2012-01-31 11:17:09 +01:00
|
|
|
#!/usr/bin/python2.6
|
|
|
|
#
|
|
|
|
# The Qubes OS Project, http://www.qubes-os.org
|
|
|
|
#
|
|
|
|
# Copyright (C) 2012 Agnieszka Kostrzewa <agnieszka.kostrzewa@gmail.com>
|
|
|
|
# Copyright (C) 2012 Marek Marczykowski <marmarek@mimuw.edu.pl>
|
|
|
|
#
|
|
|
|
# This program is free software; you can redistribute it and/or
|
|
|
|
# modify it under the terms of the GNU General Public License
|
|
|
|
# as published by the Free Software Foundation; either version 2
|
|
|
|
# of the License, or (at your option) any later version.
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
# along with this program; if not, write to the Free Software
|
|
|
|
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
|
|
|
|
#
|
|
|
|
#
|
|
|
|
|
|
|
|
import sys
|
|
|
|
import os
|
|
|
|
from PyQt4.QtCore import *
|
|
|
|
from PyQt4.QtGui import *
|
|
|
|
|
|
|
|
from qubes.qubes import QubesVmCollection
|
2012-02-13 13:50:30 +01:00
|
|
|
from qubes.qubes import QubesVmLabels
|
2012-01-31 11:17:09 +01:00
|
|
|
from qubes.qubes import QubesException
|
|
|
|
from qubes.qubes import qubes_appmenu_create_cmd
|
|
|
|
from qubes.qubes import qubes_appmenu_remove_cmd
|
|
|
|
from qubes.qubes import QubesDaemonPidfile
|
|
|
|
from qubes.qubes import QubesHost
|
|
|
|
from qubes.qubes import qrexec_client_path
|
2012-03-12 21:08:32 +01:00
|
|
|
from qubes.qubes import qubes_kernels_base_dir
|
2012-01-31 11:17:09 +01:00
|
|
|
|
|
|
|
import qubesmanager.resources_rc
|
|
|
|
|
|
|
|
from pyinotify import WatchManager, Notifier, ThreadedNotifier, EventsCodes, ProcessEvent
|
|
|
|
|
|
|
|
import subprocess
|
|
|
|
import time
|
|
|
|
import threading
|
|
|
|
from operator import itemgetter
|
2012-03-14 11:54:50 +01:00
|
|
|
from copy import copy
|
2012-01-31 11:17:09 +01:00
|
|
|
|
|
|
|
from ui_settingsdlg import *
|
|
|
|
from multiselectwidget import *
|
2012-02-09 19:47:21 +01:00
|
|
|
from appmenu_select import *
|
2012-02-10 00:30:45 +01:00
|
|
|
from firewall import *
|
2012-01-31 11:17:09 +01:00
|
|
|
|
|
|
|
|
|
|
|
class VMSettingsWindow(Ui_SettingsDialog, QDialog):
|
2012-02-09 19:47:21 +01:00
|
|
|
tabs_indices = {"basic": 0,
|
|
|
|
"advanced": 1,
|
|
|
|
"firewall": 2,
|
|
|
|
"devices": 3,
|
|
|
|
"applications": 4,
|
|
|
|
"services": 5,}
|
|
|
|
|
2012-02-13 13:50:30 +01:00
|
|
|
def __init__(self, vm, app, qvm_collection, init_page="basic", parent=None):
|
2012-01-31 11:17:09 +01:00
|
|
|
super(VMSettingsWindow, self).__init__(parent)
|
|
|
|
|
2012-02-10 00:30:45 +01:00
|
|
|
self.app = app
|
2012-02-13 13:50:30 +01:00
|
|
|
self.qvm_collection = qvm_collection
|
2012-02-10 00:30:45 +01:00
|
|
|
self.vm = vm
|
2012-03-12 12:53:07 +01:00
|
|
|
if self.vm.template:
|
|
|
|
self.source_vm = self.vm.template
|
2012-02-10 00:30:45 +01:00
|
|
|
else:
|
|
|
|
self.source_vm = self.vm
|
|
|
|
|
2012-01-31 11:17:09 +01:00
|
|
|
self.setupUi(self)
|
2012-02-09 19:47:21 +01:00
|
|
|
if init_page in self.tabs_indices:
|
|
|
|
idx = self.tabs_indices[init_page]
|
|
|
|
assert (idx in range(self.tabWidget.count()))
|
|
|
|
self.tabWidget.setCurrentIndex(idx)
|
2012-01-31 11:17:09 +01:00
|
|
|
|
|
|
|
self.connect(self.buttonBox, SIGNAL("accepted()"), self.save_and_apply)
|
|
|
|
self.connect(self.buttonBox, SIGNAL("rejected()"), self.reject)
|
|
|
|
|
2012-02-10 00:30:45 +01:00
|
|
|
self.tabWidget.currentChanged.connect(self.current_tab_changed)
|
|
|
|
|
2012-03-08 15:40:02 +01:00
|
|
|
self.tabWidget.setTabEnabled(self.tabs_indices["applications"], not vm.is_netvm())
|
|
|
|
self.tabWidget.setTabEnabled(self.tabs_indices["firewall"], vm.is_networked() and not (vm.is_netvm() and not vm.is_proxyvm()))
|
|
|
|
|
2012-02-13 13:50:30 +01:00
