#!/usr/bin/python2 # # The Qubes OS Project, http://www.qubes-os.org # # Copyright (C) 2012 Agnieszka Kostrzewa # Copyright (C) 2012 Marek Marczykowski-Górecki # # Copyright (C) 2017 Wojtek Porczyk # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # as published by the Free Software Foundation; either version 2 # of the License, or (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. # # import collections import copy import os import subprocess import qubesadmin import qubesadmin.tools from . import utils from .ui_settingsdlg import * from .appmenu_select import * from .firewall import * from .backup_utils import get_path_for_vm class VMSettingsWindow(Ui_SettingsDialog, QDialog): tabs_indices = collections.OrderedDict(( ('basic', 0), ('advanced', 1), ('firewall', 2), ('devices', 3), ('applications', 4), ('services', 5), )) def __init__(self, vm, qapp, init_page="basic", parent=None): super(VMSettingsWindow, self).__init__(parent) self.vm = vm self.qapp = qapp if self.vm.template: self.source_vm = self.vm.template else: self.source_vm = self.vm self.setupUi(self) self.setWindowTitle(self.tr("Settings: {vm}").format(vm=self.vm.name)) if init_page in self.tabs_indices: idx = self.tabs_indices[init_page] assert (idx in range(self.tabWidget.count())) self.tabWidget.setCurrentIndex(idx) self.connect(self.buttonBox, SIGNAL("accepted()"), self.save_and_apply) self.connect(self.buttonBox, SIGNAL("rejected()"), self.reject) self.tabWidget.currentChanged.connect(self.current_tab_changed) self.tabWidget.setTabEnabled(self.tabs_indices["firewall"], vm.is_networked() and not (vm.is_netvm() and not vm.is_proxyvm())) ###### basic tab self.__init_basic_tab__() ###### advanced tab self.__init_advanced_tab__() self.include_in_balancing.stateChanged.connect(self.include_in_balancing_state_changed) self.connect(self.init_mem, SIGNAL("editingFinished()"), self.check_mem_changes) self.connect(self.max_mem_size, SIGNAL("editingFinished()"), self.check_mem_changes) self.drive_path_button.clicked.connect(self.drive_path_button_pressed) ###### firewall tab if self.tabWidget.isTabEnabled(self.tabs_indices["firewall"]): model = QubesFirewallRulesModel() model.set_vm(vm) self.set_fw_model(model) self.newRuleButton.clicked.connect(self.new_rule_button_pressed) self.editRuleButton.clicked.connect(self.edit_rule_button_pressed) self.deleteRuleButton.clicked.connect(self.delete_rule_button_pressed) self.policyDenyRadioButton.clicked.connect(self.policy_changed) self.policyAllowRadioButton.clicked.connect(self.policy_changed) ####### devices tab self.__init_devices_tab__() self.connect(self.dev_list, SIGNAL("selected_changed()"), self.devices_selection_changed) ####### services tab self.__init_services_tab__() self.add_srv_button.clicked.connect(self.__add_service__) self.remove_srv_button.clicked.connect(self.__remove_service__) ####### apps tab if self.tabWidget.isTabEnabled(self.tabs_indices["applications"]): self.app_list = MultiSelectWidget(self) self.apps_layout.addWidget(self.app_list) self.AppListManager = AppmenuSelectManager(self.vm, self.app_list) def reject(self): self.done(0) #needed not to close the dialog before applying changes def accept(self): pass def save_and_apply(self): thread_monitor = ThreadMonitor() thread = threading.Thread (target=self.__save_changes__, args=(thread_monitor,)) thread.daemon = True thread.start() progress = QProgressDialog( self.tr("Applying settings to {0}...").format(self.vm.name), "", 0, 0) progress.setCancelButton(None) progress.setModal(True) progress.show() while not thread_monitor.is_finished(): self.qapp.processEvents() time.sleep (0.1) progress.hide() if not thread_monitor.success: QMessageBox.warning(None, self.tr("Error while changing settings for {0}!").format(self.vm.name), self.tr("ERROR: {0}").format(thread_monitor.error_msg)) self.done(0) def __save_changes__(self, thread_monitor): self.anything_changed = False ret = [] try: ret_tmp = self.