core-agent-linux/debian/changelog
Marek Marczykowski-Górecki f49e3415a8
version 4.0.29
2018-05-29 00:40:11 +02:00

1890 lines
68 KiB
Plaintext

qubes-core-agent (4.0.29-1) unstable; urgency=medium
* Drop leftovers of qubes-netwatcher service
* qrexec: fix handling remote domain death
* network: use iptables-restore --wait if available
* rpm: add BR: systemd for pre/post install macros
* qubes-rpc: fix code style - indent with spaces
* qvm-open-in-vm: implement --view-only option
* qvm-open-in-vm: mark file as read-only if opened with --view-only
* Add file managers integration for qvm-open-in-dvm --view-only
* Add build-time assert for filename buffer size
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 29 May 2018 00:40:11 +0200
qubes-core-agent (4.0.28-1) wheezy; urgency=medium
[ Peter Gerber ]
* Qubes firewall: correct syntax for icmpv6 rejects
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 10 May 2018 12:21:39 +0200
qubes-core-agent (4.0.27-1) unstable; urgency=medium
[ X4lldux ]
* Move/Copy many files in one step via nautilus extension
[ Marek Marczykowski-Górecki ]
* centos: exclude only dconf user profile, keep dpi config
* travis: add centos7
* Fix packaging: 'user' group, BACKEND_VMM var
* Create /etc/dconf/profile/user dynamically, if not present
* Require dconf utility to (re)build /etc/dconf/db/local
* Fix make clean
* qubes-firewall: reject packets instead of dropping
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 02 May 2018 05:05:33 +0200
qubes-core-agent (4.0.26-1) unstable; urgency=medium
* Change repository URLs to https
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 22 Apr 2018 00:29:02 +0200
qubes-core-agent (4.0.25-1) unstable; urgency=medium
[ Marek Marczykowski-Górecki ]
* debian: don't call dconf if it isn't installed
* qrexec: add qrexec-client-vm --buffer-size option
[ unman ]
* Add missing services in Ubuntu templates.
[ Simon Gaiser ]
* qrexec-fork-server: Always initialize addrlen argument of accept()
[ Marek Marczykowski-Górecki ]
* qrexec: fix arguments handling
* Move 'qubesxdg' into qubesagent python package
* Fix shell calls in Makefile
* Fix waiting for application exit in qubesagent.xdg.launch
* Load only test_* files when looking for tests (python)
* qubes-session-autostart: do not wait for applications exit
* Do not start dkms.service
* network: do not assume IPv6 gateway is a link-local address
* qubes-firewall: handle only traffic originating from VMs
* network: make sure static NM configuration is created before NM
start
[ Davíð Steinn Geirsson ]
* Add misc/qubes-run-terminal to launch any available terminal
emulator
[ Frédéric Pierret ]
* Create .spec.in and Source0
* Remove _builddir
* spec.in: add changelog placeholder
* spec.in: fix %if expressions and remove useless conditions
[ Vladimir Lushnikov ]
* Problem: Unable to use pkg.install with Salt in dom0 when using
UpdateVM that has only yum due to incorrect options passed by Salt
assuming dnf presence
[ Marek Marczykowski-Górecki ]
* Use only /etc/skel to provision user's home directory of new VM
* Update gitignore and make clean target
* qubes-firewall: signal service readiness only after initial scripts
[ Frédéric Pierret ]
* Fix GCC8 warnings
* Add missing python-setuptools dependency
* Use %{python3_pkgversion} instead of duplicating python3 targets
[ Marek Marczykowski-Górecki ]
* travis: update Fedora versions
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 21 Apr 2018 15:10:20 +0200
qubes-core-agent (4.0.24-1) unstable; urgency=medium
[ Marek Marczykowski-Górecki ]
* Drop Fedora < 22 support
* Call qubes.PostInstall service to notify dom0 about all
apps/features
* dom0-updates: refactor for ease adding new actions with old yum
* dom0-update: add some approximation of 'list', 'search' and
'reinstall'
* Drop fakeroot for list/search actions on Debian
[ Rusty Bird ]
* Really enable qubes-sync-time.timer
[ Frédéric Pierret ]
* centos: fix conflict with dconf
[ Marek Marczykowski-Górecki ]
* Speed up initial /rw setup
[ awokd ]
* reinstal -> reinstall
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 27 Feb 2018 15:17:51 +0100
qubes-core-agent (4.0.23-1) unstable; urgency=medium
* qrexec: launch services in login shell
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 22 Feb 2018 12:43:55 +0100
qubes-core-agent (4.0.22-1) unstable; urgency=medium
[ Marek Marczykowski-Górecki ]
* Wait for user session as X session owner
[ Christopher Laprise ]
* Add qubes-firewall.d feature
* Add /etc/qubes path
[ Marek Marczykowski-Górecki ]
* qrexec: use exec_qubes_rpc_if_requested() from qubes-utils
* qrexec: translate keywords in target specification on the client
side
* rpm: adjust dependencies
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 20 Feb 2018 01:04:55 +0100
qubes-core-agent (4.0.21-1) unstable; urgency=medium
[ Marek Marczykowski-Górecki ]
* Fix systemd-timesyncd.service startup
* Do not sync VM time with clockvm if it's set to network time sync
* network: reload DNS only on "up" event from NetworkManager
[ Rusty Bird ]
* bind-dirs.sh: don't fail on empty configuration directory
[ unman ]
* Stop Debian templates from forwarding by default.
[ Marek Marczykowski-Górecki ]
* qubes-firewall: call firewall-user-script at service startup
* tests: check if qubes-firewall-user-script is called
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 13 Feb 2018 04:56:43 +0100
qubes-core-agent (4.0.20-1) unstable; urgency=medium
* Add intel wifi drivers to suspend-module-blacklist
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 29 Jan 2018 21:57:11 +0100
qubes-core-agent (4.0.19-1) unstable; urgency=medium
* Mount root fs with 'discard' option by default
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 24 Jan 2018 01:46:25 +0100
qubes-core-agent (4.0.18-1) unstable; urgency=medium
* Place list of loaded modules in /var/run directly
* Detach all drivers from PCI devices before suspend
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 23 Jan 2018 14:17:05 +0100
qubes-core-agent (4.0.17-1) unstable; urgency=medium
[ Rusty Bird ]
* Set 'wait-for-session=1' for 'qubes.VMShell+WaitForSession'
* qvm-run-vm: appease ShellCheck without comment
* qvm-run-vm: wait for X11 in DispVM case
* Remove stranded block-snapshot script
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 18 Jan 2018 19:30:32 +0100
qubes-core-agent (4.0.16-1) unstable; urgency=medium
* firewall: don't crash the whole qubes-firewall service on DNS fail
* firewall: allow also related traffic
* qrexec: fix infinite loop when multiple services are waiting for GUI
* Fix kdialog --progressbar usage
* Install KDE actions for KDE5
* Enable gnome settings daemon xsettings plugin
* Disable automatic scaling in GNOME/GTK applications
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 12 Jan 2018 06:18:51 +0100
qubes-core-agent (4.0.15-1) unstable; urgency=medium
[ MB ]
* Fall back to direct execution when dbus is not installed or running
[ Marek Marczykowski-Górecki ]
* qrexec: setup process environment when not using fork server
[ Patrick Schleizer ]
* make apt-get apt-transport-tor broken in Qubes non-networked
TemplateVMs
[ Marek Marczykowski-Górecki ]
* qubes.GetImageRGBA: fix handling '-' path without explicit type
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 23 Dec 2017 02:53:43 +0100
qubes-core-agent (4.0.14-1) unstable; urgency=medium
[ Marek Marczykowski-Górecki ]
* Disable cups-browsed service together with cups
[ Olivier Médoc ]
* Makefile: split network install target from core agent install
target
* Makefile: ensure that everything is installed by default for rh
based agents
* archlinux: split core-agent from netvm-agent
[ Olivier MEDOC ]
* Makefile: add basic networking to the new install-corevm target
* Makefile: fix typo created when spliting the install targets
* Makefile: add network install targets to install-deb
* archlinux: create a keyring package to install binary repository
automatically
* archlinux: fix shellcheck issues
* Makefile: remove invalid reference to network dropins install target
* archlinux: fix incorrect keyring being populated
* archlinux: add recently splitted packages as optional dependencies
of qubes-vm-core
* Makefile: install-netvm shouldn't be a dependency of itself.
* archlinux fix .service added twice in networking install script
[ Marek Marczykowski-Górecki ]
* network: configure IPv6 when enabled
* network: IPv6-enabled firewall
* network: drop unsolicited IPv6 neighbor advertisements by default
* Fix IPv6 support in qubes-firewall
* Add hint to use qvm-copy/qvm-move instead of qvm-*-to-vm
[ Frédéric Pierret ]
* Add support for Thunar Qubes VM tools
* Disable Thunar thumbnails
* Add debian package support
* Fix ShellCheck comments
* Fix UCA mistake and qvm-actions script
[ TomZ ]
* Fix language issues and usability issue
[ Rusty Bird ]
* qvm-{copy,move}: fix spurious deprecation message
[ unman ]
* Disable wpa_supplicant@.service
[ Marek Marczykowski-Górecki ]
* debian: use systemd-preset logic from rpm package
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 15 Dec 2017 09:23:22 +0100
qubes-core-agent (4.0.13-1) unstable; urgency=medium
[ Marek Marczykowski-Górecki ]
* Fix starting time synchronization service
[ Nedyalko Andreev ]
* Disable dnf plugins when downloading dom0 updates in sys-firewall
* Update the arch PKGBUILD script for QubesOS 4.0
* Fix the makefile for archlinux - SBINDIR is already /usr/bin
* Restore the binary pacman repo and update it for QubesOS 4.0
* Add the 4.0 repo to the PKGBUILD sources list
[ Olivier MEDOC ]
* archlinux: remove deprecated setup of pam since v4.0.3
* archlinux: remove pam configuration for su and su-l
* archlinux: do not mess with locales in post-install script
* archlinux: ship pam.d/qrexec as a replacement of using su
* archlinux: create user 'user' using bash by default instead of zsh
* Makefile: avoid using python interpreter as a static name
* archlinux: enforce usage of python2 in all scripts
* archlinux: ensure [options] section is present in all pacman drop-
ins
* archlinux: remove python3 dependency
* archlinux: restore setup of pam.d/su-l
[ unman ]
* Allow build for Xenial in 4.0
[ Paul Holcomb ]
* Fix Ubuntu template builds
[ Marek Marczykowski-Górecki ]
* network: have safe fallback in case of qubes-firewall crash/error
* Dumb down meminfo-writer enabling logic
* Enable qubes-firewall also in "NetVM"
[ Nedyalko Andreev ]
* Fix the Archlinux template update proxy to work for HTTPS URLs as
well
[ Rusty Bird ]
* Add iptables dep to qubes-core-agent-networking RPM spec
[ Marek Marczykowski-Górecki ]
* network: order qubes-firewall service before enabling IP forwarding
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 21 Nov 2017 04:51:27 +0100
qubes-core-agent (4.0.12-1) unstable; urgency=medium
* Add support for new root volume partition layout to qubes.ResizeDisk
* Resize root filesystem at VM startup if needed
* debian: disable timer-based apt-get
* network: fix rules for network setup on new udev
* Fix removing temporary file after editing in (Disp)VM
* debian: cleanup after splitting qubes-core-agent
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 19 Oct 2017 17:28:27 +0200
qubes-core-agent (4.0.11-1) unstable; urgency=medium
[ Tray Torrance ]
* Add archlinux support to upgrade checker
[ Nedyalko Andreev ]
* Fix an incorrect grep usage in archlinux upgrade check
* Simplify archlinux upgrade check
[ Marek Marczykowski-Górecki ]
* Add convenient wrappers for qvm-copy-to-vm and qvm-move-to-vm
* qrexec: code style fix - use spaces for indentation
* qrexec: use user shell instead of hardcoded /bin/sh
* qubes.ResizeDisk: handle dmroot being a symlink
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 07 Oct 2017 02:35:42 +0200
qubes-core-agent (4.0.10-1) unstable; urgency=medium
[ Marek Marczykowski-Górecki ]
* centos: add package signing key, setup repository
* network: fix issues found by shellcheck
* qubes-rpc: fix issues found by shellcheck
* init: fix issues found by shellcheck in init scripts
* debian: fix shellcheck warnings in debian packaging
* Fix shellcheck warnings in block-snapshot script
* Fix shellcheck warnings in download-dom0-updates.sh
* Few more shellcheck warnings fixes/ignores
* Hint shellcheck where to look for sourced files, if in repository
* travis: add shellcheck call for all scripts in the repository
[ Nedyalko Andreev ]
* Fix the archlinux package, use correct DROPIN dirs
* Disable Oliver's binary pacman repo by default
* Fix indentation and shellcheck issues for archlinux
* Fix the install script after the shellcheck "fixes"
* Fix the previous shellcheck-related "fixes" again
[ Jussi Timperi ]
* archlinux: add correct section to qubes-noupgrade.conf
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 04 Oct 2017 15:19:35 +0200
qubes-core-agent (4.0.9-1) unstable; urgency=medium
[ Frédéric Pierret ]
* dnf-qubes-hooks: handle newer DNF >= 2.x
[ Marek Marczykowski-Górecki ]
* travis: add fc26 build
* Look for applications also in subdirectories of .../applications
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 26 Sep 2017 23:09:45 +0200
qubes-core-agent (4.0.8-1) unstable; urgency=medium
[ Marek Marczykowski-Górecki ]
* dom0-updates: do not modify yum.conf
[ Frederic Pierret (Epitre) ]
* Add CENTOS/RHEL support (drop fedora-release dependancy as template
builder will install it anyway and here it only make harder to
support non-fedora builds)
* Handle fallthrough with attribute(noreturn) for consistancy and
compatiblity with older GCC
[ Marek Marczykowski-Górecki ]
* (redo) updates-proxy: explicitly block connection looping back to
the proxy IP
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 15 Sep 2017 13:44:17 +0200
qubes-core-agent (4.0.7-1) unstable; urgency=medium
* qrexec: add configurable waiting for session before starting service
* document /etc/qubes/rpc-config
* qubes-rpc: add 'wait-for-session=1' option for some services
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 11 Aug 2017 13:33:35 +0200
qubes-core-agent (4.0.6-1) unstable; urgency=medium
* Announce if qubes-firewall service is supported+enabled in this
template
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 29 Jul 2017 05:31:13 +0200
qubes-core-agent (4.0.5-1) unstable; urgency=medium
[ Marek Marczykowski-Górecki ]
* qrexec: ship pam configuration for debian
* rpm: add services enabling/disabling logic
* qrexec: start process in a login shell
[ Marta Marczykowska-Górecka ]
* clock synchronization rewrite
* minor amends to clock synchronization
[ Marek Marczykowski-Górecki ]
* clock sync: drop untrusted_ prefix after value validation, fix error
msg
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 12 Jul 2017 23:40:54 +0200
qubes-core-agent (4.0.4-1) unstable; urgency=medium
* grub: add console=tty0 to kernel cmdline
* rpm: do not mess with locales in post-install script
* Don't use 'su' in qubes.WaitForSession if not needed
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 05 Jul 2017 14:02:22 +0200
qubes-core-agent (4.0.3-1) unstable; urgency=medium
[ unman ]
* Enable build for Zesty
[ Marek Marczykowski-Górecki ]
* Do not load 'dummy-hcd' kernel module
[ Vincent Penquerc'h ]
* core-agent-linux: misc const fixups
[ Marek Marczykowski-Górecki ]
* qrexec: use PAM directly instead of calling su to setup the session
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 05 Jul 2017 02:37:51 +0200
qubes-core-agent (4.0.2-1) unstable; urgency=medium
* Ship grub configuration
* Ship Qubes 4.0 repository definition and keys
* Update grub configuration
* debian: install man pages
* Add qrexec-client-vm man page
* qrexec: exit with code 126 when service request was refused
* qrexec: fix reporting exit code in qrexec-client-vm
* qrexec: do not shutdown stdout socket inherited from parent
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 24 Jun 2017 02:19:14 +0200
qubes-core-agent (4.0.1-1) unstable; urgency=medium
* Switch qubes.UpdatesProxy to socat
* rpm,deb: fix dependencies
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 11 Jun 2017 00:02:49 +0200
qubes-core-agent (4.0.0-1) unstable; urgency=medium
[ Marek Marczykowski-Górecki ]
* qvm-copy-to-vm: fix handling empty target VM
* Rename qubes.xdg python module to qubesxdg
* Disable meminfo-writer if there is any PCI device attached
[ Wojtek Porczyk ]
* misc: add qvm-features-request
[ Marek Marczykowski-Górecki ]
* Add qubes.ResizeDisk service to adjust filesystem size
* network: rewrite qubes-firewall daemon
* network: remove qubes-netwatcher
[ qubesuser ]
* network: add vif-route-qubes-nat for IP address anonymization
[ Marek Marczykowski-Górecki ]
* network: reformat vif-route-qubes-nat
* network: change vif-route-qubes-nat parameters
* network: integrate vif-route-qubes-nat into vif-route-qubes
* network: keep the same MAC on vif interfaces
* network: properly handle DNS addresses in vif-qubes-nat.sh
* network: use /32 netmask on internal IPs in NAT providing namespace
* travis: drop debootstrap workaround
* Add qubes.StartApp service
* dom0-updates: restructure the script to not update metadata twice
* tests: make firewall tests working regardless of python version
* firewall: switch to python 3
* tests: add run-tests script, plug it into travis
* Apply gschema overrides also to debian, rename according to
guidelines
* fedora,debian: update python3-daemon dependency
* Remove duplicated 'close' button from titlebar of gnome applications
* Ask for target VM for file-copy in dom0
* travis: update to Qubes 4.0 repositories
* debian: fix qubes-firewall python packaging, make it more verbose
* debian,fedora: split nautilus integration into separate package
* Revert "firewall: switch to python 3"
* Revert "fedora,debian: update python3-daemon dependency"
* debian: add missing Build-Depends: python-setuptools
* debian: make haveged.service patch less intrusive...
