changelog 51 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425
  1. qubes-core-agent (4.0.2-1) unstable; urgency=medium
  2. * Ship grub configuration
  3. * Ship Qubes 4.0 repository definition and keys
  4. * Update grub configuration
  5. * debian: install man pages
  6. * Add qrexec-client-vm man page
  7. * qrexec: exit with code 126 when service request was refused
  8. * qrexec: fix reporting exit code in qrexec-client-vm
  9. * qrexec: do not shutdown stdout socket inherited from parent
  10. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 24 Jun 2017 02:19:14 +0200
  11. qubes-core-agent (4.0.1-1) unstable; urgency=medium
  12. * Switch qubes.UpdatesProxy to socat
  13. * rpm,deb: fix dependencies
  14. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 11 Jun 2017 00:02:49 +0200
  15. qubes-core-agent (4.0.0-1) unstable; urgency=medium
  16. [ Marek Marczykowski-Górecki ]
  17. * qvm-copy-to-vm: fix handling empty target VM
  18. * Rename qubes.xdg python module to qubesxdg
  19. * Disable meminfo-writer if there is any PCI device attached
  20. [ Wojtek Porczyk ]
  21. * misc: add qvm-features-request
  22. [ Marek Marczykowski-Górecki ]
  23. * Add qubes.ResizeDisk service to adjust filesystem size
  24. * network: rewrite qubes-firewall daemon
  25. * network: remove qubes-netwatcher
  26. [ qubesuser ]
  27. * network: add vif-route-qubes-nat for IP address anonymization
  28. [ Marek Marczykowski-Górecki ]
  29. * network: reformat vif-route-qubes-nat
  30. * network: change vif-route-qubes-nat parameters
  31. * network: integrate vif-route-qubes-nat into vif-route-qubes
  32. * network: keep the same MAC on vif interfaces
  33. * network: properly handle DNS addresses in vif-qubes-nat.sh
  34. * network: use /32 netmask on internal IPs in NAT providing namespace
  35. * travis: drop debootstrap workaround
  36. * Add qubes.StartApp service
  37. * dom0-updates: restructure the script to not update metadata twice
  38. * tests: make firewall tests working regardless of python version
  39. * firewall: switch to python 3
  40. * tests: add run-tests script, plug it into travis
  41. * Apply gschema overrides also to debian, rename according to
  42. guidelines
  43. * fedora,debian: update python3-daemon dependency
  44. * Remove duplicated 'close' button from titlebar of gnome applications
  45. * Ask for target VM for file-copy in dom0
  46. * travis: update to Qubes 4.0 repositories
  47. * debian: fix qubes-firewall python packaging, make it more verbose
  48. * debian,fedora: split nautilus integration into separate package
  49. * Revert "firewall: switch to python 3"
  50. * Revert "fedora,debian: update python3-daemon dependency"
  51. * debian: add missing Build-Depends: python-setuptools
  52. * debian: make haveged.service patch less intrusive...
  53. * Rename qvm-run to qvm-run-vm
  54. * Implement qrexec-based connection to updates proxy
  55. * Implement qubes.PostInstall service
  56. * Fix detection of PCI passthrough
  57. * rpm: rename qubes-core-vm to qubes-core-agent
  58. * Rename qubes-nautilus to qubes-core-agent-nautilus
  59. * Split dom0-updates handling into subpackage
  60. * rpm: make file list more verbose to ease splitting the package
  61. * Split network-related files to -networking and -network-manager
  62. packages
  63. * Remove DisposableVM savefile related files
  64. * rpm: integrate documentation into main package
  65. * Adjust dependencies for clean upgrade
  66. * rpm: drop dependency on desktop-notification-daemon
  67. * Do not report spurious failure of qubes.WaitForSession service
  68. * deb,rpm: split passwordless root access configs into separate
  69. package
  70. * Remove old vusb scripts
  71. * debian: update basic metadata of package
  72. * rpm,deb: split qrexec-agent into separate subpackage
  73. * debian: drop explicit dependency on sudo
  74. * Cleanup kernel modules loading configuration
  75. * Add qubes.VMRootShell service
  76. * Make all scripts in qubes-rpc executable
  77. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 09 Jun 2017 23:30:10 +0200
  78. qubes-core-agent (3.2.18-1) unstable; urgency=medium
  79. * debian,fedora: drop gnome-packagekit from dependencies
  80. * systemd: fix race condition between qubes-db and qubes-early-vm-
  81. config
  82. * dispvm: don't use perl to decode base64-encoded script
  83. * rpm: don't "append" to not existing /etc/yum.conf
  84. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 16 May 2017 00:54:18 +0200
  85. qubes-core-agent (3.2.17-1) unstable; urgency=medium
  86. [ Jean-Philippe Ouellet ]
  87. * Remove dates from man pages
  88. [ Robin Schneider ]
  89. * bind-dirs: Create ro if bind target exists
  90. * Fix handling of binds containing spaces
  91. * Fix more shellcheck warnings
  92. [ unman ]
  93. * If there is only 1 DNS server make both DNAT rules point to it
  94. [ Daniel Moerner ]
  95. * network: Properly handle comments in NetworkManager.conf (#2584)
  96. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 01 Apr 2017 21:45:29 +0200
  97. qubes-core-agent (3.2.16-1) unstable; urgency=medium
  98. [ Andrew David Wong ]
  99. * Update Xen bug count in sudoers comment
  100. [ Nicklaus McClendon ]
  101. * Copied needed sources to build root
  102. [ Patrick Schleizer ]
  103. * comment
  104. [ Olivier MEDOC ]
  105. * archlinux: fix community repositories URL
  106. [ Lorenzo ]
  107. * Shut down after update only if it's a template.
  108. * Shut down after update only if it's a template.
  109. [ Olivier MEDOC ]
  110. * archlinux: fix lsb_release missing
  111. * archlinux: update installer script to use systemd preset file
  112. * archlinux: fix bash syntax errors
  113. * Makefile: enforce mode 750 for directories /etc/sudoers.d and
  114. /etc/polkit-1/rules.d
  115. * archlinux: fix pacman.d dropin not activated if pacman.conf does not
  116. already contains qubes markers
  117. * archlinux: add missing qubes-rpc dependencies
  118. [ Gregorio Guidi ]
  119. * Restore functionality of disable-default-route and disable-dns-
  120. server.
  121. [ unman ]
  122. * Stop anacron from starting in Debian using existing constraint on
  123. cron
  124. * Constrain cron and anacron in Ubuntu also
  125. * Reset iptables ACCEPT rule for updates proxy if service is running
  126. * Fix build for trusty - locales-all not available
  127. * Move trusty check and locales-all fix inside source-debian-quilt-
  128. copy-in
  129. * Apply gschema override preventing previews in nautilus in Debian
  130. [ Marek Marczykowski-Górecki ]
  131. * debian: fix lintian warning - command-with-path-in-maintainer-script
  132. * debian: don't fail the upgrade if glib-compile-schemas fails
  133. [ unman ]
  134. * Stop unnecessary services in Debian
  135. [ Marek Marczykowski-Górecki ]
  136. * systemd: place user dropins in /usr/lib instead of /lib
  137. * Use online resize2fs, and run filesystem check only when needed
  138. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 07 Mar 2017 23:04:47 +0100
  139. qubes-core-agent (3.2.15-1) wheezy; urgency=medium
  140. * Fix detection of dom0 updates
  141. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 04 Dec 2016 22:39:01 +0100
  142. qubes-core-agent (3.2.14-1) wheezy; urgency=medium
  143. [ unman ]
  144. * Add systemd override for haveged in xenial and stretch. (#2161)
  145. Reenable haveged.service after debian package installation
  146. [ Marek Marczykowski-Górecki ]
  147. * travis: drop debootstrap workaround
  148. [ Rusty Bird ]
  149. * v2: (vm) qvm-move-to-vm: don't "rm -rf" vm name argument
  150. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 04 Dec 2016 21:57:10 +0100
  151. qubes-core-agent (3.2.13-1) wheezy; urgency=medium
  152. [ Manuel Amador (Rudd-O) ]
  153. * Make signing optional for testing, and add program checks.
