changelog 36 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978
  1. qubes-core-agent (3.1.14-1) wheezy; urgency=medium
  2. * network: use `qubes-primary-dns` QubesDB entry if present
  3. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 07 Mar 2016 13:47:01 +0100
  4. qubes-core-agent (3.1.13-1) wheezy; urgency=medium
  5. [ Marek Marczykowski-Górecki ]
  6. * sysinit: Accept also old xenbus kernel interface
  7. [ adrianx64 ]
  8. * Proposed solution for issue #1657
  9. [ Marek Marczykowski-Górecki ]
  10. * Move opening file viewer/editor into separate shell script
  11. * qubes-open: switch from mimeopen to xdg-open
  12. [ Olivier MEDOC ]
  13. * update qubes.InstallUpdateGUI to support archlinux
  14. * archlinux: add gcc and make as make dependencies
  15. * implement update proxy support for archlinux
  16. * archlinux: add Qubes Markers in pacman.conf so that changes done by
  17. qubes scripts are not inserted at the end of pacman.conf
  18. * archlinux: properly add qubes markers in pacman.conf
  19. * update-proxy: use curl instead of wget in archlinux in order to
  20. limit additional dependencies
  21. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 08 Feb 2016 05:07:39 +0100
  22. qubes-core-agent (3.1.12-1) wheezy; urgency=medium
  23. * Unload USB controllers drivers in USB VM before going to sleep
  24. * Do not try to signal NetworkManager before suspend if it isn't
  25. running
  26. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 11 Jan 2016 21:59:34 +0100
  27. qubes-core-agent (3.1.11-1) wheezy; urgency=medium
  28. [ Marek Marczykowski-Górecki ]
  29. * dom0-updates: add a message explaining yum deprecated warning
  30. [ noname ]
  31. * archlinux: Added python{2,3} as dependency. Solved python22 bug.
  32. [ Marek Marczykowski-Górecki ]
  33. * Fix time sync service
  34. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 07 Jan 2016 05:52:35 +0100
  35. qubes-core-agent (3.1.10-1) wheezy; urgency=medium
  36. * network: use more strict policy about incoming traffic
  37. * debian: add missing python-gtk2 dependency
  38. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 31 Dec 2015 02:58:29 +0100
  39. qubes-core-agent (3.1.9-1) wheezy; urgency=medium
  40. * dnf: drop shebang, it isn't standalone script
  41. * Package DNF plugin for both python2 and python3
  42. * dom0-updates: fix reporting when no updates are available
  43. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 26 Dec 2015 14:24:00 +0100
  44. qubes-core-agent (3.1.8-1) wheezy; urgency=medium
  45. [ Marek Marczykowski-Górecki ]
  46. * open-in-vm: Fix path to mimeinfo database
  47. [ Olivier MEDOC ]
  48. * archlinux: fix invalid systemd path in make install directive
  49. * archlinux: remove quotes when checking system locales (in case it
  50. has been user defined)
  51. [ MB ]
  52. * [network-proxy-setup] Permit !CONFIG_MODuLES
  53. [ Rusty Bird ]
  54. * repo description: updates-testing -> security-testing
  55. [ Marek Marczykowski-Górecki ]
  56. * debian: add security-testing repository
  57. [ Olivier MEDOC ]
  58. * archlinux: ensure systemctl reset preset correctly (need to be
  59. started twice)
  60. [ Marek Marczykowski-Górecki ]
  61. * updates-proxy: restart on network configuration change to reload DNS
  62. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 20 Dec 2015 03:12:39 +0100
  63. qubes-core-agent (3.1.7-1) wheezy; urgency=medium
  64. * updates-proxy: explicitly block connection looping back to the proxy
  65. IP
  66. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 04 Dec 2015 15:32:14 +0100
  67. qubes-core-agent (3.1.6-1) wheezy; urgency=medium
  68. * Revert "network: use drop-ins for NetworkManager configuration
  69. (#1176)"
  70. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 29 Nov 2015 00:34:34 +0100
  71. qubes-core-agent (3.1.5-1) wheezy; urgency=medium
  72. [ Patrick Schleizer ]
  73. * clean up /etc/tinyproxy/filter-updates
  74. [ Olivier MEDOC ]
  75. * updates-proxy: remove remaining traces of proxy filtering file from
  76. Makefile
  77. * rpm_spec: declare InstallUpdateGUI qrexec_service
  78. * archlinux: enforce minimum versionning of qubes-utils
  79. [ Patrick Schleizer ]
  80. * Prevent services from being accidentally restarted by `needrestart`.
  81. * Have qubes-sysinit create /var/run/qubes VM type files.
  82. [ Marek Marczykowski-Górecki ]
  83. * Package needrestart config only for Debian
  84. * debian: reformat Build-Depends:
  85. * debian: update build-depends for split qubes-utils package
  86. * backup: Use 'type' instead of 'which' to prevent unnecessary
  87. dependency
  88. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 28 Nov 2015 14:48:33 +0100
  89. qubes-core-agent (3.1.4-1) wheezy; urgency=medium
  90. [ Marek Marczykowski-Górecki ]
  91. * Minor improvements to packaging (based on rpmlint)
  92. [ Patrick Schleizer ]
  93. * removed confusing comments
  94. * minor indent
  95. * No longer start /etc/init.d/tinyproxy by default anymore.
