core-agent-linux

Author	SHA1	Message	Date
Olivier MEDOC	8ba584dfb0	Makefile: enforce mode 750 for directories /etc/sudoers.d and /etc/polkit-1/rules.d	2017-01-29 15:01:01 +01:00
Olivier MEDOC	98b4f1f265	archlinux: fix bash syntax errors	2017-01-29 14:34:50 +01:00
Olivier MEDOC	8584290295	archlinux: update installer script to use systemd preset file	2017-01-29 13:55:35 +01:00
Olivier MEDOC	9890ed191a	archlinux: fix lsb_release missing	2017-01-28 21:20:20 +01:00
Lorenzo	f3a44bdd74	Merge branch 'master' of github.com:lorenzog/qubes-core-agent-linux	2017-01-14 22:21:45 +00:00
Lorenzo	f4af5f320a	Shut down after update only if it's a template. As per discussion in https://github.com/QubesOS/qubes-issues/issues/2555#issuecomment-271415169 Signed-off-by: Lorenzo <lorenzo.grespan@gmail.com>	2017-01-14 22:20:51 +00:00
Lorenzo	ffefce9e25	Shut down after update only if it's a template. As per discussion in https://github.com/QubesOS/qubes-issues/issues/2555#issuecomment-271415169	2017-01-14 13:11:27 +00:00
Marek Marczykowski-Górecki	41cd218660	travis: drop debootstrap workaround Move to qubes-builder Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>	2017-01-10 12:12:44 +01:00
Marek Marczykowski-Górecki	bb71ddd8cd	Merge remote-tracking branch 'origin/pr/86' * origin/pr/86: archlinux: fix community repositories URL	2017-01-04 23:13:57 +01:00
Marek Marczykowski-Górecki	12231dab4a	Merge remote-tracking branch 'origin/pr/85' * origin/pr/85: comment	2017-01-04 23:13:24 +01:00
Olivier MEDOC	d8599d45ba	archlinux: fix community repositories URL	2016-12-28 09:00:38 +01:00
Marek Marczykowski-Górecki	63e02a1340	Merge remote-tracking branch 'qubesos/pr/32' * qubesos/pr/32: Copied needed sources to build root	2016-12-25 20:44:17 +01:00
Nicklaus McClendon	d1faba7d03	Copied needed sources to build root	2016-12-25 13:33:39 -05:00
Patrick Schleizer	3cc1a855dc	comment	2016-12-21 00:15:12 +01:00
Andrew David Wong	cc7d3fc925	Update Xen bug count in sudoers comment Closes QubesOS/qubes-issues#2480	2016-12-04 16:29:01 -08:00
Marek Marczykowski-Górecki	fb8c356216	version 3.2.15	2016-12-04 22:39:01 +01:00
Marek Marczykowski-Górecki	a9e7f91ca6	Fix detection of dom0 updates dnf stdout messages differ from yum. Handle this particular difference (info about last metadata check time), but in addition properly use its exit code - 0 means no updates, 100 means some updates. Fixes QubesOS/qubes-issues#2096	2016-12-04 22:37:17 +01:00
Marek Marczykowski-Górecki	bb53619d3d	version 3.2.14	2016-12-04 21:57:10 +01:00
Marek Marczykowski-Górecki	7c18322ffa	Merge remote-tracking branch 'qubesos/pr/27' * qubesos/pr/27: v2: (vm) qvm-move-to-vm: don't "rm -rf" vm name argument	2016-12-04 21:56:11 +01:00
Marek Marczykowski-Górecki	09870c7d80	travis: drop debootstrap workaround Move to qubes-builder	2016-12-04 21:28:13 +01:00
Rusty Bird	0d243250f2	v2: (vm) qvm-move-to-vm: don't "rm -rf" vm name argument Fixes QubesOS/qubes-issues#2472 from commit `3f600d03fa`	2016-12-04 16:50:59 +00:00
Marek Marczykowski-Górecki	41e3d591ef	Merge remote-tracking branch 'qubesos/pr/25' * qubesos/pr/25: Add systemd override for haveged in xenial and stretch. (#2161) Reenable haveged.service after debian package installation Fixes QubesOS/qubes-issues#2161	2016-11-28 15:02:32 +01:00
Marek Marczykowski-Górecki	938d184ef4	version 3.2.13	2016-11-18 01:59:25 +01:00
Marek Marczykowski-Górecki	a69acdabbf	Merge remote-tracking branch 'qubesos/pr/24' * qubesos/pr/24: Initialize home_volatile for disposable VMs.	2016-11-17 09:33:02 +01:00
Marek Marczykowski-Górecki	dbcd3e5f0a	Write random seed directly to /dev/urandom Don't store it in some variable, as may contain non-ASCII or control characters (or starts with '-').	2016-11-17 09:30:49 +01:00
Marek Marczykowski-Górecki	cc2fb303cb	Merge remote-tracking branch 'origin/pr/84' * origin/pr/84: fix reload_random_seed error handling	2016-11-17 09:30:14 +01:00
unman	58febd6d20	Add systemd override for haveged in xenial and stretch. (#2161 ) Reenable haveged.service after debian package installation	2016-11-14 02:33:20 +00:00
Patrick Schleizer	b1f418ca76	fix reload_random_seed error handling https://github.com/QubesOS/qubes-core-agent-linux/pull/21#pullrequestreview-8302473	2016-11-13 23:37:49 +01:00
Manuel Amador (Rudd-O)	6ca10b42eb	Initialize home_volatile for disposable VMs.	2016-11-13 21:20:46 +00:00
Marek Marczykowski-Górecki	3050852cbb	Prefer powerpill to update Archlinux VM This is the recommended way to connect through update proxy.	2016-11-12 22:30:37 +01:00
Marek Marczykowski-Górecki	6ba1d2ff78	Ask to shutdown the template after performing update Fixes QubesOS/qubes-issues#2431	2016-11-12 22:27:20 +01:00