|
|
|
###### basic tab
|
|
|
|
self.__init_basic_tab__()
|
|
|
|
|
2012-03-12 21:08:32 +01:00
|
|
|
###### advanced tab
|
|
|
|
self.__init_advanced_tab__()
|
|
|
|
|
2012-02-10 00:30:45 +01:00
|
|
|
###### firewall tab
|
2012-03-08 15:40:02 +01:00
|
|
|
if self.tabWidget.isTabEnabled(self.tabs_indices["firewall"]):
|
2012-02-10 00:30:45 +01:00
|
|
|
|
2012-03-08 15:40:02 +01:00
|
|
|
model = QubesFirewallRulesModel()
|
|
|
|
model.set_vm(vm)
|
|
|
|
self.set_fw_model(model)
|
2012-02-10 00:30:45 +01:00
|
|
|
|
2012-03-08 15:40:02 +01:00
|
|
|
self.newRuleButton.clicked.connect(self.new_rule_button_pressed)
|
|
|
|
self.editRuleButton.clicked.connect(self.edit_rule_button_pressed)
|
|
|
|
self.deleteRuleButton.clicked.connect(self.delete_rule_button_pressed)
|
2012-02-10 00:30:45 +01:00
|
|
|
|
|
|
|
####### devices tab
|
2012-03-13 20:06:41 +01:00
|
|
|
self.__init_devices_tab__()
|
2012-02-10 00:30:45 +01:00
|
|
|
|
2012-03-14 11:54:50 +01:00
|
|
|
####### services tab
|
|
|
|
self.__init_services_tab__()
|
|
|
|
self.add_srv_button.clicked.connect(self.__add_service__)
|
|
|
|
self.remove_srv_button.clicked.connect(self.__remove_service__)
|
|
|
|
|
2012-02-10 00:30:45 +01:00
|
|
|
####### apps tab
|
2012-03-08 15:40:02 +01:00
|
|
|
if self.tabWidget.isTabEnabled(self.tabs_indices["applications"]):
|
2012-02-13 13:50:30 +01:00
|
|
|
self.app_list = MultiSelectWidget(self)
|
|
|
|
self.apps_layout.addWidget(self.app_list)
|
|
|
|
self.AppListManager = AppmenuSelectManager(self.vm, self.app_list)
|
2012-01-31 11:17:09 +01:00
|
|
|
|
|
|
|
def reject(self):
|
|
|
|
self.done(0)
|
|
|
|
|
2012-02-09 19:47:21 +01:00
|
|
|
#needed not to close the dialog before applying changes
|
|
|
|
def accept(self):
|
2012-01-31 11:17:09 +01:00
|
|
|
pass
|
|
|
|
|
2012-02-09 19:47:21 +01:00
|
|
|
def save_and_apply(self):
|
|
|
|
thread_monitor = ThreadMonitor()
|
|
|
|
thread = threading.Thread (target=self.__save_changes__, args=(thread_monitor,))
|
|
|
|
thread.daemon = True
|
|
|
|
thread.start()
|
|
|
|
|
|
|
|
progress = QProgressDialog ("Applying settings to <b>{0}</b>...".format(self.vm.name), "", 0, 0)
|
|
|
|
progress.setCancelButton(None)
|
|
|
|
progress.setModal(True)
|
|
|
|
progress.show()
|
|
|
|
|
|
|
|
while not thread_monitor.is_finished():
|
|
|
|
self.app.processEvents()
|
|
|
|
time.sleep (0.1)
|
|
|
|
|
|
|
|
progress.hide()
|
|
|
|
|
|
|
|
if not thread_monitor.success:
|
2012-02-13 13:50:30 +01:00
|
|
|
QMessageBox.warning (None, "Error while changing settings for {0}!", "ERROR: {1}".format(self.vm.name, thread_monitor.error_msg))
|
2012-02-09 19:47:21 +01:00
|
|
|
|
|
|
|
self.done(0)
|
|
|
|
|
|
|
|
def __save_changes__(self, thread_monitor):
|
2012-03-01 22:50:32 +01:00
|
|
|
|
2012-03-12 15:54:16 +01:00
|
|
|
self.qvm_collection.lock_db_for_writing()
|
|
|
|
self.anything_changed = False
|
|
|
|
|
|
|
|
ret = self.__apply_basic_tab__()
|
2012-03-12 21:08:32 +01:00
|
|
|
self.__apply_advanced_tab__()
|
2012-03-13 20:06:41 +01:00
|
|
|
self.__apply_devices_tab__()
|
2012-03-14 11:54:50 +01:00
|
|
|
self.__apply_services_tab__()
|
2012-03-12 15:54:16 +01:00
|
|
|
|
|
|
|
if len(ret) > 0 :
|
|
|
|
thread_monitor.set_error_msg('\n'.join(ret))
|
|
|
|
|
|
|
|
if self.anything_changed == True:
|
|
|
|
self.qvm_collection.save()
|
|
|
|
self.qvm_collection.unlock_db()
|
|
|
|
|
2012-03-08 15:40:02 +01:00
|
|
|
if self.tabWidget.isTabEnabled(self.tabs_indices["firewall"]):
|
2012-03-12 15:54:16 +01:00
|
|
|
self.fw_model.apply_rules(self.policyAllowRadioButton.isChecked(), self.dnsCheckBox.isChecked(), self.icmpCheckBox.isChecked())
|
|
|
|
|
2012-03-08 15:40:02 +01:00
|
|
|
if self.tabWidget.isTabEnabled(self.tabs_indices["applications"]):