  96. [ Marek Marczykowski-Górecki ]
  97. * Revert "preset disable tinyproxy by default"
  98. [ Patrick Schleizer ]
  99. * minor, removed trailing space
  100. * Improved upgrade notifications sent to QVMM.
  101. * fixed inverted logic issue in upgrades-installed-check
  102. * misc/upgrades-installed-check: handle apt-get errors
  103. [ Marek Marczykowski-Górecki ]
  104. * Explicitly fail upgrades-installed-check on other distributions
  105. [ qubesuser ]
  106. * Allow to provide customized DispVM home directly in the template VM
  107. [ Marek Marczykowski-Górecki ]
  108. * network: let NetworkManager configure VM uplink, if enabled
  109. * Use improved update-notify script also in Fedora
  110. * Implement qubes.InstallUpdatesGUI qrexec service
  111. * Really fix update-proxy rules for debian security fixes repo
  112. * updates-proxy: disable filtering at all
  113. * network: disable proxy_arp
  114. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 15 Nov 2015 04:29:29 +0100
  115. qubes-core-agent (3.1.3-1) wheezy; urgency=medium
  116. [ Marek Marczykowski-Górecki ]
  117. * network: forward TCP DNS queries
  118. [ Patrick Schleizer ]
  119. * removed trailing spaces
  120. * Renamed qubes-mount-home to qubes-mount-dirs.
  121. [ Marek Marczykowski-Górecki ]
  122. * qrexec: implement buffered write to a child stdin
  123. [ Olivier MEDOC ]
  124. * archlinux: update packaging and install script to use systemd
  125. DROPINs
  126. * archlinux: force running scripts with python2 even when /usr/bin/env
  127. is used
  128. * archlinux: readd notification-daemon as a dependency
  129. * archlinux: readd lines removed by error during merge
  130. [ Patrick Schleizer ]
  131. * disable leaking TCP timestamps by default
  132. [ Marek Marczykowski-Górecki ]
  133. * rpm: add /etc/sysctl.d/20_tcp_timestamps.conf
  134. * rpm: remove duplicated entry
  135. [ Patrick Schleizer ]
  136. * cleanup /etc/apt/apt.conf.d/00notiy-hook on existing systems
  137. [ erihe251 ]
  138. * Small language fixes
  139. * Update qubes.sudoers
  140. [ Marek Marczykowski-Górecki ]
  141. * Require new enough qubes-utils package for updated libqrexec-utils
  142. * debian: install locales-all instead of custom locales generation
  143. * makefile: cleanup help message
  144. * Setup updates proxy in dnf and PackageKit
  145. * backup: fix handling backup filename with spaces
  146. * backup: improve exit code reporting
  147. [ Rusty Bird ]
  148. * qfile-unpacker: Avoid data loss by checking for child errors
  149. [ Marek Marczykowski-Górecki ]
  150. * appmenus: ignore entries with NoDisplay=true
  151. * qfile-agent: move data handling code to libqubes-rpc-filecopy
  152. [ yaqu ]
  153. * Replacing "sleep 365d" with "sleep inf"
  154. [ Marek Marczykowski-Górecki ]
  155. * No longer disable auditd
  156. * dom0-updates: prefer yum-deprecated over dnf
  157. * fedora: Add skip_if_unavailable=False to Qubes repositories
  158. [ Olivier MEDOC ]
  159. * add DROPINS for org.cups.cupsd systemd files.