__apply_basic_tab__() if len(ret_tmp) > 0: ret += ["Basic tab:"] + ret_tmp ret_tmp = self.__apply_advanced_tab__() if len(ret_tmp) > 0: ret += ["Advanced tab:"] + ret_tmp ret_tmp = self.__apply_devices_tab__() if len(ret_tmp) > 0: ret += ["Devices tab:"] + ret_tmp ret_tmp = self.__apply_services_tab__() if len(ret_tmp) > 0: ret += ["Sevices tab:"] + ret_tmp except Exception as ex: ret.append(self.tr('Error while saving changes: ') + str(ex)) try: if self.tabWidget.isTabEnabled(self.tabs_indices["firewall"]): self.fw_model.apply_rules(self.policyAllowRadioButton.isChecked(), self.dnsCheckBox.isChecked(), self.icmpCheckBox.isChecked(), self.yumproxyCheckBox.isChecked(), self.tempFullAccess.isChecked(), self.tempFullAccessTime.value()) if self.fw_model.fw_changed: # might modified vm.services self.anything_changed = True except Exception as ex: ret += [self.tr("Firewall tab:"), str(ex)] try: if self.tabWidget.isTabEnabled(self.tabs_indices["applications"]): self.AppListManager.save_appmenu_select_changes() except Exception as ex: ret += [self.tr("Applications tab:"), str(ex)] if len(ret) > 0 : thread_monitor.set_error_msg('\n'.join(ret)) utils.debug('\n'.join(ret)) def current_tab_changed(self, idx): if idx == self.tabs_indices["firewall"]: if self.vm.netvm is not None and not self.vm.netvm.is_proxyvm(): QMessageBox.warning(None, self.tr("VM configuration problem!"), self.tr("The '{vm}' AppVM is not network connected to a " "FirewallVM!

" "You may edit the '{vm}' VM firewall rules, but these " "will not take any effect until you connect it to " "a working Firewall VM.").format(vm=self.vm.name)) ######### basic tab # TODO LISTENERS # - vm start/shutdown -> setEnabled on fields: template labels # - vm create/delete -> choices lists, whole window deactiv (if self.vm) # - property-set -> individual fields # TODO INTERACTIONS # netvm -> networking_groupbox # hvm -> include_in_balancing # TODO REMOVE # other_groupbox def __init_basic_tab__(self): self.vmname.setText(self.vm.name) self.vmname.setValidator(QRegExpValidator(QRegExp("[a-zA-Z0-9-]*", Qt.CaseInsensitive), None)) self.vmname.setEnabled(False) if self.vm.qid == 0: self.vmlabel.setVisible(False) else: self.label_list, self.label_idx = utils.prepare_label_choice( self.vmlabel, self.vm, 'label', None, allow_default=False ) self.vmlabel.setVisible(True) self.vmlabel.setEnabled(not self.vm.is_running()) if isinstance(self.vm, qubesadmin.vm.AppVM): self.template_list, self.template_idx = utils.prepare_vm_choice( self.template_name, self.vm, 'template', self.vm.app.default_template, (lambda vm: isinstance(vm, qubesadmin.vm.TemplateVM)), allow_default=True, allow_none=False) else: self.template_name.setEnabled(False) self.template_idx = -1 self.netvm_list, self.netvm_idx = utils.prepare_vm_choice( self.netVM, self.vm, 'netvm', self.vm.app.default_netvm, (lambda vm: vm.provides_network), allow_default=True, allow_none=True) self.include_in_backups.setChecked(self.vm.include_in_backups) try: self.run_in_debug_mode.setChecked(self.vm.debug) self.run_in_debug_mode.setVisible(True) except AttributeError: self.run_in_debug_mode.setVisible(False) try: self.autostart_vm.setChecked(self.vm.autostart) self.autostart_vm.setVisible(True) except AttributeError: self.autostart_vm.setVisible(False) # XXX - False? self.seamless_gui.setVisible(True) self.seamless_gui.setChecked( self.vm.features.get('seamless-gui', False)) #type self.type_label.setText(type(self.vm).