Commit Graph

222 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
5f1e7a77e6
version 3.0.9 2015-07-13 00:14:17 +02:00
Marek Marczykowski-Górecki
fddeb4a23c
Generate initramfs in kernel-install hook
The default one generates initramfs in location expected by Boot Loader
Specification, which as noted before, isn't useful for Qubes.
2015-07-12 01:54:53 +02:00
Marek Marczykowski-Górecki
f056e0341e
rpm: provide qubes-core-dom0-linux-kernel-install virtual pkg
This is for kernel package dependencies, since we have the same kernel
packages for both R2 and R3.0
2015-07-12 01:53:48 +02:00
Marek Marczykowski-Górecki
2a14ae9c0b
Add kernel post-installation script to regenerate grub2 config
Since we now allow using Fedora kernel, add a script to generate proper
bootloader configuration then. Standard Fedora mechanism relies on
Boot Loader Specification support in grub2, which sadly does not support
Xen, so it is useless in Qubes.
2015-07-10 17:54:24 +02:00
Marek Marczykowski-Górecki
20051e18c9
Update README 2015-07-10 17:50:25 +02:00
Marek Marczykowski-Górecki
c3331645e4 version 3.0.8 2015-07-08 05:57:52 +02:00
Marek Marczykowski-Górecki
cc7075ab65 appmenus: defer menu cache regeneration to speedup qvm-sync-appmenus
Call "xdg-desktop-menu forceupdate" at the end of the process, not for
every single item.
2015-07-08 05:56:38 +02:00
Marek Marczykowski-Górecki
5e3fbb1623 dom0-updates: ensure proper permissions on packages and metadata
This also includes possibly error flag file.
2015-07-08 04:54:34 +02:00
Marek Marczykowski-Górecki
fcd084f908 version 3.0.7 2015-07-01 07:18:18 +02:00
Marek Marczykowski-Górecki
4ce5e04d7e dracut: fix assigning devices to xen-pciback 2015-07-01 07:16:59 +02:00
Marek Marczykowski-Górecki
8acd40905d Disable lesspipe in dom0
It can be dangerous when processing untrusted content (for example VM
logs).
Details:
https://groups.google.com/d/msgid/qubes-users/20150527215812.GA13915%40mail-itl
2015-06-25 02:37:29 +02:00
Marek Marczykowski-Górecki
1288a13520 qrexec: do not terminate before sending all the data
Make sure that all the data from local process is sent (including final
EOF), before handling its exit code - which would include terminating
qrexec-client process.
2015-06-23 02:44:59 +02:00
Marek Marczykowski-Górecki
7ce62cbd98 dracut: support the case when xen-pciback is built-in, not a module
In such case, we can't set module parameters in initramfs. But we can
bind the driver to appropriate devices manually - which is also doable
in case of module.
2015-06-15 03:26:04 +02:00
Marek Marczykowski-Górecki
07de8f7515 appmenus: allow '_' in Exec and other fields 2015-05-17 00:07:01 +02:00
Marek Marczykowski-Górecki
7e80d203ff version 3.0.6 2015-05-15 03:29:37 +02:00
Marek Marczykowski-Górecki
a5650d3251 dom0-update: improve package validation regexp - include DSA case (#988)
Apparently when package is signed with DSA key, rpm -K output is totally
different. This is the case for bumblebee package on rpmfusion.

Fixes qubesos/qubes-issues#988
2015-05-15 03:13:01 +02:00
Marek Marczykowski-Górecki
f2b5cf1cc0 dom0-update: clear error marker before downloading new packages (#987)
Otherwise if some package download fails once - further tries will also
report errors.

Fixes qubesos/qubes-issues#987
2015-05-13 02:34:51 +02:00
Marek Marczykowski-Górecki
4cab815317 dom0-update: prevent template package upgrades (#996)
This would override user changes to the template. Previous method
(Obsoletes: rpm header) doesn't work now, so add explicit exclude list
as yum option

Fixes qubesos/qubes-issues#996
2015-05-13 02:33:12 +02:00
Marek Marczykowski-Górecki
3f29b411d0 qrexec: do not send spurious MSG_SERVICE_REFUSED
This causes closing connection (FD) to still alive client.