Marek Marczykowski-Górecki	7fa4115aba	Refactor qubes.InstallUpdatesGUI to reduce code duplication QubesOS/qubes-issues#2431	2016-11-12 22:21:42 +01:00
Jean-Philippe Ouellet	0fb3e503d3	Keep Makefile DRY	2016-11-10 06:49:01 -05:00
Marek Marczykowski-Górecki	24b726a3bf	network: use /32 netmask on internal IPs in NAT providing namespace Use /32 inside network namespace too. Otherwise inter-VM traffic is broken - as all VMs seems to be in a single /24 subnet, but in fact are not. QubesOS/qubes-issues#1143	2016-11-01 00:22:19 +01:00
Marek Marczykowski-Górecki	c8213ea55a	network: properly handle DNS addresses in vif-qubes-nat.sh Core3 no longer reuse netvm own IP for primary DNS. At the same time, disable dropping traffic to netvm itself because it breaks DNS (as one of blocked things). This allows VM to learn real netvm IP, but: - this mechanism is not intended to avoid detection from already compromised VM, only about unintentional leaks - this can be prevented using vif-qubes-nat.sh on the netvm itself (so it will also have hidden its own IP) QubesOS/qubes-issues#1143	2016-11-01 00:22:08 +01:00
Marek Marczykowski-Górecki	c75b6519c5	network: keep the same MAC on vif interfaces Even when it's veth pair into network namespace doing NAT. QubesOS/qubes-issues#1143	2016-11-01 00:13:47 +01:00
Marek Marczykowski-Górecki	1c42a06238	network: integrate vif-route-qubes-nat into vif-route-qubes Since 'script' xenstore entry no longer allows passing arguments (actually this always was a side effect, not intended behaviour), we need to pass additional parameters some other way. Natural choice for Qubes-specific script is to use QubesDB. And since those parameters are passed some other way, it is no longer necessary to keep it as separate script. Fixes QubesOS/qubes-issues#1143	2016-10-31 00:40:32 +01:00
Marek Marczykowski-Górecki	696a0918d5	Revert "network: disable proxy_arp" Proxy ARP apparently is still needed for HVMs. This reverts commit `fa8b05a83c`. Fixes QubesOS/qubes-issues#1421	2016-10-30 20:42:00 +01:00
Marek Marczykowski-Górecki	938af2c7fd	network: change vif-route-qubes-nat parameters Keep "main" IP (the one in xenstore) as the one seen by the netvm, and pass the "fake" one (the one seen by the VM) as script parameter. Fixes QubesOS/qubes-issues#1143	2016-10-29 22:28:57 +02:00
Marek Marczykowski-Górecki	be86c7da1f	network: reformat vif-route-qubes-nat Use 4-space indentation, remove trailing spaces. No functional change.	2016-10-29 14:45:36 +02:00
Marek Marczykowski-Górecki	3131bb6135	Merge remote-tracking branch 'origin/pr/24' into core3-devel * origin/pr/24: network: add vif-route-qubes-nat for IP address anonymization	2016-10-29 14:42:50 +02:00
Marek Marczykowski-Górecki	a6658bc329	Merge remote-tracking branch 'qubesos/pr/22' * qubesos/pr/22: Invert logic of SKIP_SIGNING.	2016-10-28 14:10:18 +02:00
Marek Marczykowski-Górecki	f47fe7cd76	Merge remote-tracking branch 'qubesos/pr/21' * qubesos/pr/21: Clean up specfile unit activation aspect. Fix VM settings running while / is readonly. Invert logic of systemd_version_changed.	2016-10-28 14:09:50 +02:00
Manuel Amador (Rudd-O)	251ecbd529	Clean up specfile unit activation aspect. Up until today, Qubes OS would insist on either masking or disabling or activating units that should get their state properly changed but only on first package install (when the template is built). This commit adds the possibility of having two types of unit presets: * Initial presets: these are only changed state during first package installs. * Upgrade presets: these get their state changed during first package installs as well as during upgrades. All the maintainer has to do is abide by the instructions in the preset file. Nothing else is necessary. Namely, this allows users to enable SSHD on their templates or standalone VMs and still keep it enabled even after the qubes-core-vm-systemd package is upgraded. Matt really wanted that, and so did I, so now we can do it! :-)	2016-10-28 08:35:36 +00:00
Manuel Amador (Rudd-O)	6189801cff	Invert logic of SKIP_SIGNING.	2016-10-28 05:22:39 +00:00
Manuel Amador (Rudd-O)	d15696ebef	Fix VM settings running while / is readonly.	2016-10-28 05:21:40 +00:00
Manuel Amador (Rudd-O)	60adadff73	Invert logic of systemd_version_changed.	2016-10-28 05:02:53 +00:00
Marek Marczykowski-Górecki	014a706113	Merge remote-tracking branch 'qubesos/pr/21' * qubesos/pr/21: Better private.img size management. Clean up early initialization and setup of /rw	2016-10-27 01:32:25 +02:00
Manuel Amador (Rudd-O)	40db82a79f	Better private.img size management.	2016-10-26 12:59:50 +00:00
Manuel Amador (Rudd-O)	59aec8e5eb	Clean up early initialization and setup of /rw	2016-10-23 20:19:51 +00:00

1 2 3 4 5 ...

1979 Commits