__name__) #installed by rpm self.rpm_label.setText('Yes' if self.vm.installed_by_rpm else 'No') #networking info if self.vm.netvm: self.networking_groupbox.setEnabled(True) self.ip_label.setText(self.vm.ip if self.vm.ip is not None else "none") self.netmask_label.setText(self.vm.netmask if self.vm.netmask is not None else "none") self.gateway_label.setText(self.vm.netvm.gateway if self.vm.netvm is not None else "none") else: self.networking_groupbox.setEnabled(False) #max priv storage # self.priv_img_size = self.vm.get_private_img_sz()/1024/1024 # self.max_priv_storage.setMinimum(self.priv_img_size) # self.max_priv_storage.setValue(self.priv_img_size) # self.root_img_size = self.vm.get_root_img_sz()/1024/1024 # self.root_resize.setValue(self.root_img_size) # self.root_resize.setMinimum(self.root_img_size) # self.root_resize.setEnabled(hasattr(self.vm, 'resize_root_img') and # not self.vm.template) # self.root_resize_label.setEnabled(self.root_resize.isEnabled()) def __apply_basic_tab__(self): msg = [] #vm label changed try: if self.vmlabel.isVisible(): if self.vmlabel.currentIndex() != self.label_idx: label = self.label_list[self.vmlabel.currentIndex()] self.vm.label = label self.anything_changed = True except Exception as ex: msg.append(str(ex)) #vm template changed try: if self.template_name.currentIndex() != self.template_idx: self.vm.template = \ self.template_list[self.template_name.currentIndex()] self.anything_changed = True except Exception as ex: msg.append(str(ex)) #vm netvm changed try: if self.netVM.currentIndex() != self.netvm_idx: self.vm.netvm = self.netvm_list[self.netVM.currentIndex()] self.anything_changed = True except Exception as ex: msg.append(str(ex)) #include in backups try: if self.vm.include_in_backups != self.include_in_backups.isChecked(): self.vm.include_in_backups = self.include_in_backups.isChecked() self.anything_changed = True except Exception as ex: msg.append(str(ex)) #run_in_debug_mode try: if self.run_in_debug_mode.isVisible(): if self.vm.debug != self.run_in_debug_mode.isChecked(): self.vm.debug = self.run_in_debug_mode.isChecked() self.anything_changed = True except Exception as ex: msg.append(str(ex)) #autostart_vm try: if self.autostart_vm.isVisible(): if self.vm.autostart != self.autostart_vm.isChecked(): self.vm.autostart = self.autostart_vm.isChecked() self.anything_changed = True except Exception as ex: msg.append(str(ex)) #seamless_gui try: if self.seamless_gui.isVisible(): if self.vm.seamless_gui_mode != self.seamless_gui.isChecked(): self.vm.seamless_gui_mode = self.seamless_gui.isChecked() self.anything_changed = True except Exception as ex: msg.append(str(ex)) #max priv storage priv_size = self.max_priv_storage.value() if self.priv_img_size != priv_size: try: self.vm.resize_private_img(priv_size*1024*1024) self.anything_changed = True except Exception as ex: msg.append(str(ex)) #max sys storage sys_size = self.root_resize.value() if self.root_img_size != sys_size: try: self.vm.resize_root_img(sys_size*1024*1024) self.anything_changed = True except Exception as ex: msg.append(str(ex)) return msg def check_mem_changes(self): if self.max_mem_size.value() < self.init_mem.value(): QMessageBox.warning(None, self.tr("Warning!"), self.tr("Max memory can not be less than initial memory.
" "Setting max memory to equal initial memory.")) self.max_mem_size.setValue(self.init_mem.value()) # Linux specific limit: init memory must not be below max_mem_size/10.79 in order to allow scaling up to max_mem_size (or else "add_memory() failed: -17" problem) if self.init_mem.value() * 10 < self.max_mem_size.value(): QMessageBox.warning(None, self.tr("Warning!"), self.tr("Initial memory can not be less than one tenth " "Max memory.
