Merge remote-tracking branch 'origin/pr/172'
* origin/pr/172: Say which repository caused the error in warnings Only make qrexec calls when necessary Squash more PyLint warnings Decode stderr in repo qrexec calls Fix error handling Fix `self` being undefined when showing warnings Only apply repo preferences when "OK" is clicked Don't use asserts for error handling Check that repo management succeeded Remove unnecessary assert Squash some PyLint warnings Add UI for managing Qubes update repositories Fix typo Fixes QubesOS/qubes-issues#4550
This commit is contained in:
commit
1edf363efe
@ -24,6 +24,7 @@ import sys
|
|||||||
import os
|
import os
|
||||||
import os.path
|
import os.path
|
||||||
import traceback
|
import traceback
|
||||||
|
import subprocess
|
||||||
from PyQt5 import QtWidgets # pylint: disable=import-error
|
from PyQt5 import QtWidgets # pylint: disable=import-error
|
||||||
|
|
||||||
from qubesadmin import Qubes
|
from qubesadmin import Qubes
|
||||||
@ -36,6 +37,21 @@ from configparser import ConfigParser
|
|||||||
|
|
||||||
qmemman_config_path = '/etc/qubes/qmemman.conf'
|
qmemman_config_path = '/etc/qubes/qmemman.conf'
|
||||||
|
|
||||||
|
def _run_qrexec_repo(service, arg=''):
|
||||||
|
# Fake up a "qrexec call" to dom0 because dom0 can't qrexec to itself yet
|
||||||
|
cmd = '/etc/qubes-rpc/' + service
|
||||||
|
p = subprocess.run(
|
||||||
|
['sudo', cmd, arg],
|
||||||
|
stdout=subprocess.PIPE,
|
||||||
|
stderr=subprocess.PIPE
|
||||||
|
)
|
||||||
|
if p.stderr:
|
||||||
|
raise RuntimeError('qrexec call stderr was not empty',
|
||||||
|
{'stderr': p.stderr.decode('utf-8')})
|
||||||
|
if p.returncode != 0:
|
||||||
|
raise RuntimeError('qrexec call exited with non-zero return code',
|
||||||
|
{'returncode': p.returncode})
|
||||||
|
return p.stdout.decode('utf-8')
|
||||||
|
|
||||||
# pylint: disable=too-many-instance-attributes
|
# pylint: disable=too-many-instance-attributes
|
||||||
class GlobalSettingsWindow(ui_globalsettingsdlg.Ui_GlobalSettings,
|
class GlobalSettingsWindow(ui_globalsettingsdlg.Ui_GlobalSettings,
|
||||||
@ -102,7 +118,7 @@ class GlobalSettingsWindow(ui_globalsettingsdlg.Ui_GlobalSettings,
|
|||||||
)
|
)
|
||||||
|
|
||||||
def __apply_system_defaults__(self):
|
def __apply_system_defaults__(self):
|
||||||
# upatevm
|
# updatevm
|
||||||
if self.qvm_collection.updatevm != \
|
if self.qvm_collection.updatevm != \
|
||||||
self.update_vm_vmlist[self.update_vm_combo.currentIndex()]:
|
self.update_vm_vmlist[self.update_vm_combo.currentIndex()]:
|
||||||
self.qvm_collection.updatevm = \
|
self.qvm_collection.updatevm = \
|
||||||
@ -231,7 +247,6 @@ class GlobalSettingsWindow(ui_globalsettingsdlg.Ui_GlobalSettings,
|
|||||||
qmemman_config_file.close()
|
qmemman_config_file.close()
|
||||||
|
|
||||||
def __init_updates__(self):
|
def __init_updates__(self):
|
||||||
|
|
||||||
# TODO: remove workaround when it is no longer needed
|
# TODO: remove workaround when it is no longer needed
|
||||||
