qubes-core-admin-linux

Commit Graph

Author	SHA1	Message	Date
Marek Marczykowski-Górecki	49c1fe9004	Add "--" to separate options from (untrusted) non-options arguments This will prevent passing an option instead of command (qvm-run) / domain name (qrexec-policy). In both cases when VM tries to pass some option it would fail because missing argument then - VM can not pass additional arguments, so if one act as an option, one argument will be missing). (cherry picked from commit `d031126737`) Conflicts: qrexec/qrexec-daemon.c	9 years ago
Marek Marczykowski-Górecki	28dfdddc0e	Minor fixes in messages	10 years ago
Marek Marczykowski-Górecki	6cca9a377f	qrexec: add -q option to silence "Waiting for VM's qrexec agent" message	10 years ago
Marek Marczykowski-Górecki	79abec9038	qrexec: fix deadlock in qrexec-client When VM-VM qrexec service is called, two qrexec-clients are connected in dom0. If both VMs are sending data simultaneously it can happen that both qrexec-client processes will call write(2) and none of them will be reading -> deadlock. Solve it by handling I/O in two separate threads (one for reading from VM, another for writing), at any time qrexec-client is ready to accept data from either direction.	10 years ago
Marek Marczykowski-Górecki	9de6171a43	qubes-rpc: log (local) service output to syslog, discard stderr from VMs (#842 ) Basically - store the logs where the service is running.	10 years ago
Marek Marczykowski-Górecki	0be6f8431f	qrexec: add support for filtering terminal escape chars	10 years ago
Marek Marczykowski-Górecki	3f9cbe63b8	qrexec: use proper unsigned type instead of muting compiler warning	10 years ago
Vincent Penquerc'h	36c8885ff2	Fix some potential aliasing issues	10 years ago
Marek Marczykowski-Górecki	2b95581928	Add -Wextra -Werror to all C compile flags	10 years ago
Marek Marczykowski-Górecki	aa0fda1984	Fix -Wextra warnings	10 years ago
Marek Marczykowski-Górecki	433a942bc3	qrexec: register callback for qrexec-lib Now qrexec-lib do not use exported symbols of particular names, but explicitly registered callbacks.	10 years ago
Marek Marczykowski-Górecki	f77e2d656d	qrexec: remove dialog box in case of connect timeout (#790 ) Instead exit with failure (keeping child process for further connect retries) and let the core/user decide what to do.	10 years ago
Marek Marczykowski-Górecki	c03a37f2bf	qrexec: remove socket at daemon exit	10 years ago
Vincent Penquerc'h	4a81560536	qrexec-daemon: check symlink success	11 years ago
Vincent Penquerc'h	63c46b2f8c	qrexec-daemon: add a few consts where appropriate	11 years ago
Vincent Penquerc'h	951e51d274	core-admin-linux: misc const/etc fixups	11 years ago
Vincent Penquerc'h	771be64912	qrexec-daemon: fix read underflow when the last fd goes If no remaining fd is alive in the list, the loop breaks when i is negative, but by then clients[-1] would have been dereferenced.	11 years ago
Vincent Penquerc'h	bac950c5ce	qrexec-daemon: check we really did drop root privileges and drop group privileges too while we're at it	11 years ago
Vincent Penquerc'h	5e4e1fe6ac	qrexec-daemon: fix pathological break-out-of-wait-loop If the timeout is 1, attempting to retry would not actually retry, since i would be incremented just after being reset to 0, and would thus break out of the loop.	11 years ago
Vincent Penquerc'h	e88faee9dd	qrexec-daemon: reject negative timeouts	11 years ago
Vincent Penquerc'h	259d7aaf78	qrexec-daemon: use fully qualified path to kdialog/zenity	11 years ago
Vincent Penquerc'h	67f27bd94f	qrexec-daemon: make children_count volatile It's decremented in a signal handler	11 years ago
Vincent Penquerc'h	97c7c97420	qrexec-policy: warn if some data is ignored Something like vm1 vm2 allow, user=foo would be 4 items, and the user part would be ignored by the parser. It might or might not be better to error out instead of just warning, though...	11 years ago
Marek Marczykowski-Górecki	05390894be	Qrexec: log allowed RPC calls	11 years ago
Marek Marczykowski-Górecki	0ab5a89895	Minor whitespace fix	11 years ago
Marek Marczykowski-Górecki	ce971eaa54	qrexec: don't wait indefinitely if the daemon startup failed Count started children and if the last one exits before getting SIGUSR1 (confirmation of successful daemon startup) report failure.	11 years ago
Marek Marczykowski-Górecki	19e7663928	qrexec-daemon: optionally don't wait for connection to the VM Will be used to keep qrexec-daemon running in the background even if no qrexec-agent installed (yet). Specifically to give the VM a chance to inform about just installed agent.	11 years ago
Marek Marczykowski-Górecki	72b528ddd1	Revert "rpm: fix policy/qubes.SyncAppMenus name" This reverts commit `de087e9b8d`. Mangled two changes together.	11 years ago
Marek Marczykowski-Górecki	de087e9b8d	rpm: fix policy/qubes.SyncAppMenus name	11 years ago
Marek Marczykowski-Górecki	28aa4d992f	qrexec: display VM name in connect timeout message (#723 ) Now it is possible, as we have domain name from cmdline.	11 years ago
Marek Marczykowski-Górecki	c92bc0a05c	qrexec: use VM name in log filename	11 years ago
Marek Marczykowski	cf8959dbfe	qrexec: get domain name from cmdline libvchan_get_domain_name will be removed	11 years ago
Marek Marczykowski-Górecki	c95cd3a054	qrexec: validate target domain (#743 )	11 years ago
Marek Marczykowski-Górecki	aedd97bb3a	qrexec: minor formating fix	11 years ago
Marek Marczykowski	158bfff3cf	Add qrexec back, use qubes-utils libraries for common code	11 years ago

35 Commits (release2)