  160. * dropins: make current systemd dropins specific to systemd-system in
  161. order to introduce dropins for systemd-user
  162. * dropins: implement dropins for systemd user starting with pulseaudio
  163. systemd service and socket masking
  164. [ Marek Marczykowski-Górecki ]
  165. * qrexec: add some comments, minor improvement in readability
  166. * qrexec: use #define for protocol-specified strings
  167. * dracut: disable hostonly mode
  168. * dom0-updates: use yum-deprecated instead of dnf in all calls
  169. * updates-proxy-setup: use temporary file for config snippet
  170. * Implement dnf hooks for post-update actions
  171. * fedora: do not require/use yum-plugin-post-transaction-actions in
  172. F>=22
  173. * Get rid of qubes-core-vm-kernel-placeholder
  174. * systemd: make sure that update check is started only after qrexec-
  175. agent
  176. * dom0-updates: do not use 'yum check-update -q'
  177. * Bump qubes-utils version requirement
  178. [ Patrick Schleizer ]
  179. * preset disable tinyproxy by default
  180. [ Marek Marczykowski-Górecki ]
  181. * updates-proxy: use separate directory for PID file
  182. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 11 Nov 2015 06:29:21 +0100
  183. qubes-core-agent (3.1.2-1) wheezy; urgency=medium
  184. [ Marek Marczykowski-Górecki ]
  185. * Enlarge /tmp and /dev/shm
  186. * network: use own iptables service instead of repurposing existing
  187. one
  188. [ Patrick Schleizer ]
  189. * removed iptables-persistent from Depends to improve usablity (avoid
  190. redundant debconf question)
  191. [ Marek Marczykowski-Górecki ]
  192. * debian: disable netfilter-persistent.service
  193. * Adjust progress message on file move operation
  194. * Run 'ldconfig' to update /usr/local/lib* cache, if applicable
  195. * updates-proxy: Disable 'Via: tinyproxy' header
  196. * Cleanup R3.0->R3.1 transitional package
  197. * network: use drop-ins for NetworkManager configuration (#1176)
  198. * network: fix 'qubes-uplink-eth0' NetworkManager connection (#1280)
  199. [ Patrick Schleizer ]
  200. * minor
  201. [ HW42 ]
  202. * qubes-random-seed: feed kernel rng with randomness from dom0
  203. * reload qubes-random-seed when restoring DispVM
  204. [ Marek Marczykowski-Górecki ]
  205. * systemd: actually enable qubes-random-seed service
  206. * sysvinit: load random seed from dom0 provided data
  207. * Use 'type' instead of 'which' to prevent unnecessary dependency
  208. * Add missing R: dconf to hide nm-applet when not used
  209. * dom0-updates: Fix showing package list when --check-only option was
  210. used
  211. * dom0-updates: check "yum check-update" exit code, not only its
  212. output
  213. * dom0-updates: fix hostname in error message
  214. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 11 Oct 2015 03:00:00 +0200
  215. qubes-core-agent (3.1.1-1) wheezy; urgency=medium
  216. * Update repository definition for r3.1
  217. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 29 Sep 2015 16:55:35 +0200
  218. qubes-core-agent (3.1.0-1) wheezy; urgency=medium
  219. [ Patrick Schleizer ]
  220. * Allow passwordless login for user "user" (when using 'sudo xl
  221. console').
  222. * Allow passwordless login for user "user" (when using 'sudo xl
  223. console') for images being upgraded.
  224. * show error msg if qubes.ReceiveUpdates failed
  225. [ qubesuser ]
  226. * qubes-rpc: fix broken temporary file deletion in qubes.GetImageRGBA
  227. [ Patrick Schleizer ]
  228. * added missing dependency python-dbus to 'Depends:'
  229. [ Marek Marczykowski-Górecki ]
  230. * rpm: add dbus-python dependency
  231. [ qubesuser ]
  232. * qubes-rpc: fix broken temporary file deletion in qubes.GetImageRGBA
  233. * qubes-rpc: fix icon selection using pyxdg and support SVG icons
  234. [ Patrick Schleizer ]
  235. * fixed 'Debian 8 apt.config.d misconfiguration'
  236. * added missing dependency xserver-xorg-dev
  237. * - Prevent 'su -' from asking for password in Debian [based]
  238. templates. Thanks to @unman and @marmarek for suggesting the fix!
  239. Fixes https://github.com/QubesOS/qubes-issues/issues/1128. - Changed
  240. 'ifeq (1,${DEBIANBUILD})' to 'ifeq ($(shell lsb_release -is),
  241. Debian)' to make the build work outside of Qubes Builder as well.
  242. * Fixed /etc/pam.d/su.qubes. (Moved line 'auth sufficient
  243. pam_permit.so' up. May not be low '@include' lines.)
  244. * fix typo
  245. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 29 Sep 2015 16:39:55 +0200
  246. qubes-core-agent (3.0.16-1) wheezy; urgency=medium
  247. [ Marek Marczykowski-Górecki ]
  248. * debian: remove SELinux disabling code
  249. * Revert "qubes-desktop-run: Activate via DBUS when desktop file
  250. contains DBusActivatable"
  251. * qubes-desktop-run: start the Dbus service (if needed)
  252. [ Patrick Schleizer ]
  253. * added pulseaudio-kde and spice-vdagent to qubes-trigger-desktop-
  254. file-install
  255. [ Jason Mehring ]
  256. * debian: Move python-xdg to depends section in debian/control
  257. * sudoers.d: Stops QT from using the MIT-SHM X11 Shared Memory
  258. Extension
  259. [ Rusty Bird ]
  260. * Mount /dev/xvdb with fs type "auto"
  261. [ Marek Marczykowski-Górecki ]
  262. * Move .desktop launching code to python moules so it can be reused
  263. * Implement dropins for /etc/xdg/autostart (#1151)
  264. * Remove dynamically generated autostart desktop files
  265. * qubes-session-autostart: do not abort the whole process on invalid
  266. file
  267. * qubes-desktop-run: don't crash on Debian wheezy (glib < 2.36)
  268. * debian: fix /dev permissions on upgrade
  269. * systemd: fix starting cups
  270. * debian: depend on gawk
  271. * Fix show-hide-nm-applet.desktop - use OnlyShowIn=X-QUBES
  272. [ Patrick Schleizer ]
  273. * moved python-xdg from Recommends to Depends
  274. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 03 Sep 2015 02:45:30 +0200
  275. qubes-core-agent (3.0.15-1) wheezy; urgency=medium
  276. * debian: remove `Recommends: chrony`
  277. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 08 Aug 2015 23:23:38 +0200
  278. qubes-core-agent (3.0.14-1) wheezy; urgency=medium
  279. [ Marek Marczykowski-Górecki ]
  280. * kernel-placeholder: prevent xl2tpd from pulling kernel packages
  281. * qubes-core-vm-kernel-placeholder 1.0-3
  282. [ Olivier MEDOC ]
  283. * archlinux: update dependency list based on .spec file
  284. * archlinux: reorganize install script to make it more easily
  285. compareable with the .spec file
  286. * archlinux: fix syntax errors in install file
  287. [ Marek Marczykowski-Górecki ]
  288. * debian: fix permissions of /var/lib/qubes/dom0-updates
  289. [ Patrick Schleizer ]
  290. * also inform in cli if no new updates are available
  291. [ Olivier MEDOC ]
  292. * archlinux: pulseaudio should be configured in gui agent and will
  293. break installation of pulseaudio if installed in core-agent-linux
  294. * archlinux: enabled configuration of all core agent dependencies
  295. * archlinux: ensure python2 is used for all scripts and fix
  296. dependencies for qubes-desktop-run
  297. [ Jason Mehring ]
  298. * debian: Renamed incorrect filename: 00notiy-hook -> 00notify-hook
  299. * debian: Comment out deb-src line in qubes-r3.list
  300. * Use 'which' to locate fuser since fuser path is different in Fedora
  301. and Debian
  302. * debian: Change triggers to use `interest-await` (execute triggers
  303. after all packages installed)
  304. * Remove '.service' from systemd enable loop as unit_name already
  305. contains .service in name
  306. * debian: remove cups/print-applet triggers
  307. * debian: Added cups, system-config-printer to Recommends
  308. * Makefile: Add systemd drop-in support which include conditionals to
  309. prevent services from starting
  310. * fedora: Add systemd drop-in support which include conditionals to
  311. prevent services from starting
  312. * debian: Add systemd drop-in support which include conditionals to
  313. prevent services from starting
  314. * Re-aranged qubes-vm.preset to indicate which services are specificly
  315. for Fedora only
  316. * vm-systemd: Add systemd drop-in support which include conditionals
  317. to prevent services from starting
  318. [ Marek Marczykowski-Górecki ]
  319. * archlinux: remove installOverridenServices as now handled by systemd
  320. dropins
  321. * fedora: do not own dropins directories
  322. * fedora: simulate preset-all only on first install, not upgrade
  323. * fedora: fix default locale generation
  324. * qrexec: fix exit code from qrexec-client-vm
  325. * qrexec: make sure that all the pipes/sockets are closed on cleanup
  326. [ Jason Mehring ]
  327. * qubes-desktop-file-install: Manages xdg desktop entry files
  328. * debian: Reformat depends in control for better readability
  329. * debian: qubes-desktop-file-install: Add misssing depend to contol
  330. * debian: Switch to using org.mate.NotificationDaemon by default to
  331. eliminate popups not closing
  332. * fedora: Use 'slider' org.mate.NotificationDaemon theme
  333. * qubes-desktop-run: Activate via DBUS when desktop file contains
  334. DBusActivatable
  335. [ Marek Marczykowski-Górecki ]
  336. * Move `/usr/share/qubes/xdg` to `/var/lib/qubes/xdg`
  337. [ Patrick Schleizer ]
  338. * fixed "in place upgrade issue - base-passwd debconf interative
  339. question asks 'Remove group "qubes"'"
  340. * fixed "in place upgrade issue - base-passwd debconf interative
  341. questi…on asks 'Remove group "qubes"'" for existing users
  342. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 08 Aug 2015 04:16:52 +0200
  343. qubes-core-agent (3.0.13-1) wheezy; urgency=medium
  344. * fedora: ensure that /etc/sysconfig/iptables exists (Fedora 20)
  345. * fedora/systemd: fix service enabling code
  346. * network: use iptables-restore instead of iptables --wait
  347. * network: guard iptables call with manual lock
  348. * network: disable tx csum offload on vif interfaces
  349. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 01 Jul 2015 07:05:53 +0200
  350. qubes-core-agent (3.0.12-1) wheezy; urgency=medium
  351. * dom0-updates: make the tool working on Debian
  352. * fedora, debian: make sure that default locale is generated
  353. * rpm: improve setting iptables rules
  354. * Do not override file pointed by /etc/localtime symlink
  355. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 23 Jun 2015 20:06:22 +0200
  356. qubes-core-agent (3.0.11-1) wheezy; urgency=medium
