Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
2,060 Commits 1 Branch 0 Tags 34 MiB
Shell 45.2%
Python 29.7%
C 15.4%
Makefile 7.4%
desktop 0.7%
Other 1.6%
57a3c2d67e
Go to file
Marek Marczykowski-Górecki 57a3c2d67e
network: have safe fallback in case of qubes-firewall crash/error 
When qubes-firewall service is started, modify firewall to have "DROP"
policy, so if something goes wrong, no data got leaked.
But keep default action "ACCEPT" in case of legitimate service stop, or
not starting it at all - because one may choose to not use this service
at all.
Achieve this by adding "DROP" rule at the end of QBS-FIREWALL chain and
keep it there while qubes-firewall service is running.

Fixes QubesOS/qubes-issues#3269
2017-11-20 01:56:14 +01:00
archlinux archlinux: restore setup of pam.d/su-l 2017-10-25 15:03:16 +02:00
autostart-dropins Merge branch 'autostart-dropins' 2015-09-02 01:16:19 +02:00
ci tests: add run-tests script, plug it into travis 2017-05-20 13:20:08 +02:00
debian version 4.0.12 2017-10-19 17:28:27 +02:00
doc qrexec: fix reporting exit code in qrexec-client-vm 2017-06-21 11:21:40 +02:00
init Resize root filesystem at VM startup if needed 2017-10-18 21:02:15 +02:00
misc Disable dnf plugins when downloading dom0 updates in sys-firewall 2017-10-28 06:34:51 +03:00
network network: have safe fallback in case of qubes-firewall crash/error 2017-11-20 01:56:14 +01:00
patches.debian Stop anacron from starting in Debian using existing constraint on cron 2017-02-05 23:36:27 +00:00
pkgs archlinux: created build scripts 2013-04-17 01:22:32 +02:00
post-install.d Announce if qubes-firewall service is supported+enabled in this template 2017-07-16 11:09:14 +02:00
qrexec archlinux: ship pam.d/qrexec as a replacement of using su 2017-10-23 08:09:34 +02:00
qubes-rpc Merge branch 'fixes-20171019' 2017-10-19 16:51:12 +02:00
qubesagent network: have safe fallback in case of qubes-firewall crash/error 2017-11-20 01:56:14 +01:00
rpm_spec Resize root filesystem at VM startup if needed 2017-10-18 21:02:15 +02:00
test-packages tests: add run-tests script, plug it into travis 2017-05-20 13:20:08 +02:00
vm-init.d Resize root filesystem at VM startup if needed 2017-10-18 21:02:15 +02:00
vm-systemd Fix starting time synchronization service 2017-11-03 03:12:55 +01:00
.coveragerc tests: add run-tests script, plug it into travis 2017-05-20 13:20:08 +02:00
.gitignore tests: add run-tests script, plug it into travis 2017-05-20 13:20:08 +02:00
.travis.yml travis: add shellcheck call for all scripts in the repository 2017-09-30 05:05:34 +02:00
debian-quilt debian: fix shellcheck warnings in debian packaging 2017-09-30 05:05:33 +02:00
LICENSE Added LICENSE 2010-04-05 21:21:27 +02:00
Makefile Allow build for Xenial in 4.0 2017-11-14 01:35:36 +00:00
Makefile.builder Merge remote-tracking branch 'qubesos/pr/71' 2017-11-14 15:07:41 +01:00
run-tests tests: add run-tests script, plug it into travis 2017-05-20 13:20:08 +02:00
series-debian-vm.conf Stop anacron from starting in Debian using existing constraint on cron 2017-02-05 23:36:27 +00:00
setup.py network: rewrite qubes-firewall daemon 2016-09-12 05:22:53 +02:00
version version 4.0.12 2017-10-19 17:28:27 +02:00