/qubes-issues#5529
 2020-01-11 11:38:27 +01:00
Pawel Marczewski
860a07166b
Update tests for anti-spoofing, add test for the method itself 2020-01-10 09:19:40 +01:00
Pawel Marczewski
cd19073d50
Update rule priorities for anti-spoofing 2020-01-10 09:19:32 +01:00
Pawel Marczewski
c1d8d7bce1
Update firewall tests 2020-01-09 18:42:14 +01:00
Pawel Marczewski
bfe31cfec8
qubes-firewall: add anti-spoofing rules for connected machines 
qubes-firewall will now blacklist IP addresses from all connected
machines on non-vif* interfaces. This prevents spoofing source or
target address on packets going over an upstream link, even if
a VM in question is powered off at the moment.

Depends on QubesOS/qubes-core-admin#303 which makes admin maintain
the list of IPs in qubesdb.

Fixes QubesOS/qubes-issues#5540.
 2020-01-09 18:25:08 +01:00
Marek Marczykowski-Górecki
cc68f165bc
Merge remote-tracking branch 'origin/pr/199' 
* origin/pr/199:
  qubes.GetAppmenus: handle home directory properly in case of sudo
  Silence shellcheck
  GetAppmenus: ensure right app directories
 2020-01-09 01:38:12 +01:00
Pawel Marczewski
418a5ec6e3
qubes.GetAppmenus: handle home directory properly in case of sudo 2020-01-08 17:05:32 +01:00
Pawel Marczewski
2df17a4790
Silence shellcheck 
See https://github.com/koalaman/shellcheck/wiki/SC1090
 2020-01-08 10:29:36 +01:00
Marek Marczykowski-Górecki
cf2c91bc79
Merge remote-tracking branch 'origin/pr/200' 
* origin/pr/200:
  Make the file copy operation respect default_user
 2020-01-08 02:21:59 +01:00
Pawel Marczewski
e78edba725
Make the file copy operation respect default_user 
Previously, both file path and username were hardcoded.

Fixes QubesOS/qubes-issues#5385.
 2020-01-07 16:54:19 +01:00
Pawel Marczewski
552b6de862
GetAppmenus: ensure right app directories 
The script depends on XDG_DATA_DIRS environment variable
being set up correctly, which is not the case when it is
running under sudo. As a result, a post-install trigger
for apt could remove application entries from other sources
(Snap, Flatpak).

Fixes QubesOS/qubes-issues#5477.
 2020-01-07 15:45:05 +01:00
Pawel Marczewski
03621e5792
StartApp: remove workaround for .desktop suffix 
The workaround is no longer necessary, and it breaks when
the app name itself contains .desktop (such as org.telegram.desktop).

Fixes QubesOS/qubes-issues#5408.
 2020-01-07 13:06:57 +01:00
Patrick Schleizer
b20373213d
console=hvc0 must be last 
https://github.com/QubesOS/qubes-issues/issues/5490#issuecomment-562263712
 2019-12-07 16:56:53 +00:00
Marek Marczykowski-Górecki
1b28fcd4f1
Do not load u2mfn module anymore 
It isn't used in Qubes R4.1 anymore

QubesOS/qubes-issues#4280
 2019-12-03 13:55:49 +01:00
Jonas DOREL
281d1a5776
Mention Update Proxy in configuration 
This makes it easier to understand why this configuration is present.
 2019-12-01 13:41:54 +01:00
Marek Marczykowski-Górecki
a279b08e3f
version 4.1.6 2019-11-13 06:06:40 +01:00
Marek Marczykowski-Górecki
01aa61521b
Merge remote-tracking branch 'origin/pr/192' 
* origin/pr/192:
  vm-file-editor: drop old wait-for-session mechanism
  qubes.WaitForSession: refactor by waiting for qrexec-fork-server socket
 2019-11-13 05:43:55 +01:00
Frédéric Pierret (fepitre)
71ef524dec
vm-file-editor: drop old wait-for-session mechanism 2019-11-11 16:08:28 +01:00
Otto Sabart
b9d3e87438
archlinux: fix proxy setting in XferCommand 
Starting from pacman v5.2.0 there is a problem with updating/installing
new packages:

$ pacman -Sy
...
debug: running command: ALL_PROXY=http://127.0.0.1:8082/ /usr/bin/curl -C - -f https://gluttony.sin.cvut.cz/arch/core/os/x86_64/core.db > /var/lib/pacman/sync/core.db.part
warning: running XferCommand: fork failed!
...