  154. * Clean up early initialization and setup of /rw
  155. * Better private.img size management.
  156. * Invert logic of systemd_version_changed.
  157. * Fix VM settings running while / is readonly.
  158. * Clean up specfile unit activation aspect.
  159. * Invert logic of SKIP_SIGNING.
  160. [ Marek Marczykowski-Górecki ]
  161. * Revert "network: disable proxy_arp"
  162. [ Jean-Philippe Ouellet ]
  163. * Keep Makefile DRY
  164. [ Marek Marczykowski-Górecki ]
  165. * Refactor qubes.InstallUpdatesGUI to reduce code duplication
  166. * Ask to shutdown the template after performing update
  167. * Prefer powerpill to update Archlinux VM
  168. [ Patrick Schleizer ]
  169. * fix reload_random_seed error handling
  170. [ Marek Marczykowski-Górecki ]
  171. * Write random seed directly to /dev/urandom
  172. [ Manuel Amador (Rudd-O) ]
  173. * Initialize home_volatile for disposable VMs.
  174. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 18 Nov 2016 01:59:25 +0100
  175. qubes-core-agent (3.2.12-1) wheezy; urgency=medium
  176. [ unman ]
  177. * Remove custom mount when starting cron, in favour of bind-dirs
  178. * use bind-dirs to handle crontab persistence
  179. * Revert version and correct unit files
  180. * Remove entry in changelog as version not bumped
  181. [ Rudd-O ]
  182. * Eliminate race condition with qubes-setup-dnat-to-ns
  183. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 18 Oct 2016 15:55:40 +0200
  184. qubes-core-agent (3.2.11-1) wheezy; urgency=medium
  185. [ HW42 ]
  186. * bind-dirs: copy from ro only if bind target doesn't exists
  187. [ Marek Marczykowski-Górecki ]
  188. * network: minor setup-ip fix
  189. * Configure NetworkManager to keep /etc/resolv.conf as plain file
  190. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 03 Oct 2016 11:32:40 +0200
  191. qubes-core-agent (3.2.10-1) wheezy; urgency=medium
  192. [ HW42 ]
  193. * systemd: fix qubes-mount-home path in cleanup script
  194. * systemd: remove obsolete symlinks with rm instead of systemctl
  195. [ Marek Marczykowski-Górecki ]
  196. * network: reload NM connection after setting it up
  197. * systemd: fix syntax error in preset file
  198. [ Patrick Schleizer ]
  199. * comment legacy function
  200. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 08 Aug 2016 05:23:02 +0200
  201. qubes-core-agent (3.2.9-1) wheezy; urgency=medium
  202. [ Marek Marczykowski-Górecki ]
  203. * systemd: cleanup removed services
  204. * systemd: order qubes-mount-dirs.service before local-fs.target
  205. * systemd: load xen-privcmd module
  206. * systemd: include tor-disabling drop-ins in the package
  207. * systemd: improve ordering of systemd units
  208. [ Patrick Schleizer ]
  209. * add /usr/lib/qubes/bind-dirs.sh compatibility symlink
  210. * empty legacy function
  211. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 27 Jul 2016 06:08:56 +0200
  212. qubes-core-agent (3.2.8-1) wheezy; urgency=medium
  213. * dom0-updates: fix cleaning downloaded packages
  214. * Revert "systemd: preset xendriverdomain on update"
  215. * systemd: don't mark updates check service failed
  216. * systemd: plug random seed loading into systemd-random-seed
  217. * Include Qubes Master Key in the VM template
  218. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 17 Jul 2016 04:27:04 +0200
  219. qubes-core-agent (3.2.7-1) wheezy; urgency=medium
  220. [ Marek Marczykowski-Górecki ]
  221. * systemd: preset xendriverdomain on update
  222. * rpm: fix misleading systemd warnings during upgrade
  223. [ Olivier MEDOC ]
  224. * archlinux: switch to usage of pacman.d drop-ins
  225. * archlinux: Setup default package repository
  226. * archlinux: ensure repositories are the last pacman.d files included
  227. * archlinux: fix update-proxy-configs to use pacman.d drop-ins
  228. [ Patrick Schleizer ]
  229. * fixed qubes-core-agent upgrading double package manager lock
  230. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 13 Jul 2016 22:43:06 +0200
  231. qubes-core-agent (3.2.6-1) wheezy; urgency=medium
  232. [ Patrick Schleizer ]
  233. * Do not start tor@default service in TemplateVM.