self.dom0_updates_file_path = '/var/lib/qubes/updates/disable-updates'
|
self.dom0_updates_file_path = '/var/lib/qubes/updates/disable-updates'
|
||||||
|
|
||||||
@ -248,6 +263,40 @@ class GlobalSettingsWindow(ui_globalsettingsdlg.Ui_GlobalSettings,
|
|||||||
self.enable_updates_all.clicked.connect(self.__enable_updates_all)
|
self.enable_updates_all.clicked.connect(self.__enable_updates_all)
|
||||||
self.disable_updates_all.clicked.connect(self.__disable_updates_all)
|
self.disable_updates_all.clicked.connect(self.__disable_updates_all)
|
||||||
|
|
||||||
|
self.repos = repos = dict()
|
||||||
|
for i in _run_qrexec_repo('qubes.repos.List').split('\n'):
|
||||||
|
lst = i.split('\0')
|
||||||
|
# Keyed by repo name
|
||||||
|
dct = repos[lst[0]] = dict()
|
||||||
|
dct['prettyname'] = lst[1]
|
||||||
|
dct['enabled'] = lst[2] == 'enabled'
|
||||||
|
|
||||||
|
if repos['qubes-dom0-unstable']['enabled']:
|
||||||
|
self.dom0_updates_repo.setCurrentIndex(3)
|
||||||
|
elif repos['qubes-dom0-current-testing']['enabled']:
|
||||||
|
self.dom0_updates_repo.setCurrentIndex(2)
|
||||||
|
elif repos['qubes-dom0-security-testing']['enabled']:
|
||||||
|
self.dom0_updates_repo.setCurrentIndex(1)
|
||||||
|
elif repos['qubes-dom0-current']['enabled']:
|
||||||
|
self.dom0_updates_repo.setCurrentIndex(0)
|
||||||
|
else:
|
||||||
|
raise Exception('Cannot detect enabled dom0 update repositories')
|
||||||
|
|
||||||
|
if repos['qubes-templates-itl-testing']['enabled']:
|
||||||
|
self.itl_tmpl_updates_repo.setCurrentIndex(1)
|
||||||
|
elif repos['qubes-templates-itl']['enabled']:
|
||||||
|
self.itl_tmpl_updates_repo.setCurrentIndex(0)
|
||||||
|
else:
|
||||||
|
raise Exception('Cannot detect enabled ITL template update '
|
||||||
|
'repositories')
|
||||||
|
|
||||||
|
if repos['qubes-templates-community-testing']['enabled']:
|
||||||
|
self.comm_tmpl_updates_repo.setCurrentIndex(2)
|
||||||
|
elif repos['qubes-templates-community']['enabled']:
|
||||||
|
self.comm_tmpl_updates_repo.setCurrentIndex(1)
|
||||||
|
else:
|
||||||
|
self.comm_tmpl_updates_repo.setCurrentIndex(0)
|
||||||
|
|
||||||
def __enable_updates_all(self):
|
def __enable_updates_all(self):
|
||||||
reply = QtWidgets.QMessageBox.question(
|
reply = QtWidgets.QMessageBox.question(
|
||||||
self, self.tr("Change state of all qubes"),
|
self, self.tr("Change state of all qubes"),
|
||||||
@ -284,6 +333,68 @@ class GlobalSettingsWindow(ui_globalsettingsdlg.Ui_GlobalSettings,
|
|||||||
if self.qvm_collection.check_updates_vm != self.updates_vm.isChecked():
|
if self.qvm_collection.check_updates_vm != self.updates_vm.isChecked():
|
||||||
self.qvm_collection.check_updates_vm = self.updates_vm.isChecked()
|
self.qvm_collection.check_updates_vm = self.updates_vm.isChecked()
|
||||||
|
|
||||||
|
def _manage_repos(self, repolist, action):
|
||||||
|
for name in repolist:
|
||||||
|
if self.repos[name]['enabled'] and action == 'Enable' or \
|
||||||
|
not self.repos[name]['enabled'] and action == 'Disable':
|
||||||
|
continue
|
||||||
|
|
||||||
|
try:
|
