Commit Graph

2389 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
be266a00dd Include /rw in the package
On Fedora it was created in %post, but on Debian not. Unify it to simply
provide the directory as standard package content.
2014-10-19 04:38:16 +02:00
Marek Marczykowski-Górecki
a2e17ef244 systemd: fix 'service' path
On Fedora it is all the same because /sbin -> /usr/sbin symlink. But on
Debian it does matter.
2014-10-19 04:11:15 +02:00
HW42
a91dfdf48b fix xenstore-read path in network-proxy-setup.sh for debian 2014-10-01 06:51:58 +02:00
Marek Marczykowski-Górecki
7339dd1ece Introduce qubes.SetDateTime service for time synchronization
It would be called by qvm-sync-clock instead of 'date' directly. This
gives a lot of flexibility - VM can control whether it want to sync time
this way. For now slight corrections (+-2sec) are ignored to not cause
problems by frequent time changes. But it can be easily extended to
refuse time sync when some other mechanism is used.
2014-10-01 05:40:23 +02:00
Marek Marczykowski-Górecki
4ee0de9fb8 updates-proxy-setup: support setting proxy for apt (#887) 2014-10-01 05:40:14 +02:00
HW42
00e846bbbe debian: chown /home_volatile/user in posinst 2014-10-01 03:45:03 +02:00
HW42
434a794dda use sleep instead os usleep since it is more portable 2014-10-01 03:44:33 +02:00
HW42
5fcf7505fc dispvm-presun.sh needs bash 2014-10-01 02:21:12 +02:00
HW42
bbb0b3610b add xserver-xorg-video-dummy to the dependencies list of qubes-core-agent
the dummy video module is needed by the dvm prepare script
2014-10-01 02:17:29 +02:00
Marek Marczykowski-Górecki
e83a91e3d3 debian: migrate to native systemd services 2014-09-30 00:54:33 +02:00
Marek Marczykowski-Górecki
71802a4778 archlinux: modules-load.d handled now in generic files
It is no longer Archlinux specific.
2014-09-29 21:40:35 +02:00
Marek Marczykowski-Górecki
240066fc23 Add missing u2mfn module load
Is loaded as part of gui-agent startup, but qrexec-agent also needs it
so eliminate race condition here.
2014-09-29 21:39:17 +02:00
Marek Marczykowski-Górecki
4bccdb0ba5 Use systemd mechanism for loading kernel modules (when available)
One more thing done in more generic way (not Fedora-specific).
2014-09-29 21:31:10 +02:00
Marek Marczykowski-Górecki
64e8eedcb0 qrexec: check for setuid() error when calling zenity/kdialog
Mostly to mute compiler warning - only emit log message but still
continue.
2014-09-29 21:05:32 +02:00
HW42
217b5a4a5d make source.list multiarch compatible
tell apt that the qubes repos provides only packages for amd64. Without
this "apt-get update" will fail if multiarch is used in the templatevm.
2014-09-29 05:50:24 +02:00
HW42
0d0261d1c1 improve update of /etc/hosts
* use 127.0.1.1 under debian (since it's the default there)
 * also set the IPv6 loopback address (::1) since some tools tries to
   AAAA resolve the hostname (for example sendmail)
 * ensure proper /etc/hosts format through postinst-script (hostname as
   last entry)
2014-09-29 05:25:32 +02:00
HW42
4886411570 various patches for debian
this should enable debian based templates to be used as proxy/netvm
2014-09-29 05:25:24 +02:00
HW42
70bbc7923d install iptables/forwarding for debian 2014-09-29 05:25:14 +02:00
HW42
435c04e8a4 use systemd in debian 2014-09-29 05:24:26 +02:00
Marek Marczykowski-Górecki
e93cf3e81b updates-proxy: add rules for debian repositories (#887) 2014-09-29 04:05:24 +02:00
Marek Marczykowski-Górecki
2e4cdc2f8d Rename yum-proxy-setup service to updates-proxy-setup
Fedora is no longer the only supported distribution, so change the
service name to be more generic. Old name still supported for
compatibility.
2014-09-27 01:52:19 +02:00
Marek Marczykowski-Górecki
3f19c89301 Rename qubes-yum-proxy service to qubes-updates-proxy
It is no longer Fedora-only proxy, so rename to not confuse the user.
Also documentation refer to it as "updates proxy" for a long time.
2014-09-27 00:32:52 +02:00
HW42
dad11bd378 don't track debina/files (since it is autogenerated) 2014-09-26 23:19:01 +02:00
HW42
b0ac8adca3 move fedora specific stuff to install-rh target 2014-09-25 03:57:33 +02:00
Marek Marczykowski-Górecki
1e842c985d fedora: workaround slow system shutdown (#852)
It looks to be related to this report:
https://bugzilla.redhat.com/show_bug.cgi?id=1088619
Workaround idea was from comment 37.