Fixes qubesos/qubes-issues#993
2015-05-10 04:36:33 +02:00
Marek Marczykowski-Górecki
0d75af86d8 version 3.0.5 2015-05-03 16:05:37 +02:00
Marek Marczykowski-Górecki
ed363452c9 gitignore 2015-05-03 16:05:02 +02:00
Marek Marczykowski-Górecki
50eb23d60e appmenus: add missing appicons_cleanup function
Commit f05f214f "appmenus: update icons only when changed" introduced
usage of vm.appicons_cleanup, but that function wasn't implemented. That
caused not generating appmenus at all after template update (old
appmenus was removed, but script crashes before adding the new one).
2015-05-02 23:49:40 +02:00
Marek Marczykowski-Górecki
b40008a06d appmenus: do not regenerate all the icons for the template itself 2015-05-02 21:09:42 +02:00
Marek Marczykowski-Górecki
febac40b05 appmenus: convert eval's to lambda's 2015-05-02 21:09:42 +02:00
Marek Marczykowski-Górecki
59d9dc0307 appmenus: minor code style fixes
Use 'in' instead of has_key, remove unused code.
2015-05-02 21:09:42 +02:00
Marek Marczykowski-Górecki
2a08357fa4 appmenus: script formatting
Wrap long lines, fix whitespaces
2015-05-02 21:09:42 +02:00
Marek Marczykowski-Górecki
d43a421dee version 3.0.4 2015-04-28 13:23:31 +02:00
Marek Marczykowski-Górecki
f05f214f6c appmenus: update icons only when changed
Do not regenerate all the icons when the source is unchanged.

Also add preliminary code to support the same improvement for .desktop
files, but it requires some more work, especially because KDE does a lot
of caching and we need to force update sometimes (for example when VM
label color has changed).
2015-04-28 12:45:29 +02:00
Marek Marczykowski-Górecki
d6f0cfcbad qrexec: fix waiting for qrexec-agent data connection
In case of vchan server libvchan_is_open() returns VCHAN_WAITING (2) when
client is not yet connected.
2015-04-20 05:46:47 +02:00
Marek Marczykowski-Górecki
6cf84a7319 version 3.0.3 2015-04-12 03:07:42 +02:00
Marek Marczykowski-Górecki
5d5a33f90b appmenus: fix template's icon 2015-04-12 02:06:26 +02:00
Marek Marczykowski-Górecki
c457b485cb Load xen-acpi-processor module
It is required for cpufreq to work.
2015-04-10 17:56:58 +02:00
Marek Marczykowski-Górecki
5a7813c05c version 3.0.2 2015-04-01 00:12:43 +02:00
Marek Marczykowski-Górecki
5035fc7eed Remove iptables config
Dom0 have no network at all, it isn't needed.
2015-03-31 22:55:25 +02:00
Marek Marczykowski-Górecki
2866196dad version 3.0.1 2015-03-26 23:53:33 +01:00
Marek Marczykowski-Górecki
3c151ca509 dom0-update: allow to specify custom yum action
This can be useful for actions like "downgrade", "reinstall" etc.

Needs additional testing if whole distribution upgrade using
"distro-sync" action will work as expected.
2015-03-26 00:58:10 +01:00
Marek Marczykowski-Górecki
51c736a92c qrexec: enable compiler optimization 2015-03-20 12:16:28 +01:00
Marek Marczykowski-Górecki
18d079a99a qrexec: fix compiler warnings 2015-03-20 12:16:19 +01:00
Marek Marczykowski-Górecki
b07475efea qrexec: make the log writable by qubes group
Otherwise if VM was started as root, it will never start as normal user
again.
2015-03-20 03:06:06 +01:00
Marek Marczykowski-Górecki
04816e014b qrexec: do not exit from qrexec-client until local process exit code is sent 2015-03-17 22:55:15 +01:00
Marek Marczykowski-Górecki
662813dc18 appmenus: recreate appmenus for the template itself after update 2015-03-11 00:00:37 +01:00
Marek Marczykowski-Górecki
735788dbd6 appmenus: do not force GUI connection when retrieving appmenus
There could be no GUI available - for example at firstboot.
2015-03-10 23:59:30 +01:00
Marek Marczykowski-Górecki
e76007fe20 qrexec: periodically check if remote domain/process still exists 2015-02-22 18:25:14 +01:00
Marek Marczykowski-Górecki
9ea5790a9b appmenus: really call kbuildsycoca4 only once after template update (#886) 2015-02-22 02:08:49 +01:00
Marek Marczykowski-Górecki
5645b4c307 qrexec: wait for remote exit code, even when both stdin/out are closed 2015-02-17 03:57:17 +01:00
Marek Marczykowski-Górecki
61eb2e7764 qrexec: fix handling of remote exit code 2015-02-11 16:11:38 +01:00
Marek Marczykowski-Górecki
d031126737 Add "--" to separate options from (untrusted) non-options arguments
This will prevent passing an option instead of command (qvm-run) /
domain name (qrexec-policy). In both cases when VM tries to pass some
option it would fail because missing argument then - VM can not pass
additional arguments, so if one act as an option, one argument will be
missing).
2015-02-10 01:57:33 +01:00
Marek Marczykowski-Górecki
4449d51d98 udev: prevent race with kpartx -d
udevd calls (internal) blkid, which opens the device, so kpartx -d
cannot remove it.
2015-02-01 04:05:05 +01:00
Marek Marczykowski-Górecki
a28e6e1044 appmenus: call kbuildsycoca4 only once after template update (#886) 2015-01-30 01:57:19 +01:00
Marek Marczykowski-Górecki
04770e4037 version 3.0.0 2014-11-22 16:24:11 +01:00