Merge branch 'master' of git.qubes-os.org:/var/lib/qubes/git/aga/qubes-manager

This commit is contained in:
Joanna Rutkowska 2012-03-12 19:16:02 +01:00
commit ec97d22bbc
5 changed files with 111 additions and 94 deletions

View File

@ -60,8 +60,8 @@ class AppmenuSelectManager:
self.app_list = apps_multiselect # this is a multiselect wiget self.app_list = apps_multiselect # this is a multiselect wiget
self.vm = vm self.vm = vm
if self.vm.template_vm: if self.vm.template:
self.source_vm = self.vm.template_vm self.source_vm = self.vm.template
else: else:
self.source_vm = self.vm self.source_vm = self.vm
@ -92,28 +92,45 @@ class AppmenuSelectManager:
break break
desktop_template.close() desktop_template.close()
whitelisted_appmenus = [a for a in available_appmenus if a[0] in whitelisted] self.whitelisted_appmenus = [a for a in available_appmenus if a[0] in whitelisted]
available_appmenus = [a for a in available_appmenus if a[0] not in whitelisted] available_appmenus = [a for a in available_appmenus if a[0] not in whitelisted]
for a in available_appmenus: for a in available_appmenus:
self.app_list.available_list.addItem( AppListWidgetItem(a[1], a[0])) self.app_list.available_list.addItem( AppListWidgetItem(a[1], a[0]))
for a in whitelisted_appmenus: for a in self.whitelisted_appmenus:
self.app_list.selected_list.addItem( AppListWidgetItem(a[1], a[0])) self.app_list.selected_list.addItem( AppListWidgetItem(a[1], a[0]))
self.app_list.available_list.sortItems() self.app_list.available_list.sortItems()
self.app_list.selected_list.sortItems() self.app_list.selected_list.sortItems()
def save_list_of_selected(self): def save_list_of_selected(self):
whitelisted = open(self.vm.dir_path + '/' + whitelisted_filename, 'w') sth_changed = False
added = []
for i in range(self.app_list.selected_list.count()): for i in range(self.app_list.selected_list.count()):
item = self.app_list.selected_list.item(i) item = self.app_list.selected_list.item(i)
whitelisted.write(item.filename + '\n') if item.filename not in [ w[0] for w in self.whitelisted_appmenus]:
whitelisted.close() added.append(item)
if self.app_list.selected_list.count() - len(added) < len(self.whitelisted_appmenus): #sth removed
sth_changed = True;
elif len(added) > 0:
sth_changed = True;
if sth_changed == True:
whitelisted = open(self.vm.dir_path + '/' + whitelisted_filename, 'w')
for i in range(self.app_list.selected_list.count()):
item = self.app_list.selected_list.item(i)
whitelisted.write(item.filename + '\n')
whitelisted.close()
return True
else:
return False
def save_appmenu_select_changes(self): def save_appmenu_select_changes(self):
self.save_list_of_selected() if self.save_list_of_selected():
subprocess.check_call([qubes_appmenu_remove_cmd, self.vm.name]) subprocess.check_call([qubes_appmenu_remove_cmd, self.vm.name])
subprocess.check_call([qubes_appmenu_create_cmd, self.source_vm.appmenus_templates_dir, self.vm.name]) subprocess.check_call([qubes_appmenu_create_cmd, self.source_vm.appmenus_templates_dir, self.vm.name])