Setting initial memory to the minimum " "allowed value.")) self.init_mem.setValue(self.max_mem_size.value() / 10) ######### advanced tab def __init_advanced_tab__(self): #mem/cpu # qubes_memory = QubesHost().memory_total/1024 self.init_mem.setValue(int(self.vm.memory)) # self.init_mem.setMaximum(qubes_memory) self.max_mem_size.setValue(int(self.vm.maxmem)) # self.max_mem_size.setMaximum(qubes_memory) self.vcpus.setMinimum(1) # self.vcpus.setMaximum(QubesHost().no_cpus) self.vcpus.setValue(int(self.vm.vcpus)) self.include_in_balancing.setEnabled(not self.vm.hvm) self.include_in_balancing.setChecked(not self.vm.hvm and self.vm.features.get('services/meminfo-writer', True)) self.max_mem_size.setEnabled(self.include_in_balancing.isChecked()) #paths self.dir_path.setText(self.vm.dir_path) self.config_path.setText(self.vm.conf_file) try: self.root_img_path.setText(self.vm.template.root_img) except AttributeError: pass try: self.root_img_path.setText('{volume.pool}:{volume.vid}'.format( volume=self.vm.volumes['root'])) except AttributeError: self.root_img_path.setText("n/a") try: self.volatile_img_path.setText('{volume.pool}:{volume.vid}'.format( volume=self.vm.volumes['volatile'])) except AttributeError: self.volatile_img_path.setText('n/a') self.private_img_path.setText('{volume.pool}:{volume.vid}'.format( volume=self.vm.volumes['private'])) #kernel #in case VM is HVM if hasattr(self.vm, "kernel"): self.kernel_groupbox.setVisible(True) self.kernel_list, self.kernel_idx = utils.prepare_kernel_choice( self.kernel, self.vm, 'kernel', self.vm.app.default_kernel, allow_default=True, allow_none=True) else: self.kernel_groupbox.setVisible(False) if not hasattr(self.vm, "drive"): self.drive_groupbox.setVisible(False) else: self.drive_groupbox.setVisible(True) self.drive_groupbox.setChecked(self.vm.drive is not None) self.drive_running_warning.setVisible(self.vm.is_running()) self.drive_type.addItems(["hd", "cdrom"]) self.drive_type.setCurrentIndex(0) vm_list = [vm for vm in self.app.values() if not vm .internal and vm.qid != self.vm.qid] # default to dom0 (in case of nonexisting vm already set...) self.drive_domain_idx = 0 for (i, vm) in enumerate(sorted(vm_list, key=lambda v: v.name)): if vm.qid == 0: self.drive_domain_idx = i self.drive_domain.insertItem(i, vm.name) if self.vm.drive is not None: (drv_type, drv_domain, drv_path) = self.vm.drive.split(":") if drv_type == "cdrom": self.drive_type.setCurrentIndex(1) else: self.drive_type.setCurrentIndex(0) for i in xrange(self.drive_domain.count()): if drv_domain == self.drive_domain.itemText(i): self.drive_domain_idx = i self.drive_path.setText(drv_path) self.drive_domain.setCurrentIndex(self.drive_domain_idx) if not hasattr(self.vm, "dispvm_netvm"): self.other_groupbox.setVisible(False) else: self.other_groupbox.setVisible(True) netvm_list = [vm for vm in self.app.values() if not vm.internal and vm.is_netvm() and vm.qid != 0] self.dispvm_netvm_idx = -1 text = "default (same as VM own NetVM)" if self.vm.uses_default_dispvm_netvm: text += self.tr(" (current)") self.dispvm_netvm_idx = 0 self.dispvm_netvm.insertItem(0, text) for (i, vm) in enumerate(netvm_list): text = vm.name if self.vm.dispvm_netvm is not None and vm.qid == \ self.vm.dispvm_netvm.qid and not \ self.vm.uses_default_dispvm_netvm: self.dispvm_netvm_idx = i+1 text += self.tr(" (current)") self.dispvm_netvm.insertItem(i+1, text) none_text = "none" if self.vm.dispvm_netvm is None: none_text += self.tr(" (current)") self.dispvm_netvm_idx = len(netvm_list)+1 self.dispvm_netvm.insertItem(len(netvm_list)+1, none_text) self.dispvm_netvm.setCurrentIndex(self.dispvm_netvm_idx) def __apply_advanced_tab__(self): msg = [] #mem/cpu try: if self.init_mem.value() != int(self.vm.memory): self.vm.memory = self.init_mem.value() self.anything_changed = True if self.max_mem_size.value() != int(self.vm.maxmem): self.vm.maxmem = self.max_mem_size.value() self.anything_changed = True if self.vcpus.value() != int(self.vm.vcpus): self.vm.vcpus = self.vcpus.value() self.anything_changed = True except Exception as ex: msg.append(str(ex)) #include_in_memory_balancing applied in services tab #in case VM is not Linux if hasattr(self.vm, "kernel") and self.kernel_groupbox.isVisible(): try: if self.kernel.currentIndex() != self.kernel_idx: new_kernel = str(self.kernel.currentText()) new_kernel = new_kernel.split(' ')[0] uses_default_kernel = False if new_kernel == "default": kernel = self.app.get_default_kernel() uses_default_kernel = True elif new_kernel == "none": kernel = None else: kernel = new_kernel self.vm.kernel = kernel # Set self.vm.uses_default_kernel after self.vm.kernel to ensure that # the correct value persists after QubesVm.kernel resets self.vm.uses_default_kernel # to False. self.vm.uses_default_kernel = uses_default_kernel self.anything_changed = True except Exception as ex: msg.append(str(ex)) if hasattr(self.vm, "drive") and self.drive_groupbox.isVisible(): try: if not self.drive_groupbox.isChecked(): if self.vm.drive != None: self.vm.drive = None self.anything_changed = True else: new_domain = str(self.drive_domain.currentText()) if self.drive_domain.currentIndex() == self.drive_domain_idx: # strip "(current)" new_domain = new_domain.split(' ')[0] drive = "%s:%s:%s" % ( str(self.drive_type.currentText()), new_domain, str(self.drive_path.text()) ) if self.vm.drive != drive: self.vm.drive = drive self.anything_changed = True except Exception as ex: msg.append(str(ex)) #vm dispvm_netvm changed try: if self.dispvm_netvm.currentIndex() != self.dispvm_netvm_idx: new_dispvm_netvm_name = str(self.dispvm_netvm.currentText()) new_dispvm_netvm_name = new_dispvm_netvm_name.split(' ')[0] uses_default_dispvm_netvm = False if new_dispvm_netvm_name == "default": uses_default_dispvm_netvm = True if new_dispvm_netvm_name == "none": dispvm_netvm = None else: dispvm_netvm = self.app.get_vm_by_name( new_dispvm_netvm_name) assert (dispvm_netvm is None or (dispvm_netvm.qid in self.app and dispvm_netvm.is_netvm())) if uses_default_dispvm_netvm: self.vm.uses_default_dispvm_netvm = True else: self.vm.uses_default_dispvm_netvm = False self.vm.dispvm_netvm = dispvm_netvm self.anything_changed = True except Exception as ex: if utils.is_debug(): traceback.print_exc() msg.append(str(ex)) return msg def drive_path_button_pressed(self): if str(self.drive_domain.currentText()) in ["dom0", "dom0 (current)"]: file_dialog = QFileDialog() file_dialog.setReadOnly(True) new_path = file_dialog.getOpenFileName(self, "Select drive image", str(self.drive_path.text())) else: drv_domain = str(self.drive_domain.currentText()) if drv_domain.count("(current)") > 0: drv_domain = drv_domain.split(' ')[0] backend_vm = self.app.get_vm_by_name(drv_domain) if backend_vm: new_path = get_path_for_vm(backend_vm, "qubes.SelectFile") if new_path: self.drive_path.setText(new_path) ######## devices tab def __init_devices_tab__(self): self.dev_list = MultiSelectWidget(self) self.dev_list.add_all_button.setVisible(False) self.devices_layout.addWidget(self.dev_list) devs = [] lspci = subprocess.Popen(["/usr/sbin/lspci",], stdout = subprocess.PIPE) for dev in lspci.stdout: devs.append( (dev.rstrip(), dev.split(' ')[0]) ) class DevListWidgetItem(QListWidgetItem): def __init__(self, name, slot, parent = None): super(DevListWidgetItem, self).__init__(name, parent) self.slot = slot self.Type for d in devs: if d[1] in self.vm.pcidevs: self.dev_list.selected_list.addItem( DevListWidgetItem(d[0], d[1])) else: self.dev_list.available_list.addItem( DevListWidgetItem(d[0], d[1])) if self.dev_list.selected_list.count() > 0 and self.include_in_balancing.isChecked(): self.dmm_warning_adv.show() self.dmm_warning_dev.show() else: self.dmm_warning_adv.hide() self.dmm_warning_dev.hide() if self.vm.is_running(): self.dev_list.setEnabled(False) self.turn_off_vm_to_modify_devs.setVisible(True) else: self.dev_list.setEnabled(True) self.turn_off_vm_to_modify_devs.setVisible(False) def __apply_devices_tab__(self): msg = [] sth_changed = False added = [] try: for i in range(self.dev_list.selected_list.count()): item = self.dev_list.selected_list.item(i) if item.slot not in self.vm.pcidevs: added.append(item) if