||||||
|
result = _run_qrexec_repo('qubes.repos.' + action, name)
|
||||||
|
if result != 'ok\n':
|
||||||
|
raise RuntimeError(
|
||||||
|
'qrexec call stdout did not contain "ok" as expected',
|
||||||
|
{'stdout': result})
|
||||||
|
except RuntimeError as ex:
|
||||||
|
msg = '{desc}; {args}'.format(desc=ex.args[0], args=', '.join(
|
||||||
|
# This is kind of hard to mentally parse but really all
|
||||||
|
# it does is pretty-print args[1], which is a dictionary
|
||||||
|
['{key}: {val}'.format(key=i[0], val=i[1]) for i in
|
||||||
|
ex.args[1].items()]
|
||||||
|
))
|
||||||
|
QtWidgets.QMessageBox.warning(
|
||||||
|
None,
|
||||||
|
self.tr("ERROR!"),
|
||||||
|
self.tr("Error managing {repo} repository settings:"
|
||||||
|
" {msg}".format(repo=name, msg=msg)))
|
||||||
|
|
||||||
|
def _handle_dom0_updates_combobox(self, idx):
|
||||||
|
idx += 1
|
||||||
|
repolist = ['qubes-dom0-current', 'qubes-dom0-security-testing',
|
||||||
|
'qubes-dom0-current-testing', 'qubes-dom0-unstable']
|
||||||
|
enable = repolist[:idx]
|
||||||
|
disable = repolist[idx:]
|
||||||
|
self._manage_repos(enable, 'Enable')
|
||||||
|
self._manage_repos(disable, 'Disable')
|
||||||
|
|
||||||
|
# pylint: disable=invalid-name
|
||||||
|
def _handle_itl_tmpl_updates_combobox(self, idx):
|
||||||
|
idx += 1
|
||||||
|
repolist = ['qubes-templates-itl', 'qubes-templates-itl-testing']
|
||||||
|
enable = repolist[:idx]
|
||||||
|
disable = repolist[idx:]
|
||||||
|
self._manage_repos(enable, 'Enable')
|
||||||
|
self._manage_repos(disable, 'Disable')
|
||||||
|
|
||||||
|
# pylint: disable=invalid-name
|
||||||
|
def _handle_comm_tmpl_updates_combobox(self, idx):
|
||||||
|
# We don't increment idx by 1 because this is the only combobox that
|
||||||
|
# has an explicit "disable this repository entirely" option
|
||||||
|
repolist = ['qubes-templates-community',
|
||||||
|
'qubes-templates-community-testing']
|
||||||
|
enable = repolist[:idx]
|
||||||
|
disable = repolist[idx:]
|
||||||
|
self._manage_repos(enable, 'Enable')
|
||||||
|
self._manage_repos(disable, 'Disable')
|
||||||
|
|
||||||
|
def __apply_repos__(self):
|
||||||
|
self._handle_dom0_updates_combobox(
|
||||||
|
self.dom0_updates_repo.currentIndex())
|
||||||
|
self._handle_itl_tmpl_updates_combobox(
|
||||||
|
self.itl_tmpl_updates_repo.currentIndex())
|
||||||
|
self._handle_comm_tmpl_updates_combobox(
|
||||||
|
self.comm_tmpl_updates_repo.currentIndex())
|
||||||
|
|
||||||
def reject(self):
|
def reject(self):
|
||||||
self.done(0)
|
self.done(0)
|
||||||
|
|
||||||
@ -293,7 +404,7 @@ class GlobalSettingsWindow(ui_globalsettingsdlg.Ui_GlobalSettings,
|
|||||||
self.__apply_kernel_defaults__()
|
self.__apply_kernel_defaults__()
|
||||||
self.__apply_mem_defaults__()
|
self.__apply_mem_defaults__()
|
||||||
self.__apply_updates__()
|
self.__apply_updates__()
|
||||||
|
self.__apply_repos__()
|
||||||
|
|
||||||
# Bases on the original code by:
|
# Bases on the original code by:
|
||||||
# Copyright (c) 2002-2007 Pascal Varet <p.varet@gmail.com>
|
