Commit Graph

519 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
db8aa6cf15
version 3.2.4 2016-06-24 23:07:32 +02:00
Marek Marczykowski-Górecki
d9b37eec6c
dom0-updates: whitespace fixes 2016-06-24 02:24:52 +02:00
Marek Marczykowski-Górecki
3eed63b892
Merge remote-tracking branch 'ttasket/ttasket-patch-3'
Fixes QubesOS/qubes-issues#2061

* ttasket/ttasket-patch-3:
  Fixes
  Re-create private.img if missing
  Try to handle private.img (fail)
  Fix syntax
  Backup root.img
  Update qubes-dom0-update
  Backup root.img
  Backup root.img
  Support in-place template reinstalls - for testing
  Add template reinstall support
2016-06-24 02:22:45 +02:00
ttasket
fbb58918af Fixes
Moved create private.img before yum.
Shutdown templatevm first -- don't want to query possibly compromised vm running old private.img.
Issue #2061
2016-06-21 15:15:34 -04:00
ttasket
ef1ab34234 Re-create private.img if missing
This restores the netvm setting and also re-creates private.img if older rpm scriptlet doesn't create it.
Issue #2061
2016-06-21 10:57:57 -04:00
ttasket
577944c8fb Try to handle private.img (fail)
mv and rm private.img like root.img, but this results in no private.img after reinstall.
do not use.
2016-06-20 14:04:55 -04:00
ttasket
457b275800 Fix syntax
@marmarek This works on my system.
2016-06-20 13:36:30 -04:00
ttasket
32a4269f4a Backup root.img
Just in case template %post scriptlet doesn't unlink during reinstall, or if reinstall fails.
Also preserves Netvm prefs setting.
2016-06-18 12:00:00 -04:00
ttasket
d316624f61 Update qubes-dom0-update 2016-06-18 05:24:18 -04:00
ttasket
8c7a225070 Backup root.img
Just in case template %post scriptlet doesn't unlink during reinstall, or if reinstall fails. Fixed PKGS test.
2016-06-18 04:22:23 -04:00
ttasket
6c7c25d9e7 Backup root.img
Just in case template %post scriptlet doesn't unlink during reinstall, or if reinstall fails.
2016-06-18 03:02:46 -04:00
ttasket
17627cdf3c Support in-place template reinstalls - for testing
This doesn't yet prevent appvms from starting with invalid template during the reinstall, and doesn't deal with the Netvm setting problem.
For issue #2061
2016-06-16 07:59:28 -04:00
ttasket
6b315b1dad Add template reinstall support
Issue #2061
Simple implementation checks for --action=reinstall but adds no sanity checks.
2016-06-12 12:05:28 -04:00
Marek Marczykowski-Górecki
30aac6b6a8
version 3.2.3 2016-06-07 06:13:07 +02:00
Marek Marczykowski-Górecki
60488d4439
system-config: add systemd-preset configuration
Fixes QubesOS/qubes-issues#2049
2016-06-06 02:22:58 +02:00
Marek Marczykowski-Górecki
4d4e7cc5e9
kernel-install: do not add kernel entry if already present
The entry may be already present for example when reinstalling package,
or calling the script multiple times (which apparently is the case
during system installation).
2016-06-03 20:51:18 +02:00
Marek Marczykowski-Górecki
dc9e3c9c11
travis: initial version
QubesOS/qubes-issues#1926
2016-06-03 20:23:10 +02:00
Marek Marczykowski-Górecki
01f357ae3a
dom0-updates: patch dnf.conf to use local repository
Add the same options as for yum. And do that with nice markers, instead
of forcefully overriding the entries.

QubesOS/qubes-issues#1807
2016-06-03 20:21:04 +02:00
Marek Marczykowski-Górecki
21bec492e8
qrexec: add service argument support
Fixes QubesOS/qubes-issues#1876

Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2016-05-19 15:39:08 +02:00
Marek Marczykowski-Górecki
c629529565
qrexec: prefer VM-local service file (if present) over default one
This will allow a service to be overridden per-VM.

Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2016-05-19 15:39:08 +02:00
Wojtek Porczyk
c4cf6b646b
qubes-rpc-multiplexer: deprecate /etc/qubes_rpc, allow /usr/local
/usr/local resides in private.img, so it is possible to define per-appvm RPC

Also, with the upcoming 3.0 release support for old (R1) paths is
removed.

Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2016-05-19 15:39:08 +02:00
Marek Marczykowski-Górecki
f8d23d0d64
qrexec: execute RPC service directly (without a shell) if it has executable bit set
This will allow to use some different shell/language for a service (for
example python).

Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2016-05-19 15:39:07 +02:00
Marek Marczykowski-Górecki
7b582e0339
qrexec: do not leak FDs to logger process
This would prevent qrexec from detecting EOF.

Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2016-05-19 15:39:07 +02:00
Marek Marczykowski-Górecki
888db2f7cf
version 3.2.2 2016-05-18 02:32:23 +02:00
Marek Marczykowski-Górecki
f7eaa7bec2
kernel-install: don't fail on kernel removal in non-EFI installs
In non-EFI installation /boot/efi/EFI/qubes may not exists. In this case
do not try to touch (non-existing) files there.

Fixes QubesOS/qubes-issues#1829
2016-05-15 11:19:18 +02:00
Marek Marczykowski-Górecki
85effc2946
version 3.2.1 2016-05-05 00:04:44 +02:00
Marek Marczykowski-Górecki
b5101d11d6
appmenus: call appropriate kbuildsycoca version (KDE4/KDE5)
QubesOS/qubes-issues#1807
2016-05-04 01:44:09 +02:00
Marek Marczykowski-Górecki
c9d1f7c98d
version 3.2.0 2016-04-19 23:27:05 +02:00
Marek Marczykowski-Górecki
4694f5f52f
appmenus: force changing appicons when VM label is changed
Fixes QubesOS/qubes-issues#1606
2016-04-19 23:11:10 +02:00
M. Vefa Bicakci
fdc00ad678
dracut: Omit network and kernel-network-modules 2016-04-10 00:00:00 -04:00
Marek Marczykowski-Górecki
0607d9021a
qrexec: add support for service argument
Fixes QubesOS/qubes-issues#1876
2016-03-27 04:31:11 +02:00
Marek Marczykowski-Górecki
ad28f4df62
qrexec: deny spaces in service domain name
Fixes QubesOS/qubes-issues#1877
2016-03-27 04:23:47 +02:00
Galland
3acfb8e4b3 Add colon (:) to trusted characters (for "Code::Blocks" appmenu)
After installing "codeblocks" app in TemplateVM it doesn't appear in Qubes VM Manager's available app shortcuts.
If I run in a Dom0 Terminal: /usr/libexec/qubes-appmenus/qubes-receive-appmenus fedora-23
I get this: "Warning: ignoring key 'Name' of codeblocks.desktop"
The "Name" key in that file has value "Code::Blocks"

The problem comes from line 168, because of the colons in the app Name.

By adding the colon ":" to the std_re used to match valid characters for "Name", the app is correctly parsed and I can add the shortcut to AppVMs
2016-03-16 22:38:38 +01:00
Marek Marczykowski-Górecki
e0c875a367
pm-utils: call qubes.SuspendPreAll/qubes.SuspendPostAll services
Host suspend notification may be useful not only to driver domains. For
example Whonix needs to resync time after suspend.

Thanks @adrelanos for help.

