Commit Graph

1681 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
dca5265958
qubes-open: switch from mimeopen to xdg-open
xdg-open is more robust in choosing default application for particular
file type: it supports fallback if the preferred application isn't
working, and most importantly it support system-wide defaults
(/usr/share/applications/defaults.list,
 /usr/share/applications/mimeapps.list), so no "random" application is
chosen.

By default xdg-open tries to use environment-specific tool, like
gvfs-open - which isn't good for us, because many such tools do not wait
for editor/viewer termination. That would mean that DisposableVM would
be destroyed just after opening the file.
To avoid such effect, we set DE=generic.

Fixes QubesOS/qubes-issues#1621
2016-02-02 03:28:34 +01:00
Marek Marczykowski-Górecki
0211ea5d1d
Move opening file viewer/editor into separate shell script
No functional change.

This will make it easier to switch the tool (without recompiling
vm-file-editor), or even use differrent tools depending on some
conditions.

QubesOS/qubes-issues#1621
2016-02-01 12:17:15 +01:00
Marek Marczykowski-Górecki
858ee225e5
Merge remote-tracking branch 'qubesos/pr/8'
* qubesos/pr/8:
  Proposed solution for issue #1657

Fixes QubesOS/qubes-issues#1657
2016-01-20 02:37:27 +01:00
adrianx64
d3966b0f6c Proposed solution for issue #1657
qvm-sync-appmenus fails when a shortcut have spaces in the file name #1657
2016-01-18 23:02:30 -06:00
Marek Marczykowski-Górecki
fb470fe86f
sysinit: Accept also old xenbus kernel interface
qubes-sysinit.sh waits for xenbus initialization by watching its
interface file presence. In linux before 3.10 there is no
/dev/xen/xenbus, which is the case in Debian 7 (3.2 kernel). The problem
applies only to the VMs with PVGrub enabled, because otherwise VM would
use dom0 privided kernel, which is much newer.

Fixes QubesOS/qubes-issues#1609
2016-01-13 05:05:00 +01:00
Marek Marczykowski-Górecki
5570c899b8
version 3.1.12 2016-01-11 21:59:35 +01:00
Marek Marczykowski-Górecki
cb5c457fba
Do not try to signal NetworkManager before suspend if it isn't running
Sending dbus calls to a service which isn't running _and is blocked to
not be started_ would result in timeout, which would delay the whole
system suspend.

Fixes QubesOS/qubes-issues#1419
2016-01-11 19:40:32 +01:00
Marek Marczykowski-Górecki
d4c238c45e
Unload USB controllers drivers in USB VM before going to sleep
Many USB controllers doesn't play nice with suspend when attached to PV
domain, so unload those drivers by default. This is just a configuration
file, so user is free to change this setting if his/shes particular
controller doesn't have such problem.

Fixes QubesOS/qubes-issues#1565
2016-01-11 19:34:10 +01:00
Marek Marczykowski-Górecki
b36146961f
version 3.1.11 2016-01-07 05:52:36 +01:00
Marek Marczykowski-Górecki
0e062ff31e
Fix time sync service
It is expected to not output anything on stdout. Especially remote end
may be already terminated, so writing there would result in EPIPE.

Fixes QubesOS/qubes-issues#1592
2016-01-07 05:06:39 +01:00
Marek Marczykowski-Górecki
bd68fb973b
Merge remote-tracking branch 'origin/pr/59'
* origin/pr/59:
  archlinux: Added python{2,3} as dependency. Solved python22 bug.
2016-01-06 02:29:21 +01:00
Marek Marczykowski-Górecki
c4ff490844 dom0-updates: add a message explaining yum deprecated warning
Thanks @axon-qubes for the idea.

Fixes QubesOS/qubes-issues#1574
2016-01-04 02:13:21 +01:00
Marek Marczykowski-Górecki
89d5f8990f
version 3.1.10 2015-12-31 02:58:29 +01:00
Marek Marczykowski-Górecki
5a04fb34ed debian: add missing python-gtk2 dependency
qvm-mru-entry requires it.

Fixes QubesOS/qubes-issues#1567
2015-12-30 15:16:23 +01:00
Marek Marczykowski-Górecki
b9e51f9ab3 network: use more strict policy about incoming traffic
Do not allow ICMP from uplink VM (or the outside world). Also do not
send ICMP icmp-host-prohibited to the uplink.

