Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
1,815 Commits 1 Branch 0 Tags 34 MiB
da82d93780
Commit Graph

191 Commits

Author SHA1 Message Date
Patrick Schleizer
5d6cf722a8
No longer start /etc/init.d/tinyproxy by default anymore. 
But allow users to re-enable it through qubes-service framework.
/var/run/qubes-service/tinyproxy

Thanks to @marmarek for helping with this fix!

https://github.com/QubesOS/qubes-issues/issues/1401
 2015-11-11 14:57:36 +00:00
Marek Marczykowski-Górecki
2a589f2c20
updates-proxy: use separate directory for PID file 
And also use systemd-tmpfiles for that directory creation.

Fixes QubesOS/qubes-issues#1401
 2015-11-11 05:57:57 +01:00
Marek Marczykowski-Górecki
90b4398863
Merge remote-tracking branch 'origin/pr/43' 
* origin/pr/43:
  preset disable tinyproxy by default
 2015-11-11 05:27:52 +01:00
Marek Marczykowski-Górecki
3466f3df35
systemd: make sure that update check is started only after qrexec-agent 2015-11-11 02:36:57 +01:00
Patrick Schleizer
f32dccb5e3 preset disable tinyproxy by default 
Fixes https://github.com/QubesOS/qubes-issues/issues/1401
 2015-11-10 20:08:26 +00:00
Olivier MEDOC
0c33c73b8e dropins: implement dropins for systemd user starting with pulseaudio systemd service and socket masking 
Conflicts:
	Makefile
 2015-11-07 19:12:30 +01:00
Olivier MEDOC
4b5332081e add DROPINS for org.cups.cupsd systemd files. 2015-11-06 19:36:52 +01:00
Marek Marczykowski-Górecki
6752be9196
No longer disable auditd 
On Fedora 22 console is trashed with a lot of messages without auditd
running.

QubesOS/qubes-issues#1282
 2015-11-03 18:15:20 +01:00
Marek Marczykowski-Górecki
c2596a0435
Setup updates proxy in dnf and PackageKit 
DNF doesn't support even including another config file, so all the
settings needs to go into `/etc/dnf/dnf.conf`. The same about
PackageKit, which is needed because it doesn't use `dnf.conf`:
http://lists.freedesktop.org/archives/packagekit/2015-September/026389.html

Because that proxy settings goes to so many places now, create a
separate script for that.

QubesOS/qubes-issues#1282
QubesOS/qubes-issues#1197
 2015-10-30 15:13:56 +01:00
Patrick Schleizer
f063b4a90f
Renamed qubes-mount-home to qubes-mount-dirs. 
Renamed qubes-mount-home service and mount-home.sh script to qubes-mount-dirs service and mount-dirs.sh.
Because mount-home.sh also processed /rw/usrlocal.
preparation to fix the following issues:
- upstream bind-directories functionality to Qubes - https://phabricator.whonix.org/T414
- Bind mount /rw/usrlocal -> /usr/local instead of symlink - https://github.com/QubesOS/qubes-issues/issues/1150
- /bin/sync hangs forever in whonix-ws-dvm - https://github.com/QubesOS/qubes-issues/issues/1328
 2015-10-15 20:57:43 +00:00
Patrick Schleizer
2eb0ed2be1
removed trailing spaces 2015-10-15 04:34:55 +02:00
Marek Marczykowski-Górecki
7963fb91c7
systemd: actually enable qubes-random-seed service 
QubesOS/qubes-issues#1311
 2015-10-10 16:23:46 +02:00
HW42
05292c0ac5
reload qubes-random-seed when restoring DispVM 2015-10-10 00:45:48 +02:00
HW42
0ffa746678
qubes-random-seed: feed kernel rng with randomness from dom0 2015-10-10 00:45:44 +02:00
Marek Marczykowski-Górecki
2bdbf37ef9
Run 'ldconfig' to update /usr/local/lib* cache, if applicable 
Fixes QubesOS/qubes-issues#1255
 2015-10-05 06:13:49 +02:00
Marek Marczykowski-Górecki
8e497bffc0
Merge branch 'qubes-iptables' 
Conflicts:
	debian/control
	rpm_spec/core-vm.spec

QubesOS/qubes-issues#1067
 2015-10-05 01:47:01 +02:00
Marek Marczykowski-Górecki
2a39adfe0f
Enlarge /tmp and /dev/shm 
Initial size of those tmpfs-mounted directories is calculated as 50% of
RAM at VM startup time. Which happen to be quite small number, like
150M. Having such small /tmp and/or /dev/shm apparently isn't enough for
some applications like Google chrome. So set the size statically at 1GB,
which would be the case for baremetal system with 2GB of RAM.

