Commit Graph

936 Commits

Author SHA1 Message Date
Joanna Rutkowska
81917388ef vm: disable forwarding when iptables rules are being (re)applied 2011-08-18 18:47:08 +02:00
Joanna Rutkowska
61d88dd8df proxyvm: remove unused code 2011-08-18 18:04:38 +02:00
Joanna Rutkowska
8242e6fc5b vm: allow user-define hook for IP change event
This is especially useful for proxy VMs that e.g. run some transparent proxy service such as tor,
and need to rebind it upon IP change (of course this assumes iptables-based transparent redirection
such as DNAT).
2011-08-18 15:49:49 +02:00
Joanna Rutkowska
536f795d48 proxyvm: allow for user defined hooks after iptables restore 2011-08-18 15:02:30 +02:00
Marek Marczykowski
9c318f5a7e Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 2011-08-15 10:27:54 +02:00
Joanna Rutkowska
d7afe01bd1 version 1.6.19-vm 2011-08-02 19:37:41 +02:00
Joanna Rutkowska
a014fb19cf Merge branch 'prebeta2' of git.qubes-os.org:/var/lib/qubes/git/rafal/core 2011-08-02 19:35:19 +02:00
Rafal Wojtczuk
5cbb38a2a9 setup_ip: turn off sg
Apparently vif frontend has broken sg implementation; we already worked around
it in init.d script via ethtool; now do the same in setup_ip. It is relevant
when attaching firewallvm to a different netvm on the fly.
2011-08-02 19:27:45 +02:00
Joanna Rutkowska
a4491dac08 version 1.6.18
Actually, also update version_vm, as qvm-prefs requires
this for dynamic NetVM changing.
2011-08-02 17:15:41 +02:00
Joanna Rutkowska
ff2f260352 Merge branch 'prebeta2' of git.qubes-os.org:/var/lib/qubes/git/rafal/core 2011-08-01 15:41:56 +02:00
Rafal Wojtczuk
968308c55f qvm-prefs: allow on the fly netvm switch (#302)
When changing netvm of a running vm, detach/attach eth0.
Some functionality of qubes_core_netvm thus is duplicated in setup_ip.
REQUIRES http://git.qubes-os.org/?p=rafal/xen.git;a=commit;h=42c72e6173586a807f8f153391e2e57352d362b1
2011-08-01 15:06:01 +02:00
Joanna Rutkowska
f92566a2c0 version 1.6.14-vm 2011-07-30 11:31:20 +02:00
Joanna Rutkowska
310c137f25 vm: Fix modules blacklisting 2011-07-30 11:30:21 +02:00
Joanna Rutkowska
92f4e67eaa version 1.6.13 2011-07-30 11:21:50 +02:00
Joanna Rutkowska
9b515d41d6 vm: Blacklist unnecessary packge updates 2011-07-30 11:15:47 +02:00
Joanna Rutkowska
03e7cb98d7 Merge branch 'prebeta2' of git.qubes-os.org:/var/lib/qubes/git/rafal/core 2011-07-30 11:01:23 +02:00
Rafal Wojtczuk
bcb4dfe007 firewall: call iptables-restore once per domain (#311)
qubes.py now places rules for each domain in a separate key under
/local/domain/fw_XID/qubes_iptables_domainrules/
plus the header in /local/domain/fw_XID/qubes_iptables_header.
/local/domain/fw_XID/qubes_iptables is now just a trigger.
So, if iptables-restore fails dues to e.g. error resolving a domain name
in a rules for a domain, then only this domain will not get connectivity,
others will work fine.
2011-07-29 16:50:12 +02:00
Joanna Rutkowska
1acbe95f64 version 1.6.12 2011-07-25 15:29:37 +02:00
Marek Marczykowski
89fba848e1 dom0+vm: Polishing qvm-dom0-upgrade (#287)
Do not print error message when no package downloaded. Also some more covenient
usage when dowloading new packages (implied --resolve --nogui).
2011-07-25 13:45:36 +02:00
Marek Marczykowski
02b21133bb Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core 2011-07-25 01:50:06 +02:00
Marek Marczykowski
7ce8515494 dom0+vm: Polishing qvm-dom0-upgrade (#287)
Do not print error message when no package downloaded. Also some more covenient
usage when dowloading new packages (implied --resolve --nogui).
2011-07-25 01:49:25 +02:00
Joanna Rutkowska
0d377b0d31 version 1.6.11 2011-07-25 01:49:25 +02:00
Rafal Wojtczuk
65af17b464 Add comments to policy files. 2011-07-25 01:49:25 +02:00
Rafal Wojtczuk
fc08f85260 qrexec: use $anyvm and $dispvm symbols 2011-07-25 01:49:25 +02:00
Joanna Rutkowska
45f0bd7f98 sony-vaio-fixes v1.6.1
* display quirks no longer needed for 2.6.38 kernel
* i8042.nopnp no longer needed for 2.6.38 kernel
2011-07-25 01:49:07 +02:00
Joanna Rutkowska
ce50a894c2 version 1.6.11 2011-07-24 17:23:01 +02:00
Joanna Rutkowska
494de864f1 Merge branch 'prebeta2' of git.qubes-os.org:/var/lib/qubes/git/rafal/core 2011-07-24 17:20:33 +02:00
Rafal Wojtczuk
4a5f42980b Add comments to policy files. 2011-07-22 16:11:03 +02:00
Rafal Wojtczuk
b4afa5fe63 qrexec: use $anyvm and $dispvm symbols 2011-07-22 16:07:06 +02:00
Joanna Rutkowska
6c9e10e347 sony-vaio-fixes v1.6.1
* display quirks no longer needed for 2.6.38 kernel
* i8042.nopnp no longer needed for 2.6.38 kernel
2011-07-17 14:15:14 +02:00
Marek Marczykowski
24c7e729e5 version 1.6.9 2011-07-17 01:54:27 +02:00
Marek Marczykowski
f56a993b84 vm: move dom0-updates dir to core-appvm package (#198)
At core-commonvm installation stage "user" can no exists.
2011-07-17 01:20:13 +02:00
Marek Marczykowski
22fbccee6b dom0+vm: download updates as normal user (#198) 2011-07-17 01:20:13 +02:00
Marek Marczykowski
382dafb6cd vm: Split updates check and download into separate scripts (#198) 2011-07-17 01:20:13 +02:00
Marek Marczykowski
ac61edf880 dom0: implement size/file-count limit of downloaded updates (#198)
Currently limit is 2GB and 2048 files, but can be adjusted by env variables
(UPDATES_MAX_BYTES, UPDATES_MAX_FILES).
2011-07-17 01:20:13 +02:00
Marek Marczykowski
74b7eee8ce version 1.6.8 2011-07-14 02:21:30 +02:00
Marek Marczykowski
4da05e52d8 vm: more reliably set IP address of VM 2011-07-14 02:11:43 +02:00
Marek Marczykowski
1288b7a839 vm: Do not try to load non-existing xen-evtchn module 2011-07-10 23:54:23 +02:00
Marek Marczykowski
37aed29a41 gitignore 2011-07-10 12:47:09 +02:00
Marek Marczykowski
38ad0a52e3 vm: Fix IP address of DispVM after restore (#247)
IP was set by udev script only on VM start, not restore
2011-07-09 17:54:47 +02:00
Marek Marczykowski
f1321e0904 Merge branch 'qrexec2' of git://git.qubes-os.org/rafal/core 2011-07-09 16:52:54 +02:00
Marek Marczykowski
626bd1568a vm: fix udev rules for VM network hotplug 2011-07-09 16:52:51 +02:00
Marek Marczykowski
448cc30b0f Merge branch 'master' of ssh://git.qubes-os.org/var/lib/qubes/git/joanna/core
Conflicts:
	dom0/qvm-core/qubes.py
2011-07-08 21:37:43 +02:00
Rafal Wojtczuk
f8d3c0df21 qrexec: git add missing files 2011-07-07 11:17:00 +02:00
Rafal Wojtczuk
601d0ec931 qrexec: adjust updates fetching to the new qrexec api 2011-07-06 14:44:40 +02:00
Rafal Wojtczuk
3ea7aca257 qrexec: change qrexec_client_vm syntax to be nicer to read
Now the local_program is just before arguments, which is nicer.
2011-07-06 14:21:35 +02:00
Rafal Wojtczuk
9b831e32cb qrexec: adjust appmenu syncing to the new qrexec api 2011-07-06 14:09:36 +02:00
Rafal Wojtczuk
dc33f0c9a7 qrexec: adjust DispVM code to the new qrexec API
Note, we have qvm-open-in-vm totally for free.
2011-07-06 12:32:20 +02:00
Rafal Wojtczuk
b87da183ce qrexec: adjust intervm file copy code to the new qrexec API 2011-07-06 10:17:58 +02:00
Rafal Wojtczuk
b5d30a9d54 qrexec: last two missing pieces of the new rpc infrastructure 2011-07-05 18:35:03 +02:00