self.dev_list.selected_list.count() - len(added) < len(self.vm.pcidevs): #sth removed sth_changed = True elif len(added) > 0: sth_changed = True if sth_changed == True: pcidevs = [] for i in range(self.dev_list.selected_list.count()): slot = self.dev_list.selected_list.item(i).slot pcidevs.append(slot) self.vm.pcidevs = pcidevs self.anything_changed = True except Exception as ex: if utils.is_debug(): traceback.print_exc() msg.append(str(ex)) return msg def include_in_balancing_state_changed(self, state): for r in range (self.services_list.count()): item = self.services_list.item(r) if str(item.text()) == 'meminfo-writer': item.setCheckState(state) break if self.dev_list.selected_list.count() > 0: if state == QtCore.Qt.Checked: self.dmm_warning_adv.show() self.dmm_warning_dev.show() else: self.dmm_warning_adv.hide() self.dmm_warning_dev.hide() self.max_mem_size.setEnabled(self.include_in_balancing.isChecked()) def devices_selection_changed(self): if self.include_in_balancing.isChecked(): if self.dev_list.selected_list.count() > 0 : self.dmm_warning_adv.show() self.dmm_warning_dev.show() else: self.dmm_warning_adv.hide() self.dmm_warning_dev.hide() ######## services tab def __init_services_tab__(self): for srv in self.vm.services: item = QListWidgetItem(srv) if self.vm.services[srv] == True: item.setCheckState(QtCore.Qt.Checked) else: item.setCheckState(QtCore.Qt.Unchecked) self.services_list.addItem(item) self.connect(self.services_list, SIGNAL("itemClicked(QListWidgetItem *)"), self.services_item_clicked) self.new_srv_dict = copy.copy(self.vm.services) def __add_service__(self): srv = str(self.service_line_edit.text()).strip() if srv != "": if srv in self.new_srv_dict: QMessageBox.information(None, "", self.tr("Service already on the list!")) else: item = QListWidgetItem(srv) item.setCheckState(QtCore.Qt.Checked) self.services_list.addItem(item) self.new_srv_dict[srv] = True def __remove_service__(self): item = self.services_list.currentItem() if not item: return if str(item.text()) == 'meminfo-writer': QMessageBox.information(None, self.tr("Service can not be removed"), self.tr("Service meminfo-writer can not be removed from the list.")) return row = self.services_list.currentRow() item = self.services_list.takeItem(row) del self.new_srv_dict[str(item.text())] def services_item_clicked(self, item): if str(item.text()) == 'meminfo-writer': if item.checkState() == QtCore.Qt.Checked: if not self.include_in_balancing.isChecked(): self.include_in_balancing.setChecked(True) elif item.checkState() == QtCore.Qt.Unchecked: if self.include_in_balancing.isChecked(): self.include_in_balancing.setChecked(False) def __apply_services_tab__(self): msg = [] try: for r in range (self.services_list.count()): item = self.services_list.item(r) self.new_srv_dict[str(item.text())] = (item.checkState() == QtCore.Qt.Checked) balancing_was_checked = (self.vm.services['meminfo-writer']==True) balancing_is_checked = self.include_in_balancing.isChecked() meminfo_writer_checked = (self.new_srv_dict['meminfo-writer'] == True) if balancing_is_checked != meminfo_writer_checked: if balancing_is_checked != balancing_was_checked: self.new_srv_dict['meminfo-writer'] = balancing_is_checked if self.new_srv_dict != self.vm.services: self.vm.services = self.new_srv_dict self.anything_changed = True except Exception as ex: msg.append(str(ex)) return msg ######### firewall tab related def set_fw_model(self, model): self.fw_model = model self.rulesTreeView.setModel(model) self.rulesTreeView.header().setResizeMode(QHeaderView.ResizeToContents) self.rulesTreeView.header().setResizeMode(0, QHeaderView.Stretch) self.set_allow(model.allow) self.dnsCheckBox.setChecked(model.allowDns) self.icmpCheckBox.setChecked(model.allowIcmp) self.yumproxyCheckBox.setChecked(model.allowYumProxy) if model.tempFullAccessExpireTime: self.tempFullAccess.setChecked(True) self.tempFullAccessTime.setValue( (model.tempFullAccessExpireTime - int(datetime.datetime.now().strftime("%s")))/60) def set_allow(self, allow): self.policyAllowRadioButton.setChecked(allow) self.policyDenyRadioButton.setChecked(not