Previously, bind-dirs.sh had a bunch of `true comment goes here` style debug messages (no-ops). Presumably this was done because these messages are intended as debug messages and would only be displayed when calling bind-dirs.sh with xtrace enabled. However, this includes some fatal errors, which are necessary to debug why bind-dirs.sh is ostensibly not working. For example, I tried to mount /var/lib/docker, didn't realize it did not exist (as an empty directory) in my base template, and there was no journalctl output at all. After this change, journalctl will contain the (very helpful) error message.
If xvda is not partitioned, checking size of device mounted as root dev
doesn't detect xvda resize - it will have the new size, while the fs on
it not. Change to checking actual filesystem size.
Also, improve log message to include the size.
FixesQubesOS/qubes-issues#4274
The qubes-core-agent-passwordless-root package ships sudo configuration,
adding to sudo group isn't needed.
Basically revert all changes made by qubes-core-agent-passwordless-root
installation.
FixesQubesOS/qubes-issues#4015
'which' is an external tool, 'type' is a shell builtin. Using the latter
shaves off a bit of latency.
Also use the already open stderr file descriptor for redirection.
- Symlink the other three tools to qvm-copy-to-vm.gnome, use the same
code where possible, and select differing behavior based on invoked
name (like the CLI tools). This brings qvm-move-to-vm.kde up to date
for R4.0 (bugfix on 89183e9).
- Get rid of a window focus race between zenity/kdialog and the
qubes.Filecopy dom0 permission dialog: Only launch the GUI after the
first line has been read from qfile-agent.
- Avoid visual glitches (e.g. for a non-existing file) by special-casing
a no-op progress function for $SIZE == 0.
- Pass -- separator between 'rm -rf' and the files to be removed, in
case someone or something ever invokes the tool on relative file names
starting with a dash.
- Pass -b (implies --apparent-size) and -s to du, to simplify percentage
calculation and to avoid unnecessary output.
The qvm-{copy,move}-to-vm.{gnome,kde} cancel buttons didn't actually
cancel, because qfile-agent ignored EPIPE and - via qfile_pack_init() -
SIGPIPE. So it never noticed when the local PROGRESS_TYPE=gui reader had
shut down.
for qvm-move
Added more descriptive usage text to the
qvm-copy/qvm-move/qvm-copy-to-vm/qvm-move-to-vm family of tools.
Also fixed bug that removed the file being moved for qvm-move-to-vm,
but not for qvm-move.
fixesQubesOS/qubes-issues#3529fixesQubesOS/qubes-issues#4020
As described in QubesOS/qubes-issues#3758, a VM may fail to start
if the volume is large. This because the whole volume is read to
ensure it's empty (=all zeros).
This changes limits the check to the first 1 GiB of the private
volume. As additional safety, a scan with blkid is done.
Fixes https://github.com/QubesOS/qubes-issues/issues/3758
Make sure that qubesdb is configured (including service start) before
executing postinst of qubes-core-agent package, which will communicate
with qubesdb service.
FixesQubesOS/qubes-issues#3951
