QubesOS/qubes-core-admin-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
179 Commits 8 Branches 294 Tags 2.8 MiB
2695a6ec90
Commit Graph

27 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
af0fdb3cd3
rpm: move os-prober removing code to kernel-install subpackage 
Main qubes-core-dom0 should not be installed as part of installer image,
but os-prober dependency pulls that in. So move it into
qubes-core-dom0-kernel-install subpackage. After all this is where grub
config regeneration code is placed, so it is more logical place.

(cherry picked from commit e062c431dd)
 2015-10-01 11:51:20 +02:00
Marek Marczykowski-Górecki
1d5b55465f
Prevent installing all the qubes packages in the installer image 
Split kernel-install hook into separate package, as only this part is
needed by the installer. This will prevent installing all the Qubes/Xen
staff in the installer, especially udev scripts and xenstored, which
doesn't play well with anaconda.

(cherry picked from commit 5e6d3a273d)

Conflicts:
	rpm_spec/core-dom0-linux.spec
 2015-10-01 11:51:17 +02:00
Marek Marczykowski-Górecki
dab1417c24
rpm: provide qubes-core-dom0-linux-kernel-install virtual pkg 
This is for kernel package dependencies, since we have the same kernel
packages for both R2 and R3.0

(cherry picked from commit f056e0341e)
 2015-10-01 11:50:52 +02:00
Marek Marczykowski-Górecki
ed6ab1e598
Add kernel post-installation script to regenerate grub2 config 
Since we now allow using Fedora kernel, add a script to generate proper
bootloader configuration then. Standard Fedora mechanism relies on
Boot Loader Specification support in grub2, which sadly does not support
Xen, so it is useless in Qubes.

(cherry picked from commit 2a14ae9c0b)

Conflicts:
	rpm_spec/core-dom0-linux.spec
 2015-10-01 11:50:47 +02:00
Marek Marczykowski-Górecki
740994b8d9
Disable lesspipe in dom0 
It can be dangerous when processing untrusted content (for example VM
logs).
Details:
https://groups.google.com/d/msgid/qubes-users/20150527215812.GA13915%40mail-itl

(cherry picked from commit 8acd40905d)
 2015-09-27 23:41:23 +02:00
Marek Marczykowski-Górecki
547854bed6 rpm: force removal os-prober package 
It can be can be harmful, because it accesses (and mounts) every block
device, including VM controlled /dev/loop*.
 2015-07-28 00:32:44 +02:00
Marek Marczykowski-Górecki
8f2a03e672 rpm: fix permissions of /etc/qubes-rpc{,/policy} 
Group qubes should have write right there.
 2014-10-30 06:40:34 +01:00
Marek Marczykowski-Górecki
1e8b3ea876 rpm: do not save removed udev script 
As Qubes dom0 is standalone system, not an addon to Fedora (for some
time...), we do not longer need to save such scripts to handle
package remove.
 2014-09-30 23:51:10 +02:00
Marek Marczykowski-Górecki
5af0530e8d udev: prevent VM disks content from being accessed by dom0 processes 
To not expose dom0 processes like blkid for attacks from VM (e.g. by
placing malicious filesystem header in private.img).
 2014-06-11 02:41:20 +02:00
Marek Marczykowski-Górecki
6f1ba98230 rpm: disable non-Xen grub entry on upgrade 2014-04-14 04:14:18 +02:00
Marek Marczykowski-Górecki
1205d9e01f rpm: fix dom0 updates with F20 firewallvm 
F20 yum version have changed a way of parsing system-release package
version (so $releasever variable). Force it to use qubes-release package
version, not redhat-release.
 2014-03-04 02:07:50 +01:00
Marek Marczykowski-Górecki
30535e59d2 rpm: require qubes-utils >= 2.0.6 for imgconverter 2014-02-07 05:46:19 +01:00
Marek Marczykowski-Górecki
ea7b4eb5cb rpm: BR:qubes-utils-devel >= 2.0.5 - because of slight API change 
Note that R: will be generated automatically (on library name).
 2014-02-07 05:36:56 +01:00
Marek Marczykowski-Górecki
7ad1183793 rpm: speedup package installation 
Do not rebuild cache after each icon installation.
 2013-12-26 05:07:11 +01:00
Marek Marczykowski-Górecki
c000f24def appmenus: fallback hardcoded appmenus for HVM with qrexec installed 
If VM didn't returned any appmenus data, the service is most likely not
available there. Actually it hasn't been written yet.
 2013-12-04 03:05:34 +01:00
Marek Marczykowski-Górecki
d0509caf9e pm-utils: hook qubes suspend scripts to systemd 
Apparently new KDE doesn't call pm-suspend anymore, instead use systemd
suspend logic. So hook our scripts also there.
 2013-11-04 01:28:36 +01:00
Marek Marczykowski-Górecki
aa5635b4f5 rpm: fix policy/qubes.SyncAppMenus name (v2) 2013-10-23 05:40:27 +02:00
Marek Marczykowski-Górecki
72b528ddd1 Revert "rpm: fix policy/qubes.SyncAppMenus name" 
This reverts commit de087e9b8d.
Mangled two changes together.
 2013-10-23 05:39:46 +02:00
Marek Marczykowski-Górecki
de087e9b8d rpm: fix policy/qubes.SyncAppMenus name 2013-10-23 00:25:50 +02:00
Marek Marczykowski-Górecki
b4ab187793 dracut: change the way to include ehci-pci module 
Apparently add_drivers doesn't work. Looking at kernel-modules dracut
code, it can only be used for block-device driver and only makes sense
in --host-only mode.
So add additional module, which unconditionally install kernel modules.
 2013-08-13 00:39:35 +02:00
Marek Marczykowski
0f384aacd9 spec: create 'qubes' group is not exists 
This group can be created also by qubes-core-dom0 package, but add
relevant code also here to simplify dependencies.
 2013-03-25 16:21:43 +01:00
Marek Marczykowski
158bfff3cf Add qrexec back, use qubes-utils libraries for common code 2013-03-20 06:24:17 +01:00
Marek Marczykowski
dbe9693851 Other Linux-specific files 2013-03-16 19:52:16 +01:00
Marek Marczykowski
e5f9e46e19 dom0-updates code 2013-03-16 18:54:21 +01:00
Marek Marczykowski
d06bbdc967 appmenus: include standalone qvm-sync-appmenus and its manpage 2013-03-16 18:34:40 +01:00
Marek Marczykowski
5d78289bfe vaio-fixes 2013-03-16 18:24:21 +01:00
Marek Marczykowski
ad522026d3 Initial commit: appmenus handling code, icons 2013-03-16 18:23:22 +01:00