  234. [ Marek Marczykowski-Górecki ]
  235. * dom0-updates: use dnf --best --allowerasing
  236. [ Rusty Bird ]
  237. * Order network management units after network-pre.target
  238. * dvm, then xendriverdomain, then qrexec-agent
  239. * *Do* block until good random is available again
  240. * Remove 'if true' wrapper from
  241. 06a0d30d50ce4ea266532c06ef24880bf5363c1b
  242. * Enable xendriverdomain.service in 75-qubes-vm.preset
  243. [ Patrick Schleizer ]
  244. * add comment
  245. * add comment
  246. [ Olivier MEDOC ]
  247. * archlinux: update installer script in prevision of pacman.d drop-ins
  248. * archlinux: provide automatic qubes-trigger-sync-appmenus through
  249. pacman hooks
  250. * archlinux: remove unnecessary glib-compile-scheme
  251. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 13 Jul 2016 04:38:17 +0200
  252. qubes-core-agent (3.2.5-1) wheezy; urgency=medium
  253. * travis: add fc24 build
  254. * debian: add missing pkg-config build depends
  255. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 06 Jun 2016 00:18:54 +0200
  256. qubes-core-agent (3.2.4-1) wheezy; urgency=medium
  257. [ Patrick Schleizer ]
  258. * fix indent
  259. [ Marek Marczykowski-Górecki ]
  260. * dom0-updates: use dnf when available
  261. * Prefer 'dnf' over 'yum' for template update
  262. [ unman ]
  263. * Fall back to gnome utilities if kdialog not present
  264. [ Marek Marczykowski-Górecki ]
  265. * travis: initial version
  266. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 05 Jun 2016 22:10:58 +0200
  267. qubes-core-agent (3.2.3-1) wheezy; urgency=medium
  268. * Cleanup R3.1->R3.2 transitional package
  269. * Update repository definitions for R3.2
  270. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 18 May 2016 23:43:22 +0200
  271. qubes-core-agent (3.2.2-1) wheezy; urgency=medium
  272. * systemd: order units checking for qubes-service after qubes-sysinit
  273. * qvm-open-in-vm: escape URL when wrapping it in HTML
  274. * Implement qubes.OpenURL service instead of wrapping URLs in HTML
  275. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 18 May 2016 03:00:12 +0200
  276. qubes-core-agent (3.2.1-1) wheezy; urgency=medium
  277. [ Marek Marczykowski-Górecki ]
  278. * qubes-rpc: fix SVG icon scaling
  279. * Fix bind-dirs.sh path
  280. [ Olivier MEDOC ]
  281. * archlinux: fix remaining loginctl privilege issues with invalid
  282. pam.d configuration
  283. [ Marek Marczykowski-Górecki ]
  284. * Remove obsolete policy files
  285. [ Patrick Schleizer ]
  286. * fixed bind-dirs legacy import function
  287. * fixed sh syntax error
  288. * minor debug xtrace output
  289. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 05 May 2016 00:05:13 +0200
  290. qubes-core-agent (3.2.0-1) wheezy; urgency=medium
  291. [ Patrick Schleizer ]
  292. * disable systemd-timesyncd
  293. [ Marek Marczykowski-Górecki ]
  294. * qrexec: write service stderr to both syslog and caller
  295. * qrexec: hide timing debug messages in vm-file-editor
  296. [ Patrick Schleizer ]
  297. * do not start the Tor service inside Qubes TemplateVMs
  298. * work on bind-dirs https://phabricator.whonix.org/T414
  299. * work on bind-dirs
  300. * work on bind-dirs
  301. * renamed: misc/bind-dirs -> vm-systemd/bind-dirs
  302. * renamed: bind-dirs -> bind-dirs.sh
  303. * run /usr/lib/qubes/bind-dirs.sh from mount-dirs.sh
  304. * use symlink_level_max rather than hardcoding 10; comment
  305. * also exit from bind-directories if file /var/run/qubes-service/qubes-
  306. dvm exists
  307. * fixed broken file copy for files in multi level directories
  308. * refactoring / code simplification
  309. [ Rusty Bird ]
  310. * qvm-move-to-vm: Remove duplicated code
  311. * qvm-move-to-vm: Use '--' before file arguments
  312. * Use && in qvm-move-to-vm
  313. [ Andrew ]
  314. * Use proper space-expanded tabs, as per the coding guidelines.
  315. * Move usage information printing to separate function, and print
  316. usage to stderr; also added some spacing.
  317. * Use proper quoting around variables.
  318. * Properly handle case of empty domain name.
  319. [ Marek Marczykowski-Górecki ]
  320. * rpm: Add bind-dirs.sh to spec file
  321. * qubes.SuspendPreAll and qubes.SuspendPostAll services
  322. * qrexec: unify service environment preparation
  323. [ Patrick Schleizer ]
  324. * use 'true' rather than ':' for consistency
  325. * minor indent
  326. [ Rusty Bird ]
  327. * Remove exec in last line of qvm-copy-to-vm
  328. [ Marek Marczykowski-Górecki ]
  329. * qrexec: add service argument support
  330. * network: run setup-ip only on xen frontend interfaces
  331. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 29 Mar 2016 14:41:34 +0200
  332. qubes-core-agent (3.1.14-1) wheezy; urgency=medium
  333. * network: use `qubes-primary-dns` QubesDB entry if present
  334. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 07 Mar 2016 13:47:01 +0100
  335. qubes-core-agent (3.1.13-1) wheezy; urgency=medium
  336. [ Marek Marczykowski-Górecki ]
  337. * sysinit: Accept also old xenbus kernel interface
  338. [ adrianx64 ]
  339. * Proposed solution for issue #1657
  340. [ Marek Marczykowski-Górecki ]
  341. * Move opening file viewer/editor into separate shell script
  342. * qubes-open: switch from mimeopen to xdg-open
  343. [ Olivier MEDOC ]
  344. * update qubes.InstallUpdateGUI to support archlinux
  345. * archlinux: add gcc and make as make dependencies
  346. * implement update proxy support for archlinux
  347. * archlinux: add Qubes Markers in pacman.conf so that changes done by
  348. qubes scripts are not inserted at the end of pacman.conf
  349. * archlinux: properly add qubes markers in pacman.conf
  350. * update-proxy: use curl instead of wget in archlinux in order to
  351. limit additional dependencies
  352. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 08 Feb 2016 05:07:39 +0100
  353. qubes-core-agent (3.1.12-1) wheezy; urgency=medium
  354. * Unload USB controllers drivers in USB VM before going to sleep
  355. * Do not try to signal NetworkManager before suspend if it isn't
  356. running
  357. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 11 Jan 2016 21:59:34 +0100
  358. qubes-core-agent (3.1.11-1) wheezy; urgency=medium
  359. [ Marek Marczykowski-Górecki ]
  360. * dom0-updates: add a message explaining yum deprecated warning
  361. [ noname ]
  362. * archlinux: Added python{2,3} as dependency. Solved python22 bug.
  363. [ Marek Marczykowski-Górecki ]
  364. * Fix time sync service
  365. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 07 Jan 2016 05:52:35 +0100
  366. qubes-core-agent (3.1.10-1) wheezy; urgency=medium
  367. * network: use more strict policy about incoming traffic
  368. * debian: add missing python-gtk2 dependency
  369. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 31 Dec 2015 02:58:29 +0100
  370. qubes-core-agent (3.1.9-1) wheezy; urgency=medium
  371. * dnf: drop shebang, it isn't standalone script
  372. * Package DNF plugin for both python2 and python3
  373. * dom0-updates: fix reporting when no updates are available
  374. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 26 Dec 2015 14:24:00 +0100
  375. qubes-core-agent (3.1.8-1) wheezy; urgency=medium
  376. [ Marek Marczykowski-Górecki ]
  377. * open-in-vm: Fix path to mimeinfo database
  378. [ Olivier MEDOC ]
  379. * archlinux: fix invalid systemd path in make install directive
  380. * archlinux: remove quotes when checking system locales (in case it
  381. has been user defined)
  382. [ MB ]
  383. * [network-proxy-setup] Permit !CONFIG_MODuLES
  384. [ Rusty Bird ]
  385. * repo description: updates-testing -> security-testing
  386. [ Marek Marczykowski-Górecki ]
  387. * debian: add security-testing repository
  388. [ Olivier MEDOC ]
  389. * archlinux: ensure systemctl reset preset correctly (need to be
  390. started twice)
  391. [ Marek Marczykowski-Górecki ]
  392. * updates-proxy: restart on network configuration change to reload DNS
  393. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 20 Dec 2015 03:12:39 +0100
  394. qubes-core-agent (3.1.7-1) wheezy; urgency=medium
  395. * updates-proxy: explicitly block connection looping back to the proxy
  396. IP
  397. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 04 Dec 2015 15:32:14 +0100
  398. qubes-core-agent (3.1.6-1) wheezy; urgency=medium
  399. * Revert "network: use drop-ins for NetworkManager configuration
  400. (#1176)"
  401. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 29 Nov 2015 00:34:34 +0100
  402. qubes-core-agent (3.1.5-1) wheezy; urgency=medium
  403. [ Patrick Schleizer ]
  404. * clean up /etc/tinyproxy/filter-updates
  405. [ Olivier MEDOC ]
  406. * updates-proxy: remove remaining traces of proxy filtering file from
  407. Makefile
  408. * rpm_spec: declare InstallUpdateGUI qrexec_service
  409. * archlinux: enforce minimum versionning of qubes-utils
  410. [ Patrick Schleizer ]
  411. * Prevent services from being accidentally restarted by `needrestart`.