allow) self.policy_changed(allow) def policy_changed(self, checked): self.tempFullAccessWidget.setEnabled(self.policyDenyRadioButton.isChecked()) def new_rule_button_pressed(self): dialog = NewFwRuleDlg() self.run_rule_dialog(dialog) def edit_rule_button_pressed(self): dialog = NewFwRuleDlg() dialog.set_ok_enabled(True) selected = self.rulesTreeView.selectedIndexes() if len(selected) > 0: row = self.rulesTreeView.selectedIndexes().pop().row() address = self.fw_model.get_column_string(0, row).replace(' ', '') dialog.addressComboBox.setItemText(0, address) dialog.addressComboBox.setCurrentIndex(0) service = self.fw_model.get_column_string(1, row) if service == "any": service = "" dialog.serviceComboBox.setItemText(0, service) dialog.serviceComboBox.setCurrentIndex(0) protocol = self.fw_model.get_column_string(2, row) if protocol == "tcp": dialog.tcp_radio.setChecked(True) elif protocol == "udp": dialog.udp_radio.setChecked(True) else: dialog.any_radio.setChecked(True) self.run_rule_dialog(dialog, row) def delete_rule_button_pressed(self): for i in set([index.row() for index in self.rulesTreeView.selectedIndexes()]): self.fw_model.removeChild(i) def run_rule_dialog(self, dialog, row = None): if dialog.exec_(): address = str(dialog.addressComboBox.currentText()) service = str(dialog.serviceComboBox.currentText()) port = None port2 = None unmask = address.split("/", 1) if len(unmask) == 2: address = unmask[0] netmask = int(unmask[1]) else: netmask = 32 if address == "*": address = "0.0.0.0" netmask = 0 if dialog.any_radio.isChecked(): protocol = "any" port = 0 else: if dialog.tcp_radio.isChecked(): protocol = "tcp" elif dialog.udp_radio.isChecked(): protocol = "udp" else: protocol = "any" try: range = service.split("-", 1) if len(range) == 2: port = int(range[0]) port2 = int(range[1]) else: port = int(service) except (TypeError, ValueError) as ex: port = self.fw_model.get_service_port(service) if port is not None: if port2 is not None and port2 <= port: QMessageBox.warning(None, self.tr("Invalid service ports range"), self.tr("Port {0} is lower than port {1}.").format( port2, port)) else: item = {"address": address, "netmask": netmask, "portBegin": port, "portEnd": port2, "proto": protocol, } if row is not None: self.fw_model.setChild(row, item) else: self.fw_model.appendChild(item) else: QMessageBox.warning(None, self.tr("Invalid service name"), self.tr("Service '{0}' is unknown.").format(service)) # Bases on the original code by: # Copyright (c) 2002-2007 Pascal Varet def handle_exception(exc_type, exc_value, exc_traceback): import sys import os.path import traceback filename, line, dummy, dummy = traceback.extract_tb(exc_traceback).pop() filename = os.path.basename(filename) error = "%s: %s" % (exc_type.__name__, exc_value) strace = "" stacktrace = traceback.extract_tb(exc_traceback) while len(stacktrace) > 0: (filename, line, func, txt) = stacktrace.pop() strace += "----\n" strace += "line: %s\n" %txt strace += "func: %s\n" %func strace += "line no.: %d\n" %line strace += "file: %s\n" %filename msg_box = QMessageBox() msg_box.setDetailedText(strace) msg_box.setIcon(QMessageBox.Critical) msg_box.setWindowTitle("Houston, we have a problem...") msg_box.setText("Whoops. A critical error has occured. This is most likely a bug " "in Qubes Manager.

" "%s" % error + "
at line %d
of file %s.

" % ( line, filename )) msg_box.exec_() parser = qubesadmin.tools.QubesArgumentParser(vmname_nargs=1) parser.add_argument('--tab', metavar='TAB', action='store', choices=VMSettingsWindow.tabs_indices.keys()) parser.set_defaults( tab='basic', ) def main(args=None): global settings_window args = parser.parse_args(args) vm = args.domains.pop() qapp = QApplication(sys.argv) qapp.setOrganizationName('Invisible Things Lab') qapp.setOrganizationDomain("https://www.qubes-os.org/") qapp.setApplicationName("Qubes VM Settings") if not utils.is_debug(): sys.excepthook = handle_exception settings_window = VMSettingsWindow(vm, qapp, args.tab) settings_window.show() qapp.exec_() qapp.exit() if __name__ == "__main__": main() # vim:sw=4:et: