Marek Marczykowski-Górecki
e0d2424d5e
suspend: do not disable network frontend devices
2014-10-27 15:07:06 +01:00
Marek Marczykowski-Górecki
0613a58961
Improve handling of .desktop files
...
Instead of directly using Exec= line, parse the file (at the launch
time) with Gio library. The main reason for this change is to handle
Terminal= option, but generally this approach should be more
bulletproof, especially when some fancy options are present in desktop
files.
2014-10-27 12:25:45 +01:00
Marek Marczykowski-Górecki
7339dd1ece
Introduce qubes.SetDateTime service for time synchronization
...
It would be called by qvm-sync-clock instead of 'date' directly. This
gives a lot of flexibility - VM can control whether it want to sync time
this way. For now slight corrections (+-2sec) are ignored to not cause
problems by frequent time changes. But it can be easily extended to
refuse time sync when some other mechanism is used.
2014-10-01 05:40:23 +02:00
Marek Marczykowski-Górecki
64e8eedcb0
qrexec: check for setuid() error when calling zenity/kdialog
...
Mostly to mute compiler warning - only emit log message but still
continue.
2014-09-29 21:05:32 +02:00
Marek Marczykowski-Górecki
4bd9971006
gui-fatal: do not run as root
...
GTK+ refuses to initialize.
2014-09-20 01:20:11 +02:00
Marek Marczykowski-Górecki
84957e78da
Add --dispvm to qvm-run documentation
2014-05-25 00:54:55 +02:00
Vincent Penquerc'h
b21ee1fc42
vm-file-editor: remove temporary file on exit
...
This allows editing the same file more than once on the
same (non disposable) VM, as well as keeping /tmp from
ballooning indefinitely.
2014-05-10 12:42:13 +02:00
Marek Marczykowski-Górecki
969122cf4f
suspend: fix dbus-send invocation
2014-05-01 01:10:57 +02:00
Marek Marczykowski-Górecki
bd6ba19407
Enable compiler optimization.
2014-04-22 00:57:36 +02:00
Marek Marczykowski-Górecki
8018b9d3ee
Fix compiler warnings.
...
Mostly harmless cases of warn_unused_result.
2014-04-22 00:56:52 +02:00
Marek Marczykowski-Górecki
fe64539789
Implement "Move to VM" action ( #725 )
2014-03-24 05:19:16 +01:00
Marek Marczykowski-Górecki
0d3ed747b4
suspend-prepare: call NM D-Bus interface directly
...
nmcli doesn't seem to have stable API, especially "nmcli nm sleep"
doesn't work anymore in Fedora 20.
2014-02-21 18:42:12 +01:00
Marek Marczykowski-Górecki
c632f0d067
Add -Wextra -Werror to all C code
2014-02-16 11:34:22 +01:00
Marek Marczykowski-Górecki
3cc9d0f329
Merge branch 'appicons'
...
Conflicts:
rpm_spec/core-vm.spec
2014-02-07 05:50:07 +01:00
Marek Marczykowski-Górecki
c0c914faab
Merge remote-tracking branch 'woju/master' into appicons
2014-02-07 05:48:18 +01:00
Marek Marczykowski-Górecki
75b1e24bab
qubes-rpc, qrexec: register callbacks for qrexec-lib
...
Now qrexec-lib do not use exported symbols of particular names, but
explicitly registered callbacks.
2014-02-07 05:36:15 +01:00
Marek Marczykowski-Górecki
7953af970d
backups: fix buffer overflow in tar2qfile
...
Buffer for directory headers history was too small. This can be
exploitable by some attacker capable of controlling backup stream, but
it isn't any security problem. We don't assume this part of backup
system to be trusted, the attacker can at most prevent user from
restoring some data, but will neither gain access to them, or compromise
any other Qubes component. This is equivalent to bug in any other tool
used in backup vm (like FTP client) and the Qubes backup system is
designed specifically to minimize impact of such bugs.
2014-02-05 15:16:42 +01:00
Wojciech Zygmunt Porczyk
27632a0b3b
qubes.GetImageRGBA: bugfixes
...