* Rename qvm-run to qvm-run-vm
* Implement qrexec-based connection to updates proxy
* Implement qubes.PostInstall service
* Fix detection of PCI passthrough
* rpm: rename qubes-core-vm to qubes-core-agent
* Rename qubes-nautilus to qubes-core-agent-nautilus
* Split dom0-updates handling into subpackage
* rpm: make file list more verbose to ease splitting the package
* Split network-related files to -networking and -network-manager
packages
* Remove DisposableVM savefile related files
* rpm: integrate documentation into main package
* Adjust dependencies for clean upgrade
* rpm: drop dependency on desktop-notification-daemon
* Do not report spurious failure of qubes.WaitForSession service
* deb,rpm: split passwordless root access configs into separate
package
* Remove old vusb scripts
* debian: update basic metadata of package
* rpm,deb: split qrexec-agent into separate subpackage
* debian: drop explicit dependency on sudo
* Cleanup kernel modules loading configuration
* Add qubes.VMRootShell service
* Make all scripts in qubes-rpc executable
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 09 Jun 2017 23:30:10 +0200
qubes-core-agent (3.2.18-1) unstable; urgency=medium
* debian,fedora: drop gnome-packagekit from dependencies
* systemd: fix race condition between qubes-db and qubes-early-vm-
config
* dispvm: don't use perl to decode base64-encoded script
* rpm: don't "append" to not existing /etc/yum.conf
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 16 May 2017 00:54:18 +0200
qubes-core-agent (3.2.17-1) unstable; urgency=medium
[ Jean-Philippe Ouellet ]
* Remove dates from man pages
[ Robin Schneider ]
* bind-dirs: Create ro if bind target exists
* Fix handling of binds containing spaces
* Fix more shellcheck warnings
[ unman ]
* If there is only 1 DNS server make both DNAT rules point to it
[ Daniel Moerner ]
* network: Properly handle comments in NetworkManager.conf (#2584)
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 01 Apr 2017 21:45:29 +0200
qubes-core-agent (3.2.16-1) unstable; urgency=medium
[ Andrew David Wong ]
* Update Xen bug count in sudoers comment
[ Nicklaus McClendon ]
* Copied needed sources to build root
[ Patrick Schleizer ]
* comment
[ Olivier MEDOC ]
* archlinux: fix community repositories URL
[ Lorenzo ]
* Shut down after update only if it's a template.
* Shut down after update only if it's a template.
[ Olivier MEDOC ]
* archlinux: fix lsb_release missing
* archlinux: update installer script to use systemd preset file
* archlinux: fix bash syntax errors
* Makefile: enforce mode 750 for directories /etc/sudoers.d and
/etc/polkit-1/rules.d
* archlinux: fix pacman.d dropin not activated if pacman.conf does not
already contains qubes markers
* archlinux: add missing qubes-rpc dependencies
[ Gregorio Guidi ]
* Restore functionality of disable-default-route and disable-dns-
server.
[ unman ]
* Stop anacron from starting in Debian using existing constraint on
cron
* Constrain cron and anacron in Ubuntu also
* Reset iptables ACCEPT rule for updates proxy if service is running
* Fix build for trusty - locales-all not available
* Move trusty check and locales-all fix inside source-debian-quilt-
copy-in
* Apply gschema override preventing previews in nautilus in Debian
[ Marek Marczykowski-Górecki ]
* debian: fix lintian warning - command-with-path-in-maintainer-script
* debian: don't fail the upgrade if glib-compile-schemas fails
[ unman ]
* Stop unnecessary services in Debian
[ Marek Marczykowski-Górecki ]
* systemd: place user dropins in /usr/lib instead of /lib
* Use online resize2fs, and run filesystem check only when needed
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 07 Mar 2017 23:04:47 +0100
qubes-core-agent (3.2.15-1) wheezy; urgency=medium
* Fix detection of dom0 updates
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 04 Dec 2016 22:39:01 +0100
qubes-core-agent (3.2.14-1) wheezy; urgency=medium
[ unman ]
* Add systemd override for haveged in xenial and stretch. (#2161)
Reenable haveged.service after debian package installation
[ Marek Marczykowski-Górecki ]
* travis: drop debootstrap workaround
[ Rusty Bird ]
* v2: (vm) qvm-move-to-vm: don't "rm -rf" vm name argument
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 04 Dec 2016 21:57:10 +0100
qubes-core-agent (3.2.13-1) wheezy; urgency=medium
[ Manuel Amador (Rudd-O) ]
* Make signing optional for testing, and add program checks.
* Clean up early initialization and setup of /rw
* Better private.img size management.
* Invert logic of systemd_version_changed.
* Fix VM settings running while / is readonly.
* Clean up specfile unit activation aspect.
* Invert logic of SKIP_SIGNING.
[ Marek Marczykowski-Górecki ]
* Revert "network: disable proxy_arp"
[ Jean-Philippe Ouellet ]
* Keep Makefile DRY
[ Marek Marczykowski-Górecki ]
* Refactor qubes.InstallUpdatesGUI to reduce code duplication
* Ask to shutdown the template after performing update
* Prefer powerpill to update Archlinux VM
[ Patrick Schleizer ]
* fix reload_random_seed error handling
[ Marek Marczykowski-Górecki ]
* Write random seed directly to /dev/urandom
[ Manuel Amador (Rudd-O) ]
* Initialize home_volatile for disposable VMs.