|
|
|
|
self.AppListManager.save_appmenu_select_changes()
|
2012-03-01 22:50:32 +01:00
|
|
|
|
2012-02-09 19:47:21 +01:00
|
|
|
thread_monitor.set_finished()
|
2012-03-12 15:54:16 +01:00
|
|
|
|
2012-02-09 19:47:21 +01:00
|
|
|
|
2012-03-01 22:50:32 +01:00
|
|
|
|
2012-02-10 00:30:45 +01:00
|
|
|
def current_tab_changed(self, idx):
|
|
|
|
if idx == self.tabs_indices["firewall"]:
|
2012-03-04 22:02:27 +01:00
|
|
|
if self.vm.netvm is not None and not self.vm.netvm.is_proxyvm():
|
2012-02-10 00:30:45 +01:00
|
|
|
QMessageBox.warning (None, "VM configuration problem!", "The '{0}' AppVM is not network connected to a FirewallVM!<p>".format(self.vm.name) +\
|
|
|
|
"You may edit the '{0}' VM firewall rules, but these will not take any effect until you connect it to a working Firewall VM.".format(self.vm.name))
|
|
|
|
|
|
|
|
|
|
|
|
|
2012-02-13 13:50:30 +01:00
|
|
|
######### basic tab
|
|
|
|
|
|
|
|
def __init_basic_tab__(self):
|
|
|
|
self.vmname.setText(self.vm.name)
|
|
|
|
|
|
|
|
#self.qvm_collection.lock_db_for_reading()
|
|
|
|
#self.qvm_collection.load()
|
|
|
|
#self.qvm_collection.unlock_db()
|
|
|
|
|
|
|
|
self.label_list = QubesVmLabels.values()
|
|
|
|
self.label_list.sort(key=lambda l: l.index)
|
|
|
|
self.label_idx = 0
|
|
|
|
for (i, label) in enumerate(self.label_list):
|
|
|
|
if label == self.vm.label:
|
|
|
|
self.label_idx = i
|
|
|
|
self.vmlabel.insertItem(i, label.name)
|
|
|
|
self.vmlabel.setItemIcon (i, QIcon(label.icon_path))
|
|
|
|
self.vmlabel.setCurrentIndex(self.label_idx)
|
|
|
|
|
2012-03-12 12:53:07 +01:00
|
|
|
if not self.vm.is_template() and self.vm.template is not None:
|
2012-02-13 13:50:30 +01:00
|
|
|
template_vm_list = [vm for vm in self.qvm_collection.values() if not vm.internal and vm.is_template()]
|
2012-03-12 22:06:43 +01:00
|
|
|
self.template_idx = -1
|
|
|
|
|
2012-02-13 13:50:30 +01:00
|
|
|
for (i, vm) in enumerate(template_vm_list):
|
|
|
|
text = vm.name
|
2012-03-12 13:52:42 +01:00
|
|
|
if vm is self.qvm_collection.get_default_template():
|
2012-02-13 13:50:30 +01:00
|
|
|
text += " (default)"
|
2012-03-12 12:53:07 +01:00
|
|
|
if vm.qid == self.vm.template.qid:
|
2012-02-13 13:50:30 +01:00
|
|
|
self.template_idx = i
|
|
|
|
text += " (current)"
|
|
|
|
self.template_name.insertItem(i, text)
|
|
|
|
self.template_name.setCurrentIndex(self.template_idx)
|
|
|
|
else:
|
|
|
|
self.template_name.setEnabled(False)
|
2012-03-12 21:08:32 +01:00
|
|
|
self.template_idx = -1
|
2012-02-13 13:50:30 +01:00
|
|
|
|
2012-03-08 15:40:02 +01:00
|
|
|
|
|
|
|
if (not self.vm.is_netvm() or self.vm.is_proxyvm()):
|
2012-02-13 13:50:30 +01:00
|
|
|
netvm_list = [vm for vm in self.qvm_collection.values() if not vm.internal and vm.is_netvm()]
|
2012-03-08 15:40:02 +01:00
|
|
|
self.netvm_idx = -1
|
2012-03-12 22:06:43 +01:00
|
|
|
|
|
|
|
text = "default ("+self.qvm_collection.get_default_netvm().name+")"
|
|
|
|
if self.vm.uses_default_netvm:
|
|
|
|
text += " (current)"
|
|
|
|
self.netvm_idx = 0
|
|
|
|
self.netVM.insertItem(0, text)
|
|
|
|
|
2012-02-13 13:50:30 +01:00
|
|
|
for (i, vm) in enumerate(netvm_list):
|
|
|
|
text = vm.name
|
2012-03-12 22:06:43 +01:00
|
|
|
if self.vm.netvm is not None and vm.qid == self.vm.netvm.qid and not self.vm.uses_default_netvm:
|
|
|
|
self.netvm_idx = i+1
|
2012-02-13 13:50:30 +01:00
|
|
|
text += " (current)"
|
2012-03-12 22:06:43 +01:00
|
|
|
self.netVM.insertItem(i+1, text)
|
|
|
|
|
2012-03-08 15:40:02 +01:00
|
|
|
none_text = "none"
|
|
|
|
if self.vm.netvm is None:
|
|
|
|
none_text += " (current)"
|
2012-03-12 22:06:43 +01:00
|
|
|
self.netvm_idx = len(netvm_list)+1
|
|
|
|
self.netVM.insertItem(len(netvm_list)+1, none_text)
|
|
|
|
|
2012-02-13 13:50:30 +01:00