Fixes QubesOS/qubes-issues#1003
 2015-10-04 23:07:10 +02:00
Patrick Schleizer
c13e11d57e fixed 'Debian 8 apt.config.d misconfiguration' 
prevent the Acquire::http::Proxy setting ending up multiple times inside /etc/apt/apt.conf.d/01qubes-proxy
(reported by @Scinawa)
https://github.com/QubesOS/qubes-issues/issues/1186
 2015-09-12 18:34:49 +00:00
Marek Marczykowski-Górecki
c09d1d9d61
systemd: fix starting cups 2015-09-01 17:19:59 +02:00
Marek Marczykowski-Górecki
4703e3fca7
Remove dynamically generated autostart desktop files 
qubesos/qubes-issues#1151
 2015-08-27 22:08:04 +02:00
Marek Marczykowski-Górecki
3ccbde9a3c
debian: disable netfilter-persistent.service 
This is now handled by qubes-iptables.service

qubesos/qubes-issues#1067
 2015-08-09 20:32:35 +02:00
Marek Marczykowski-Górecki
65e9e4c72c
network: use own iptables service instead of repurposing existing one 
There were multiple problems with reusing existing one:
 - need to sync with upstream changes (configuration path etc)
 - conflicts resolution on updates
 - lack of iptables --wait, which causes firewall fail to load sometimes

QubesOS/qubes-issues#1067
 2015-08-09 20:09:51 +02:00
Marek Marczykowski-Górecki
13c54badcb
Move /usr/share/qubes/xdg to /var/lib/qubes/xdg 
No files in /usr should be modified during package runtime, `/var` is
for that. So move this data there.
 2015-08-08 02:01:15 +02:00
Jason Mehring
b6c19fc2ef qubes-desktop-file-install: Manages xdg desktop entry files 
qubes-desktop-file-install is called by qubes-triggers-desktop-file-install. It's
arguments are based on the Gnome desktop-install-file utility to allow it to be replaced
by same.  Currently the Gnome utility can not be used since it automatically validates
the .desktop entry files with no option to skip validation and will fail on some third
party .desktop files that are not formed properly.

A single trigger script is shared between Fedora, Debian.  This script is used by the
package managers triggers and will copy original .desktop files from `/etc/xdg/autostart`
to `/usr/share/qubes/xdg/autostart` and modify the OnlyShownIn / NotShownIn, etc.  The
original .desktop files are left untouched and left in place.

Qubes modifies the XDG_CONFIG_DIRS to first include the `/usr/share/qubes/xdg`
directory (XDG_CONFIG_DIRS=/usr/share/qubes/xdg:/etc/xdg).

If a package gets removed, it's desktop entry is also removed from the /usr/share/qubes/xdg
directory.

'qubes-desktop-file-install' options:
   --dir DIR                          Install desktop files to the DIR directory (default: <FILE>)
   --force                            Force overwrite of existing desktop files (default: False)
   --remove-show-in                   Remove the "OnlyShowIn" and "NotShowIn" entries from the desktop file (default: False)
   --remove-key KEY                   Remove the KEY key from the desktop files, if present
   --set-key (KEY VALUE)              Set the KEY key to VALUE
   --remove-only-show-in ENVIRONMENT  Remove ENVIRONMENT from the list of desktop environment where the desktop files should be displayed
   --add-only-show-in ENVIRONMENT     Add ENVIRONMENT to the list of desktop environment where the desktop files should be displayed
   --remove-not-show-in ENVIRONMENT   Remove ENVIRONMENT from the list of desktop environment where the desktop files should not be displayed
   --add-not-show-in ENVIRONMENT      Add ENVIRONMENT to the list of desktop environment where the desktop files should not be displayed
 2015-08-07 09:15:30 -04:00
Jason Mehring
b3a692b8cc vm-systemd: Add systemd drop-in support which include conditionals to prevent services from starting 
Added all the drop-ins and remove older .service overrides
 2015-08-04 10:32:41 -04:00
Jason Mehring
579f731e5e Re-aranged qubes-vm.preset to indicate which services are specificly for Fedora only 2015-08-04 10:32:41 -04:00
Jason Mehring
bd47b0cfdc
Use 'which' to locate fuser since fuser path is different in Fedora and Debian 2015-08-02 17:45:31 -04:00
Marek Marczykowski-Górecki
549761a144 Do not override file pointed by /etc/localtime symlink 
On Fedora 21 (and probably others) /etc/localtime is no longer file
copy, but a symlink to original timezone file. Using `cp` to change
timezone here would override original file instead of just changing the
timezone.

Details:
https://groups.google.com/d/msgid/qubes-users/4a0de9457e08b93d1a39ac4cdbc6b632%40ruggedinbox.com
 2015-06-23 19:59:17 +02:00
Jason Mehring
21d89335fe
debian: Update notification now notifies dom0 when an upgrade is completed 2015-04-25 03:44:28 -04:00
Jason Mehring
4373cda566 Changed location of PROTECTED_FILE_LIST to /etc/qubes/protected-files.d 2015-04-25 02:36:43 +02:00
Jason Mehring
56b0685aaa whonix: Added protected-files file used to prevent scripts from modifying files that need to be protected 
A file is created in /var/lib/qubes/protected-files.  Scripts can grep this file before modifying
        known files to be protected and skip any modifications if the file path is within protected-files.

        Usage Example:
            if ! grep -q "^/etc/hostname$" "${PROTECTED_FILE_LIST}" 2>/dev/null; then

        Also cleaned up maintainer scripts removing unneeded systemd status functions and streamlined
        the enable/disable systemd unit files functions
 2015-04-25 02:36:43 +02:00
Marek Marczykowski-Górecki
f2cf6933b9 prepare-dvm: fix bashism 
$(( )) is POSIX syntax for shell arithmetic operations. Especially dash
(default shell in Debian) doesn't support $[ ].
 2015-04-15 18:52:42 +02:00
Marek Marczykowski-Górecki
ff63a0b876 Minor fixes in mount-home.sh 
Hide unneeded messages.
 2015-04-11 02:51:10 +02:00
Marek Marczykowski-Górecki
65bc22fd1d Fix resizing of /rw partition (private.img) 
Offline resize requires to run fsck -f first. Because we support only
growing that image, we can simply use online resize instead.

