Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
359 Commits 1 Branch 0 Tags 6.4 MiB
bcb4dfe007
Commit Graph

359 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Rafal Wojtczuk
bcb4dfe007 firewall: call iptables-restore once per domain (#311) 
qubes.py now places rules for each domain in a separate key under
/local/domain/fw_XID/qubes_iptables_domainrules/
plus the header in /local/domain/fw_XID/qubes_iptables_header.
/local/domain/fw_XID/qubes_iptables is now just a trigger.
So, if iptables-restore fails dues to e.g. error resolving a domain name
in a rules for a domain, then only this domain will not get connectivity,
others will work fine.
 2011-07-29 16:50:12 +02:00
Rafal Wojtczuk
4a5f42980b Add comments to policy files. 2011-07-22 16:11:03 +02:00
Rafal Wojtczuk
b4afa5fe63 qrexec: use $anyvm and $dispvm symbols 2011-07-22 16:07:06 +02:00
Marek Marczykowski
24c7e729e5 version 1.6.9 2011-07-17 01:54:27 +02:00
Marek Marczykowski
f56a993b84 vm: move dom0-updates dir to core-appvm package (#198) 
At core-commonvm installation stage "user" can no exists.
 2011-07-17 01:20:13 +02:00
Marek Marczykowski
22fbccee6b dom0+vm: download updates as normal user (#198) 2011-07-17 01:20:13 +02:00
Marek Marczykowski
382dafb6cd vm: Split updates check and download into separate scripts (#198) 2011-07-17 01:20:13 +02:00
Marek Marczykowski
ac61edf880 dom0: implement size/file-count limit of downloaded updates (#198) 
Currently limit is 2GB and 2048 files, but can be adjusted by env variables
(UPDATES_MAX_BYTES, UPDATES_MAX_FILES).
 2011-07-17 01:20:13 +02:00
Marek Marczykowski
74b7eee8ce version 1.6.8 2011-07-14 02:21:30 +02:00
Marek Marczykowski
4da05e52d8 vm: more reliably set IP address of VM 2011-07-14 02:11:43 +02:00
Marek Marczykowski
1288b7a839 vm: Do not try to load non-existing xen-evtchn module 2011-07-10 23:54:23 +02:00
Marek Marczykowski
37aed29a41 gitignore 2011-07-10 12:47:09 +02:00
Marek Marczykowski
38ad0a52e3 vm: Fix IP address of DispVM after restore (#247) 
IP was set by udev script only on VM start, not restore
 2011-07-09 17:54:47 +02:00
Marek Marczykowski
f1321e0904 Merge branch 'qrexec2' of git://git.qubes-os.org/rafal/core 2011-07-09 16:52:54 +02:00
Marek Marczykowski
626bd1568a vm: fix udev rules for VM network hotplug 2011-07-09 16:52:51 +02:00
Marek Marczykowski
448cc30b0f Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 
Conflicts:
	dom0/qvm-core/qubes.py
 2011-07-08 21:37:43 +02:00
Rafal Wojtczuk
f8d3c0df21 qrexec: git add missing files 2011-07-07 11:17:00 +02:00
Rafal Wojtczuk
601d0ec931 qrexec: adjust updates fetching to the new qrexec api 2011-07-06 14:44:40 +02:00
Rafal Wojtczuk
3ea7aca257 qrexec: change qrexec_client_vm syntax to be nicer to read 
Now the local_program is just before arguments, which is nicer.
 2011-07-06 14:21:35 +02:00
Rafal Wojtczuk
9b831e32cb qrexec: adjust appmenu syncing to the new qrexec api 2011-07-06 14:09:36 +02:00
Rafal Wojtczuk
dc33f0c9a7 qrexec: adjust DispVM code to the new qrexec API 
Note, we have qvm-open-in-vm totally for free.
 2011-07-06 12:32:20 +02:00
Rafal Wojtczuk
b87da183ce qrexec: adjust intervm file copy code to the new qrexec API 2011-07-06 10:17:58 +02:00
Rafal Wojtczuk
b5d30a9d54 qrexec: last two missing pieces of the new rpc infrastructure 2011-07-05 18:35:03 +02:00
Rafal Wojtczuk
dde44ee6ef qrexec: add qrexec_client_vm.c 2011-07-05 11:03:31 +02:00
Rafal Wojtczuk
321c3ad499 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core into syncmarek 
Conflicts:
	dom0/init.d/qubes_core
 2011-07-04 15:28:40 +02:00
Marek Marczykowski
3b81062087 vm: remove /lib/modules from fstab (#263) 
This is mounted by initramfs
 2011-07-03 20:53:36 +02:00
Marek Marczykowski
f963a419b6 vm: Do not setup IP second time 
It is assigned by udev script
 2011-07-03 20:11:55 +02:00
Marek Marczykowski
508a39cbb0 vm: Load evtchn module by script in /etc/sysconfig/modules 2011-07-02 19:11:15 +02:00
Marek Marczykowski
84eaf09bc6 Revert "vm: Load evtchn module in qubes_core" 
This reverts commit 26a9b7754514bae4dabf57808c9be22e2b560416.
Will be loaded by separate script in /etc/sysconfig/modules