|
|
|
self.netVM.setCurrentIndex(self.netvm_idx)
|
|
|
|
else:
|
|
|
|
self.netVM.setEnabled(False)
|
2012-03-12 21:08:32 +01:00
|
|
|
self.netvm_idx = -1
|
2012-02-13 13:50:30 +01:00
|
|
|
|
2012-03-07 20:42:18 +01:00
|
|
|
self.include_in_backups.setChecked(self.vm.include_in_backups)
|
|
|
|
|
|
|
|
#type
|
|
|
|
self.type_label.setText(self.vm.type)
|
|
|
|
|
|
|
|
#installed by rpm
|
|
|
|
text = "Yes" if self.vm.installed_by_rpm == True else "No"
|
|
|
|
self.rpm_label.setText(text)
|
|
|
|
|
2012-03-09 08:43:42 +01:00
|
|
|
#networking info
|
|
|
|
if self.vm.is_networked():
|
|
|
|
self.networking_groupbox.setEnabled(True);
|
|
|
|
self.ip_label.setText(self.vm.ip if self.vm.ip is not None else "none")
|
|
|
|
self.netmask_label.setText(self.vm.netmask if self.vm.netmask is not None else "none")
|
|
|
|
self.gateway_label.setText(self.vm.gateway if self.vm.gateway is not None else "none")
|
|
|
|
else:
|
|
|
|
self.networking_groupbox.setEnabled(False);
|
|
|
|
|
2012-03-14 12:51:11 +01:00
|
|
|
#max priv storage
|
|
|
|
self.priv_img_size = self.vm.get_private_img_sz()/1024/1024
|
|
|
|
self.max_priv_storage.setMinimum(self.priv_img_size)
|
|
|
|
self.max_priv_storage.setValue(self.priv_img_size)
|
2012-03-09 08:43:42 +01:00
|
|
|
|
2012-02-13 13:50:30 +01:00
|
|
|
|
|
|
|
def __apply_basic_tab__(self):
|
|
|
|
msg = []
|
|
|
|
|
|
|
|
# vmname changed
|
|
|
|
vmname = str(self.vmname.text())
|
|
|
|
if self.vm.name != vmname:
|
2012-03-01 22:50:32 +01:00
|
|
|
if self.vm.is_running():
|
|
|
|
msg.append("Can't change name of a running VM.")
|
|
|
|
elif self.qvm_collection.get_vm_by_name(vmname) is not None:
|
2012-03-12 15:54:16 +01:00
|
|
|
msg.append("Can't change VM name - a VM named <b>{0}</b> already exists in the system!".format(vmname))
|
2012-02-13 13:50:30 +01:00
|
|
|
else:
|
|
|
|
oldname = self.vm.name
|
|
|
|
try:
|
|
|
|
self.vm.set_name(vmname)
|
2012-03-12 15:54:16 +01:00
|
|
|
self.anything_changed = True
|
2012-02-13 13:50:30 +01:00
|
|
|
except Exception as ex:
|
|
|
|
msg.append(str(ex))
|
2012-03-12 15:54:16 +01:00
|
|
|
|
2012-02-13 13:50:30 +01:00
|
|
|
#vm label changed
|
|
|
|
if self.vmlabel.currentIndex() != self.label_idx:
|
2012-03-12 15:54:16 +01:00
|
|
|
label = self.label_list[self.vmlabel.currentIndex()]
|
|
|
|
self.vm.label = label
|
|
|
|
self.anything_changed = True
|
2012-02-13 13:50:30 +01:00
|
|
|
|
2012-03-07 17:03:19 +01:00
|
|
|
#vm template changed
|
|
|
|
if self.template_name.currentIndex() != self.template_idx:
|
|
|
|
new_template_name = self.template_name.currentText()
|
|
|
|
new_template_name = new_template_name.split(' ')[0]
|
|
|
|
template_vm = self.qvm_collection.get_vm_by_name(new_template_name)
|
|
|
|
assert (template_vm is not None and template_vm.qid in self.qvm_collection)
|
|
|
|
assert template_vm.is_template()
|
2012-03-12 12:53:07 +01:00
|
|
|
self.vm.template = template_vm
|
2012-03-12 15:54:16 +01:00
|
|
|
self.anything_changed = True
|
2012-02-13 13:50:30 +01:00
|
|
|
|
2012-03-07 18:15:59 +01:00
|
|
|
#vm netvm changed
|
|
|
|
if self.netVM.currentIndex() != self.netvm_idx:
|
|
|
|
new_netvm_name = self.netVM.currentText()
|
|
|
|
new_netvm_name = new_netvm_name.split(' ')[0]
|
2012-03-12 22:06:43 +01:00
|
|
|
|
|
|
|
uses_default_netvm = False
|
|
|
|
|
|
|
|
if new_netvm_name == "default":
|
|
|
|
new_netvm_name = self.qvm_collection.get_default_netvm().name
|
|
|
|
uses_default_netvm = True
|
|
|
|
|
|
|
|
if new_netvm_name == "none":
|
|
|
|
netvm = None
|
|
|
|
else:
|
|
|
|
netvm = self.qvm_collection.get_vm_by_name(new_netvm_name)
|
|
|
|
assert (netvm is None or (netvm is not None and netvm.qid in self.qvm_collection and netvm.is_netvm()))
|
|
|
|
|