View File

@ -191,6 +191,8 @@ class QubesFirewallRulesModel(QAbstractItemModel):
self.__services.append( (service["name"], int(service["port"]),) ) self.__services.append( (service["name"], int(service["port"]),) )
f.close() f.close()
self.fw_changed = False
def sort(self, idx, order): def sort(self, idx, order):
from operator import attrgetter from operator import attrgetter
@ -237,12 +239,15 @@ class QubesFirewallRulesModel(QAbstractItemModel):
def get_vm_name(self): def get_vm_name(self):
return self.__vm.name return self.__vm.name
def apply_rules(self): def apply_rules(self, allow, dns, icmp):
assert self.__vm is not None assert self.__vm is not None
conf = { "allow": self.allow, if(self.allow != allow or self.allowDns != dns or self.allowIcmp != icmp):
"allowDns": self.allowDns, self.fw_changed = True
"allowIcmp": self.allowIcmp,
conf = { "allow": allow,
"allowDns": dns,
"allowIcmp": icmp,
"rules": list() "rules": list()
} }
@ -257,16 +262,18 @@ class QubesFirewallRulesModel(QAbstractItemModel):
} }
) )
self.__vm.write_firewall_conf(conf) if self.fw_changed:
self.__vm.write_firewall_conf(conf)
qvm_collection = QubesVmCollection() qvm_collection = QubesVmCollection()
qvm_collection.lock_db_for_reading() qvm_collection.lock_db_for_reading()
qvm_collection.load() qvm_collection.load()
qvm_collection.unlock_db() qvm_collection.unlock_db()
for vm in qvm_collection.values():
if vm.is_proxyvm():
vm.write_iptables_xenstore_entry()
for vm in qvm_collection.values():
if vm.is_proxyvm():
vm.write_iptables_xenstore_entry()
def index(self, row, column, parent=QModelIndex()): def index(self, row, column, parent=QModelIndex()):
if not self.hasIndex(row, column, parent): if not self.hasIndex(row, column, parent):

View File

@ -146,15 +146,15 @@ class VmTemplateItem (QTableWidgetItem):
def __init__(self, vm): def __init__(self, vm):
super(VmTemplateItem, self).__init__() super(VmTemplateItem, self).__init__()
if vm.template_vm is not None: if vm.template is not None:
self.setText(vm.template_vm.name) self.setText(vm.template.name)
else: else:
font = QFont() font = QFont()
font.setStyle(QFont.StyleItalic) font.setStyle(QFont.StyleItalic)
self.setFont(font) self.setFont(font)
self.setTextColor(QColor("gray")) self.setTextColor(QColor("gray"))
if vm.is_appvm(): # and vm.template_vm is None if vm.is_appvm(): # and vm.template is None
self.setText("StandaloneVM") self.setText("StandaloneVM")
elif vm.is_template(): elif vm.is_template():
self.setText("TemplateVM") self.setText("TemplateVM")
@ -824,7 +824,7 @@ class VmManagerWindow(Ui_VmManagerWindow, QMainWindow):
default_index = 0 default_index = 0
for (i, vm) in enumerate(template_vm_list): for (i, vm) in enumerate(template_vm_list):
if vm is self.qvm_collection.get_default_template_vm(): if vm is self.qvm_collection.get_default_template():
default_index = i default_index = i
dialog.template_name.insertItem(i, vm.name + " (default)") dialog.template_name.insertItem(i, vm.name + " (default)")
else: else:

View File

@ -64,8 +64,8 @@ class VMSettingsWindow(Ui_SettingsDialog, QDialog):
self.app = app self.app = app
self.qvm_collection = qvm_collection self.qvm_collection = qvm_collection
self.vm = vm self.vm = vm
if self.vm.template_vm: if self.vm.template:
self.source_vm = self.vm.template_vm self.source_vm = self.vm.template
else: else:
self.source_vm = self.vm self.source_vm = self.vm
@ -96,9 +96,6 @@ class VMSettingsWindow(Ui_SettingsDialog, QDialog):
self.newRuleButton.clicked.connect(self.new_rule_button_pressed) self.newRuleButton.clicked.connect(self.new_rule_button_pressed)
self.editRuleButton.clicked.connect(self.edit_rule_button_pressed) self.editRuleButton.clicked.connect(self.edit_rule_button_pressed)
self.deleteRuleButton.clicked.connect(self.delete_rule_button_pressed) self.deleteRuleButton.clicked.connect(self.delete_rule_button_pressed)
self.policyAllowRadioButton.toggled.connect(self.policy_radio_toggled)
self.dnsCheckBox.toggled.connect(self.dns_checkbox_toggled)
self.icmpCheckBox.toggled.connect(self.icmp_checkbox_toggled)
####### devices tab ####### devices tab
self.dev_list = MultiSelectWidget(self) self.dev_list = MultiSelectWidget(self)
@ -141,17 +138,28 @@ class VMSettingsWindow(Ui_SettingsDialog, QDialog):
def __save_changes__(self, thread_monitor): def __save_changes__(self, thread_monitor):
self.qvm_collection.lock_db_for_writing()
self.anything_changed = False
ret = self.__apply_basic_tab__()
if len(ret) > 0 :
thread_monitor.set_error_msg('\n'.join(ret))
if self.anything_changed == True:
self.qvm_collection.save()
self.qvm_collection.unlock_db()
if self.tabWidget.isTabEnabled(self.tabs_indices["firewall"]): if self.tabWidget.isTabEnabled(self.tabs_indices["firewall"]):
self.fw_model.apply_rules() self.fw_model.apply_rules(self.policyAllowRadioButton.isChecked(), self.dnsCheckBox.isChecked(), self.icmpCheckBox.isChecked())
if self.tabWidget.isTabEnabled(self.tabs_indices["applications"]): if self.tabWidget.isTabEnabled(self.tabs_indices["applications"]):
self.AppListManager.save_appmenu_select_changes() self.AppListManager.save_appmenu_select_changes()
ret = self.__apply_basic_tab__()
if len(ret) > 0 :
thread_monitor.set_error_msg('\n'.join(ret))
thread_monitor.set_finished() thread_monitor.set_finished()
def current_tab_changed(self, idx): def current_tab_changed(self, idx):
if idx == self.tabs_indices["firewall"]: if idx == self.tabs_indices["firewall"]:
if self.vm.netvm is not None and not self.vm.netvm.is_proxyvm(): if self.vm.netvm is not None and not self.vm.netvm.is_proxyvm():
@ -179,14 +187,14 @@ class VMSettingsWindow(Ui_SettingsDialog, QDialog):
self.vmlabel.setItemIcon (i, QIcon(label.icon_path)) self.vmlabel.setItemIcon (i, QIcon(label.icon_path))
self.vmlabel.setCurrentIndex(self.label_idx) self.vmlabel.setCurrentIndex(self.label_idx)
if not self.vm.is_template() and self.vm.template_vm is not None: if not self.vm.is_template() and self.vm.template is not None:
template_vm_list = [vm for vm in self.qvm_collection.values() if not vm.internal and vm.is_template()] template_vm_list = [vm for vm in self.qvm_collection.values() if not vm.internal and vm.is_template()]
self.template_idx = 0 self.template_idx = 0
for (i, vm) in enumerate(template_vm_list): for (i, vm) in enumerate(template_vm_list):
text = vm.name text = vm.name
if vm is self.qvm_collection.get_default_template_vm(): if vm is self.qvm_collection.get_default_template():
text += " (default)" text += " (default)"
if vm.qid == self.vm.template_vm.qid: if vm.qid == self.vm.template.qid:
self.template_idx = i self.template_idx = i
text += " (current)" text += " (current)"
self.template_name.insertItem(i, text) self.template_name.insertItem(i, text)
@ -234,10 +242,9 @@ class VMSettingsWindow(Ui_SettingsDialog, QDialog):
self.networking_groupbox.setEnabled(False); self.networking_groupbox.setEnabled(False);
#maxmem #max priv size
self.priv_size.setValue(int(self.vm.maxmem)/1024) self.priv_size.setValue(int(self.vm.memory))
self.priv_size.setMinimum(0) self.priv_size.setMaximum(QubesHost().memory_total/1024)
self.priv_size.setMaximum(QubesHost().memory_total/1024/1024)
#self.vmname.selectAll() #self.vmname.selectAll()
#self.vmname.setFocus() #self.vmname.setFocus()
@ -250,74 +257,57 @@ class VMSettingsWindow(Ui_SettingsDialog, QDialog):
if self.vm.name != vmname: if self.vm.name != vmname:
if self.vm.is_running(): if self.vm.is_running():
msg.append("Can't change name of a running VM.") msg.append("Can't change name of a running VM.")
elif self.qvm_collection.get_vm_by_name(vmname) is not None: elif self.qvm_collection.get_vm_by_name(vmname) is not None:
msg.append("A VM named <b>{0}</b> already exists in the system!".format(vmname)) msg.append("Can't change VM name - a VM named <b>{0}</b> already exists in the system!".format(vmname))
else: else:
oldname = self.vm.name oldname = self.vm.name
try: try:
self.qvm_collection.lock_db_for_writing()
self.vm.pre_rename(vmname) self.vm.pre_rename(vmname)
self.vm.set_name(vmname) self.vm.set_name(vmname)
self.vm.post_rename(oldname) self.vm.post_rename(oldname)
self.qvm_collection.save() self.anything_changed = True
except Exception as ex: except Exception as ex:
msg.append(str(ex)) msg.append(str(ex))
finally:
self.qvm_collection.unlock_db()
#vm label changed #vm label changed
if self.vmlabel.currentIndex() != self.label_idx: if self.vmlabel.currentIndex() != self.label_idx:
if self.vm.is_running(): label = self.label_list[self.vmlabel.currentIndex()]
msg.append("Can't change label of a running VM.") self.vm.label = label
self.anything_changed = True
else:
label = self.label_list[self.vmlabel.currentIndex()]
self.qvm_collection.lock_db_for_writing()
self.vm.label = label
self.qvm_collection.save()
self.qvm_collection.unlock_db()
#vm template changed #vm template changed
if self.template_name.currentIndex() != self.template_idx: if self.template_name.currentIndex() != self.template_idx:
new_template_name = self.template_name.currentText() new_template_name = self.template_name.currentText()
new_template_name = new_template_name.split(' ')[0] new_template_name = new_template_name.split(' ')[0]
template_vm = self.qvm_collection.get_vm_by_name(new_template_name) template_vm = self.qvm_collection.get_vm_by_name(new_template_name)
assert (template_vm is not None and template_vm.qid in self.qvm_collection) assert (template_vm is not None and template_vm.qid in self.qvm_collection)
assert template_vm.is_template() assert template_vm.is_template()
self.vm.template = template_vm
self.qvm_collection.lock_db_for_writing() self.anything_changed = True
self.vm.template_vm = template_vm
self.qvm_collection.save()
self.qvm_collection.unlock_db()
#vm netvm changed #vm netvm changed
if self.netVM.currentIndex() != self.netvm_idx: if self.netVM.currentIndex() != self.netvm_idx:
new_netvm_name = self.netVM.currentText() new_netvm_name = self.netVM.currentText()
new_netvm_name = new_netvm_name.split(' ')[0] new_netvm_name = new_netvm_name.split(' ')[0]
netvm = self.qvm_collection.get_vm_by_name(new_netvm_name)
cmd = ["qvm-prefs", "-s", self.vm.name, "netvm", new_netvm_name] assert (netvm is not None and netvm.qid in self.qvm_collection)
res = subprocess.check_call(cmd, stderr=subprocess.PIPE) assert netvm.is_netvm()
self.vm.uses_default_netvm = (self.vm is self.qvm_collection.get_default_netvm())
if res != 0: self.vm.netvm = netvm
msg.append("Error while setting netVM!") self.anything_changed = True
#include in backups #include in backups
self.vm.include_in_backups = self.include_in_backups.isChecked() if self.vm.include_in_backups != self.include_in_backups.isChecked():
self.vm.include_in_backups = self.include_in_backups.isChecked()
#maxmem #max priv size
maxmem = self.priv_size.value()*1024 priv_size = self.priv_size.value()
if maxmem == 0: if self.vm.memory != priv_size:
maxmem = 256 self.vm.memory = priv_size
self.vm.maxmem = maxmem self.anything_changed = True
return msg return msg
# template_vm = template_vm_list[dialog.template_name.currentIndex()]
# allow_networking = dialog.allow_networking.isChecked()
######### firewall tab related ######### firewall tab related
def set_fw_model(self, model): def set_fw_model(self, model):
@ -333,15 +323,6 @@ class VMSettingsWindow(Ui_SettingsDialog, QDialog):
self.policyAllowRadioButton.setChecked(allow) self.policyAllowRadioButton.setChecked(allow)
self.policyDenyRadioButton.setChecked(not allow) self.policyDenyRadioButton.setChecked(not allow)
def policy_radio_toggled(self, on):
self.fw_model.allow = self.policyAllowRadioButton.isChecked()
def dns_checkbox_toggled(self, on):
self.fw_model.allowDns = on
def icmp_checkbox_toggled(self, on):
self.fw_model.allowIcmp = on
def new_rule_button_pressed(self): def new_rule_button_pressed(self):
dialog = NewFwRuleDlg() dialog = NewFwRuleDlg()
self.run_rule_dialog(dialog) self.run_rule_dialog(dialog)
@ -373,6 +354,7 @@ class VMSettingsWindow(Ui_SettingsDialog, QDialog):
def delete_rule_button_pressed(self): def delete_rule_button_pressed(self):
for i in set([index.row() for index in self.rulesTreeView.selectedIndexes()]): for i in set([index.row() for index in self.rulesTreeView.selectedIndexes()]):
self.fw_model.removeChild(i) self.fw_model.removeChild(i)
self.fw_model.fw_changed = True
def run_rule_dialog(self, dialog, row = None): def run_rule_dialog(self, dialog, row = None):
if dialog.exec_(): if dialog.exec_():
@ -418,8 +400,10 @@ class VMSettingsWindow(Ui_SettingsDialog, QDialog):
item = QubesFirewallRuleItem(address, netmask, port, port2, protocol) item = QubesFirewallRuleItem(address, netmask, port, port2, protocol)
if row is not None: if row is not None:
self.fw_model.setChild(row, item) self.fw_model.setChild(row, item)
self.fw_model.fw_changed = True
else: else:
self.fw_model.appendChild(item) self.fw_model.appendChild(item)
self.fw_model.fw_changed = True
else: else:
QMessageBox.warning(None, "Invalid service name", "Service '{0} is unknown.".format(service)) QMessageBox.warning(None, "Invalid service name", "Service '{0} is unknown.".format(service))

View File

@ -171,18 +171,24 @@
<property name="alignment"> <property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set> <set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property> </property>
<property name="minimum">
<number>256</number>
</property>
<property name="maximum"> <property name="maximum">
<number>10000</number> <number>10000</number>
</property> </property>
<property name="singleStep">
<number>256</number>
</property>
<property name="value"> <property name="value">
<number>2</number> <number>256</number>
</property> </property>
</widget> </widget>
</item> </item>
<item row="0" column="2"> <item row="0" column="2">
<widget class="QLabel" name="label_5"> <widget class="QLabel" name="label_5">
<property name="text"> <property name="text">
<string>GB</string> <string>MB</string>
</property> </property>
</widget> </widget>
</item> </item>
@ -339,11 +345,14 @@
<property name="alignment"> <property name="alignment">
<set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set> <set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
</property> </property>
<property name="minimum">
<number>256</number>
</property>
<property name="maximum"> <property name="maximum">
<number>10000</number> <number>10000</number>
</property> </property>
<property name="singleStep"> <property name="singleStep">
<number>100</number> <number>256</number>
</property> </property>
<property name="value"> <property name="value">
<number>400</number> <number>400</number>