This finally fixes qubesos/qubes-issues#772
 2015-04-11 02:47:16 +02:00
Marek Marczykowski-Górecki
285071bd59 systemd: disable avahi-daemon and dnf-makecache 
Especially dnf-makecache is senseless as its state will not survive VM
restart, but it takes a lot of CPU time.
 2015-04-10 18:23:14 +02:00
Marek Marczykowski-Górecki
343ce1814c systemd: use presets to enable services, call preset-all 
This way the services will be enabled/disabled regardless of its initial
state.
 2015-04-07 02:30:59 +02:00
Marek Marczykowski-Górecki
a58d0f95f7 Update comments and xenbus intf in startup scripts regarding vchan requirements 2015-03-25 00:20:11 +01:00
Marek Marczykowski-Górecki
04b5bd1b0a Do not load xen-usbfront automatically 
We no longer provide this module (it looks to be a dead project).
Instead in newer kernel USBIP can be used.
 2015-03-21 00:54:19 +01:00
Marek Marczykowski-Górecki
b0c90d9d6c Provide stub files in /rw/config 2015-03-19 23:40:25 +01:00
Marek Marczykowski-Górecki
34a38c668e Create filesystem if the private.img is empty 2015-03-18 00:33:30 +01:00
Marek Marczykowski-Górecki
3687c4e622 dispvm: do not restart qubesdb-daemon, use watch instead 
qubesdb-daemon will handle reconnection by itself.
 2015-03-04 02:10:28 +01:00
Marek Marczykowski-Górecki
57be910135 dispvm: include memory caches in "used memory" notification 
Also make the code more readable.
 2015-03-04 02:09:18 +01:00
Marek Marczykowski-Górecki
4303b7dc52 dispvm: use qubes.WaitForSession to wait for gui-agent startup 2015-03-04 02:08:22 +01:00
Marek Marczykowski-Górecki
88d7ca7940 Move mounting /rw and /home to separate service 
Many services depended on misc-post only because this was where /home
gets mounted. Move that to separate service, started earlier.
 2015-03-04 01:52:18 +01:00
Marek Marczykowski-Górecki
06a0d30d50 dispvm: start gui agent early, do not kill Xorg 
Now gui agent support reconnecting to guid.
 2015-03-02 02:30:06 +01:00
Marek Marczykowski-Górecki
fdca69ae78 fc21: fix DispVM preparation - Xorg has new name 2015-03-01 20:27:27 +01:00
Marek Marczykowski-Górecki
f8db065a75 Merge remote-tracking branch 'nrgaway/r3-templates' 2015-02-17 04:58:04 +01:00
Marek Marczykowski-Górecki
e47197569a Adjust permissions of /var/run/qubes 2015-02-17 04:56:35 +01:00
Jason Mehring
f1390c1436 Set permissions to /proc/xen/privcmd, so a user in qubes group can access 2015-02-11 08:02:55 -05:00
Matt McCutchen
377e0b4cd4 Switch to preset file for systemd units to disable. 2015-02-09 06:35:05 +01:00
HW42
dad5bfbd18 remove 'bashisms' or explicit use bash 2015-02-05 05:42:08 +01:00
Marek Marczykowski-Górecki
19a4c6d0dd network: support for not setting DNS and/or default gateway (v2) 
This patch introduces two new qvm-services:
 - disable-default-route
 - disable-dns-server
Both disabled by default. You can enable any of them to not set default
route and/or DNS servers in the VM. Those settings have no effect on
NetVM, where such settings are controlled by NetworkManager.

This is based on patch sent by Joonas Lehtonen
<joonas.lehtonen@openmailbox.org>
https://groups.google.com/d/msgid/qubes-devel/54C7FB59.2020603%40openmailbox.org

Conflicts:
	network/setup-ip
	vm-init.d/qubes-core
	vm-systemd/qubes-sysinit.sh
 2015-01-30 00:52:31 +01:00
Marek Marczykowski-Górecki
efb79d5784 systemd: allow to start cron daemon (#909) 2015-01-30 00:48:56 +01:00
Marek Marczykowski-Górecki
4637735882 network: support for not setting DNS and/or default gateway 
This patch introduces two new qvm-services:
 - set-default-route
 - set-dns-server
Both enabled by default. You can disable any of them to not set default
route and/or DNS servers in the VM. Those settings have no effect on
NetVM, where such settings are controlled by NetworkManager.

This is based on patch sent by Joonas Lehtonen
<joonas.lehtonen@openmailbox.org>
https://groups.google.com/d/msgid/qubes-devel/54C39656.3090303%40openmailbox.org

Conflicts:
	network/setup-ip
	vm-init.d/qubes-core
	vm-systemd/qubes-sysinit.sh
 2015-01-30 00:48:55 +01:00
Marek Marczykowski-Górecki
756293ec75 Fix disabling nm-applet when NM is disabled 2015-01-30 00:32:09 +01:00
Marek Marczykowski-Górecki
9130636c88 Merge branch 'debian' 
Conflicts:
	misc/qubes-r2.list.in
	misc/qubes-trigger-sync-appmenus.sh
	network/30-qubes-external-ip
	network/qubes-firewall
	vm-systemd/network-proxy-setup.sh
	vm-systemd/prepare-dvm.sh
	vm-systemd/qubes-sysinit.sh
 2015-01-30 00:30:24 +01:00
Marek Marczykowski
d00d52fc31 dispvm: restart qubesdb at DispVM start 
To connect to new qubesdb daemon in dom0.
 2014-11-19 15:34:33 +01:00
Marek Marczykowski
1f04cf34cc systemd: fix qubes-service handling 
qubesdb-list does show only list of paths, without values. Use
qubesdb-multiread instead. Path (argument) must have terminating '/' so
it will be cut of printed paths (service names only).
 2014-11-19 15:34:33 +01:00
Marek Marczykowski
db35abadc8 Use Qubes DB instead of Xenstore 2014-11-19 15:34:33 +01:00
Marek Marczykowski
93ad711f4e load xen-gntalloc module required by libxenvchan 2014-11-19 15:34:32 +01:00
Jason Mehring
cc26e26be8 debian: apt-get needs to update first 2014-11-07 03:46:54 -05:00
Jason Mehring
96887ea1b8 debian: Add qubes-update-check for Debian 2014-11-07 03:30:45 -05:00
Marek Marczykowski-Górecki
c817bb0282 little fix for the official template 
-----BEGIN PGP SIGNATURE-----
 
 iQIcBAABCgAGBQJUWE+GAAoJEIwFIWzgnAk8azoQAJPOdglmiJlu+p5nRQ0ZRP6F
 nammIQhOg1oE0hCTX6H4DnEMnaZmFyGj96JWUX3zES8NF9zYvq4sgJCtZVEK35lm
 /Fxe899NpDlHaHwPqnXoYAKWZnMnyx3Z5XTxYb3A8JQdJCVWJPi2qYw2TBb6iBIp
 hzznI3drhOd8rdkFHXGk/FsBjqFP1mn98GDP4N/XLOZUnK+MiWyxrp0c+QVgybRX
 2XOUhsBPbr/XS/fkMBEia1hJhBf+FYJsFeCARGjYnbI+TKMaPrYaIX6DRqjFMhSS
 eEALEWsYsDiYGerWNBNGxbJ7RWsN4vm+WDfKdi7Hp2TgHeH0z93w40VegU3k7Asx
 NjfehCwT3wjMmtUFYhfhYfIop5305LLLJPPkY/ML+u6Mznzr7OkostMeyMhDxcrq
 lSELqg2HDwEsSwtwEz7kP6fYyfpJRd8yndg48cVonatwPwdjoCMiAz93TIF7Tvvz
 xQaNUidkKL8qQi67ArSQUlQlwGJNngwLRhepaMo0FD4JWSQ5pHc00EYxtJio2LPs
 7prv8ETbTj0bcFb/xKNSxBCGOrLdleHAEdhrpvqHa5nUzMiHw+tMuJbX+f0jOx/Q
 OSgx/dvK9GIyxM7UlsS+Whye3iGeNwsA1ai4TL0n1PFM+DjemBjEbfIl2nxLjG3O
 cXas4+wsl0+qXRk/PDOn
 =6kCH
 -----END PGP SIGNATURE-----

Merge tag 'hw42_debian-systemd-3' into debian

Conflicts:
	debian/control
	Merged postinst scripts from hw42 and nrgaway
 2014-11-05 04:35:23 +01:00
HW42
63e915f6d4 Tag for commit 5d68e2cc70 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABAgAGBQJUTruhAAoJEAY5OLpCz6ck7IcP/i4JXNEMO8vDSgphM50NIIz6
 +hLb+kXBGeL9SsQKRlz000BUOcIsg+d2ibwnTsi1kNuq2OgJOAHAp5hHgHGc5ddG
 0PLFf/Ddexl7/2cG/hKekXiIpXGcuhqgsIfatqcKB228mVLG8y/kqwViIDbMgg10
 X8Aiq1ba0EeHI7xskkPb1hzkszOfLFoEXCRjt+BQsmr+Bll+sAzCS3G9vSbhczFl
 wmTtgOiu2fWsPgOB2O6HYeO0PUUX+jGF/jncZYf85pEwMccNqRIWjSJC6ti533zv
 5x1bWKWFymBAUcTS+xi00FPeatmQ7b5ywMxTwbqIQkE1Mrt436Dz/B1r0E58q0AH
 gu4qG/KPBNdRBD4vPrvLKiyood/XIpvz0+6QqS9rFMKt71OSzmMR1WeLgclCn768
 cR510iZyJjmqe9lLQQTCJr+oqvwiVot7sfsgj1XP5PozalTkdIawioIZjeX5Zz4O
 +zo+P+jIV+P6QbN+0nD+vrW8kSZlM8vt+OVBPhon/bMFxGKZervs7kFUCNPn6fUK
 WNw8lSrKQqJe/a805Ktku8moatVElmexj7XTkII1nnAnEu6/bokJqjCHQ933794l
 ERRwitFN+BWm3OBXq/BsdSnCotT+gnlMEDtuHiD0JHQBGwxAZGQtliQhWLF25Ekh
 BJkmYBjqgnjCsQFUBMnn
 =shGW
 -----END PGP SIGNATURE-----