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 18 Nov 2016 01:59:25 +0100
qubes-core-agent (3.2.12-1) wheezy; urgency=medium
[ unman ]
* Remove custom mount when starting cron, in favour of bind-dirs
* use bind-dirs to handle crontab persistence
* Revert version and correct unit files
* Remove entry in changelog as version not bumped
[ Rudd-O ]
* Eliminate race condition with qubes-setup-dnat-to-ns
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 18 Oct 2016 15:55:40 +0200
qubes-core-agent (3.2.11-1) wheezy; urgency=medium
[ HW42 ]
* bind-dirs: copy from ro only if bind target doesn't exists
[ Marek Marczykowski-Górecki ]
* network: minor setup-ip fix
* Configure NetworkManager to keep /etc/resolv.conf as plain file
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 03 Oct 2016 11:32:40 +0200
qubes-core-agent (3.2.10-1) wheezy; urgency=medium
[ HW42 ]
* systemd: fix qubes-mount-home path in cleanup script
* systemd: remove obsolete symlinks with rm instead of systemctl
[ Marek Marczykowski-Górecki ]
* network: reload NM connection after setting it up
* systemd: fix syntax error in preset file
[ Patrick Schleizer ]
* comment legacy function
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 08 Aug 2016 05:23:02 +0200
qubes-core-agent (3.2.9-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* systemd: cleanup removed services
* systemd: order qubes-mount-dirs.service before local-fs.target
* systemd: load xen-privcmd module
* systemd: include tor-disabling drop-ins in the package
* systemd: improve ordering of systemd units
[ Patrick Schleizer ]
* add /usr/lib/qubes/bind-dirs.sh compatibility symlink
* empty legacy function
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 27 Jul 2016 06:08:56 +0200
qubes-core-agent (3.2.8-1) wheezy; urgency=medium
* dom0-updates: fix cleaning downloaded packages
* Revert "systemd: preset xendriverdomain on update"
* systemd: don't mark updates check service failed
* systemd: plug random seed loading into systemd-random-seed
* Include Qubes Master Key in the VM template
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 17 Jul 2016 04:27:04 +0200
qubes-core-agent (3.2.7-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* systemd: preset xendriverdomain on update
* rpm: fix misleading systemd warnings during upgrade
[ Olivier MEDOC ]
* archlinux: switch to usage of pacman.d drop-ins
* archlinux: Setup default package repository
* archlinux: ensure repositories are the last pacman.d files included
* archlinux: fix update-proxy-configs to use pacman.d drop-ins
[ Patrick Schleizer ]
* fixed qubes-core-agent upgrading double package manager lock
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 13 Jul 2016 22:43:06 +0200
qubes-core-agent (3.2.6-1) wheezy; urgency=medium
[ Patrick Schleizer ]
* Do not start tor@default service in TemplateVM.
[ Marek Marczykowski-Górecki ]
* dom0-updates: use dnf --best --allowerasing
[ Rusty Bird ]
* Order network management units after network-pre.target
* dvm, then xendriverdomain, then qrexec-agent
* *Do* block until good random is available again
* Remove 'if true' wrapper from
06a0d30d50ce4ea266532c06ef24880bf5363c1b
* Enable xendriverdomain.service in 75-qubes-vm.preset
[ Patrick Schleizer ]
* add comment
* add comment
[ Olivier MEDOC ]
* archlinux: update installer script in prevision of pacman.d drop-ins
* archlinux: provide automatic qubes-trigger-sync-appmenus through
pacman hooks
* archlinux: remove unnecessary glib-compile-scheme
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 13 Jul 2016 04:38:17 +0200
qubes-core-agent (3.2.5-1) wheezy; urgency=medium
* travis: add fc24 build
* debian: add missing pkg-config build depends
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 06 Jun 2016 00:18:54 +0200
qubes-core-agent (3.2.4-1) wheezy; urgency=medium
[ Patrick Schleizer ]
* fix indent
[ Marek Marczykowski-Górecki ]
* dom0-updates: use dnf when available
* Prefer 'dnf' over 'yum' for template update
[ unman ]
* Fall back to gnome utilities if kdialog not present
[ Marek Marczykowski-Górecki ]
* travis: initial version
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 05 Jun 2016 22:10:58 +0200
qubes-core-agent (3.2.3-1) wheezy; urgency=medium
* Cleanup R3.1->R3.2 transitional package
* Update repository definitions for R3.2
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 18 May 2016 23:43:22 +0200
qubes-core-agent (3.2.2-1) wheezy; urgency=medium
* systemd: order units checking for qubes-service after qubes-sysinit
* qvm-open-in-vm: escape URL when wrapping it in HTML
* Implement qubes.OpenURL service instead of wrapping URLs in HTML
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 18 May 2016 03:00:12 +0200
qubes-core-agent (3.2.1-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* qubes-rpc: fix SVG icon scaling
* Fix bind-dirs.sh path
[ Olivier MEDOC ]
* archlinux: fix remaining loginctl privilege issues with invalid
pam.d configuration
[ Marek Marczykowski-Górecki ]
* Remove obsolete policy files
[ Patrick Schleizer ]
* fixed bind-dirs legacy import function
* fixed sh syntax error
* minor debug xtrace output
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 05 May 2016 00:05:13 +0200
qubes-core-agent (3.2.0-1) wheezy; urgency=medium
[ Patrick Schleizer ]
* disable systemd-timesyncd
[ Marek Marczykowski-Górecki ]
* qrexec: write service stderr to both syslog and caller
* qrexec: hide timing debug messages in vm-file-editor
[ Patrick Schleizer ]
* do not start the Tor service inside Qubes TemplateVMs
* work on bind-dirs https://phabricator.whonix.org/T414
* work on bind-dirs
* work on bind-dirs
* renamed: misc/bind-dirs -> vm-systemd/bind-dirs
* renamed: bind-dirs -> bind-dirs.sh
* run /usr/lib/qubes/bind-dirs.sh from mount-dirs.sh
* use symlink_level_max rather than hardcoding 10; comment
* also exit from bind-directories if file /var/run/qubes-service/qubes-
dvm exists
* fixed broken file copy for files in multi level directories
* refactoring / code simplification
[ Rusty Bird ]
* qvm-move-to-vm: Remove duplicated code
* qvm-move-to-vm: Use '--' before file arguments
* Use && in qvm-move-to-vm
[ Andrew ]
* Use proper space-expanded tabs, as per the coding guidelines.
* Move usage information printing to separate function, and print
usage to stderr; also added some spacing.
* Use proper quoting around variables.
* Properly handle case of empty domain name.
[ Marek Marczykowski-Górecki ]
* rpm: Add bind-dirs.sh to spec file
* qubes.SuspendPreAll and qubes.SuspendPostAll services
* qrexec: unify service environment preparation
[ Patrick Schleizer ]
* use 'true' rather than ':' for consistency
* minor indent
[ Rusty Bird ]
* Remove exec in last line of qvm-copy-to-vm
[ Marek Marczykowski-Górecki ]
* qrexec: add service argument support
* network: run setup-ip only on xen frontend interfaces
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 29 Mar 2016 14:41:34 +0200
qubes-core-agent (3.1.14-1) wheezy; urgency=medium
* network: use `qubes-primary-dns` QubesDB entry if present
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 07 Mar 2016 13:47:01 +0100
qubes-core-agent (3.1.13-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* sysinit: Accept also old xenbus kernel interface
[ adrianx64 ]
* Proposed solution for issue #1657
[ Marek Marczykowski-Górecki ]
* Move opening file viewer/editor into separate shell script
* qubes-open: switch from mimeopen to xdg-open
[ Olivier MEDOC ]
* update qubes.InstallUpdateGUI to support archlinux
* archlinux: add gcc and make as make dependencies
* implement update proxy support for archlinux
* archlinux: add Qubes Markers in pacman.conf so that changes done by
qubes scripts are not inserted at the end of pacman.conf
* archlinux: properly add qubes markers in pacman.conf
* update-proxy: use curl instead of wget in archlinux in order to
limit additional dependencies
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 08 Feb 2016 05:07:39 +0100
qubes-core-agent (3.1.12-1) wheezy; urgency=medium
* Unload USB controllers drivers in USB VM before going to sleep
* Do not try to signal NetworkManager before suspend if it isn't
running
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 11 Jan 2016 21:59:34 +0100
qubes-core-agent (3.1.11-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* dom0-updates: add a message explaining yum deprecated warning
[ noname ]
* archlinux: Added python{2,3} as dependency. Solved python22 bug.