2012-03-12 15:54:16 +01:00
|
|
|
self.vm.netvm = netvm
|
2012-03-12 22:06:43 +01:00
|
|
|
self.vm.uses_default_netvm = uses_default_netvm
|
2012-03-12 15:54:16 +01:00
|
|
|
self.anything_changed = True
|
2012-03-07 20:42:18 +01:00
|
|
|
|
|
|
|
#include in backups
|
2012-03-12 15:54:16 +01:00
|
|
|
if self.vm.include_in_backups != self.include_in_backups.isChecked():
|
|
|
|
self.vm.include_in_backups = self.include_in_backups.isChecked()
|
2012-03-07 18:15:59 +01:00
|
|
|
|
2012-03-14 12:51:11 +01:00
|
|
|
#max priv storage
|
|
|
|
priv_size = self.max_priv_storage.value()
|
|
|
|
if self.priv_img_size != priv_size:
|
|
|
|
try:
|
|
|
|
self.vm.resize_private_img(priv_size*1024*1024)
|
|
|
|
self.anything_changed = True
|
|
|
|
except Exception as ex:
|
|
|
|
msg.append(str(ex))
|
|
|
|
|
2012-03-07 21:21:14 +01:00
|
|
|
|
2012-03-07 18:15:59 +01:00
|
|
|
return msg
|
2012-03-12 21:08:32 +01:00
|
|
|
|
|
|
|
|
|
|
|
######### advanced tab
|
|
|
|
|
|
|
|
def __init_advanced_tab__(self):
|
|
|
|
|
2012-03-13 22:05:50 +01:00
|
|
|
#mem/cpu
|
2012-03-14 12:51:11 +01:00
|
|
|
self.init_mem.setValue(int(self.vm.memory))
|
|
|
|
self.init_mem.setMaximum(int(self.vm.maxmem))
|
2012-03-13 22:05:50 +01:00
|
|
|
|
|
|
|
self.max_mem_size.setValue(int(self.vm.maxmem))
|
|
|
|
self.max_mem_size.setMaximum(QubesHost().memory_total/1024)
|
|
|
|
|
|
|
|
self.vcpus.setMinimum(1);
|
|
|
|
self.vcpus.setMaximum(QubesHost().no_cpus)
|
|
|
|
self.vcpus.setValue(int(self.vm.vcpus))
|
|
|
|
|
|
|
|
self.include_in_balancing.setChecked('meminfo-writer' in self.vm.services and self.vm.services['meminfo-writer']==True)
|
|
|
|
|
2012-03-12 21:08:32 +01:00
|
|
|
#kernel
|
|
|
|
if self.vm.template is not None:
|
|
|
|
text = self.vm.kernel
|
|
|
|
self.kernel.insertItem(0, text)
|
|
|
|
self.kernel.setEnabled(False)
|
|
|
|
self.kernel_idx = 0
|
|
|
|
else:
|
|
|
|
text = "default (" + self.qvm_collection.get_default_kernel() +")"
|
|
|
|
kernel_list = [text]
|
|
|
|
for k in os.listdir(qubes_kernels_base_dir):
|
|
|
|
kernel_list.append(k)
|
|
|
|
kernel_list.append("none")
|
|
|
|
|
|
|
|
self.kernel_idx = 0
|
|
|
|
|
|
|
|
for (i, k) in enumerate(kernel_list):
|
|
|
|
text = k
|
|
|
|
if (text.startswith("default") and self.vm.uses_default_kernel) or ( self.vm.kernel == k and not self.vm.uses_default_kernel) or (k=="none" and self.vm.kernel==None):
|
|
|
|
text += " (current)"
|
|
|
|
self.kernel_idx = i
|
|
|
|
self.kernel.insertItem(i,text)
|
|
|
|
self.kernel.setCurrentIndex(self.kernel_idx)
|
|
|
|
|
|
|
|
#kernel opts
|
|
|
|
if self.vm.uses_default_kernelopts:
|
|
|
|
self.kernel_opts.setText(self.vm.kernelopts + " (default)")
|
|
|
|
else:
|
|
|
|
self.kernel_opts.setText(self.vm.kernelopts)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
#paths
|
|
|
|
self.dir_path.setText(self.vm.dir_path)
|
|
|
|
self.config_path.setText(self.vm.conf_file)
|
|
|
|
if self.vm.template is not None:
|
|
|
|
self.root_img_path.setText(self.vm.template.root_img)
|
|
|
|
else:
|
|
|
|
self.root_img_path.setText("n/a")
|
|
|
|
self.volatile_img_path.setText(self.vm.volatile_img)
|
|
|
|
self.private_img_path.setText(self.vm.private_img)
|
|
|
|
|
|
|
|
def __apply_advanced_tab__(self):
|
|
|
|
|
2012-03-13 22:05:50 +01:00
|
|
|
#mem/cpu
|
2012-03-14 12:51:11 +01:00
|
|
|
if self.init_mem.value() != int(self.vm.memory):
|
|
|
|
self.vm.memory = self.init_mem.value()
|
|
|
|
self.anything_changed = True
|
|
|
|
|
2012-03-13 22:05:50 +01:00
|
|
|
if self.max_mem_size.value() != int(self.vm.maxmem):
|
|
|
|
self.vm.maxmem = self.max_mem_size.value()
|
|
|
|
self.anything_changed = True
|
|
|
|
|
|
|
|
if self.vcpus.value() != int(self.vm.vcpus):
|
|
|
|
self.vm.vcpus = self.vcpus.value()
|