Conflicts:

	common/qubes_core
 2011-07-02 19:09:28 +02:00
Marek Marczykowski
be515f13f3 Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 2011-07-02 18:49:18 +02:00
Joanna Rutkowska
18d55a9faa version 1.6.6 2011-07-02 13:36:19 +02:00
Joanna Rutkowska
232f22856c vm: qubes_core ident fixes 2011-07-02 13:14:57 +02:00
Joanna Rutkowska
0574daa2c5 vm: Load evtchn module in qubes_core 2011-07-02 13:12:53 +02:00
Joanna Rutkowska
313928c305 version: 1.6.5 2011-07-02 00:30:28 +02:00
Joanna Rutkowska
62c1a9c780 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-07-02 00:29:32 +02:00
Marek Marczykowski
c01485b19a vm: Load u2mfn module 2011-07-02 00:24:20 +02:00
Joanna Rutkowska
3d1ca80d28 Update VM yum repos confs for Beta2 2011-07-01 22:56:11 +02:00
Joanna Rutkowska
b2482f8025 Makefile: don't autoupdate yum repo after copying rpms there 2011-06-30 20:47:48 +02:00
Joanna Rutkowska
a3cf058b2f Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-06-30 20:41:57 +02:00
Marek Marczykowski
7abf507f6f dom0+vm: version 1.6.4 2011-06-30 01:27:14 +02:00
Marek Marczykowski
b6f036caf2 dom0+vm: Update VM kernel mechanism (#242) 
Get kernel from global kernels dir (/var/lib/qubes/vm-kernels), not per-VM. Can
be configured by qvm-prefs (kernel parameter).
New tool: qvm-set-default-kernel

For backward compatibility kernel=None means kernel in VM dir (kernels subdir).
(possibly empty) modules.img should be created in it.
 2011-06-30 01:07:47 +02:00
Marek Marczykowski
ae8a8229ee vm: Check for TemplateVM updates (#198) 
Just before dom0 updates check for TemplateVM updates and notify the user when
there are some.
 2011-06-27 21:14:34 +02:00
Marek Marczykowski
a62644bb4f vm: Run ntpd in FirewallVM as clock source for dom0 (#198) 2011-06-27 21:14:34 +02:00
Joanna Rutkowska
2bf8693777 Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-06-25 23:17:53 +02:00
Joanna Rutkowska
a7c679c6e7 Makefile: automaically copy rpms to _all_ vm repos 2011-06-24 23:00:40 +02:00
Joanna Rutkowska
663f3df4ef Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 2011-06-24 17:03:14 +02:00
Marek Marczykowski
1f96cf795b version 1.6.2 2011-06-24 16:51:34 +02:00
Joanna Rutkowska
2514401ccd Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/marmarek/core 
Conflicts:
	version_vm
 2011-06-24 16:16:44 +02:00
Marek Marczykowski
f564a4d143 dom0+vm: Tools for downloading dom0 update by VM (#198) 
Mainly 4 parts:
 - scripts for providing rpmdb and yum repos to VM (choosen by qvm-set-updatevm)
 - VM script for downloading updates (qubes_download_dom0_updates.sh)
 - qfile-dom0-unpacker which receive updates, check signatures and place its in dom0 local yum repo
 - qvm-dom0-upgrade which calls all of above and after all yum gpk-update-viewer

Besides qvm-dom0-upgrade, updates are checked every 6h and user is prompted if
want to download it. At dom0 side gpk-update-icon (disabled yet) should notice
new updates in "local" repo.
 2011-06-22 00:44:48 +02:00
Marek Marczykowski
6602679130 version 1.6.1 2011-06-12 02:27:30 +02:00