[ Marek Marczykowski-Górecki ]
* Fix time sync service
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 07 Jan 2016 05:52:35 +0100
qubes-core-agent (3.1.10-1) wheezy; urgency=medium
* network: use more strict policy about incoming traffic
* debian: add missing python-gtk2 dependency
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 31 Dec 2015 02:58:29 +0100
qubes-core-agent (3.1.9-1) wheezy; urgency=medium
* dnf: drop shebang, it isn't standalone script
* Package DNF plugin for both python2 and python3
* dom0-updates: fix reporting when no updates are available
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 26 Dec 2015 14:24:00 +0100
qubes-core-agent (3.1.8-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* open-in-vm: Fix path to mimeinfo database
[ Olivier MEDOC ]
* archlinux: fix invalid systemd path in make install directive
* archlinux: remove quotes when checking system locales (in case it
has been user defined)
[ MB ]
* [network-proxy-setup] Permit !CONFIG_MODuLES
[ Rusty Bird ]
* repo description: updates-testing -> security-testing
[ Marek Marczykowski-Górecki ]
* debian: add security-testing repository
[ Olivier MEDOC ]
* archlinux: ensure systemctl reset preset correctly (need to be
started twice)
[ Marek Marczykowski-Górecki ]
* updates-proxy: restart on network configuration change to reload DNS
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 20 Dec 2015 03:12:39 +0100
qubes-core-agent (3.1.7-1) wheezy; urgency=medium
* updates-proxy: explicitly block connection looping back to the proxy
IP
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 04 Dec 2015 15:32:14 +0100
qubes-core-agent (3.1.6-1) wheezy; urgency=medium
* Revert "network: use drop-ins for NetworkManager configuration
(#1176)"
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 29 Nov 2015 00:34:34 +0100
qubes-core-agent (3.1.5-1) wheezy; urgency=medium
[ Patrick Schleizer ]
* clean up /etc/tinyproxy/filter-updates
[ Olivier MEDOC ]
* updates-proxy: remove remaining traces of proxy filtering file from
Makefile
* rpm_spec: declare InstallUpdateGUI qrexec_service
* archlinux: enforce minimum versionning of qubes-utils
[ Patrick Schleizer ]
* Prevent services from being accidentally restarted by `needrestart`.
* Have qubes-sysinit create /var/run/qubes VM type files.
[ Marek Marczykowski-Górecki ]
* Package needrestart config only for Debian
* debian: reformat Build-Depends:
* debian: update build-depends for split qubes-utils package
* backup: Use 'type' instead of 'which' to prevent unnecessary
dependency
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 28 Nov 2015 14:48:33 +0100
qubes-core-agent (3.1.4-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* Minor improvements to packaging (based on rpmlint)
[ Patrick Schleizer ]
* removed confusing comments
* minor indent
* No longer start /etc/init.d/tinyproxy by default anymore.
[ Marek Marczykowski-Górecki ]
* Revert "preset disable tinyproxy by default"
[ Patrick Schleizer ]
* minor, removed trailing space
* Improved upgrade notifications sent to QVMM.
* fixed inverted logic issue in upgrades-installed-check
* misc/upgrades-installed-check: handle apt-get errors
[ Marek Marczykowski-Górecki ]
* Explicitly fail upgrades-installed-check on other distributions
[ qubesuser ]
* Allow to provide customized DispVM home directly in the template VM
[ Marek Marczykowski-Górecki ]
* network: let NetworkManager configure VM uplink, if enabled
* Use improved update-notify script also in Fedora
* Implement qubes.InstallUpdatesGUI qrexec service
* Really fix update-proxy rules for debian security fixes repo
* updates-proxy: disable filtering at all
* network: disable proxy_arp
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 15 Nov 2015 04:29:29 +0100
qubes-core-agent (3.1.3-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* network: forward TCP DNS queries
[ Patrick Schleizer ]
* removed trailing spaces
* Renamed qubes-mount-home to qubes-mount-dirs.
[ Marek Marczykowski-Górecki ]
* qrexec: implement buffered write to a child stdin
[ Olivier MEDOC ]
* archlinux: update packaging and install script to use systemd
DROPINs
* archlinux: force running scripts with python2 even when /usr/bin/env
is used
* archlinux: readd notification-daemon as a dependency
* archlinux: readd lines removed by error during merge
[ Patrick Schleizer ]
* disable leaking TCP timestamps by default
[ Marek Marczykowski-Górecki ]
* rpm: add /etc/sysctl.d/20_tcp_timestamps.conf
* rpm: remove duplicated entry
[ Patrick Schleizer ]
* cleanup /etc/apt/apt.conf.d/00notiy-hook on existing systems
[ erihe251 ]
* Small language fixes
* Update qubes.sudoers
[ Marek Marczykowski-Górecki ]
* Require new enough qubes-utils package for updated libqrexec-utils
* debian: install locales-all instead of custom locales generation
* makefile: cleanup help message
* Setup updates proxy in dnf and PackageKit
* backup: fix handling backup filename with spaces
* backup: improve exit code reporting
[ Rusty Bird ]
* qfile-unpacker: Avoid data loss by checking for child errors
[ Marek Marczykowski-Górecki ]
* appmenus: ignore entries with NoDisplay=true
* qfile-agent: move data handling code to libqubes-rpc-filecopy
[ yaqu ]
* Replacing "sleep 365d" with "sleep inf"
[ Marek Marczykowski-Górecki ]
* No longer disable auditd
* dom0-updates: prefer yum-deprecated over dnf
* fedora: Add skip_if_unavailable=False to Qubes repositories
[ Olivier MEDOC ]
* add DROPINS for org.cups.cupsd systemd files.
* dropins: make current systemd dropins specific to systemd-system in
order to introduce dropins for systemd-user
* dropins: implement dropins for systemd user starting with pulseaudio
systemd service and socket masking
[ Marek Marczykowski-Górecki ]
* qrexec: add some comments, minor improvement in readability
* qrexec: use #define for protocol-specified strings
* dracut: disable hostonly mode
* dom0-updates: use yum-deprecated instead of dnf in all calls
* updates-proxy-setup: use temporary file for config snippet
* Implement dnf hooks for post-update actions
* fedora: do not require/use yum-plugin-post-transaction-actions in
F>=22
* Get rid of qubes-core-vm-kernel-placeholder
* systemd: make sure that update check is started only after qrexec-
agent
* dom0-updates: do not use 'yum check-update -q'
* Bump qubes-utils version requirement
[ Patrick Schleizer ]
* preset disable tinyproxy by default
[ Marek Marczykowski-Górecki ]
* updates-proxy: use separate directory for PID file
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 11 Nov 2015 06:29:21 +0100
qubes-core-agent (3.1.2-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* Enlarge /tmp and /dev/shm
* network: use own iptables service instead of repurposing existing
one
[ Patrick Schleizer ]
* removed iptables-persistent from Depends to improve usablity (avoid
redundant debconf question)
[ Marek Marczykowski-Górecki ]
* debian: disable netfilter-persistent.service
* Adjust progress message on file move operation
* Run 'ldconfig' to update /usr/local/lib* cache, if applicable
* updates-proxy: Disable 'Via: tinyproxy' header
* Cleanup R3.0->R3.1 transitional package
* network: use drop-ins for NetworkManager configuration (#1176)
* network: fix 'qubes-uplink-eth0' NetworkManager connection (#1280)
[ Patrick Schleizer ]
* minor
[ HW42 ]
* qubes-random-seed: feed kernel rng with randomness from dom0
* reload qubes-random-seed when restoring DispVM
[ Marek Marczykowski-Górecki ]
* systemd: actually enable qubes-random-seed service
* sysvinit: load random seed from dom0 provided data
* Use 'type' instead of 'which' to prevent unnecessary dependency
* Add missing R: dconf to hide nm-applet when not used
* dom0-updates: Fix showing package list when --check-only option was
used
* dom0-updates: check "yum check-update" exit code, not only its
output
* dom0-updates: fix hostname in error message
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sun, 11 Oct 2015 03:00:00 +0200
qubes-core-agent (3.1.1-1) wheezy; urgency=medium
* Update repository definition for r3.1
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 29 Sep 2015 16:55:35 +0200
qubes-core-agent (3.1.0-1) wheezy; urgency=medium
[ Patrick Schleizer ]
* Allow passwordless login for user "user" (when using 'sudo xl
console').
* Allow passwordless login for user "user" (when using 'sudo xl
console') for images being upgraded.
* show error msg if qubes.ReceiveUpdates failed
[ qubesuser ]
* qubes-rpc: fix broken temporary file deletion in qubes.GetImageRGBA
[ Patrick Schleizer ]
* added missing dependency python-dbus to 'Depends:'
[ Marek Marczykowski-Górecki ]
* rpm: add dbus-python dependency
[ qubesuser ]
* qubes-rpc: fix broken temporary file deletion in qubes.GetImageRGBA
* qubes-rpc: fix icon selection using pyxdg and support SVG icons
[ Patrick Schleizer ]
* fixed 'Debian 8 apt.config.d misconfiguration'
* added missing dependency xserver-xorg-dev
* - Prevent 'su -' from asking for password in Debian [based]
templates. Thanks to @unman and @marmarek for suggesting the fix!
Fixes https://github.com/QubesOS/qubes-issues/issues/1128. - Changed
'ifeq (1,${DEBIANBUILD})' to 'ifeq ($(shell lsb_release -is),
Debian)' to make the build work outside of Qubes Builder as well.
* Fixed /etc/pam.d/su.qubes. (Moved line 'auth sufficient
pam_permit.so' up. May not be low '@include' lines.)
* fix typo
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 29 Sep 2015 16:39:55 +0200
qubes-core-agent (3.0.16-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* debian: remove SELinux disabling code
* Revert "qubes-desktop-run: Activate via DBUS when desktop file
contains DBusActivatable"
* qubes-desktop-run: start the Dbus service (if needed)
[ Patrick Schleizer ]
* added pulseaudio-kde and spice-vdagent to qubes-trigger-desktop-
file-install
[ Jason Mehring ]
* debian: Move python-xdg to depends section in debian/control
* sudoers.d: Stops QT from using the MIT-SHM X11 Shared Memory
Extension
[ Rusty Bird ]
* Mount /dev/xvdb with fs type "auto"
[ Marek Marczykowski-Górecki ]
* Move .desktop launching code to python moules so it can be reused
* Implement dropins for /etc/xdg/autostart (#1151)
* Remove dynamically generated autostart desktop files
* qubes-session-autostart: do not abort the whole process on invalid
file
* qubes-desktop-run: don't crash on Debian wheezy (glib < 2.36)
* debian: fix /dev permissions on upgrade
* systemd: fix starting cups
* debian: depend on gawk
* Fix show-hide-nm-applet.desktop - use OnlyShowIn=X-QUBES
[ Patrick Schleizer ]
* moved python-xdg from Recommends to Depends
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 03 Sep 2015 02:45:30 +0200
qubes-core-agent (3.0.15-1) wheezy; urgency=medium
* debian: remove `Recommends: chrony`
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 08 Aug 2015 23:23:38 +0200
qubes-core-agent (3.0.14-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* kernel-placeholder: prevent xl2tpd from pulling kernel packages
* qubes-core-vm-kernel-placeholder 1.0-3
[ Olivier MEDOC ]
* archlinux: update dependency list based on .spec file
* archlinux: reorganize install script to make it more easily
compareable with the .spec file
* archlinux: fix syntax errors in install file
[ Marek Marczykowski-Górecki ]
* debian: fix permissions of /var/lib/qubes/dom0-updates
[ Patrick Schleizer ]
* also inform in cli if no new updates are available
[ Olivier MEDOC ]
* archlinux: pulseaudio should be configured in gui agent and will
break installation of pulseaudio if installed in core-agent-linux
* archlinux: enabled configuration of all core agent dependencies
* archlinux: ensure python2 is used for all scripts and fix
dependencies for qubes-desktop-run
[ Jason Mehring ]
* debian: Renamed incorrect filename: 00notiy-hook -> 00notify-hook
* debian: Comment out deb-src line in qubes-r3.list
* Use 'which' to locate fuser since fuser path is different in Fedora
and Debian
* debian: Change triggers to use `interest-await` (execute triggers
after all packages installed)
* Remove '.service' from systemd enable loop as unit_name already
contains .service in name
* debian: remove cups/print-applet triggers
* debian: Added cups, system-config-printer to Recommends
* Makefile: Add systemd drop-in support which include conditionals to
prevent services from starting
* fedora: Add systemd drop-in support which include conditionals to
prevent services from starting
* debian: Add systemd drop-in support which include conditionals to
prevent services from starting
* Re-aranged qubes-vm.preset to indicate which services are specificly
for Fedora only
* vm-systemd: Add systemd drop-in support which include conditionals
to prevent services from starting
[ Marek Marczykowski-Górecki ]
* archlinux: remove installOverridenServices as now handled by systemd
dropins
* fedora: do not own dropins directories
* fedora: simulate preset-all only on first install, not upgrade
* fedora: fix default locale generation
* qrexec: fix exit code from qrexec-client-vm
* qrexec: make sure that all the pipes/sockets are closed on cleanup
[ Jason Mehring ]
* qubes-desktop-file-install: Manages xdg desktop entry files
* debian: Reformat depends in control for better readability
* debian: qubes-desktop-file-install: Add misssing depend to contol
* debian: Switch to using org.mate.NotificationDaemon by default to
eliminate popups not closing
* fedora: Use 'slider' org.mate.NotificationDaemon theme
* qubes-desktop-run: Activate via DBUS when desktop file contains
DBusActivatable
[ Marek Marczykowski-Górecki ]
* Move `/usr/share/qubes/xdg` to `/var/lib/qubes/xdg`
[ Patrick Schleizer ]
* fixed "in place upgrade issue - base-passwd debconf interative
question asks 'Remove group "qubes"'"
* fixed "in place upgrade issue - base-passwd debconf interative
questi…on asks 'Remove group "qubes"'" for existing users
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 08 Aug 2015 04:16:52 +0200
qubes-core-agent (3.0.13-1) wheezy; urgency=medium
* fedora: ensure that /etc/sysconfig/iptables exists (Fedora 20)
* fedora/systemd: fix service enabling code
* network: use iptables-restore instead of iptables --wait
* network: guard iptables call with manual lock
* network: disable tx csum offload on vif interfaces
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Wed, 01 Jul 2015 07:05:53 +0200
qubes-core-agent (3.0.12-1) wheezy; urgency=medium
* dom0-updates: make the tool working on Debian
* fedora, debian: make sure that default locale is generated
* rpm: improve setting iptables rules
* Do not override file pointed by /etc/localtime symlink
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 23 Jun 2015 20:06:22 +0200
qubes-core-agent (3.0.11-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* debian: fix apt sources.list generation (missing debian version
field)
[ Jason Mehring ]
* Set a default locale if missing
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 11 Jun 2015 04:06:26 +0200
qubes-core-agent (3.0.10-1) wheezy; urgency=medium
* rpm: ensure that all the services are enabled after upgrade
* qrexec: do not show message about missing fork-sever - it isn't an
error
* rpm: add missing dependencies
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 02 Jun 2015 11:20:18 +0200
qubes-core-agent (3.0.9-1) wheezy; urgency=medium
[ Jason Mehring ]
* debian: Only notify dom0 on apt-get post hook; don't update package
index
* debian: Allow apt-get post hook to fail gracefully (won't work in
chroot)
[ Marek Marczykowski-Górecki ]
* appmenus: hide message about missing /usr/local/share/applications
* qrexec: prefer VM-local service file (if present) over default one
* rpm: mark service files as configuration to not override user
changes
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 15 May 2015 03:27:58 +0200
qubes-core-agent (3.0.8-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* Use iptables --wait only when it is supported
[ Jason Mehring ]
* debian: Update notification now notifies dom0 when an upgrade is
completed
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 28 Apr 2015 12:51:48 +0200
qubes-core-agent (3.0.7-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* debian: install qubes-download-dom0-updates.sh
* prepare-dvm: fix bashism
* network: wait for iptables lock instead of aborting
* rpm: cleanup R2->R3.0 transitional package
[ Jason Mehring ]
* whonix: Added protected-files file used to prevent scripts from
modifying files that need to be protected
* Changed location of PROTECTED_FILE_LIST to /etc/qubes/protected-
files.d
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 25 Apr 2015 02:36:55 +0200
qubes-core-agent (3.0.6-1) wheezy; urgency=medium
* qrexec: do not reset umask to 077 for every started process
* rpm/systemd: do not use preset-all during package upgrade
* systemd: disable avahi-daemon and dnf-makecache
* dispvm: do not start GUI apps during prerun
* Fix resizing of /rw partition (private.img)
* Minor fixes in mount-home.sh
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 11 Apr 2015 03:40:57 +0200
qubes-core-agent (3.0.5-1) wheezy; urgency=medium
* systemd: use presets to enable services, call preset-all
* systemd: install overridden unit file for chronyd
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 07 Apr 2015 14:58:36 +0200
qubes-core-agent (3.0.4-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* qrexec: try to recover from fork-server communication error
* rpm: add missing BuildRequires: libX11-devel
* debian: fix handling SysV units in disableSystemdUnits
* debian: update NetworkManager configuration
[ Wojtek Porczyk ]
* qubes-rpc-multiplexer: deprecate /etc/qubes_rpc, allow /usr/local
* sudoers: do not require TTY
[ Marek Marczykowski-Górecki ]
* Update repository definition: r3 -> r3.0
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 02 Apr 2015 00:55:09 +0200
qubes-core-agent (3.0.3-1) wheezy; urgency=medium
* Enable updates repos by default
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 27 Mar 2015 01:24:43 +0100
qubes-core-agent (3.0.2-1) wheezy; urgency=medium
[ Marek Marczykowski-Górecki ]
* debian: fix version number
* backup: fix qubes.Restore service - do not send garbage as backup
data
[ Jason Mehring ]
* debian: Add extend-diff-ignore options to debian packager
[ Marek Marczykowski-Górecki ]
* qrexec: fork into background after setting up qrexec-fork-server
socket
* Fix "backup: fix qubes.Restore service - do not send garbage as
backup data"
[ Jason Mehring ]
* Switched qvm-move-to-vm.{gnome,kde} scripts to use bash not sh
* Removed nautilus-actions depend and replaced with nautilus-python
* Removed code that deleted original nautilus actions
[ Marek Marczykowski-Górecki ]
* fc21: fix DispVM preparation - Xorg has new name
* dispvm: kill all process after populating caches
* dispvm: start gui agent early, do not kill Xorg
* dispvm: close only visible windows during DispVM preparation
* Move mounting /rw and /home to separate service
* dispvm: use qubes.WaitForSession to wait for gui-agent startup
* dispvm: include memory caches in "used memory" notification
* dispvm: do not restart qubesdb-daemon, use watch instead
* qrexec: simplify makefile
* qrexec: handle data vchan directly from qrexec-client-vm
* qrexec: return remote process status as qrexec-client-vm exit code
* qrexec: better handle remote process termination
* qrexec: do not break connection on duplicated SIGUSR1
* qrexec: minor readability fix
* qrexec: process vchan data queue (esp MSG_EXIT_CODE) before sending
anything
* qrexec: add option to use real stdin/out of qrexec-client-vm
* qrexec: do not leak FDs to logger process
* qrexec: execute RPC service directly (without a shell) if it has
executable bit set
* qrexec: get rid of shell in services using EOF for any signaling
* qrexec: move qrexec-client-vm to /usr/bin
* Add support for comments in qubes-suspend-module-blacklist
* Create filesystem if the private.img is empty
* Provide stub files in /rw/config
* qrexec: fix compile warning
* qrexec: do not wait for local process if no one exists
* qrexec: enable compiler optimization
* Do not load xen-usbfront automatically
* fedora: override iptables configuration on initial installation
* Update comments and xenbus intf in startup scripts regarding vchan
requirements
* dom0-update: allow to specify custom yum action
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Thu, 26 Mar 2015 23:56:25 +0100
qubes-core-agent (3.0.1-1) jessie; urgency=medium
[ Marek Marczykowski-Górecki ]
* Reenable imsettings service
* systemd: fix xenstore-ls path
[ Jason Mehring ]
* Allow hyphenated distro names in tinyproxy filter
* Change condition test to compare to a link "-L"
* debian: add xen-utils-common as a dependancy to allow Debian proxies
* debian: Added maintainers scripts (pre / postinit + rm) - Currently
in debug mode
* debian: preinst needs a group and force no password entry on adduser
* debian: Added less restrictive filter option for debian packages
Sites like sourceforge append ?downloadxxx to end
* debian: added new depends
* debian: force shell to be bash since its default is dash and many
qubes scripts rely on bash and will break in dash and added
tinyproxy user
[ HW42 ]
* move fedora specific stuff to install-rh target
* don't track debina/files (since it is autogenerated)
* use systemd in debian
* install iptables/forwarding for debian
* various patches for debian
* improve update of /etc/hosts
* make source.list multiarch compatible
* add xserver-xorg-video-dummy to the dependencies list of qubes-core-
agent
* dispvm-presun.sh needs bash
* use sleep instead os usleep since it is more portable
* debian: chown /home_volatile/user in posinst
* fix xenstore-read path in network-proxy-setup.sh for debian
* debian: add dependency on xen-utils since it's needed for
proxy/netvm
* debian: add support for qubes appmenus
[ Marek Marczykowski-Górecki ]
* debian: fix initialization of /etc/hosts
[ Jason Mehring ]
* debian: set -e added in place of set -x
* debian: Made debian proxy filter rules more restrictive
* debian: Cleanup
* debian: Prepend package name to maintainers scripts
* debian: Add qubes-update-check for Debian
* debian: Revert back to original NetworkManager, ModemManager service
names
* debian: apt-get needs to update first
* debian: Remove absolute path to xenstore-*
* debian: Added more dependancies
* debian: Added postrm disable of other Qubes packages
* debian: Added all other outstanding triggers contained in rpm_spec
as well as triggers if other packages get installed at a later date
the configurations will run on them
* debian: removed commented out depends
* debian: Added more error reporting to track down any missing
dependancies
* debian: More depends for debian as netvm and some configuration
tweaks.
[ Marek Marczykowski-Górecki ]
* network: do not use ifcfg-rh NM plugin
* network: fix NM uplink config permissions
[ Jason Mehring ]
* debian: Add new notification agent depends; remove other
* debian: Added functionality to move desktop entry config files to
/usr/share/qubes/xdg/autostart to preserve originals
* debian: Wrong variable name was used to create
/usr/share/qubes/xdg/autostart
[ Marek Marczykowski-Górecki ]
* Fix compile flags order (-lX11 moved to the end)
[ Jason Mehring ]
* debian: Updated tinyproxy filter rules
* debian: Don't display systemd info in chroot since systemd show does
not work in chroot
[ Marek Marczykowski-Górecki ]
* network: fix indentation
* Fix disabling nm-applet when NM is disabled
* debian: create tinyproxy as system user
* debian: fix generation of apt sources list file
* debian: add missing python-gi to dependencies
* debian: remove obsolete code from postinst script
* debian: fix service name in postinst script
* Update update-proxy rules for debian security fixes repo
[ HW42 ]
* debian: move not strictly required packages to Recommends-Section.
* debian: remove unneeded acpid dependency
[ Marek Marczykowski-Górecki ]
* network: set uplink configuration based on MAC (NetworkManager)
* network: fix NM config preparation
[ Jason Mehring ]
* fc21: iptables configurations conflict with fc21 yum package manager
* fc21: Remove left-over code comment
[ Marek Marczykowski-Górecki ]
* fedora: Add security-testing repo definition
* filecopy: prevent files/dirs movement outside incoming directory
during transfer
* fedora: Fix iptables config install script
* fedora: Fix iptables config installation one more time
[ HW42 ]
* don't ignore asprintf() return value
[ Marek Marczykowski-Górecki ]
* network: support for not setting DNS and/or default gateway
[ Olivier MEDOC ]
* archlinux: fix new packaging requirements related to sbin, lib64,
run ...