  412. * Have qubes-sysinit create /var/run/qubes VM type files.
  413. [ Marek Marczykowski-Górecki ]
  414. * Package needrestart config only for Debian
  415. * debian: reformat Build-Depends:
  416. * debian: update build-depends for split qubes-utils package
  417. * backup: Use 'type' instead of 'which' to prevent unnecessary
  418. dependency
  419. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 28 Nov 2015 14:48:33 +0100
  420. qubes-core-agent (3.1.4-1) wheezy; urgency=medium
  421. [ Marek Marczykowski-Górecki ]
  422. * Minor improvements to packaging (based on rpmlint)
  423. [ Patrick Schleizer ]
  424. * removed confusing comments
  425. * minor indent
  426. * No longer start /etc/init.d/tinyproxy by default anymore.
  427. [ Marek Marczykowski-Górecki ]
  428. * Revert "preset disable tinyproxy by default"
  429. [ Patrick Schleizer ]
  430. * minor, removed trailing space
  431. * Improved upgrade notifications sent to QVMM.
  432. * fixed inverted logic issue in upgrades-installed-check
  433. * misc/upgrades-installed-check: handle apt-get errors
  434. [ Marek Marczykowski-Górecki ]
  435. * Explicitly fail upgrades-installed-check on other distributions
  436. [ qubesuser ]
  437. * Allow to provide customized DispVM home directly in the template VM
  438. [ Marek Marczykowski-Górecki ]
  439. * network: let NetworkManager configure VM uplink, if enabled
  440. * Use improved update-notify script also in Fedora
  441. * Implement qubes.InstallUpdatesGUI qrexec service
  442. * Really fix update-proxy rules for debian security fixes repo
  443. * updates-proxy: disable filtering at all
  444. * network: disable proxy_arp
  445. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 15 Nov 2015 04:29:29 +0100
  446. qubes-core-agent (3.1.3-1) wheezy; urgency=medium
  447. [ Marek Marczykowski-Górecki ]
  448. * network: forward TCP DNS queries
  449. [ Patrick Schleizer ]
  450. * removed trailing spaces
  451. * Renamed qubes-mount-home to qubes-mount-dirs.
  452. [ Marek Marczykowski-Górecki ]
  453. * qrexec: implement buffered write to a child stdin
  454. [ Olivier MEDOC ]
  455. * archlinux: update packaging and install script to use systemd
  456. DROPINs
  457. * archlinux: force running scripts with python2 even when /usr/bin/env
  458. is used
  459. * archlinux: readd notification-daemon as a dependency
  460. * archlinux: readd lines removed by error during merge
  461. [ Patrick Schleizer ]
  462. * disable leaking TCP timestamps by default
  463. [ Marek Marczykowski-Górecki ]
  464. * rpm: add /etc/sysctl.d/20_tcp_timestamps.conf
  465. * rpm: remove duplicated entry
  466. [ Patrick Schleizer ]
  467. * cleanup /etc/apt/apt.conf.d/00notiy-hook on existing systems
  468. [ erihe251 ]
  469. * Small language fixes
  470. * Update qubes.sudoers
  471. [ Marek Marczykowski-Górecki ]
  472. * Require new enough qubes-utils package for updated libqrexec-utils
  473. * debian: install locales-all instead of custom locales generation
  474. * makefile: cleanup help message
  475. * Setup updates proxy in dnf and PackageKit
  476. * backup: fix handling backup filename with spaces
  477. * backup: improve exit code reporting
  478. [ Rusty Bird ]
  479. * qfile-unpacker: Avoid data loss by checking for child errors
  480. [ Marek Marczykowski-Górecki ]
  481. * appmenus: ignore entries with NoDisplay=true
  482. * qfile-agent: move data handling code to libqubes-rpc-filecopy
  483. [ yaqu ]
  484. * Replacing "sleep 365d" with "sleep inf"
  485. [ Marek Marczykowski-Górecki ]
  486. * No longer disable auditd
  487. * dom0-updates: prefer yum-deprecated over dnf
  488. * fedora: Add skip_if_unavailable=False to Qubes repositories
  489. [ Olivier MEDOC ]
  490. * add DROPINS for org.cups.cupsd systemd files.
  491. * dropins: make current systemd dropins specific to systemd-system in
  492. order to introduce dropins for systemd-user
  493. * dropins: implement dropins for systemd user starting with pulseaudio
  494. systemd service and socket masking
  495. [ Marek Marczykowski-Górecki ]
  496. * qrexec: add some comments, minor improvement in readability
  497. * qrexec: use #define for protocol-specified strings
  498. * dracut: disable hostonly mode
  499. * dom0-updates: use yum-deprecated instead of dnf in all calls
  500. * updates-proxy-setup: use temporary file for config snippet
  501. * Implement dnf hooks for post-update actions
  502. * fedora: do not require/use yum-plugin-post-transaction-actions in
  503. F>=22
  504. * Get rid of qubes-core-vm-kernel-placeholder
  505. * systemd: make sure that update check is started only after qrexec-
  506. agent
  507. * dom0-updates: do not use 'yum check-update -q'
  508. * Bump qubes-utils version requirement
  509. [ Patrick Schleizer ]
  510. * preset disable tinyproxy by default
  511. [ Marek Marczykowski-Górecki ]
  512. * updates-proxy: use separate directory for PID file
  513. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 11 Nov 2015 06:29:21 +0100
  514. qubes-core-agent (3.1.2-1) wheezy; urgency=medium
  515. [ Marek Marczykowski-Górecki ]
  516. * Enlarge /tmp and /dev/shm
  517. * network: use own iptables service instead of repurposing existing
  518. one
  519. [ Patrick Schleizer ]
  520. * removed iptables-persistent from Depends to improve usablity (avoid
  521. redundant debconf question)
  522. [ Marek Marczykowski-Górecki ]
  523. * debian: disable netfilter-persistent.service
  524. * Adjust progress message on file move operation
  525. * Run 'ldconfig' to update /usr/local/lib* cache, if applicable
  526. * updates-proxy: Disable 'Via: tinyproxy' header
  527. * Cleanup R3.0->R3.1 transitional package
  528. * network: use drop-ins for NetworkManager configuration (#1176)
  529. * network: fix 'qubes-uplink-eth0' NetworkManager connection (#1280)
  530. [ Patrick Schleizer ]
  531. * minor
  532. [ HW42 ]
  533. * qubes-random-seed: feed kernel rng with randomness from dom0
  534. * reload qubes-random-seed when restoring DispVM
  535. [ Marek Marczykowski-Górecki ]
  536. * systemd: actually enable qubes-random-seed service
  537. * sysvinit: load random seed from dom0 provided data
  538. * Use 'type' instead of 'which' to prevent unnecessary dependency
  539. * Add missing R: dconf to hide nm-applet when not used
  540. * dom0-updates: Fix showing package list when --check-only option was
  541. used
  542. * dom0-updates: check "yum check-update" exit code, not only its
  543. output
  544. * dom0-updates: fix hostname in error message
  545. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 11 Oct 2015 03:00:00 +0200
  546. qubes-core-agent (3.1.1-1) wheezy; urgency=medium
  547. * Update repository definition for r3.1
  548. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 29 Sep 2015 16:55:35 +0200
  549. qubes-core-agent (3.1.0-1) wheezy; urgency=medium
  550. [ Patrick Schleizer ]
  551. * Allow passwordless login for user "user" (when using 'sudo xl
  552. console').
