* fc31:
rpm: switch deps to python3-setuptools on CentOS too
debian: switch to python3
Use spaces in xdg-icon script
Convert other scripts to python3
Convert qubesagent module to python3
Minor codestyle fix in qubesadmin/firewall.py
Require python setuptools
Update python2 dependencies to python3 and clean deprecated requirements
Instead of two scripts calling one another, now it's
only one script, with added variable names inside for clarity.
Also hopefully finally fixes the help messages for good.
fixesQubesOS/qubes-issues#4058
When calling su with a specific script, specify /bin/sh shell to be sure
to use posix compliant shell. User shell may not be a one (like fish).
FixesQubesOS/qubes-issues#5135
Both Archlinux and Fedora 29 have guidelines to point explicitly at
/usr/bin/python2 where it expect python2.
Also, do not use env.
FixesQubesOS/qubes-issues#4027
It may be useful to create AppVM-specific menu entries in AppVM itself.
It may be an application installed there (in /usr/local, or using snap
QubesOS/qubes-issues#2766), but it may be also some user custom
shortcut.
To support this, dom0 will accept menu entries also from
TemplateBasedVMs. But to avoid duplicates, qubes.GetAppmenus service
should send only menu entries actually stored in that VM, not inherited
from its template. To distingush them, first check what type of
persistence this VM has (from qubesdb-read /qubes-vm-persistence). If
it's rw-only, send only entries stored on /rw.
To make it more robust, use $XDG_DATA_DIRS and $XDG_DATA_HOME to
discover directories, instead of looking only for
/usr/{,local/}share/applications. This makes snap and flatpak handled
for free.
FixesQubesOS/qubes-issues#4152
- Symlink the other three tools to qvm-copy-to-vm.gnome, use the same
code where possible, and select differing behavior based on invoked
name (like the CLI tools). This brings qvm-move-to-vm.kde up to date
for R4.0 (bugfix on 89183e9).
- Get rid of a window focus race between zenity/kdialog and the
qubes.Filecopy dom0 permission dialog: Only launch the GUI after the
first line has been read from qfile-agent.
- Avoid visual glitches (e.g. for a non-existing file) by special-casing
a no-op progress function for $SIZE == 0.
- Pass -- separator between 'rm -rf' and the files to be removed, in
case someone or something ever invokes the tool on relative file names
starting with a dash.
- Pass -b (implies --apparent-size) and -s to du, to simplify percentage
calculation and to avoid unnecessary output.
The qvm-{copy,move}-to-vm.{gnome,kde} cancel buttons didn't actually
cancel, because qfile-agent ignored EPIPE and - via qfile_pack_init() -
SIGPIPE. So it never noticed when the local PROGRESS_TYPE=gui reader had
shut down.
for qvm-move
Added more descriptive usage text to the
qvm-copy/qvm-move/qvm-copy-to-vm/qvm-move-to-vm family of tools.
Also fixed bug that removed the file being moved for qvm-move-to-vm,
but not for qvm-move.
fixesQubesOS/qubes-issues#3529fixesQubesOS/qubes-issues#4020
This will cause most applications to disallow changing the file and also
add some visual indication about the view being read only. This will
avoid making the changes that would be discarded later.
QubesOS/qubes-issues#1118
Implement option to disallow (ignore in fact) modifications of file
opened in another VM (including DispVM).
This commit implements actual services part and handling in wrapping scripts.
FixesQubesOS/qubes-issues#1118
... instead of requested user. This makes sure that session startup
script will be able to send a signal here to notify about session
startup.
This is especially needed when the first service started in the VM is
called as root (like qubes.InstallUpdatesGUI).
FixesQubesOS/qubes-issues#3526
When VM is set to synchronize the time with the network, to not sync its
time with clockvm.
Besides not having sense, in default configuration it will lead to
loopback qrexec connection (sys-net -> sys-net), which will hang.
QubesOS/qubes-issues#3333
The most common thing to fix S3 sleep is to unload PCI devices drivers
before suspend. Instead of having every user figuring out what drivers
needs to be blacklisted, detach all drivers from actual PCI devices.
Exclude qemu emulated devices.
FixesQubesOS/qubes-issues#3486
qvm-run-vm cannot make a separate qubes.WaitForSession call for a
DispVM. Instead, pass the new WaitForSession argument to qubes.VMShell,
which will do the equivalent.
There was a bug that interpreted '-' as file type. But convert don't
know how to handle '-' file type, so refused to proceed.
FixesQubesOS/qubes-issues#3085
* qubesos/pr/72:
Fix UCA mistake and qvm-actions script
Fix ShellCheck comments
Add debian package support
Disable Thunar thumbnails
Add support for Thunar Qubes VM tools
* fixes-20171019:
debian: cleanup after splitting qubes-core-agent
Fix removing temporary file after editing in (Disp)VM
network: fix rules for network setup on new udev
debian: disable timer-based apt-get
Fix removing the file - do not free its filename just before unlink call
(scheduled with atexit function).
At the same time, place the temporary file in a unique directory,
making it possible to edit multiple files with the same name at once.
Remove that directory at exit too.