  357. [ Marek Marczykowski-Górecki ]
  358. * debian: fix apt sources.list generation (missing debian version
  359. field)
  360. [ Jason Mehring ]
  361. * Set a default locale if missing
  362. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 11 Jun 2015 04:06:26 +0200
  363. qubes-core-agent (3.0.10-1) wheezy; urgency=medium
  364. * rpm: ensure that all the services are enabled after upgrade
  365. * qrexec: do not show message about missing fork-sever - it isn't an
  366. error
  367. * rpm: add missing dependencies
  368. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 02 Jun 2015 11:20:18 +0200
  369. qubes-core-agent (3.0.9-1) wheezy; urgency=medium
  370. [ Jason Mehring ]
  371. * debian: Only notify dom0 on apt-get post hook; don't update package
  372. index
  373. * debian: Allow apt-get post hook to fail gracefully (won't work in
  374. chroot)
  375. [ Marek Marczykowski-Górecki ]
  376. * appmenus: hide message about missing /usr/local/share/applications
  377. * qrexec: prefer VM-local service file (if present) over default one
  378. * rpm: mark service files as configuration to not override user
  379. changes
  380. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 15 May 2015 03:27:58 +0200
  381. qubes-core-agent (3.0.8-1) wheezy; urgency=medium
  382. [ Marek Marczykowski-Górecki ]
  383. * Use iptables --wait only when it is supported
  384. [ Jason Mehring ]
  385. * debian: Update notification now notifies dom0 when an upgrade is
  386. completed
  387. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 28 Apr 2015 12:51:48 +0200
  388. qubes-core-agent (3.0.7-1) wheezy; urgency=medium
  389. [ Marek Marczykowski-Górecki ]
  390. * debian: install qubes-download-dom0-updates.sh
  391. * prepare-dvm: fix bashism
  392. * network: wait for iptables lock instead of aborting
  393. * rpm: cleanup R2->R3.0 transitional package
  394. [ Jason Mehring ]
  395. * whonix: Added protected-files file used to prevent scripts from
  396. modifying files that need to be protected
  397. * Changed location of PROTECTED_FILE_LIST to /etc/qubes/protected-
  398. files.d
  399. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 25 Apr 2015 02:36:55 +0200
  400. qubes-core-agent (3.0.6-1) wheezy; urgency=medium
  401. * qrexec: do not reset umask to 077 for every started process
  402. * rpm/systemd: do not use preset-all during package upgrade
  403. * systemd: disable avahi-daemon and dnf-makecache
  404. * dispvm: do not start GUI apps during prerun
  405. * Fix resizing of /rw partition (private.img)
  406. * Minor fixes in mount-home.sh
  407. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 11 Apr 2015 03:40:57 +0200
  408. qubes-core-agent (3.0.5-1) wheezy; urgency=medium
  409. * systemd: use presets to enable services, call preset-all
  410. * systemd: install overridden unit file for chronyd
  411. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 07 Apr 2015 14:58:36 +0200
  412. qubes-core-agent (3.0.4-1) wheezy; urgency=medium
  413. [ Marek Marczykowski-Górecki ]
  414. * qrexec: try to recover from fork-server communication error
  415. * rpm: add missing BuildRequires: libX11-devel
  416. * debian: fix handling SysV units in disableSystemdUnits
  417. * debian: update NetworkManager configuration
  418. [ Wojtek Porczyk ]
  419. * qubes-rpc-multiplexer: deprecate /etc/qubes_rpc, allow /usr/local
  420. * sudoers: do not require TTY
  421. [ Marek Marczykowski-Górecki ]
  422. * Update repository definition: r3 -> r3.0
  423. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 02 Apr 2015 00:55:09 +0200
  424. qubes-core-agent (3.0.3-1) wheezy; urgency=medium
  425. * Enable updates repos by default
  426. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 27 Mar 2015 01:24:43 +0100
  427. qubes-core-agent (3.0.2-1) wheezy; urgency=medium
  428. [ Marek Marczykowski-Górecki ]
  429. * debian: fix version number
  430. * backup: fix qubes.Restore service - do not send garbage as backup
  431. data
  432. [ Jason Mehring ]
  433. * debian: Add extend-diff-ignore options to debian packager
  434. [ Marek Marczykowski-Górecki ]
  435. * qrexec: fork into background after setting up qrexec-fork-server
  436. socket
  437. * Fix "backup: fix qubes.Restore service - do not send garbage as
  438. backup data"
  439. [ Jason Mehring ]
  440. * Switched qvm-move-to-vm.{gnome,kde} scripts to use bash not sh
  441. * Removed nautilus-actions depend and replaced with nautilus-python
  442. * Removed code that deleted original nautilus actions
  443. [ Marek Marczykowski-Górecki ]
  444. * fc21: fix DispVM preparation - Xorg has new name
  445. * dispvm: kill all process after populating caches
  446. * dispvm: start gui agent early, do not kill Xorg
  447. * dispvm: close only visible windows during DispVM preparation
  448. * Move mounting /rw and /home to separate service
  449. * dispvm: use qubes.WaitForSession to wait for gui-agent startup
  450. * dispvm: include memory caches in "used memory" notification
  451. * dispvm: do not restart qubesdb-daemon, use watch instead
  452. * qrexec: simplify makefile
  453. * qrexec: handle data vchan directly from qrexec-client-vm
  454. * qrexec: return remote process status as qrexec-client-vm exit code