The hanging process in Qubes VM is most likely dconf-service, but there
is a lot of possible causes. To start with a non-standard method of
accessing the X session (no real login manager, processes started by
qrexec-agent). So instead of wasting a lot of time on digging through
gnome services, simply shorten the stop timeout - the processes would be
killed anyway.
2014-09-24 14:17:24 +02:00
Marek Marczykowski-Górecki
4bd9971006 gui-fatal: do not run as root
GTK+ refuses to initialize.
2014-09-20 01:20:11 +02:00
Marek Marczykowski-Górecki
54755ac444 Avoid 100MB reserved space in private ext4 partition
The ext4 reserved space is necessary for root partitions, but in the
private.img data partition, it is wasted space (accessible only to root
processes), which means losing 100 MB of the default 2GB.

From mkfs.ext4 man page: "-m reserved-blocks-percentage Specify the
percentage of the filesystem blocks reserved for the super-user." ...
"The default percentage is 5%."
2014-09-05 22:42:14 +02:00
Marek Marczykowski-Górecki
41f65f1f5a firewall: show error message only on actual error 2014-09-03 09:59:59 +02:00
Marek Marczykowski-Górecki
1a712c3a4a version 2.1.41 2014-08-15 17:45:15 +02:00
Marek Marczykowski-Górecki
53b0d8ab17 network: fix IP address of backend network interface
Get it from settings provided by dom0, do not calculate itself. This
makes a difference for DispVMs.
2014-08-13 09:23:51 +02:00
Marek Marczykowski-Górecki
a288939156 Revert "network: use the same gateway IP generation method as backend"
This reverts commit 4ef785a016.
Actually this change was wrong - the frontend IP was correct, the
problem was with backend IP.
2014-08-13 08:58:10 +02:00
Marek Marczykowski-Górecki
4ef785a016 network: use the same gateway IP generation method as backend
Backend domain generates its IP address based on frontend IP, not
settings given from dom0. So change frontend method to the same (for
DispVM it makes a difference). Now "qubes-gateway" xenstore entry is
basically primary DNS address only.
2014-08-13 08:12:37 +02:00
Olivier MEDOC
6c8ef2ddd8 archlinux: enable/disable services when corresponding packages got installed 2014-08-02 23:47:19 +02:00
Olivier MEDOC
eb1dcd750e archlinux: follow fedora20 qubes agent improvement 2014-08-02 23:47:19 +02:00
Olivier MEDOC
34e94917ba archlinux: follow fedora20 qubes agent improvement 2014-08-02 23:47:19 +02:00
Olivier MEDOC
b488be3ff8 archlinux: add notification daemon 2014-08-02 23:47:19 +02:00
Marek Marczykowski-Górecki
1618e32993 dispvm: slow down "spinlock" while waiting for save/restore
When something go wrong, it will remain spinning indefinitely.
2014-08-02 23:44:48 +02:00
Marek Marczykowski-Górecki
77abedee36 version 2.1.40 2014-07-28 02:38:59 +02:00
Marek Marczykowski-Górecki
3bcf34942a debian: do not restart service during upgrade
It will break the VM (qrexec daemon will not be restarted, so VM will be
isolated from any qrexec calls, like qvm-run).
2014-07-28 02:29:26 +02:00
Marek Marczykowski-Górecki
9fc9b8ede7 debian: fix qfile-unpacker perms
Leave suid in place, it is required here.
2014-07-28 02:29:00 +02:00
Marek Marczykowski-Górecki
48b6bc5e5e debian: add updates repo definition and key 2014-07-28 02:27:56 +02:00
Marek Marczykowski-Górecki
fa7cb2cc2a gitignore: fix binary packages declaration 2014-07-27 06:11:14 +02:00
Marek Marczykowski-Górecki
4d300ff137 Fix bashism
Debian has dash as default shell.
2014-07-26 03:58:21 +02:00
Marek Marczykowski-Górecki
2801f3673d gitignore 2014-07-26 02:15:16 +02:00
Marek Marczykowski-Górecki
f0f82fc7e5 qrexec: fix loop bounds 2014-07-26 02:14:56 +02:00
Marek Marczykowski-Górecki
27a12a0aac debian: update deps 2014-07-26 01:57:58 +02:00
Davíð Steinn Geirsson
65e8e96a68 Initial debian packaging 2014-07-23 05:13:32 +02:00
Davíð Steinn Geirsson
7098842bb6 Explicitly specify /bin/bash for Makefile SHELL, since it's required. 2014-07-23 05:13:22 +02:00
Davíð Steinn Geirsson
e5fa610b0d Use xenstore.h instead of xs.h when xen >= 4.2 2014-07-23 05:13:06 +02:00
Davíð Steinn Geirsson
2ddea415b2 Check for xenstore-read in /usr/sbin as well (default on debian) 2014-07-23 05:11:31 +02:00