Fixes QubesOS/qubes-issues#1663
2016-03-15 23:13:48 +01:00
Marek Marczykowski-Górecki
6c7443223b
dom0-update: remove cached metadata when --clean is used
Fixes QubesOS/qubes-issues#1748
2016-03-11 15:10:28 +01:00
Marek Marczykowski-Górecki
c87d6c5cb7
version 3.1.9 2016-03-07 03:55:51 +01:00
Marek Marczykowski-Górecki
b19ba4dc2d
pm-utils: do not leave background tasks - will be killed by systemd
qvm-sync-clock running in background is killed as soon as
qubes-suspend.service is terminated.
Additionally restore --verbose option, which was the case (implicitly)
in previous qvm-run based code.

Fixes QubesOS/qubes-issues#1795
2016-02-29 13:31:25 +01:00
Marek Marczykowski-Górecki
01833c698c
version 3.1.8 2016-02-23 16:22:49 +01:00
Marek Marczykowski-Górecki
199d12636b
Merge remote-tracking branch 'qubesos/pr/5'
* qubesos/pr/5:
  Use #!/bin/bash and && in qvm-move-to-vm
  qvm-copy-to-vm: Fix running with multiple file arguments
  qvm-move-to-vm: Remove duplicated code
2016-02-23 03:53:27 +01:00
Marek Marczykowski-Górecki
ee3950a3aa
pm-utils: use qvm-sync-clock --force instead of manual qvm-run
After suspend VMs clocks are desynchronized in most cases (because VMs
were paused). Since directly after suspent there may be no network
access, normal `qvm-sync-clock` call isn't good (it aborts if NTP call
fails). But with new `qvm-sync-clock --force` switch, it sync VMs even
if NTP is unreachable.

QubesOS/qubes-issues#1728
2016-02-22 22:24:04 +01:00
Marek Marczykowski-Górecki
f8d8368b10
qrexec: add timeout for data vchan connection
When qrexec-agent crashes for any reason (for example
QubesOS/qubes-issues#1389), it will never connect back and qrexec-client
will wait forever. In worst case it may happen while holding qubes.xml
write lock (in case of DispVM startup) effectively locking the whole
system.

Fixes QubesOS/qubes-issues#1636
2016-02-22 22:24:04 +01:00
Rusty Bird
6e4d39c7b3
Use #!/bin/bash and && in qvm-move-to-vm
#!/bin/bash because qvm-move-to-vm sources qvm-copy-to-vm, which has
a bashism (-o pipefail).

&& is safer in case qvm-*copy*-to-vm is ever changed to call 'set +e'.
2016-02-16 08:33:54 +00:00
Rusty Bird
c177ae2c7a
qvm-copy-to-vm: Fix running with multiple file arguments 2016-02-13 15:21:39 +00:00
Rusty Bird
bc29af7c0c
qvm-move-to-vm: Remove duplicated code 2016-02-13 15:21:38 +00:00
Marek Marczykowski-Górecki
466acad6fb
version 3.1.7 2016-02-08 05:03:18 +01:00
Marek Marczykowski-Górecki
8c0643092b
Use qubes.SetDateTime instead of direct call in post-suspend time sync
Fixes QubesOS/qubes-issues#1728
2016-02-08 04:49:14 +01:00
Marek Marczykowski-Górecki
2198986d5c
dom0-update: do not output scary messagge about missing repomd.xml
... when no updates are available.

Fixes QubesOS/qubes-issues#1685
2016-02-03 16:46:58 +01:00
Marek Marczykowski-Górecki
fc2e8264d4
Merge remote-tracking branch 'qubesos/pr/4'
* qubesos/pr/4:
  Add qvm-appmenu-replace tool.
2016-01-17 04:34:10 +01:00
Marek Marczykowski-Górecki
74afb8a7cc
version 3.1.6 2015-12-31 02:58:00 +01:00
Marek Marczykowski-Górecki
fa8ebeb42d Fix typo in "d9d48e8 qrexec: use tray notification when..."
Fixes QubesOS/qubes-issues#1446

Thanks HW42 for the report.
2015-12-28 00:59:45 +01:00