# Copyright (c) 2002-2007 Pascal Varet <p.varet@gmail.com>
|
||||||
|
@ -98,7 +98,7 @@
|
|||||||
</layout>
|
</layout>
|
||||||
</widget>
|
</widget>
|
||||||
</item>
|
</item>
|
||||||
<item row="3" column="0" colspan="2">
|
<item row="4" column="0" colspan="2">
|
||||||
<widget class="QDialogButtonBox" name="buttonBox">
|
<widget class="QDialogButtonBox" name="buttonBox">
|
||||||
<property name="orientation">
|
<property name="orientation">
|
||||||
<enum>Qt::Horizontal</enum>
|
<enum>Qt::Horizontal</enum>
|
||||||
@ -209,6 +209,30 @@
|
|||||||
<string>Updates</string>
|
<string>Updates</string>
|
||||||
</property>
|
</property>
|
||||||
<layout class="QGridLayout" name="gridLayout_3">
|
<layout class="QGridLayout" name="gridLayout_3">
|
||||||
|
<item row="1" column="0">
|
||||||
|
<widget class="QComboBox" name="dom0_updates_repo">
|
||||||
|
<item>
|
||||||
|
<property name="text">
|
||||||
|
<string>Stable updates</string>
|
||||||
|
</property>
|
||||||
|
</item>
|
||||||
|
<item>
|
||||||
|
<property name="text">
|
||||||
|
<string>Testing updates (security only)</string>
|
||||||
|
</property>
|
||||||
|
</item>
|
||||||
|
<item>
|
||||||
|
<property name="text">
|
||||||
|
<string>Testing updates</string>
|
||||||
|
</property>
|
||||||
|
</item>
|
||||||
|
<item>
|
||||||
|
<property name="text">
|
||||||
|
<string>Unstable updates</string>
|
||||||
|
</property>
|
||||||
|
</item>
|
||||||
|
</widget>
|
||||||
|
</item>
|
||||||
<item row="1" column="1">
|
<item row="1" column="1">
|
||||||
<widget class="QPushButton" name="disable_updates_all">
|
<widget class="QPushButton" name="disable_updates_all">
|
||||||
<property name="text">
|
<property name="text">
|
||||||
@ -243,6 +267,39 @@
|
|||||||
</property>
|
</property>
|
||||||
</widget>
|
</widget>
|
||||||
</item>
|
</item>
|
||||||
|
<item row="2" column="0">
|
||||||
|
<widget class="QComboBox" name="itl_tmpl_updates_repo">
|
||||||
|
<item>
|
||||||
|
<property name="text">
|
||||||
|
<string>ITL template updates</string>
|
||||||
|
</property>
|
||||||
|
</item>
|
||||||
|
<item>
|
||||||
|
<property name="text">
|
||||||
|
<string>ITL template updates (testing)</string>
|
||||||
|
</property>
|
||||||
|
</item>
|
||||||
|
</widget>
|
||||||
|
</item>
|
||||||
|
<item row="3" column="0">
|
||||||
|
<widget class="QComboBox" name="comm_tmpl_updates_repo">
|
||||||
|
<item>
|
||||||
|
<property name="text">
|
||||||
|
<string>(Community templates disabled)</string>
|
||||||
|
</property>
|
||||||
|
</item>
|
||||||
|
<item>
|
||||||
|
<property name="text">
|
||||||
|
<string>Community template updates</string>
|
||||||
|
</property>
|
||||||
|
</item>
|
||||||
|
<item>
|
||||||
|
<property name="text">
|
||||||
|
<string>Community template updates (testing)</string>
|
||||||
|
</property>
|
||||||
|
</item>
|
||||||
|
</widget>
|
||||||
|
</item>
|
||||||
</layout>
|
</layout>
|
||||||
</widget>
|
</widget>
|
||||||
</item>
|
</item>
|
||||||
|
Loading…
Reference in New Issue
Block a user