  455. * qrexec: better handle remote process termination
  456. * qrexec: do not break connection on duplicated SIGUSR1
  457. * qrexec: minor readability fix
  458. * qrexec: process vchan data queue (esp MSG_EXIT_CODE) before sending
  459. anything
  460. * qrexec: add option to use real stdin/out of qrexec-client-vm
  461. * qrexec: do not leak FDs to logger process
  462. * qrexec: execute RPC service directly (without a shell) if it has
  463. executable bit set
  464. * qrexec: get rid of shell in services using EOF for any signaling
  465. * qrexec: move qrexec-client-vm to /usr/bin
  466. * Add support for comments in qubes-suspend-module-blacklist
  467. * Create filesystem if the private.img is empty
  468. * Provide stub files in /rw/config
  469. * qrexec: fix compile warning
  470. * qrexec: do not wait for local process if no one exists
  471. * qrexec: enable compiler optimization
  472. * Do not load xen-usbfront automatically
  473. * fedora: override iptables configuration on initial installation
  474. * Update comments and xenbus intf in startup scripts regarding vchan
  475. requirements
  476. * dom0-update: allow to specify custom yum action
  477. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 26 Mar 2015 23:56:25 +0100
  478. qubes-core-agent (3.0.1-1) jessie; urgency=medium
  479. [ Marek Marczykowski-Górecki ]
  480. * Reenable imsettings service
  481. * systemd: fix xenstore-ls path
  482. [ Jason Mehring ]
  483. * Allow hyphenated distro names in tinyproxy filter
  484. * Change condition test to compare to a link "-L"
  485. * debian: add xen-utils-common as a dependancy to allow Debian proxies
  486. * debian: Added maintainers scripts (pre / postinit + rm) - Currently
  487. in debug mode
  488. * debian: preinst needs a group and force no password entry on adduser
  489. * debian: Added less restrictive filter option for debian packages
  490. Sites like sourceforge append ?downloadxxx to end
  491. * debian: added new depends
  492. * debian: force shell to be bash since its default is dash and many
  493. qubes scripts rely on bash and will break in dash and added
  494. tinyproxy user
  495. [ HW42 ]
  496. * move fedora specific stuff to install-rh target
  497. * don't track debina/files (since it is autogenerated)
  498. * use systemd in debian
  499. * install iptables/forwarding for debian
  500. * various patches for debian
  501. * improve update of /etc/hosts
  502. * make source.list multiarch compatible
  503. * add xserver-xorg-video-dummy to the dependencies list of qubes-core-
  504. agent
  505. * dispvm-presun.sh needs bash
  506. * use sleep instead os usleep since it is more portable
  507. * debian: chown /home_volatile/user in posinst
  508. * fix xenstore-read path in network-proxy-setup.sh for debian
  509. * debian: add dependency on xen-utils since it's needed for
  510. proxy/netvm
  511. * debian: add support for qubes appmenus
  512. [ Marek Marczykowski-Górecki ]
  513. * debian: fix initialization of /etc/hosts
  514. [ Jason Mehring ]
  515. * debian: set -e added in place of set -x
  516. * debian: Made debian proxy filter rules more restrictive
  517. * debian: Cleanup
  518. * debian: Prepend package name to maintainers scripts
  519. * debian: Add qubes-update-check for Debian
  520. * debian: Revert back to original NetworkManager, ModemManager service
  521. names
  522. * debian: apt-get needs to update first
  523. * debian: Remove absolute path to xenstore-*
  524. * debian: Added more dependancies
  525. * debian: Added postrm disable of other Qubes packages
  526. * debian: Added all other outstanding triggers contained in rpm_spec
  527. as well as triggers if other packages get installed at a later date
  528. the configurations will run on them
  529. * debian: removed commented out depends
  530. * debian: Added more error reporting to track down any missing
  531. dependancies
  532. * debian: More depends for debian as netvm and some configuration
  533. tweaks.
  534. [ Marek Marczykowski-Górecki ]
  535. * network: do not use ifcfg-rh NM plugin
  536. * network: fix NM uplink config permissions
  537. [ Jason Mehring ]
  538. * debian: Add new notification agent depends; remove other
  539. * debian: Added functionality to move desktop entry config files to
  540. /usr/share/qubes/xdg/autostart to preserve originals
  541. * debian: Wrong variable name was used to create
  542. /usr/share/qubes/xdg/autostart
  543. [ Marek Marczykowski-Górecki ]
  544. * Fix compile flags order (-lX11 moved to the end)
  545. [ Jason Mehring ]
  546. * debian: Updated tinyproxy filter rules
  547. * debian: Don't display systemd info in chroot since systemd show does
  548. not work in chroot
  549. [ Marek Marczykowski-Górecki ]
  550. * network: fix indentation
  551. * Fix disabling nm-applet when NM is disabled
  552. * debian: create tinyproxy as system user
  553. * debian: fix generation of apt sources list file
  554. * debian: add missing python-gi to dependencies
  555. * debian: remove obsolete code from postinst script
  556. * debian: fix service name in postinst script
  557. * Update update-proxy rules for debian security fixes repo
  558. [ HW42 ]
  559. * debian: move not strictly required packages to Recommends-Section.