- when icon is not found in hicolor theme, search for in in other themes
- added -follow to find
2014-02-04 00:36:30 +01:00
Marek Marczykowski-Górecki
39eca94200
backups: fix timestamp in backup filename (once again...)
2014-02-02 13:36:59 +01:00
Marek Marczykowski-Górecki
1e291bbdc6
backups: fix timestamp in backup filename (once again...)
2014-02-02 12:17:43 +01:00
Marek Marczykowski-Górecki
cac25cbe60
Merge remote-tracking branch 'woju/master' into appicons
...
Conflicts:
Makefile
rpm_spec/core-vm.spec
2014-01-31 02:12:06 +01:00
Wojciech Zygmunt Porczyk
453ab0f22c
qubes.GetImageRGBA for appicons
2014-01-30 16:30:17 +01:00
Marek Marczykowski-Górecki
66ef7696ac
backups: change data/time delimiter in filename according to ISO 8601
2014-01-15 04:33:18 +01:00
Marek Marczykowski-Górecki
2b80dfef17
backups: fix backup timestamp
2014-01-13 05:08:05 +01:00
Marek Marczykowski-Górecki
361ab0b266
qubes-rpc: introduce services for browsing VM filesystem
...
For now used to select system backup inside of VM.
2014-01-13 05:07:23 +01:00
Marek Marczykowski-Górecki
6e599567e0
tar2qfile: retry if lseek() returns EAGAIN
...
... even though it shouldn't. Apparently it is happening. See #764
comments for details.
2014-01-10 03:33:55 +01:00
Marek Marczykowski-Górecki
92aac6a92e
Remove copy of ioall.c - use the one from linux-utils
2014-01-06 18:32:13 +01:00
Vincent Penquerc'h
df7c431d0b
qfile-utils: do not write a random extra byte
...
readlink(2) does not write a terminating NUL, and the read side
will already place a NUL after whatever it receives.
While it seems odd that this would be buggy (ie, synlinks on
the ohter side would be pointing to the wrong filename, though
I guess if we're lucky and the stack had a 0 byte at the right
place, symlink(2) would do what was expected), my reading of
the code tells me this patch is right. Needs testing to double
check.
2014-01-06 17:57:43 +01:00
Vincent Penquerc'h
960c85587f
gui-fatal: fix message leak, since the dialog may not be fatal
2014-01-06 17:57:43 +01:00
Vincent Penquerc'h
3e8c0372c2
gui-fatal: use fully qualified paths to kdialog/zenity
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
73adfc88e3
gui-fatal: add \n to message on stderr
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
393553c7bb
vm-file-editor: #include <sys/time.h> for gettimeofday
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
c171f47ba8
vm-file-editor: put temporary files in per domain subdirectories
...
This avoids the possibility that incoming files may match
an existing file in /tmp (whether from the target VM, or a
third VM that's also sent a file for editing), as well as
possible file leaks between domains.
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
9a4b1efa61
core-agent-linux: misc const/void fixups
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
214365e272
vm-file-editor: hide | in filename
2014-01-06 17:57:42 +01:00
Vincent Penquerc'h
47c657b123
vm-file-editor: close output when done writing
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
81e9f967be
vm-file-editor: do not overwite an existing file
...
Either a housekeeping file from that VM, or a similarly named
one being edited from a third VM.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
11b8f9be20
vm-file-editor: fix potential buffer overflow
...
If we're being sent something without a zero byte, we
could happily read off the end of the buffer. Interestingly,
the write part was checking for the max bound.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
c9a25b8915
vm-file-editor: fix incorrect time display
...
It's used only for display, and never parsed, but still.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
a4b3a0c955
qopen-in-vm: ensure we can't mistake a non empty file for an empty one
...
st_size is off_t, which may be larger than int.
2014-01-06 17:57:41 +01:00
Vincent Penquerc'h
38c0ea3128
qopen-in-vm: fix read overflow
...
That one would also send more data to the other VM that what we
intended: the start of the env var data (which in similar code
on my host includes the GPG agent socket path, XDG session cookie,
and more.
The other side expects a fixed size though, so pad with NULs.
Interestingly, the original code was not vulnerable as it was
callocing enough space.
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
5af6f0ff7f
qopen-in-vm: close output when we're done writing to it
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
4823490e70
qfile-unpacker: some error checking
2014-01-06 17:57:40 +01:00
Vincent Penquerc'h
475421b2e2
core-agent-linux: misc const fixups
2014-01-06 17:57:40 +01:00
Marek Marczykowski-Górecki
a0f3ce9e93
Hide errors from qubes.WaitForSession
...
Especially "Killed" message, which is normal as 'sleep' is signalled with
SIGKILL once session is ready.
2013-12-15 05:36:43 +01:00
Marek Marczykowski-Górecki
6c3c3e717d
tar2qfile: use lseek() to skip unwanted data if possible
...
When reading from file it is much faster.
2013-11-25 02:28:35 +01:00
Marek Marczykowski-Górecki
3c92cdba22
tar2qfile: use read_all() instead of read()
...
read() syscall do not guarantee to read as much data as requested. This
is especially important when reading from pipe - remote end can produce
data slower than we are reading them. Use read_all() helper to always
get requested amount of data.
2013-11-25 02:24:21 +01:00
Marek Marczykowski-Górecki
9b859c9ac5
qubes-rpc: save one syscall on each data block
...
read_all/write_all calls set_* on every call, so this can be
noticeable performance improvement.
2013-11-25 02:11:45 +01:00
Marek Marczykowski-Górecki
4010ddaab5
minor whitespace fix
2013-11-24 04:45:36 +01:00
Marek Marczykowski-Górecki
03923ae548
tar2qfile: disable debug messages
2013-11-24 04:45:14 +01:00
Marek Marczykowski-Górecki
dba3571883
tar2qfile: send EOF marker
2013-11-24 04:44:19 +01:00
Marek Marczykowski-Górecki
584df6986e
tar2qfile: fix compile warnings
2013-11-24 04:44:19 +01:00
Marek Marczykowski-Górecki
52d696a0c3
tar2qfile: fix padding handling
2013-11-24 04:44:18 +01:00
Marek Marczykowski-Górecki
3c43f20d9e
tar2qfile: terminate parsing when all requested files/dirs found
...
Assume that all the files of directory are in continuous block (which is
true in case of qvm-backup stream). This will allow to terminate before
getting to the file end - especially useful when only qubes.xml
requested.
2013-11-24 04:43:53 +01:00
Olivier MEDOC
42c40d399b
restore: improve error handling
2013-11-23 02:48:50 +01:00
Olivier MEDOC
ae776521b0
tar2qfile: forgot to pass a parameter in tar_read function
2013-11-23 02:48:42 +01:00
Olivier MEDOC
8e853c752c
tar2qfile: fixed a bug when file contained in tar is a multiple of 512 bytes
2013-11-23 02:48:42 +01:00
Olivier MEDOC
8a1f87d0ed
tar2qfile: starting cleanup to get rid of the stat structure which is not required during conversion
2013-11-23 02:48:42 +01:00
Olivier MEDOC
91b84d863c
tar2qfile: add filtering options to tar2qfile
2013-11-23 02:48:41 +01:00
Olivier MEDOC
fa6bb43c62
backup: Use paths sent from dom0 to filter files that should be extracted
2013-11-23 02:45:25 +01:00
Marek Marczykowski-Górecki
8f840e10dc
vm-file-editor: add override for mimeinfo *.png entry ( #753 )
...
MIME-info database contains multiple entries for *.png, namely image/png
and image/x-apple-ios-png. The later one doesn't have associated handler
program, but this one is selected by mimeopen tool.
Not sure how this tool should behave in case of multiple matches (IOW is
it a bug in File::MimeInfo perl module used by mimeopen). Instead of
switching to different tool, which probably will break other files
(check #423 ), add override for this particular file type.
2013-11-14 21:38:27 +01:00
Marek Marczykowski-Górecki
08a78d4c32
qvm-open-in-vm: fix path for URL wrapper
2013-11-14 21:37:16 +01:00
Marek Marczykowski-Górecki
1bd16d981c
tar2qfile: ignore EDQUOT error from dom0
...
dom0 will use quota enforcement to extract only backup header, so this
is normal situation in this tool.
2013-11-09 19:04:24 +01:00
Marek Marczykowski-Górecki
af03425187
tar2qfile: fix compiler warnings
...
Actually one was real bug:
- current = ustar_rd(fd, &hdr, &buf, &sb);
+ current = ustar_rd(fd, &hdr, buf, &sb);
The others was mostly invalid printf format string.
2013-11-09 19:02:53 +01:00
Marek Marczykowski-Górecki
639cb51414
Add qubes.{Backup,Restore} services, include them in rpm package
2013-11-09 19:01:57 +01:00
Marek Marczykowski-Górecki
6eaa30a96a
qfile-utils: fix global variables declarations
2013-11-09 19:00:37 +01:00
Marek Marczykowski-Górecki
429211ade4
Restore qfile-agent compilation
...
Must be removed by mistake...
2013-11-09 18:58:46 +01:00
Marek Marczykowski-Górecki
d92cf0dffa
Merge remote-tracking branch 'oliv/master' into new-backups
2013-11-09 00:16:39 +01:00
Marek Marczykowski-Górecki
c9eb50cbe4
suspend: empty default list of modules to unload
...
Now dom0 will initiate real suspend process in VMs with PCI devices, so
workaround with unloading modules no longer needed.
Additionally it looks like unloading ehci-pci causes suspend problems on
some hardware (C200 Series Chipset).
2013-10-24 04:13:27 +02:00
Marek Marczykowski-Górecki
8f2c8d5382
suspend: customizable modules blacklist
2013-10-23 04:34:47 +02:00
Marek Marczykowski-Górecki
503ff804a3
suspend: fix order of modules unload
...
ehci_hcd is used by ehci_pci, so can't be unloaded first.
2013-10-22 16:51:38 +02:00
Olivier MEDOC
d1559c5413
tar2qfile: send directories headers even if the tar file does not contain any directory headers
2013-10-21 16:02:16 +02:00
Olivier MEDOC
864118cf10
tar2qfile: multiples fixes to match the qfile format requirements
2013-10-10 08:54:44 +02:00
Olivier MEDOC
6938e68ee6
tar2qfile: improved error handling
2013-10-10 08:52:10 +02:00
Olivier MEDOC
fb2f6688e8
rpc: changed qfile agents to use qfile-utils.h
2013-10-10 08:46:57 +02:00
Olivier MEDOC
7efeb57ff2
rpc: moved most of the qfile-agent code to qfile-utils.h/.c
2013-10-10 08:36:24 +02:00
Olivier MEDOC
a05e21ee5f
tar2qfile: improved to skip everything but regular files
2013-10-04 16:26:44 +02:00
Olivier MEDOC
c26d4b4d30
rpc: implemented new rpc helper tool
2013-10-04 14:36:00 +02:00
Marek Marczykowski-Górecki
1d41cb4c18
Add qubes.DetachPciDevice for live PCI detach ( #708 )
2013-09-01 01:28:07 +02:00
Marek Marczykowski-Górecki
c939cc049e
qvm-copy-to-vm: show last processed filename on error
2013-08-15 01:23:28 +02:00
Marek Marczykowski-Górecki
3cfd7f57b4
qvm-copy-to-vm: implement --ignore-symlinks option
...
Can be useful when copying to VM which doesn't support symlinks (or user
doesn't have privilege to create it).
2013-08-14 22:12:46 +02:00
Marek Marczykowski
e54d35b8d1
suspend: Blacklist iwldvm
...
Some users reports that this module causes problems on resume. So unload
it before suspend and load again at resume.
2013-07-19 03:40:06 +02:00
Marek Marczykowski
6d18b0034b
suspend: add ehci_pci to blacklisted modules
...
Recent kernels have ehci-hcd split into ehci-hcd and ehci-pci, so remove
both of them.
2013-07-19 03:37:12 +02:00
Marek Marczykowski
44fab139f4
Add qrexec back, use qubes-utils libraries for common code
2013-03-20 06:23:44 +01:00
Marek Marczykowski
09050236bc
The Underscores Revolution: adjust qrexec path
2013-03-14 04:29:19 +01:00
Marek Marczykowski
7686fd5d92
The Underscores Revolution: RPC services
2013-03-14 04:25:31 +01:00