Fixes QubesOS/qubes-issues#1346
2015-12-30 02:09:23 +01:00
noname
8ab866f827 archlinux: Added python{2,3} as dependency. Solved python22 bug. 2015-12-27 20:24:25 +01:00
Marek Marczykowski-Górecki
7835f4da2b
version 3.1.9 2015-12-26 14:24:03 +01:00
Marek Marczykowski-Górecki
c46c1e4d2c
dom0-updates: fix reporting when no updates are available
Check `yum check-update` exit code, instead of `grep` - when there are
multiple commands on the single line, $? contains exit code of the last
executed.

Fixes QubesOS/qubes-issues#1475
2015-12-26 04:43:23 +01:00
Marek Marczykowski-Górecki
2478cb5c05
Package DNF plugin for both python2 and python3
DNF in Fedora 22 uses python2, but in Fedora 23 - python3. Package both
of them, in separate packages (according to Fedora packaging guidelines)
and depend on the right one depending on target distribution version.

Fixes QubesOS/qubes-issues#1529
2015-12-23 02:04:26 +01:00
Marek Marczykowski-Górecki
8f0a024f6d
dnf: drop shebang, it isn't standalone script
QubesOS/qubes-issues#1529
2015-12-21 13:12:51 +01:00
Marek Marczykowski-Górecki
ba5041579a
version 3.1.8 2015-12-20 03:12:39 +01:00
Marek Marczykowski-Górecki
4e3076f0b6
updates-proxy: restart on network configuration change to reload DNS
Apparently tinyproxy does not notice /etc/resolv.conf change, so need to
be kicked to reload it.

Fixes QubesOS/qubes-issues#1530
2015-12-19 18:44:32 +01:00
Marek Marczykowski-Górecki
e7d4830434
Merge remote-tracking branch 'origin/pr/57'
* origin/pr/57:
  archlinux: ensure systemctl reset preset correctly (need to be started twice)
2015-12-19 18:21:27 +01:00
Marek Marczykowski-Górecki
405c42658f
debian: add security-testing repository
Fixes QubesOS/qubes-issues#1522
2015-12-19 18:08:57 +01:00
Marek Marczykowski-Górecki
b179d62860
Merge remote-tracking branch 'qubesos/pr/7' 2015-12-17 23:12:51 +01:00
Rusty Bird
3238eab85f repo description: updates-testing -> security-testing 2015-12-17 15:54:42 +00:00
Olivier MEDOC
1c09b88fae archlinux: ensure systemctl reset preset correctly (need to be started twice) 2015-12-15 16:20:03 +01:00
Marek Marczykowski-Górecki
6bed3bee69
Merge remote-tracking branch 'origin/pr/55' 2015-12-11 15:13:56 +01:00
Marek Marczykowski-Górecki
62c12bd1c6
Merge remote-tracking branch 'origin/pr/56' 2015-12-11 15:11:23 +01:00
Olivier MEDOC
33aa1782ca archlinux: remove quotes when checking system locales (in case it has been user defined) 2015-12-08 15:32:30 +01:00
Olivier MEDOC
7d2bc0c6bb archlinux: fix invalid systemd path in make install directive 2015-12-08 15:31:59 +01:00
Marek Marczykowski-Górecki
169c389339
open-in-vm: Fix path to mimeinfo database
There was missing "/mime" in entry for user home.

QubesOS/qubes-issues#1490
2015-12-05 13:49:25 +01:00
Marek Marczykowski-Górecki
8064682e9e
version 3.1.7 2015-12-04 15:32:14 +01:00
Marek Marczykowski-Górecki
181c15f422
updates-proxy: explicitly block connection looping back to the proxy IP
Explicitly block something like "curl http://10.137.255.254:8082" and
return error page in this case. This error page is used in Whonix to
detect if the proxy is torrified. If not blocked, it may happen that
empty response is returned instead of error. See linked ticket for
details.