  560. * debian: remove unneeded acpid dependency
  561. [ Marek Marczykowski-Górecki ]
  562. * network: set uplink configuration based on MAC (NetworkManager)
  563. * network: fix NM config preparation
  564. [ Jason Mehring ]
  565. * fc21: iptables configurations conflict with fc21 yum package manager
  566. * fc21: Remove left-over code comment
  567. [ Marek Marczykowski-Górecki ]
  568. * fedora: Add security-testing repo definition
  569. * filecopy: prevent files/dirs movement outside incoming directory
  570. during transfer
  571. * fedora: Fix iptables config install script
  572. * fedora: Fix iptables config installation one more time
  573. [ HW42 ]
  574. * don't ignore asprintf() return value
  575. [ Marek Marczykowski-Górecki ]
  576. * network: support for not setting DNS and/or default gateway
  577. [ Olivier MEDOC ]
  578. * archlinux: fix new packaging requirements related to sbin, lib64,
  579. run ...
  580. * archlinux: align with fedora changes related to imsettings
  581. [ Marek Marczykowski-Górecki ]
  582. * fedora: reduce code duplication in systemd triggers
  583. * fedora: reload systemd only once
  584. * systemd: allow to start cron daemon (#909)
  585. * filecopy: fallback to "open(..., 000)" method when /proc
  586. inaccessible
  587. * network: support for not setting DNS and/or default gateway (v2)
  588. * rpm: add missing R: pygobject3-base
  589. [ HW42 ]
  590. * debian: fix for QSB #014 requires up to date qubes-utils
  591. * debian: postinst: use systemctl mask
  592. * debian: postinst: use dpkg-divert
  593. * debian: don't generate regular conf files in postinst
  594. * debian: postinst: don't remove /etc/udev/rules.d/*
  595. * debian: postinst: don't create /rw - it is already part of the
  596. package
  597. * debian: postinst: use systemctl to set default target
  598. * debian: postinst: remove fedora specific code
  599. * debian: postinst: enable netfilter-persistent service
  600. * debian: postinst: cleanup
  601. * debian: postinst: don't start systemd services
  602. * debian: postinst: enable haveged only if installed
  603. * debian: postinst: remove redundant and misleading trigger output
  604. * debian: install fstab as normal config file
  605. * debian: preinst: remove modification of /etc/modules
  606. * remove 'bashisms' or explicit use bash
  607. * debian: preinst: don't force the default shell to bash
  608. * debian: prerm: remove obsolete code
  609. * debian: preinst: cleanup user creation
  610. [ Wojtek Porczyk ]
  611. * spec: require linux-utils-3.0.1
  612. [ Matt McCutchen ]
  613. * Switch to preset file for systemd units to disable.
  614. * Make qvm-run bidirectional and document its limitations.
  615. [ Marek Marczykowski-Górecki ]
  616. * debian: change systemctl set-default back to manual symlink
  617. * network: fix handling newline in firewall rules
  618. * qrexec: use sockets instead of pipes to communicate with child
  619. process
  620. * qrexec: reorganise code for upcoming change
  621. * qrexec: add simple "fork server" to spawn new processes inside user
  622. session
  623. * Adjust permissions of /var/run/qubes
  624. [ Jason Mehring ]
  625. * debian: Remove 'exit 0' in maintainer section scripts to all other
  626. debhelpers (if any) to also execute
  627. * Add a qubes group and then add the user 'user' to the group
  628. * Remove 'xen.evtchn' udev rule
  629. * Set permissions to /proc/xen/privcmd, so a user in qubes group can
  630. access
  631. * debian: Converted debian package to a quilt package to allow patches
  632. * debian: Refactor Debian quilt packaging for xen
  633. * debian: Remove 'exit 0' in maintainer section scripts to all other
  634. debhelpers (if any) to also execute
  635. * Add a qubes group and then add the user 'user' to the group
  636. * Remove 'xen.evtchn' udev rule
  637. * Set permissions to /proc/xen/privcmd, so a user in qubes group can
  638. access
  639. * debian: Converted debian package to a quilt package to allow patches
  640. * debian: Revert depends back to use libxen-dev
  641. * debian: Move creation of directories into debian.dirs configuration
  642. file
  643. * debian: Remove dist target from Makefile as copy-in is now being
  644. used
  645. * debian: Remove unneeded patch file and README
  646. * Make sure when user is added to qubes group that the group is
  647. appended
  648. [ Marek Marczykowski-Górecki ]
  649. * qrexec: fix compile warning
  650. * debian: reenable -Werror, mentioned warning already fixed
  651. * debian: exclude binary packages from source archive
  652. * updates-proxy: allow xz compressed metadata (fc21)
  653. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 17 Feb 2015 14:14:16 +0100
  654. qubes-core-agent (3.0.0-1) jessie; urgency=medium
  655. [ Marek Marczykowski-Górecki ]
  656. * Improve handling of .desktop files
  657. * suspend: do not disable network frontend devices
  658. * Handle tabs in /etc/hosts
  659. [ Marek Marczykowski ]
  660. * Update for new vchan API
  661. * spec: add dependencies on vchan package (both R: and BR:)
  662. * load xen-gntalloc module required by libxenvchan