  553. * Allow passwordless login for user "user" (when using 'sudo xl
  554. console') for images being upgraded.
  555. * show error msg if qubes.ReceiveUpdates failed
  556. [ qubesuser ]
  557. * qubes-rpc: fix broken temporary file deletion in qubes.GetImageRGBA
  558. [ Patrick Schleizer ]
  559. * added missing dependency python-dbus to 'Depends:'
  560. [ Marek Marczykowski-Górecki ]
  561. * rpm: add dbus-python dependency
  562. [ qubesuser ]
  563. * qubes-rpc: fix broken temporary file deletion in qubes.GetImageRGBA
  564. * qubes-rpc: fix icon selection using pyxdg and support SVG icons
  565. [ Patrick Schleizer ]
  566. * fixed 'Debian 8 apt.config.d misconfiguration'
  567. * added missing dependency xserver-xorg-dev
  568. * - Prevent 'su -' from asking for password in Debian [based]
  569. templates. Thanks to @unman and @marmarek for suggesting the fix!
  570. Fixes https://github.com/QubesOS/qubes-issues/issues/1128. - Changed
  571. 'ifeq (1,${DEBIANBUILD})' to 'ifeq ($(shell lsb_release -is),
  572. Debian)' to make the build work outside of Qubes Builder as well.
  573. * Fixed /etc/pam.d/su.qubes. (Moved line 'auth sufficient
  574. pam_permit.so' up. May not be low '@include' lines.)
  575. * fix typo
  576. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 29 Sep 2015 16:39:55 +0200
  577. qubes-core-agent (3.0.16-1) wheezy; urgency=medium
  578. [ Marek Marczykowski-Górecki ]
  579. * debian: remove SELinux disabling code
  580. * Revert "qubes-desktop-run: Activate via DBUS when desktop file
  581. contains DBusActivatable"
  582. * qubes-desktop-run: start the Dbus service (if needed)
  583. [ Patrick Schleizer ]
  584. * added pulseaudio-kde and spice-vdagent to qubes-trigger-desktop-
  585. file-install
  586. [ Jason Mehring ]
  587. * debian: Move python-xdg to depends section in debian/control
  588. * sudoers.d: Stops QT from using the MIT-SHM X11 Shared Memory
  589. Extension
  590. [ Rusty Bird ]
  591. * Mount /dev/xvdb with fs type "auto"
  592. [ Marek Marczykowski-Górecki ]
  593. * Move .desktop launching code to python moules so it can be reused
  594. * Implement dropins for /etc/xdg/autostart (#1151)
  595. * Remove dynamically generated autostart desktop files
  596. * qubes-session-autostart: do not abort the whole process on invalid
  597. file
  598. * qubes-desktop-run: don't crash on Debian wheezy (glib < 2.36)
  599. * debian: fix /dev permissions on upgrade
  600. * systemd: fix starting cups
  601. * debian: depend on gawk
  602. * Fix show-hide-nm-applet.desktop - use OnlyShowIn=X-QUBES
  603. [ Patrick Schleizer ]
  604. * moved python-xdg from Recommends to Depends
  605. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 03 Sep 2015 02:45:30 +0200
  606. qubes-core-agent (3.0.15-1) wheezy; urgency=medium
  607. * debian: remove `Recommends: chrony`
  608. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 08 Aug 2015 23:23:38 +0200
  609. qubes-core-agent (3.0.14-1) wheezy; urgency=medium
  610. [ Marek Marczykowski-Górecki ]
  611. * kernel-placeholder: prevent xl2tpd from pulling kernel packages
  612. * qubes-core-vm-kernel-placeholder 1.0-3
  613. [ Olivier MEDOC ]
  614. * archlinux: update dependency list based on .spec file
  615. * archlinux: reorganize install script to make it more easily
  616. compareable with the .spec file
  617. * archlinux: fix syntax errors in install file
  618. [ Marek Marczykowski-Górecki ]
  619. * debian: fix permissions of /var/lib/qubes/dom0-updates
  620. [ Patrick Schleizer ]
  621. * also inform in cli if no new updates are available
  622. [ Olivier MEDOC ]
  623. * archlinux: pulseaudio should be configured in gui agent and will
  624. break installation of pulseaudio if installed in core-agent-linux
  625. * archlinux: enabled configuration of all core agent dependencies
  626. * archlinux: ensure python2 is used for all scripts and fix
  627. dependencies for qubes-desktop-run
  628. [ Jason Mehring ]
  629. * debian: Renamed incorrect filename: 00notiy-hook -> 00notify-hook
  630. * debian: Comment out deb-src line in qubes-r3.list
  631. * Use 'which' to locate fuser since fuser path is different in Fedora
  632. and Debian
  633. * debian: Change triggers to use `interest-await` (execute triggers
  634. after all packages installed)
  635. * Remove '.service' from systemd enable loop as unit_name already
  636. contains .service in name
  637. * debian: remove cups/print-applet triggers
  638. * debian: Added cups, system-config-printer to Recommends
  639. * Makefile: Add systemd drop-in support which include conditionals to
  640. prevent services from starting
  641. * fedora: Add systemd drop-in support which include conditionals to
  642. prevent services from starting
  643. * debian: Add systemd drop-in support which include conditionals to
  644. prevent services from starting
  645. * Re-aranged qubes-vm.preset to indicate which services are specificly
  646. for Fedora only
  647. * vm-systemd: Add systemd drop-in support which include conditionals
  648. to prevent services from starting
  649. [ Marek Marczykowski-Górecki ]
  650. * archlinux: remove installOverridenServices as now handled by systemd
  651. dropins
  652. * fedora: do not own dropins directories
  653. * fedora: simulate preset-all only on first install, not upgrade
  654. * fedora: fix default locale generation
  655. * qrexec: fix exit code from qrexec-client-vm
  656. * qrexec: make sure that all the pipes/sockets are closed on cleanup
  657. [ Jason Mehring ]
  658. * qubes-desktop-file-install: Manages xdg desktop entry files
  659. * debian: Reformat depends in control for better readability
  660. * debian: qubes-desktop-file-install: Add misssing depend to contol
  661. * debian: Switch to using org.mate.NotificationDaemon by default to
  662. eliminate popups not closing
  663. * fedora: Use 'slider' org.mate.NotificationDaemon theme
  664. * qubes-desktop-run: Activate via DBUS when desktop file contains
  665. DBusActivatable
  666. [ Marek Marczykowski-Górecki ]
  667. * Move `/usr/share/qubes/xdg` to `/var/lib/qubes/xdg`
  668. [ Patrick Schleizer ]
  669. * fixed "in place upgrade issue - base-passwd debconf interative
  670. question asks 'Remove group "qubes"'"
  671. * fixed "in place upgrade issue - base-passwd debconf interative
  672. questi…on asks 'Remove group "qubes"'" for existing users
  673. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 08 Aug 2015 04:16:52 +0200
  674. qubes-core-agent (3.0.13-1) wheezy; urgency=medium
  675. * fedora: ensure that /etc/sysconfig/iptables exists (Fedora 20)
  676. * fedora/systemd: fix service enabling code
  677. * network: use iptables-restore instead of iptables --wait
  678. * network: guard iptables call with manual lock
  679. * network: disable tx csum offload on vif interfaces
  680. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 01 Jul 2015 07:05:53 +0200
  681. qubes-core-agent (3.0.12-1) wheezy; urgency=medium
  682. * dom0-updates: make the tool working on Debian
  683. * fedora, debian: make sure that default locale is generated
  684. * rpm: improve setting iptables rules
  685. * Do not override file pointed by /etc/localtime symlink
  686. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 23 Jun 2015 20:06:22 +0200
  687. qubes-core-agent (3.0.11-1) wheezy; urgency=medium
  688. [ Marek Marczykowski-Górecki ]
  689. * debian: fix apt sources.list generation (missing debian version
  690. field)
  691. [ Jason Mehring ]
  692. * Set a default locale if missing
  693. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 11 Jun 2015 04:06:26 +0200
  694. qubes-core-agent (3.0.10-1) wheezy; urgency=medium
  695. * rpm: ensure that all the services are enabled after upgrade
  696. * qrexec: do not show message about missing fork-sever - it isn't an
  697. error
  698. * rpm: add missing dependencies
  699. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 02 Jun 2015 11:20:18 +0200
  700. qubes-core-agent (3.0.9-1) wheezy; urgency=medium
  701. [ Jason Mehring ]
  702. * debian: Only notify dom0 on apt-get post hook; don't update package
  703. index
  704. * debian: Allow apt-get post hook to fail gracefully (won't work in
  705. chroot)
  706. [ Marek Marczykowski-Górecki ]
  707. * appmenus: hide message about missing /usr/local/share/applications
  708. * qrexec: prefer VM-local service file (if present) over default one
  709. * rpm: mark service files as configuration to not override user
  710. changes
  711. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 15 May 2015 03:27:58 +0200
  712. qubes-core-agent (3.0.8-1) wheezy; urgency=medium
  713. [ Marek Marczykowski-Górecki ]
  714. * Use iptables --wait only when it is supported
  715. [ Jason Mehring ]
  716. * debian: Update notification now notifies dom0 when an upgrade is
  717. completed
  718. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 28 Apr 2015 12:51:48 +0200
  719. qubes-core-agent (3.0.7-1) wheezy; urgency=medium
  720. [ Marek Marczykowski-Górecki ]
  721. * debian: install qubes-download-dom0-updates.sh
  722. * prepare-dvm: fix bashism
  723. * network: wait for iptables lock instead of aborting
  724. * rpm: cleanup R2->R3.0 transitional package
  725. [ Jason Mehring ]
  726. * whonix: Added protected-files file used to prevent scripts from
  727. modifying files that need to be protected
  728. * Changed location of PROTECTED_FILE_LIST to /etc/qubes/protected-
  729. files.d
  730. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 25 Apr 2015 02:36:55 +0200
  731. qubes-core-agent (3.0.6-1) wheezy; urgency=medium
  732. * qrexec: do not reset umask to 077 for every started process
  733. * rpm/systemd: do not use preset-all during package upgrade
  734. * systemd: disable avahi-daemon and dnf-makecache
  735. * dispvm: do not start GUI apps during prerun
  736. * Fix resizing of /rw partition (private.img)
  737. * Minor fixes in mount-home.sh
  738. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 11 Apr 2015 03:40:57 +0200
  739. qubes-core-agent (3.0.5-1) wheezy; urgency=medium
  740. * systemd: use presets to enable services, call preset-all
  741. * systemd: install overridden unit file for chronyd
  742. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 07 Apr 2015 14:58:36 +0200
  743. qubes-core-agent (3.0.4-1) wheezy; urgency=medium
  744. [ Marek Marczykowski-Górecki ]
  745. * qrexec: try to recover from fork-server communication error
  746. * rpm: add missing BuildRequires: libX11-devel
  747. * debian: fix handling SysV units in disableSystemdUnits
  748. * debian: update NetworkManager configuration
  749. [ Wojtek Porczyk ]
  750. * qubes-rpc-multiplexer: deprecate /etc/qubes_rpc, allow /usr/local
  751. * sudoers: do not require TTY
  752. [ Marek Marczykowski-Górecki ]
  753. * Update repository definition: r3 -> r3.0
  754. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 02 Apr 2015 00:55:09 +0200
  755. qubes-core-agent (3.0.3-1) wheezy; urgency=medium
  756. * Enable updates repos by default
  757. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 27 Mar 2015 01:24:43 +0100
  758. qubes-core-agent (3.0.2-1) wheezy; urgency=medium
  759. [ Marek Marczykowski-Górecki ]
  760. * debian: fix version number
  761. * backup: fix qubes.Restore service - do not send garbage as backup
  762. data
  763. [ Jason Mehring ]
  764. * debian: Add extend-diff-ignore options to debian packager
  765. [ Marek Marczykowski-Górecki ]
  766. * qrexec: fork into background after setting up qrexec-fork-server
  767. socket
  768. * Fix "backup: fix qubes.Restore service - do not send garbage as
  769. backup data"
  770. [ Jason Mehring ]
  771. * Switched qvm-move-to-vm.{gnome,kde} scripts to use bash not sh
  772. * Removed nautilus-actions depend and replaced with nautilus-python
  773. * Removed code that deleted original nautilus actions
  774. [ Marek Marczykowski-Górecki ]
  775. * fc21: fix DispVM preparation - Xorg has new name
  776. * dispvm: kill all process after populating caches
  777. * dispvm: start gui agent early, do not kill Xorg
  778. * dispvm: close only visible windows during DispVM preparation
  779. * Move mounting /rw and /home to separate service
  780. * dispvm: use qubes.WaitForSession to wait for gui-agent startup
  781. * dispvm: include memory caches in "used memory" notification
  782. * dispvm: do not restart qubesdb-daemon, use watch instead
  783. * qrexec: simplify makefile
  784. * qrexec: handle data vchan directly from qrexec-client-vm
  785. * qrexec: return remote process status as qrexec-client-vm exit code
  786. * qrexec: better handle remote process termination
  787. * qrexec: do not break connection on duplicated SIGUSR1
  788. * qrexec: minor readability fix
  789. * qrexec: process vchan data queue (esp MSG_EXIT_CODE) before sending
  790. anything
  791. * qrexec: add option to use real stdin/out of qrexec-client-vm
  792. * qrexec: do not leak FDs to logger process
  793. * qrexec: execute RPC service directly (without a shell) if it has
  794. executable bit set
  795. * qrexec: get rid of shell in services using EOF for any signaling
  796. * qrexec: move qrexec-client-vm to /usr/bin
  797. * Add support for comments in qubes-suspend-module-blacklist
  798. * Create filesystem if the private.img is empty
  799. * Provide stub files in /rw/config
  800. * qrexec: fix compile warning
  801. * qrexec: do not wait for local process if no one exists
  802. * qrexec: enable compiler optimization
  803. * Do not load xen-usbfront automatically
  804. * fedora: override iptables configuration on initial installation
  805. * Update comments and xenbus intf in startup scripts regarding vchan
  806. requirements
  807. * dom0-update: allow to specify custom yum action
  808. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 26 Mar 2015 23:56:25 +0100
  809. qubes-core-agent (3.0.1-1) jessie; urgency=medium
  810. [ Marek Marczykowski-Górecki ]
  811. * Reenable imsettings service
  812. * systemd: fix xenstore-ls path
  813. [ Jason Mehring ]
  814. * Allow hyphenated distro names in tinyproxy filter
  815. * Change condition test to compare to a link "-L"
  816. * debian: add xen-utils-common as a dependancy to allow Debian proxies
  817. * debian: Added maintainers scripts (pre / postinit + rm) - Currently
  818. in debug mode
  819. * debian: preinst needs a group and force no password entry on adduser
  820. * debian: Added less restrictive filter option for debian packages
  821. Sites like sourceforge append ?downloadxxx to end
  822. * debian: added new depends
  823. * debian: force shell to be bash since its default is dash and many
  824. qubes scripts rely on bash and will break in dash and added
  825. tinyproxy user
  826. [ HW42 ]
  827. * move fedora specific stuff to install-rh target
  828. * don't track debina/files (since it is autogenerated)
  829. * use systemd in debian
  830. * install iptables/forwarding for debian
  831. * various patches for debian
  832. * improve update of /etc/hosts
  833. * make source.list multiarch compatible
  834. * add xserver-xorg-video-dummy to the dependencies list of qubes-core-
  835. agent
  836. * dispvm-presun.sh needs bash
  837. * use sleep instead os usleep since it is more portable
  838. * debian: chown /home_volatile/user in posinst
  839. * fix xenstore-read path in network-proxy-setup.sh for debian
  840. * debian: add dependency on xen-utils since it's needed for
  841. proxy/netvm
  842. * debian: add support for qubes appmenus
  843. [ Marek Marczykowski-Górecki ]
  844. * debian: fix initialization of /etc/hosts
  845. [ Jason Mehring ]
  846. * debian: set -e added in place of set -x
  847. * debian: Made debian proxy filter rules more restrictive
  848. * debian: Cleanup
  849. * debian: Prepend package name to maintainers scripts
  850. * debian: Add qubes-update-check for Debian
  851. * debian: Revert back to original NetworkManager, ModemManager service
  852. names
  853. * debian: apt-get needs to update first
  854. * debian: Remove absolute path to xenstore-*
  855. * debian: Added more dependancies
  856. * debian: Added postrm disable of other Qubes packages
  857. * debian: Added all other outstanding triggers contained in rpm_spec
  858. as well as triggers if other packages get installed at a later date
  859. the configurations will run on them
  860. * debian: removed commented out depends
  861. * debian: Added more error reporting to track down any missing
  862. dependancies
  863. * debian: More depends for debian as netvm and some configuration
  864. tweaks.
  865. [ Marek Marczykowski-Górecki ]
  866. * network: do not use ifcfg-rh NM plugin
  867. * network: fix NM uplink config permissions
  868. [ Jason Mehring ]
  869. * debian: Add new notification agent depends; remove other
  870. * debian: Added functionality to move desktop entry config files to
  871. /usr/share/qubes/xdg/autostart to preserve originals
  872. * debian: Wrong variable name was used to create
  873. /usr/share/qubes/xdg/autostart
  874. [ Marek Marczykowski-Górecki ]
  875. * Fix compile flags order (-lX11 moved to the end)
  876. [ Jason Mehring ]
  877. * debian: Updated tinyproxy filter rules
  878. * debian: Don't display systemd info in chroot since systemd show does
  879. not work in chroot
  880. [ Marek Marczykowski-Górecki ]
  881. * network: fix indentation
  882. * Fix disabling nm-applet when NM is disabled
  883. * debian: create tinyproxy as system user
  884. * debian: fix generation of apt sources list file
  885. * debian: add missing python-gi to dependencies
  886. * debian: remove obsolete code from postinst script
  887. * debian: fix service name in postinst script
  888. * Update update-proxy rules for debian security fixes repo
  889. [ HW42 ]
  890. * debian: move not strictly required packages to Recommends-Section.
  891. * debian: remove unneeded acpid dependency
  892. [ Marek Marczykowski-Górecki ]
  893. * network: set uplink configuration based on MAC (NetworkManager)
  894. * network: fix NM config preparation
  895. [ Jason Mehring ]
  896. * fc21: iptables configurations conflict with fc21 yum package manager
  897. * fc21: Remove left-over code comment
  898. [ Marek Marczykowski-Górecki ]
  899. * fedora: Add security-testing repo definition
  900. * filecopy: prevent files/dirs movement outside incoming directory
  901. during transfer
  902. * fedora: Fix iptables config install script
  903. * fedora: Fix iptables config installation one more time
  904. [ HW42 ]
  905. * don't ignore asprintf() return value
  906. [ Marek Marczykowski-Górecki ]
  907. * network: support for not setting DNS and/or default gateway
  908. [ Olivier MEDOC ]
  909. * archlinux: fix new packaging requirements related to sbin, lib64,
  910. run ...
  911. * archlinux: align with fedora changes related to imsettings
  912. [ Marek Marczykowski-Górecki ]
  913. * fedora: reduce code duplication in systemd triggers
  914. * fedora: reload systemd only once
  915. * systemd: allow to start cron daemon (#909)
  916. * filecopy: fallback to "open(..., 000)" method when /proc
  917. inaccessible
  918. * network: support for not setting DNS and/or default gateway (v2)
  919. * rpm: add missing R: pygobject3-base
  920. [ HW42 ]
  921. * debian: fix for QSB #014 requires up to date qubes-utils
  922. * debian: postinst: use systemctl mask
  923. * debian: postinst: use dpkg-divert
  924. * debian: don't generate regular conf files in postinst
  925. * debian: postinst: don't remove /etc/udev/rules.d/*
  926. * debian: postinst: don't create /rw - it is already part of the
  927. package
  928. * debian: postinst: use systemctl to set default target
  929. * debian: postinst: remove fedora specific code
  930. * debian: postinst: enable netfilter-persistent service
  931. * debian: postinst: cleanup
  932. * debian: postinst: don't start systemd services
  933. * debian: postinst: enable haveged only if installed
  934. * debian: postinst: remove redundant and misleading trigger output
  935. * debian: install fstab as normal config file
  936. * debian: preinst: remove modification of /etc/modules
  937. * remove 'bashisms' or explicit use bash
  938. * debian: preinst: don't force the default shell to bash
  939. * debian: prerm: remove obsolete code
  940. * debian: preinst: cleanup user creation
  941. [ Wojtek Porczyk ]
  942. * spec: require linux-utils-3.0.1
  943. [ Matt McCutchen ]
  944. * Switch to preset file for systemd units to disable.
  945. * Make qvm-run bidirectional and document its limitations.