Fixes QubesOS/qubes-issues#1482
2015-12-04 14:57:07 +01:00
MB
9c68afe14c [network-proxy-setup] Permit !CONFIG_MODuLES
* Check whether sysctl is accessible
* Check whether a key which exists when CONFIG_MODULES=y is not accessible

If true, CONFIG_MODULES=n, so ignore modprobe failure.
If false, fail.
2015-11-29 00:00:00 +00:00
Marek Marczykowski-Górecki
5aa0f32c78
version 3.1.6 2015-11-29 00:34:34 +01:00
Marek Marczykowski-Górecki
a11897a1d0
Revert "network: use drop-ins for NetworkManager configuration (#1176)"
Apparently unmanaged devices are loaded only from main
NetworkManager.conf. Exactly the same line pasted (not typed!) to main
NetworkManager.conf works, but in
/etc/NetworkManager/conf.d/30-qubes.conf it doesn't.
BTW There was a typo in option name ("unmanaged_devices" instead of
"unmanaged-devices", but it wasn't the cause).

This reverts commit 6c4831339c.

QubesOS/qubes-issues#1176
2015-11-28 17:43:15 +01:00
Marek Marczykowski-Górecki
8482fbbd13
version 3.1.5 2015-11-28 14:48:34 +01:00
Marek Marczykowski-Górecki
5157d9822e
backup: Use 'type' instead of 'which' to prevent unnecessary dependency
This fixes using minimal-template based VMs to store/retrieve backup.
2015-11-27 12:31:33 +01:00
Marek Marczykowski-Górecki
c99dca37ce
debian: update build-depends for split qubes-utils package
QubesOS/qubes-issues#1416
2015-11-26 22:26:50 +01:00
Marek Marczykowski-Górecki
d4cf78652c
debian: reformat Build-Depends:
QubesOS/qubes-issues#1416
2015-11-26 21:10:23 +01:00
Marek Marczykowski-Górecki
808b3ab660
Package needrestart config only for Debian
On Fedora there is no such package.
2015-11-24 06:18:36 +01:00
Marek Marczykowski-Górecki
2c076f3915
Merge remote-tracking branch 'origin/pr/53'
* origin/pr/53:
  Have qubes-sysinit create /var/run/qubes VM type files.
2015-11-23 16:19:20 +01:00
Marek Marczykowski-Górecki
c603f32d23
Merge remote-tracking branch 'origin/pr/51'
* origin/pr/51:
  Prevent services from being accidentally restarted by `needrestart`.
2015-11-23 16:18:42 +01:00
Marek Marczykowski-Górecki
308e4857bc
Merge remote-tracking branch 'origin/pr/50'
* origin/pr/50:
  archlinux: enforce minimum versionning of qubes-utils
  rpm_spec: declare InstallUpdateGUI qrexec_service
  updates-proxy: remove remaining traces of proxy filtering file from Makefile
2015-11-23 16:18:26 +01:00
Patrick Schleizer
e323d3f4bd
Have qubes-sysinit create /var/run/qubes VM type files.
- /var/run/qubes/this-is-appvm
- /var/run/qubes/this-is-netvm
- /var/run/qubes/this-is-proxyvm
- /var/run/qubes/this-is-templatevm

This is useful for checking ConditionPathExists from within systemd units.

(Came up in https://phabricator.whonix.org/T432#7206.)
2015-11-22 21:55:51 +00:00
Patrick Schleizer
7dc99ee662
Prevent services from being accidentally restarted by needrestart.
Because those services do not yet support being restarted.

Extended variable `$nrconf{override_rc}`, i.e. packages only reported to need
restart, but blacklisted from default/suggested automatic restarted with
`qubes-core-agent` and `qubes-gui-agent`.

See also `$nrconf{override_rc}`:
10bd2db5e2/ex/needrestart.conf (L65)

Thanks to @liske for helping with this.
https://github.com/liske/needrestart/issues/13#issuecomment-136804625
2015-11-20 16:35:06 +01:00
Olivier MEDOC
c70ee7049f archlinux: enforce minimum versionning of qubes-utils 2015-11-17 09:47:21 +01:00
Olivier MEDOC
fa081f1dd9 rpm_spec: declare InstallUpdateGUI qrexec_service 2015-11-17 09:46:16 +01:00
Olivier MEDOC
15c69f434b updates-proxy: remove remaining traces of proxy filtering file from Makefile 2015-11-17 09:45:15 +01:00