  663. * spec: get backend_vmm from env variable
  664. * rpm: fix typo
  665. * Use Qubes DB instead of Xenstore
  666. * systemd: fix qubes-service handling
  667. * dispvm: restart qubesdb at DispVM start
  668. [ Marek Marczykowski-Górecki ]
  669. * qrexec: remove dom0 targets from makefile
  670. * code style: replace tabs with spaces
  671. * qrexec: new protocol - direct data vchan connections
  672. * Use xenstore.h instead of xs.h
  673. * qrexec: register exec function
  674. * Update repos and keys for Qubes R3
  675. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 22 Nov 2014 16:24:17 +0100
  676. qubes-core-agent (2.1.42) jessie; urgency=medium
  677. * firewall: show error message only on actual error
  678. * Avoid 100MB reserved space in private ext4 partition
  679. * gui-fatal: do not run as root
  680. * fedora: workaround slow system shutdown (#852)
  681. * Rename qubes-yum-proxy service to qubes-updates-proxy
  682. * Rename yum-proxy-setup service to updates-proxy-setup
  683. * updates-proxy: add rules for debian repositories (#887)
  684. * qrexec: check for setuid() error when calling zenity/kdialog
  685. * Use systemd mechanism for loading kernel modules (when available)
  686. * Add missing u2mfn module load
  687. * archlinux: modules-load.d handled now in generic files
  688. * debian: migrate to native systemd services
  689. * updates-proxy-setup: support setting proxy for apt (#887)
  690. * Introduce qubes.SetDateTime service for time synchronization
  691. * systemd: fix 'service' path
  692. * Include /rw in the package
  693. * debian: custom dh_auto_clean no longer needed
  694. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 25 Oct 2014 01:49:58 +0200
  695. qubes-core-agent (2.1.41) jessie; urgency=medium
  696. [ Marek Marczykowski-Górecki ]
  697. * dispvm: slow down "spinlock" while waiting for save/restore
  698. [ Olivier MEDOC ]
  699. * archlinux: add notification daemon
  700. * archlinux: follow fedora20 qubes agent improvement
  701. * archlinux: follow fedora20 qubes agent improvement
  702. * archlinux: enable/disable services when corresponding packages got
  703. installed
  704. [ Marek Marczykowski-Górecki ]
  705. * network: use the same gateway IP generation method as backend
  706. * Revert "network: use the same gateway IP generation method as
  707. backend"
  708. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 15 Aug 2014 17:45:15 +0200
  709. qubes-core-agent (2.1.40) jessie; urgency=medium
  710. [ Marek Marczykowski-Górecki ]
  711. * Fix compiler warnings.
  712. * Enable compiler optimization.
  713. * rpm: do not disable abrt-applet autostart
  714. * systemd: relax qubes-sysinit dependencies
  715. * systemd: reexec systemd to ensure right version is running
  716. * rpm: fix notification-daemon setup
  717. * archlinux: do not fail mount /usr/lib/modules if already mounted
  718. * version 2.1.34
  719. * suspend: fix dbus-send invocation
  720. * qubes-rpc: log service stderr to syslog instead of sending to dom0
  721. (#842)
  722. * version 2.1.35
  723. [ Wojciech Zygmunt Porczyk ]
  724. * misc: do not display file preview by default (#813)
  725. [ Vincent Penquerc'h ]
  726. * vm-file-editor: remove temporary file on exit
  727. [ Marek Marczykowski-Górecki ]
  728. * rpm: remove /lib/firmware/updates link
  729. * Hide nm-applet icon earlier (#857)
  730. * Configure only installed programs
  731. * network: setup NM connection when its active in the ProxyVM
  732. * version 2.1.36
  733. * Add --dispvm to qvm-run documentation
  734. * Fix formating
  735. * Do not start nm-applet at all when no NetworkManager running (#857)
  736. * version 2.1.37
  737. * rpm: require generic "desktop-notification-daemon" not a specific
  738. one
  739. * rpm: enable haveged service by default (#673)
  740. * Do not start nm-applet at all when no NetworkManager running -
  741. update (#857)
  742. * rpm: enable/disable services when corresponding packages got
  743. installed
  744. * dispvm: close all windows after apps prerun (#872)
  745. * version 2.1.38
  746. * systemd: do not reexec when not necessary
  747. * version 2.1.39
  748. * rpm: mark config files with %config(noreplace)
  749. [ Davíð Steinn Geirsson ]
  750. * Split install target into install-common and install-rh, and add all
  751. target
  752. * Fix make clean target
  753. * Check for xenstore-read in /usr/sbin as well (default on debian)
  754. * Use xenstore.h instead of xs.h when xen >= 4.2
  755. * Explicitly specify /bin/bash for Makefile SHELL, since it's
  756. required.
  757. * Initial debian packaging
  758. [ Marek Marczykowski-Górecki ]
  759. * debian: update deps
  760. * qrexec: fix loop bounds
  761. * gitignore
  762. * Fix bashism
  763. * gitignore: fix binary packages declaration
  764. * debian: add updates repo definition and key
  765. * debian: fix qfile-unpacker perms
  766. -- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 28 Jul 2014 02:38:59 +0200
  767. qubes-core-agent (2.1.33) jessie; urgency=low
  768. * Initial Release.
  769. -- Davíð Steinn Geirsson <david@dsg.is> Mon, 21 Apr 2014 01:31:55 +0000