|
|
|
self.anything_changed = True
|
|
|
|
|
|
|
|
balancing_was_checked = ('meminfo-writer' in self.vm.services and self.vm.services['meminfo-writer']==True)
|
|
|
|
if self.include_in_balancing.isChecked() != balancing_was_checked:
|
2012-03-14 11:54:50 +01:00
|
|
|
self.new_srv_dict['meminfo-writer'] = self.include_in_balancing.isChecked()
|
2012-03-13 22:05:50 +01:00
|
|
|
self.anything_changed = True
|
|
|
|
|
2012-03-12 21:08:32 +01:00
|
|
|
#kernel changed
|
|
|
|
if self.kernel.currentIndex() != self.kernel_idx:
|
|
|
|
new_kernel = self.kernel.currentText()
|
|
|
|
new_kernel = new_kernel.split(' ')[0]
|
|
|
|
if(new_kernel == "default"):
|
|
|
|
kernel = self.qvm_collection.get_default_kernel()
|
|
|
|
self.vm.uses_default_kernel = True
|
|
|
|
elif(new_kernel == "none"):
|
|
|
|
kernel = None
|
|
|
|
self.vm.uses_default_kernel = False;
|
|
|
|
else:
|
2012-03-15 00:19:47 +01:00
|
|
|
kernel = new_kernel
|
2012-03-12 21:08:32 +01:00
|
|
|
self.vm.uses_default_kernel = False;
|
|
|
|
|
|
|
|
self.vm.kernel = kernel
|
|
|
|
self.anything_changed = True
|
|
|
|
|
2012-03-13 20:06:41 +01:00
|
|
|
######## devices tab
|
|
|
|
def __init_devices_tab__(self):
|
|
|
|
self.dev_list = MultiSelectWidget(self)
|
|
|
|
self.devices_layout.addWidget(self.dev_list)
|
|
|
|
|
|
|
|
devs = []
|
|
|
|
lspci = subprocess.Popen(["lspci",], stdout = subprocess.PIPE)
|
|
|
|
for dev in lspci.stdout:
|
|
|
|
devs.append( (dev.rstrip(), dev.split(' ')[0]) )
|
|
|
|
|
|
|
|
class DevListWidgetItem(QListWidgetItem):
|
|
|
|
def __init__(self, name, slot, parent = None):
|
|
|
|
super(DevListWidgetItem, self).__init__(name, parent)
|
|
|
|
self.slot = slot
|
|
|
|
|
|
|
|
for d in devs:
|
|
|
|
if d[1] in self.vm.pcidevs:
|
|
|
|
self.dev_list.selected_list.addItem( DevListWidgetItem(d[0], d[1]))
|
|
|
|
else:
|
|
|
|
self.dev_list.available_list.addItem( DevListWidgetItem(d[0], d[1]))
|
|
|
|
|
|
|
|
|
|
|
|
def __apply_devices_tab__(self):
|
|
|
|
sth_changed = False
|
|
|
|
added = []
|
|
|
|
|
|
|
|
for i in range(self.dev_list.selected_list.count()):
|
|
|
|
item = self.dev_list.selected_list.item(i)
|
|
|
|
if item.slot not in self.vm.pcidevs:
|
|
|
|
added.append(item)
|
|
|
|
|
|
|
|
if self.dev_list.selected_list.count() - len(added) < len(self.vm.pcidevs): #sth removed
|
|
|
|
sth_changed = True;
|
|
|
|
elif len(added) > 0:
|
|
|
|
sth_changed = True;
|
|
|
|
|
|
|
|
if sth_changed == True:
|
|
|
|
pcidevs = []
|
|
|
|
for i in range(self.dev_list.selected_list.count()):
|
|
|
|
slot = self.dev_list.selected_list.item(i).slot
|
|
|
|
pcidevs.append(slot)
|
|
|
|
self.vm.pcidevs = pcidevs
|
|
|
|
self.anything_changed = True
|
|
|
|
|
2012-03-14 11:54:50 +01:00
|
|
|
|
|
|
|
######## services tab
|
|
|
|
|
|
|
|
def __init_services_tab__(self):
|
|
|
|
for srv in self.vm.services:
|
|
|
|
item = QListWidgetItem(srv)
|
|
|
|
if self.vm.services[srv] == True:
|
|
|
|
item.setCheckState(QtCore.Qt.Checked)
|
|
|
|
else:
|
|
|
|
item.setCheckState(QtCore.Qt.Unchecked)
|
|
|
|
self.services_list.addItem(item)
|
|
|
|
self.new_srv_dict = copy(self.vm.services)
|
|
|
|
|
|
|
|
def __add_service__(self):
|
|
|
|
srv = str(self.service_line_edit.text()).strip()
|
|
|
|
if srv != "" and srv not in self.new_srv_dict:
|
|
|
|
item = QListWidgetItem(srv)
|
|
|
|
item.setCheckState(QtCore.Qt.Checked)
|
|
|
|
self.services_list.addItem(item)
|
|
|
|
self.new_srv_dict[srv] = True
|
|
|
|
|
|
|
|
def __remove_service__(self):
|
|
|
|
row = self.services_list.currentRow()
|
|
|
|
if row:
|
|
|
|
item = self.services_list.takeItem(row)
|
|
|
|
print item.text()
|
|
|
|
del self.new_srv_dict[str(item.text())]
|
|
|
|
|
|
|
|
def __apply_services_tab__(self):
|
|
|
|
new_dict = {}