* archlinux: align with fedora changes related to imsettings
[ Marek Marczykowski-Górecki ]
* fedora: reduce code duplication in systemd triggers
* fedora: reload systemd only once
* systemd: allow to start cron daemon (#909)
* filecopy: fallback to "open(..., 000)" method when /proc
inaccessible
* network: support for not setting DNS and/or default gateway (v2)
* rpm: add missing R: pygobject3-base
[ HW42 ]
* debian: fix for QSB #014 requires up to date qubes-utils
* debian: postinst: use systemctl mask
* debian: postinst: use dpkg-divert
* debian: don't generate regular conf files in postinst
* debian: postinst: don't remove /etc/udev/rules.d/*
* debian: postinst: don't create /rw - it is already part of the
package
* debian: postinst: use systemctl to set default target
* debian: postinst: remove fedora specific code
* debian: postinst: enable netfilter-persistent service
* debian: postinst: cleanup
* debian: postinst: don't start systemd services
* debian: postinst: enable haveged only if installed
* debian: postinst: remove redundant and misleading trigger output
* debian: install fstab as normal config file
* debian: preinst: remove modification of /etc/modules
* remove 'bashisms' or explicit use bash
* debian: preinst: don't force the default shell to bash
* debian: prerm: remove obsolete code
* debian: preinst: cleanup user creation
[ Wojtek Porczyk ]
* spec: require linux-utils-3.0.1
[ Matt McCutchen ]
* Switch to preset file for systemd units to disable.
* Make qvm-run bidirectional and document its limitations.
[ Marek Marczykowski-Górecki ]
* debian: change systemctl set-default back to manual symlink
* network: fix handling newline in firewall rules
* qrexec: use sockets instead of pipes to communicate with child
process
* qrexec: reorganise code for upcoming change
* qrexec: add simple "fork server" to spawn new processes inside user
session
* Adjust permissions of /var/run/qubes
[ Jason Mehring ]
* debian: Remove 'exit 0' in maintainer section scripts to all other
debhelpers (if any) to also execute
* Add a qubes group and then add the user 'user' to the group
* Remove 'xen.evtchn' udev rule
* Set permissions to /proc/xen/privcmd, so a user in qubes group can
access
* debian: Converted debian package to a quilt package to allow patches
* debian: Refactor Debian quilt packaging for xen
* debian: Remove 'exit 0' in maintainer section scripts to all other
debhelpers (if any) to also execute
* Add a qubes group and then add the user 'user' to the group
* Remove 'xen.evtchn' udev rule
* Set permissions to /proc/xen/privcmd, so a user in qubes group can
access
* debian: Converted debian package to a quilt package to allow patches
* debian: Revert depends back to use libxen-dev
* debian: Move creation of directories into debian.dirs configuration
file
* debian: Remove dist target from Makefile as copy-in is now being
used
* debian: Remove unneeded patch file and README
* Make sure when user is added to qubes group that the group is
appended
[ Marek Marczykowski-Górecki ]
* qrexec: fix compile warning
* debian: reenable -Werror, mentioned warning already fixed
* debian: exclude binary packages from source archive
* updates-proxy: allow xz compressed metadata (fc21)
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Tue, 17 Feb 2015 14:14:16 +0100
qubes-core-agent (3.0.0-1) jessie; urgency=medium
[ Marek Marczykowski-Górecki ]
* Improve handling of .desktop files
* suspend: do not disable network frontend devices
* Handle tabs in /etc/hosts
[ Marek Marczykowski ]
* Update for new vchan API
* spec: add dependencies on vchan package (both R: and BR:)
* load xen-gntalloc module required by libxenvchan
* spec: get backend_vmm from env variable
* rpm: fix typo
* Use Qubes DB instead of Xenstore
* systemd: fix qubes-service handling
* dispvm: restart qubesdb at DispVM start
[ Marek Marczykowski-Górecki ]
* qrexec: remove dom0 targets from makefile
* code style: replace tabs with spaces
* qrexec: new protocol - direct data vchan connections
* Use xenstore.h instead of xs.h
* qrexec: register exec function
* Update repos and keys for Qubes R3
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 22 Nov 2014 16:24:17 +0100
qubes-core-agent (2.1.42) jessie; urgency=medium
* firewall: show error message only on actual error
* Avoid 100MB reserved space in private ext4 partition
* gui-fatal: do not run as root
* fedora: workaround slow system shutdown (#852)
* Rename qubes-yum-proxy service to qubes-updates-proxy
* Rename yum-proxy-setup service to updates-proxy-setup
* updates-proxy: add rules for debian repositories (#887)
* qrexec: check for setuid() error when calling zenity/kdialog
* Use systemd mechanism for loading kernel modules (when available)
* Add missing u2mfn module load
* archlinux: modules-load.d handled now in generic files
* debian: migrate to native systemd services
* updates-proxy-setup: support setting proxy for apt (#887)
* Introduce qubes.SetDateTime service for time synchronization
* systemd: fix 'service' path
* Include /rw in the package
* debian: custom dh_auto_clean no longer needed
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Sat, 25 Oct 2014 01:49:58 +0200
qubes-core-agent (2.1.41) jessie; urgency=medium
[ Marek Marczykowski-Górecki ]
* dispvm: slow down "spinlock" while waiting for save/restore
[ Olivier MEDOC ]
* archlinux: add notification daemon
* archlinux: follow fedora20 qubes agent improvement
* archlinux: follow fedora20 qubes agent improvement
* archlinux: enable/disable services when corresponding packages got
installed
[ Marek Marczykowski-Górecki ]
* network: use the same gateway IP generation method as backend
* Revert "network: use the same gateway IP generation method as
backend"
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Fri, 15 Aug 2014 17:45:15 +0200
qubes-core-agent (2.1.40) jessie; urgency=medium
[ Marek Marczykowski-Górecki ]
* Fix compiler warnings.
* Enable compiler optimization.
* rpm: do not disable abrt-applet autostart
* systemd: relax qubes-sysinit dependencies
* systemd: reexec systemd to ensure right version is running
* rpm: fix notification-daemon setup
* archlinux: do not fail mount /usr/lib/modules if already mounted
* version 2.1.34
* suspend: fix dbus-send invocation
* qubes-rpc: log service stderr to syslog instead of sending to dom0
(#842)
* version 2.1.35
[ Wojciech Zygmunt Porczyk ]
* misc: do not display file preview by default (#813)
[ Vincent Penquerc'h ]
* vm-file-editor: remove temporary file on exit
[ Marek Marczykowski-Górecki ]
* rpm: remove /lib/firmware/updates link
* Hide nm-applet icon earlier (#857)
* Configure only installed programs
* network: setup NM connection when its active in the ProxyVM
* version 2.1.36
* Add --dispvm to qvm-run documentation
* Fix formating
* Do not start nm-applet at all when no NetworkManager running (#857)
* version 2.1.37
* rpm: require generic "desktop-notification-daemon" not a specific
one
* rpm: enable haveged service by default (#673)
* Do not start nm-applet at all when no NetworkManager running -
update (#857)
* rpm: enable/disable services when corresponding packages got
installed
* dispvm: close all windows after apps prerun (#872)
* version 2.1.38
* systemd: do not reexec when not necessary
* version 2.1.39
* rpm: mark config files with %config(noreplace)
[ Davíð Steinn Geirsson ]
* Split install target into install-common and install-rh, and add all
target
* Fix make clean target
* Check for xenstore-read in /usr/sbin as well (default on debian)
* Use xenstore.h instead of xs.h when xen >= 4.2
* Explicitly specify /bin/bash for Makefile SHELL, since it's
required.
* Initial debian packaging
[ Marek Marczykowski-Górecki ]
* debian: update deps
* qrexec: fix loop bounds
* gitignore
* Fix bashism
* gitignore: fix binary packages declaration
* debian: add updates repo definition and key
* debian: fix qfile-unpacker perms
-- Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com> Mon, 28 Jul 2014 02:38:59 +0200
qubes-core-agent (2.1.33) jessie; urgency=low
* Initial Release.
-- Davíð Steinn Geirsson <david@dsg.is> Mon, 21 Apr 2014 01:31:55 +0000