Merge tag 'mm_5d68e2cc' into debian-systemd

Tag for commit 5d68e2cc70

Conflicts:
	Makefile
	debian/rules
	network/qubes-firewall
	vm-systemd/misc-post.sh
	vm-systemd/qubes-sysinit.sh
 2014-11-03 04:28:00 +01:00
Marek Marczykowski-Górecki
a4e4a6214b systemd: fix xenstore-ls path 2014-11-02 00:31:49 +01:00
Marek Marczykowski-Górecki
5d68e2cc70 Handle tabs in /etc/hosts 2014-10-27 22:39:25 +01:00
Marek Marczykowski-Górecki
15f3a1b8d0 debian: fix proxy setup 2014-10-24 00:45:39 +02:00
Marek Marczykowski-Górecki
a2e17ef244 systemd: fix 'service' path 
On Fedora it is all the same because /sbin -> /usr/sbin symlink. But on
Debian it does matter.
 2014-10-19 04:11:15 +02:00
HW42
a91dfdf48b fix xenstore-read path in network-proxy-setup.sh for debian 2014-10-01 06:51:58 +02:00
Marek Marczykowski-Górecki
4ee0de9fb8 updates-proxy-setup: support setting proxy for apt (#887) 2014-10-01 05:40:14 +02:00
HW42
434a794dda use sleep instead os usleep since it is more portable 2014-10-01 03:44:33 +02:00
Marek Marczykowski-Górecki
e83a91e3d3 debian: migrate to native systemd services 2014-09-30 00:54:33 +02:00
Marek Marczykowski-Górecki
240066fc23 Add missing u2mfn module load 
Is loaded as part of gui-agent startup, but qrexec-agent also needs it
so eliminate race condition here.
 2014-09-29 21:39:17 +02:00
Marek Marczykowski-Górecki
4bccdb0ba5 Use systemd mechanism for loading kernel modules (when available) 
One more thing done in more generic way (not Fedora-specific).
 2014-09-29 21:31:10 +02:00
HW42
0d0261d1c1 improve update of /etc/hosts 
* use 127.0.1.1 under debian (since it's the default there)
 * also set the IPv6 loopback address (::1) since some tools tries to
   AAAA resolve the hostname (for example sendmail)
 * ensure proper /etc/hosts format through postinst-script (hostname as
   last entry)
 2014-09-29 05:25:32 +02:00
HW42
4886411570 various patches for debian 
this should enable debian based templates to be used as proxy/netvm
 2014-09-29 05:25:24 +02:00
Marek Marczykowski-Górecki
2e4cdc2f8d Rename yum-proxy-setup service to updates-proxy-setup 
Fedora is no longer the only supported distribution, so change the
service name to be more generic. Old name still supported for
compatibility.
 2014-09-27 01:52:19 +02:00
Marek Marczykowski-Górecki
3f19c89301 Rename qubes-yum-proxy service to qubes-updates-proxy 
It is no longer Fedora-only proxy, so rename to not confuse the user.
Also documentation refer to it as "updates proxy" for a long time.
 2014-09-27 00:32:52 +02:00
Marek Marczykowski-Górecki
54755ac444 Avoid 100MB reserved space in private ext4 partition 
The ext4 reserved space is necessary for root partitions, but in the
private.img data partition, it is wasted space (accessible only to root
processes), which means losing 100 MB of the default 2GB.

From mkfs.ext4 man page: "-m reserved-blocks-percentage Specify the
percentage of the filesystem blocks reserved for the super-user." ...
"The default percentage is 5%."
 2014-09-05 22:42:14 +02:00
Marek Marczykowski-Górecki
1618e32993 dispvm: slow down "spinlock" while waiting for save/restore 
When something go wrong, it will remain spinning indefinitely.
 2014-08-02 23:44:48 +02:00
Marek Marczykowski-Górecki
90c84be5fb systemd: do not reexec when not necessary 
Do not reexec systemd when running version is the same as installed
binary. Apparently reexec causes some race condifions, which result in
assertion fail in systemd.
 2014-07-16 04:15:21 +02:00
Marek Marczykowski-Górecki
57f111a08d Do not start nm-applet at all when no NetworkManager running - update (#857) 
Apparently nm-applet.desktop was changed upstream. It does no longer
contain OnlyShowIn, but NotShowIn.
 2014-07-04 18:47:11 +02:00
Marek Marczykowski-Górecki
44aaa81042 Do not start nm-applet at all when no NetworkManager running (#857) 2014-05-30 22:44:50 +02:00
Marek Marczykowski-Górecki
f1a997c1c4 systemd: reexec systemd to ensure right version is running 
SystemD version can differ from initramfs one (which is build in dom0
build environment), so reexec it at startup.