The problem is caused by change in pacman "run XferCommand via exec" [0].


Refs.:
- [0] https://git.archlinux.org/pacman.git/commit/?id=808a4f15ce82d2ed7eeb06de73d0f313620558ee
- [1] https://github.com/QubesOS/qubes-issues/issues/5443
 2019-11-04 10:18:20 +01:00
Frédéric Pierret (fepitre)
a44e73900e
qubes.WaitForSession: refactor by waiting for qrexec-fork-server socket 2019-11-02 23:11:32 +01:00
Amadeusz Piotr Żołnowski
8c8666451e
Install qubes-rpc files in Archlinux 2019-10-21 23:00:51 +01:00
Amadeusz Piotr Żołnowski
c104d73a85
Don't clean tilda files in qubes-rpc 
These are not created by build system, but by some editors. Developers
should deal with extra files created by theirs editors outside of build
files.
 2019-10-21 22:45:36 +01:00
Marek Marczykowski-Górecki
e43e262b2d
Merge remote-tracking branch 'origin/pr/188' 
* origin/pr/188:
  Use built-in rules in qubes-rpc makefile
  Ignore build result: tar2qfile
  Remove no longer needed xorg-preload-apps.conf
  Move qubes-rpc installation from the root Makefile to qubes-rpc Makefile
 2019-10-21 00:45:47 +02:00
Amadeusz Piotr Żołnowski
863c7e130f
Use built-in rules in qubes-rpc makefile 
That allows a build system to customize compiler and linker and pass
extra flags to these.

Remove `-g` as default flag and enable it only when `DEBUG` variable is
set.
 2019-10-20 09:12:08 +01:00
Amadeusz Piotr Żołnowski
e98d9332fa
Ignore build result: tar2qfile 2019-10-20 09:12:08 +01:00
Amadeusz Piotr Żołnowski
6b0179c107
Remove no longer needed xorg-preload-apps.conf 2019-10-20 09:12:07 +01:00
Amadeusz Piotr Żołnowski
3152c609a9
Move qubes-rpc installation from the root Makefile to qubes-rpc Makefile 
qubes-rpc has its own Makefile that's responsible for building some
executables. The root Makefile was installing qubes-rpc files. To make
qubes-rpc a bit more indepdent from core-agent root Makefile and to ease
potential maintainer work on packaging qubes-rpc separately, the
installation has been moved to qubes-rpc Makefile. Moreover that should
make the Makefiles easier to read and maintain.
 2019-10-20 09:12:07 +01:00
Marek Marczykowski-Górecki
22246c5fdf
Merge remote-tracking branch 'origin/pr/189' 
* origin/pr/189:
  travis: switch to bionic
 2019-10-20 01:47:39 +02:00
Frédéric Pierret (fepitre)
bd94953783
travis: switch to bionic 
QubesOS/qubes-issues#4613
 2019-10-19 21:45:31 +02:00
Hans Jerry Illikainen
b9a5fb7e3f
qubes-download-dom0-updates: verify package signatures 2019-10-12 20:43:38 +00:00
Marek Marczykowski-Górecki
b7f714b742
version 4.1.5 2019-10-09 04:15:20 +02:00
Marek Marczykowski-Górecki
3c47a7890f
Merge branch 'fc31' 
* fc31:
  rpm: switch deps to python3-setuptools on CentOS too
  debian: switch to python3
  Use spaces in xdg-icon script
  Convert other scripts to python3
  Convert qubesagent module to python3
  Minor codestyle fix in qubesadmin/firewall.py
  Require python setuptools
  Update python2 dependencies to python3 and clean deprecated requirements
 2019-10-06 07:00:10 +02:00
Marek Marczykowski-Górecki
033f544d9b
Merge branch 'bug5110' 
* bug5110:
  network: don't fail the whole vif setup if IPv6 is disabled
 2019-10-06 06:33:40 +02:00