FixesQubesOS/qubes-issues#3112
If root filesystem is the last partition (new layout), resize it
in-place. Use 'parted' tool because it can resize just one partition,
without need to specify the whole new partition table. Since the
partition is mounted, parted is unhappy to modify it. Force it by
answering to its interactive prompts, and add (apparently not
documented) ---pretend-input-tty to use those answers even
though stdin is not a tty. Split the operation into multiple parted
calls, for more reliable interactive prompts handling.
Qubes 3.x disk layout (no partition table) is also supported, but the
one that was used in Qubes 4.0 rc1 (root filesystem as the first
partition) is not.
FixesQubesOS/qubes-issues#3173QubesOS/qubes-issues#3143
Default `ask` policy ignore target domain specified by the caller, so it
doesn't make sense to specify one. Provide convenient wrappers not
needing one. Do not change behaviour of existing tools for compatibility
reasons.
FixesQubesOS/qubes-issues#3141
clock synchronization mechanism rewritten to use systemd-timesync instead of NtpDate; at the moment, requires:
- modifying /etc/qubes-rpc/policy/qubes.GetDate to redirect GetDate to designated clockvm
- enabling clocksync service in clockvm ( qvm-features clockvm-name service/clocksync true )
Works as specified in issue listed below, except for:
- each VM synces with clockvm after boot and every 6h
- clockvm synces time with the Internet using systemd-timesync
- dom0 synces itself with clockvm every 1h (using cron)
fixesQubesOS/qubes-issues#1230
- there are many netcat versions (openbsd, nmap, ...), which behave
differently - especially while handling EOF
- Debian jessie doesn't have nmap-ncat (which handle EOFs sufficiently
good)
QubesOS/qubes-issues#1854
It is expected to be killed by a signal. Exit with returncode 0 anyway.
While at it, adjust it for current service format (executable, with
proper shebang).
This is meant to notify dom0 about features supported by just-installed
template. This service is called by dom0 just after template
installation.
FixesQubesOS/qubes-issues#1637
Documentation pending: QubesOS/qubes-issues#2829
Configure package manager to use 127.0.0.1:8082 as proxy instead of
"magic" IP intercepted later. The listen on this port and whenever
new connection arrives, spawn qubes.UpdatesProxy service call (to
default target domain - subject to configuration in dom0) and connect
its stdin/out to the local TCP connection. This part use systemd.socket
unit in case of systemd, and ncat --exec otherwise.
On the other end - in target domain - simply pass stdin/out to updates
proxy (tinyproxy) running locally.
It's important to _not_ configure the same VM to both be updates proxy and
use it. In practice such configuration makes little sense - if VM can
access network (which is required to run updates proxy), package manager
can use it directly. Even if this network access is through some
VPN/Tor. If a single VM would be configured as both proxy provider and
proxy user, connection would loop back to itself. Because of this, proxy
connection redirection (to qrexec service) is disabled when the same VM
also run updates proxy.
FixesQubesOS/qubes-issues#1854
This way:
- VM prompt do know VM list, the list may be filtered based on policy
- source VM don't learn name of target VM
FixesQubesOS/qubes-issues#910
This have many advantages:
- prevent XSS (QubesOS/qubes-issues#1462)
- use default browser instead of default HTML viewer
- better qrexec policy control
- easier to control where are opened files vs URLs
For now allow only http(s):// and ftp:// addresses (especially prevent
file://). But this list can be easily extended.
QubesOS/qubes-issues#1462FixesQubesOS/qubes-issues#1487
rsvg-convert doesn't scale the image. Do it with convert, only when
really needed. Don't upscale the icon after converting to raster
version.
FixesQubesOS/qubes-issues#1884
* qubesos/pr/11:
Properly handle case of empty domain name.
Use proper quoting around variables.
Move usage information printing to separate function, and print usage to stderr; also added some spacing.
Use proper space-expanded tabs, as per the coding guidelines.
Those are currently barely useful, since starting the application isn't
the biggest bottleneck of DispVM. And since stderr is now visible on
qvm-open-in-dvm output, not scare the user with it.
* origin/pr/61:
update-proxy: use curl instead of wget in archlinux in order to limit additional dependencies
archlinux: properly add qubes markers in pacman.conf
archlinux: add Qubes Markers in pacman.conf so that changes done by qubes scripts are not inserted at the end of pacman.conf
implement update proxy support for archlinux
archlinux: add gcc and make as make dependencies
update qubes.InstallUpdateGUI to support archlinux
xdg-open is more robust in choosing default application for particular
file type: it supports fallback if the preferred application isn't
working, and most importantly it support system-wide defaults
(/usr/share/applications/defaults.list,
/usr/share/applications/mimeapps.list), so no "random" application is
chosen.
By default xdg-open tries to use environment-specific tool, like
gvfs-open - which isn't good for us, because many such tools do not wait
for editor/viewer termination. That would mean that DisposableVM would
be destroyed just after opening the file.
To avoid such effect, we set DE=generic.
FixesQubesOS/qubes-issues#1621
No functional change.
This will make it easier to switch the tool (without recompiling
vm-file-editor), or even use differrent tools depending on some
conditions.
QubesOS/qubes-issues#1621