|
|
|
|
for r in range (self.services_list.count()):
|
|
|
|
item = self.services_list.item(r)
|
|
|
|
self.new_srv_dict[str(item.text())] = (item.checkState() == QtCore.Qt.Checked)
|
2012-03-13 20:06:41 +01:00
|
|
|
|
2012-03-14 11:54:50 +01:00
|
|
|
if self.new_srv_dict != self.vm.services:
|
|
|
|
self.vm.services = self.new_srv_dict
|
|
|
|
self.anything_changed = True
|
|
|
|
|
|
|
|
|
2012-02-10 00:30:45 +01:00
|
|
|
######### firewall tab related
|
|
|
|
|
|
|
|
def set_fw_model(self, model):
|
|
|
|
self.fw_model = model
|
|
|
|
self.rulesTreeView.setModel(model)
|
|
|
|
self.rulesTreeView.header().setResizeMode(QHeaderView.ResizeToContents)
|
|
|
|
self.rulesTreeView.header().setResizeMode(0, QHeaderView.Stretch)
|
|
|
|
self.set_allow(model.allow)
|
|
|
|
self.dnsCheckBox.setChecked(model.allowDns)
|
|
|
|
self.icmpCheckBox.setChecked(model.allowIcmp)
|
|
|
|
|
|
|
|
def set_allow(self, allow):
|
|
|
|
self.policyAllowRadioButton.setChecked(allow)
|
|
|
|
self.policyDenyRadioButton.setChecked(not allow)
|
2012-03-12 15:54:16 +01:00
|
|
|
|
2012-02-10 00:30:45 +01:00
|
|
|
def new_rule_button_pressed(self):
|
|
|
|
dialog = NewFwRuleDlg()
|
|
|
|
self.run_rule_dialog(dialog)
|
|
|
|
|
|
|
|
def edit_rule_button_pressed(self):
|
|
|
|
dialog = NewFwRuleDlg()
|
|
|
|
dialog.set_ok_enabled(True)
|
|
|
|
selected = self.rulesTreeView.selectedIndexes()
|
|
|
|
if len(selected) > 0:
|
|
|
|
row = self.rulesTreeView.selectedIndexes().pop().row()
|
|
|
|
address = self.fw_model.get_column_string(0, row).replace(' ', '')
|
|
|
|
dialog.addressComboBox.setItemText(0, address)
|
|
|
|
dialog.addressComboBox.setCurrentIndex(0)
|
|
|
|
service = self.fw_model.get_column_string(1, row)
|
2012-03-04 17:36:25 +01:00
|
|
|
if service == "any":
|
|
|
|
service = ""
|
2012-02-10 00:30:45 +01:00
|
|
|
dialog.serviceComboBox.setItemText(0, service)
|
|
|
|
dialog.serviceComboBox.setCurrentIndex(0)
|
2012-03-04 17:36:25 +01:00
|
|
|
protocol = self.fw_model.get_column_string(2, row)
|
|
|
|
if protocol == "tcp":
|
|
|
|
dialog.tcp_radio.setChecked(True)
|
|
|
|
elif protocol == "udp":
|
|
|
|
dialog.udp_radio.setChecked(True)
|
|
|
|
else:
|
|
|
|
dialog.any_radio.setChecked(True)
|
|
|
|
|
2012-02-10 00:30:45 +01:00
|
|
|
self.run_rule_dialog(dialog, row)
|
|
|
|
|
|
|
|
def delete_rule_button_pressed(self):
|
|
|
|
for i in set([index.row() for index in self.rulesTreeView.selectedIndexes()]):
|
|
|
|
self.fw_model.removeChild(i)
|
2012-03-12 15:54:16 +01:00
|
|
|
self.fw_model.fw_changed = True
|
2012-02-10 00:30:45 +01:00
|
|
|
|
|
|
|
def run_rule_dialog(self, dialog, row = None):
|
|
|
|
if dialog.exec_():
|
|
|
|
address = str(dialog.addressComboBox.currentText())
|
|
|
|
service = str(dialog.serviceComboBox.currentText())
|
|
|
|
port = None
|
|
|
|
port2 = None
|
|
|
|
|
|
|
|
unmask = address.split("/", 1)
|
|
|
|
if len(unmask) == 2:
|
|
|
|
address = unmask[0]
|
|
|
|
netmask = int(unmask[1])
|
|
|
|
else:
|
|
|
|
netmask = 32
|
|
|
|
|
|
|
|
if address == "*":
|
|
|
|
address = "0.0.0.0"
|
|
|
|
netmask = 0
|
|
|
|
|
2012-03-04 17:36:25 +01:00
|
|
|
if dialog.any_radio.isChecked():
|
|
|
|
protocol = "any"
|
|
|
|
port = 0
|
|
|
|
else:
|
|
|
|
if dialog.tcp_radio.isChecked():
|
|
|
|
protocol = "tcp"
|
|
|
|
elif dialog.udp_radio.isChecked():
|
|
|
|
protocol = "udp"
|
|
|
|
|
|
|
|
try:
|
|
|
|
range = service.split("-", 1)
|
|
|
|
if len(range) == 2:
|
|
|
|
port = int(range[0])
|
|
|
|
port2 = int(range[1])
|
|
|
|
else:
|
|
|
|
port = int(service)
|
|
|
|
except (TypeError, ValueError) as ex:
|
|
|
|
port = self.fw_model.get_service_port(service)
|
2012-02-10 00:30:45 +01:00
|
|
|
|
|
|
|
if port is not None:
|
|
|
|
if port2 is not None and port2 <= port:
|
|
|
|
QMessageBox.warning(None, "Invalid service ports range", "Port {0} is lower than port {1}.".format(port2, port))
|
|
|
|
else:
|
2012-03-04 17:36:25 +01:00
|
|
|
item = QubesFirewallRuleItem(address, netmask, port, port2, protocol)
|
2012-02-10 00:30:45 +01:00
|
|
|
if row is not None:
|
|
|
|
self.fw_model.setChild(row, item)
|
2012-03-12 15:54:16 +01:00
|
|
|
self.fw_model.fw_changed = True
|
2012-02-10 00:30:45 +01:00
|
|
|
else:
|
|
|
|
self.fw_model.appendChild(item)
|
2012-03-12 15:54:16 +01:00
|
|
|
self.fw_model.fw_changed = True
|
2012-02-10 00:30:45 +01:00
|
|
|
else:
|
|
|
|
QMessageBox.warning(None, "Invalid service name", "Service '{0} is unknown.".format(service))
|
|
|
|
|
2012-02-09 19:47:21 +01:00
|
|
|
|
2012-01-31 11:17:09 +01:00
|
|
|
# Bases on the original code by:
|
|
|
|
# Copyright (c) 2002-2007 Pascal Varet <p.varet@gmail.com>
|
|
|
|
|
|
|
|
def handle_exception( exc_type, exc_value, exc_traceback ):
|
|
|
|
import sys
|
|
|
|
import os.path
|
|
|
|
import traceback
|
|
|
|
|
|
|
|
filename, line, dummy, dummy = traceback.extract_tb( exc_traceback ).pop()
|
|
|
|
filename = os.path.basename( filename )
|
|
|
|
error = "%s: %s" % ( exc_type.__name__, exc_value )
|
|
|
|
|
2012-03-14 14:00:49 +01:00
|
|
|
strace = ""
|
|
|
|
stacktrace = traceback.extract_tb( exc_traceback )
|
|
|
|
while len(stacktrace) > 0:
|
|
|
|
(filename, line, func, txt) = stacktrace.pop()
|
|
|
|
strace += "----\n"
|
|
|
|
strace += "line: %s\n" %txt
|
|
|
|
strace += "func: %s\n" %func
|
|
|
|
strace += "line no.: %d\n" %line
|
|
|
|
strace += "file: %s\n" %filename
|
|
|
|
|
|
|
|
msg_box = QMessageBox()
|
|
|
|
msg_box.setDetailedText(strace)
|
|
|
|
msg_box.setIcon(QMessageBox.Critical)
|
|
|
|
msg_box.setWindowTitle( "Houston, we have a problem...")
|
|
|
|
msg_box.setText("Whoops. A critical error has occured. This is most likely a bug "
|
|
|
|
"in Qubes Manager.<br><br>"
|
|
|
|
"<b><i>%s</i></b>" % error +
|
|
|
|
"<br/>at line <b>%d</b><br/>of file %s.<br/><br/>"
|
|
|
|
% ( line, filename ))
|
|
|
|
|
|
|
|
msg_box.exec_()
|
2012-01-31 11:17:09 +01:00
|
|
|
|
|
|
|
|
|
|
|
def main():
|
|
|
|
|
|
|
|
global qubes_host
|
|
|
|
qubes_host = QubesHost()
|
|
|
|
|
|
|
|
global app
|
|
|
|
app = QApplication(sys.argv)
|
|
|
|
app.setOrganizationName("The Qubes Project")
|
|
|
|
app.setOrganizationDomain("http://qubes-os.org")
|
|
|
|
app.setApplicationName("Qubes VM Settings")
|
|
|
|
|
|
|
|
sys.excepthook = handle_exception
|
|
|
|
|
|
|
|
qvm_collection = QubesVmCollection()
|
|
|
|
qvm_collection.lock_db_for_reading()
|
|
|
|
qvm_collection.load()
|
|
|
|
qvm_collection.unlock_db()
|
|
|
|
|
|
|
|
vm = None
|
|
|
|
|
|
|
|
if len(sys.argv) > 1:
|
|
|
|
vm = qvm_collection.get_vm_by_name(sys.argv[1])
|
|
|
|
if vm is None or vm.qid not in qvm_collection:
|
|
|
|
QMessageBox.critical(None, "Qubes VM Settings Error",
|
|
|
|
"A VM with the name '{0}' does not exist in the system.".format(sys.argv[1]))
|
|
|
|
sys.exit(1)
|
|
|
|
else:
|
|
|
|
vms_list = [vm.name for vm in qvm_collection.values() if (vm.is_appvm() or vm.is_template())]
|
|
|
|
vmname = QInputDialog.getItem(None, "Select VM", "Select VM:", vms_list, editable = False)
|
|
|
|
if not vmname[1]:
|
|
|
|
sys.exit(1)
|
|
|
|
vm = qvm_collection.get_vm_by_name(vmname[0])
|
|
|
|
|
2012-02-09 19:47:21 +01:00
|
|
|
|
2012-01-31 11:17:09 +01:00
|
|
|
global settings_window
|
2012-02-13 13:50:30 +01:00
|
|
|
settings_window = VMSettingsWindow(vm, app, qvm_collection, "basic")
|
2012-01-31 11:17:09 +01:00
|
|
|
|
|
|
|
settings_window.show()
|
|
|
|
|
|
|
|
app.exec_()
|
|
|
|
app.exit()
|
|
|
|
|
|
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
|
main()
|