  946. [ Marek Marczykowski-Górecki ]
  947. * debian: change systemctl set-default back to manual symlink
  948. * network: fix handling newline in firewall rules
  949. * qrexec: use sockets instead of pipes to communicate with child
  950. process
  951. * qrexec: reorganise code for upcoming change
  952. * qrexec: add simple "fork server" to spawn new processes inside user
  953. session
  954. * Adjust permissions of /var/run/qubes
  955. [ Jason Mehring ]
  956. * debian: Remove 'exit 0' in maintainer section scripts to all other
  957. debhelpers (if any) to also execute
  958. * Add a qubes group and then add the user 'user' to the group
  959. * Remove 'xen.evtchn' udev rule
  960. * Set permissions to /proc/xen/privcmd, so a user in qubes group can
  961. access
  962. * debian: Converted debian package to a quilt package to allow patches
  963. * debian: Refactor Debian quilt packaging for xen
  964. * debian: Remove 'exit 0' in maintainer section scripts to all other
  965. debhelpers (if any) to also execute
  966. * Add a qubes group and then add the user 'user' to the group
  967. * Remove 'xen.evtchn' udev rule
  968. * Set permissions to /proc/xen/privcmd, so a user in qubes group can
  969. access
  970. * debian: Converted debian package to a quilt package to allow patches
  971. * debian: Revert depends back to use libxen-dev
  972. * debian: Move creation of directories into debian.dirs configuration
  973. file
  974. * debian: Remove dist target from Makefile as copy-in is now being
  975. used
  976. * debian: Remove unneeded patch file and README
  977. * Make sure when user is added to qubes group that the group is
  978. appended
  979. [ Marek Marczykowski-Górecki ]
  980. * qrexec: fix compile warning
  981. * debian: reenable -Werror, mentioned warning already fixed
  982. * debian: exclude binary packages from source archive
  983. * updates-proxy: allow xz compressed metadata (fc21)
  984. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 17 Feb 2015 14:14:16 +0100
  985. qubes-core-agent (3.0.0-1) jessie; urgency=medium
  986. [ Marek Marczykowski-Górecki ]
  987. * Improve handling of .desktop files
  988. * suspend: do not disable network frontend devices
  989. * Handle tabs in /etc/hosts
  990. [ Marek Marczykowski ]
  991. * Update for new vchan API
  992. * spec: add dependencies on vchan package (both R: and BR:)
  993. * load xen-gntalloc module required by libxenvchan
  994. * spec: get backend_vmm from env variable
  995. * rpm: fix typo
  996. * Use Qubes DB instead of Xenstore
  997. * systemd: fix qubes-service handling
  998. * dispvm: restart qubesdb at DispVM start
  999. [ Marek Marczykowski-Górecki ]
  1000. * qrexec: remove dom0 targets from makefile
  1001. * code style: replace tabs with spaces
  1002. * qrexec: new protocol - direct data vchan connections
  1003. * Use xenstore.h instead of xs.h
  1004. * qrexec: register exec function
  1005. * Update repos and keys for Qubes R3
  1006. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 22 Nov 2014 16:24:17 +0100
  1007. qubes-core-agent (2.1.42) jessie; urgency=medium
  1008. * firewall: show error message only on actual error
  1009. * Avoid 100MB reserved space in private ext4 partition
  1010. * gui-fatal: do not run as root
  1011. * fedora: workaround slow system shutdown (#852)
  1012. * Rename qubes-yum-proxy service to qubes-updates-proxy
  1013. * Rename yum-proxy-setup service to updates-proxy-setup
  1014. * updates-proxy: add rules for debian repositories (#887)
  1015. * qrexec: check for setuid() error when calling zenity/kdialog
  1016. * Use systemd mechanism for loading kernel modules (when available)
  1017. * Add missing u2mfn module load
  1018. * archlinux: modules-load.d handled now in generic files
  1019. * debian: migrate to native systemd services
  1020. * updates-proxy-setup: support setting proxy for apt (#887)
  1021. * Introduce qubes.SetDateTime service for time synchronization
  1022. * systemd: fix 'service' path
  1023. * Include /rw in the package
  1024. * debian: custom dh_auto_clean no longer needed
  1025. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 25 Oct 2014 01:49:58 +0200
  1026. qubes-core-agent (2.1.41) jessie; urgency=medium
  1027. [ Marek Marczykowski-Górecki ]
  1028. * dispvm: slow down "spinlock" while waiting for save/restore
  1029. [ Olivier MEDOC ]
  1030. * archlinux: add notification daemon
  1031. * archlinux: follow fedora20 qubes agent improvement
  1032. * archlinux: follow fedora20 qubes agent improvement
  1033. * archlinux: enable/disable services when corresponding packages got
  1034. installed
  1035. [ Marek Marczykowski-Górecki ]
  1036. * network: use the same gateway IP generation method as backend
  1037. * Revert "network: use the same gateway IP generation method as
  1038. backend"
  1039. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 15 Aug 2014 17:45:15 +0200
  1040. qubes-core-agent (2.1.40) jessie; urgency=medium
  1041. [ Marek Marczykowski-Górecki ]
  1042. * Fix compiler warnings.
  1043. * Enable compiler optimization.
  1044. * rpm: do not disable abrt-applet autostart
  1045. * systemd: relax qubes-sysinit dependencies
  1046. * systemd: reexec systemd to ensure right version is running
  1047. * rpm: fix notification-daemon setup
  1048. * archlinux: do not fail mount /usr/lib/modules if already mounted
  1049. * version 2.1.34
  1050. * suspend: fix dbus-send invocation
  1051. * qubes-rpc: log service stderr to syslog instead of sending to dom0
  1052. (#842)
  1053. * version 2.1.35
  1054. [ Wojciech Zygmunt Porczyk ]
  1055. * misc: do not display file preview by default (#813)
  1056. [ Vincent Penquerc'h ]
  1057. * vm-file-editor: remove temporary file on exit
  1058. [ Marek Marczykowski-Górecki ]
  1059. * rpm: remove /lib/firmware/updates link
  1060. * Hide nm-applet icon earlier (#857)
  1061. * Configure only installed programs
  1062. * network: setup NM connection when its active in the ProxyVM
  1063. * version 2.1.36
  1064. * Add --dispvm to qvm-run documentation
  1065. * Fix formating
  1066. * Do not start nm-applet at all when no NetworkManager running (#857)
  1067. * version 2.1.37
  1068. * rpm: require generic "desktop-notification-daemon" not a specific
  1069. one
  1070. * rpm: enable haveged service by default (#673)
  1071. * Do not start nm-applet at all when no NetworkManager running -
  1072. update (#857)
  1073. * rpm: enable/disable services when corresponding packages got
  1074. installed
  1075. * dispvm: close all windows after apps prerun (#872)
  1076. * version 2.1.38
  1077. * systemd: do not reexec when not necessary
  1078. * version 2.1.39
  1079. * rpm: mark config files with %config(noreplace)
  1080. [ Davíð Steinn Geirsson ]
  1081. * Split install target into install-common and install-rh, and add all
  1082. target
  1083. * Fix make clean target
  1084. * Check for xenstore-read in /usr/sbin as well (default on debian)
  1085. * Use xenstore.h instead of xs.h when xen >= 4.2
  1086. * Explicitly specify /bin/bash for Makefile SHELL, since it's
  1087. required.
  1088. * Initial debian packaging
  1089. [ Marek Marczykowski-Górecki ]
  1090. * debian: update deps
  1091. * qrexec: fix loop bounds
  1092. * gitignore
  1093. * Fix bashism
  1094. * gitignore: fix binary packages declaration
  1095. * debian: add updates repo definition and key
  1096. * debian: fix qfile-unpacker perms
  1097. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 28 Jul 2014 02:38:59 +0200
  1098. qubes-core-agent (2.1.33) jessie; urgency=low
  1099. * Initial Release.
  1100. -- Davíð Steinn Geirsson <david@dsg.is> Mon, 21 Apr 2014 01:31:55 +0000