This fixes systemd-212 archlinux issue.
 2014-04-23 01:50:21 +02:00
Marek Marczykowski-Górecki
6d3c73c741 systemd: relax qubes-sysinit dependencies 
It doesn't need all local filesystems, only /, /run, /proc/xen and loaded
modules.
 2014-04-23 01:32:31 +02:00
Marek Marczykowski-Górecki
0dd45655e3 init: remove rc.local-early reference 
It can't work - there is no /rw mounted at this VM startup stage.
 2014-03-28 05:12:48 +01:00
Marek Marczykowski-Górecki
9d618cac15 yum-proxy: automatically restart the service on failure 2014-02-21 13:30:07 +01:00
Marek Marczykowski-Górecki
c86581ace4 Revert "Hide nm-applet when NetworkManager is disabled" 
This reverts commit 85f4e494e8.
This way isn't effective - the command is called too early.
 2014-02-07 00:01:06 +01:00
Marek Marczykowski-Górecki
fc04408c7a systemd: disable ModemManager in non-NetVM 
Previously ModemManager was started by NetworkManager, but in fc20+ it
is a separate service, so disable it when not needed.
 2014-02-02 13:36:59 +01:00
Marek Marczykowski-Górecki
85f4e494e8 Hide nm-applet when NetworkManager is disabled 
It isn't done automatically by nm-applet itself since nm-applet 0.9.9.0
(fc19+), this one commit:
https://git.gnome.org/browse/network-manager-applet/commit?id=276a702000ee9e509321891f5ffa9789acfb053c
At the same time they've introduced option to manually hide the icon:
https://git.gnome.org/browse/network-manager-applet/commit?id=e7331a3f33ab422ea6c1bbc015ad44d8d9c83bc3
 2014-02-02 13:36:59 +01:00
Marek Marczykowski-Górecki
fd55d48126 Move meminfo-writer to linux-utils repo 
It is common for both dom0 and VM.  So move to linux-specific repo (not
VM-specific).
 2014-01-05 05:38:10 +01:00
Marek Marczykowski-Górecki
b3081dce07 systemd: disable additional unneeded services 2013-12-17 01:29:26 +01:00
Marek Marczykowski-Górecki
c04d4e4fea systemd: while disabling service, disable also its activators 
This time it is for cups, which have socket-based and path-based
activators. When activator tires to start the service which is disabled
by condition file it enters infinite loop (as service wont start, but
will not report an error).
 2013-12-16 21:10:37 +01:00
Marek Marczykowski-Górecki
fabc72701c init: run resize2fs on /rw before mounting 
In case of private.img was resized while the VM was powered off.
 2013-11-21 03:36:56 +01:00
Marek Marczykowski
596a3ebd8e network: do not fail when eth0 doesn't exists 
It can be perfectly right case for wireless-only netvm.
 2013-08-13 00:40:13 +02:00
Marek Marczykowski
8c9433fc00 yum-proxy: use iptables-restore to set firewall rules 
Simple iptables sometimes returns EBUSY.
 2013-08-05 02:08:52 +02:00
Marek Marczykowski
44fab139f4 Add qrexec back, use qubes-utils libraries for common code 2013-03-20 06:23:44 +01:00
Marek Marczykowski
62a0002b7f The Underscores Revolution: dispvm script path 2013-03-14 04:30:22 +01:00
Marek Marczykowski
09050236bc The Underscores Revolution: adjust qrexec path 2013-03-14 04:29:19 +01:00
Marek Marczykowski
30ca124784 The Underscores Revolution: xenstore paths 2013-03-14 04:29:15 +01:00