Commit Graph

41 Commits

Author SHA1 Message Date
Jean-Philippe Ouellet
c69662eb28
Improve qrexec protocol mismatch error dialog
- only have one button, because "yes/no" makes no sense in this context
- inform use to use "-t pv" for xl console, because otherwise it won't
  work for HVM domains.
- use the actual VM name, not "vmname"
2017-12-07 14:42:33 -05:00
Marek Marczykowski-Górecki
54d5c7b35c
qrexec: allow ':' in call target specification
':' is used in DispVM special tags, like '$dispvm:something'.

Fixes QubesOS/qubes-issues#3137
2017-10-01 13:19:42 +02:00
Marek Marczykowski-Górecki
8719e5d74c
qrexec: fix pending requests cleanup code (cont)
There was a second place with exactly the same bug. See
dad208a "qrexec: fix pending requests cleanup code" for details.

Fixes QubesOS/qubes-issues#2699
2017-05-29 20:51:16 +02:00
Marek Marczykowski-Górecki
1502eb4d59
qrexec: switch to new qrexec policy in core-admin
QubesOS/qubes-issues#910
2017-05-17 13:58:55 +02:00
Marek Marczykowski-Górecki
723d32b8b7
qrexec: fix pending requests cleanup code
There was a logic error in pending requests cleanup code, causing
policy_pending_max being set to 0, even if there were more pending
requests. This effectively limited maximum pending requests to 1, after
some system uptime, because policy_pending_max set to 0 makes the code
looks only at the first pending request slot.

While at it, remove outdated FIXME comment, actually this bug is in the
code implementing this FIXME.

Fixes QubesOS/qubes-issues#2699
2017-03-13 03:16:34 +01:00
Marek Marczykowski-Górecki
849b295384
qrexec: add option to wait for VM-VM connection termination
Normally when qrexec-client setup VM-VM connection it exits
immediatelly. But it may be useful to wait for the connection to
terminate - for example to cleanup DispVM.

qrexec-daemon (the one that allocated vchan port) do receive such
notification, so expose such option to qrexec-client.

QubesOS/qubes-issues#2253
2016-08-17 02:41:22 +02:00
Marek Marczykowski-Górecki
0607d9021a
qrexec: add support for service argument
Fixes QubesOS/qubes-issues#1876
2016-03-27 04:31:11 +02:00
Marek Marczykowski-Górecki
ad28f4df62
qrexec: deny spaces in service domain name
Fixes QubesOS/qubes-issues#1877
2016-03-27 04:23:47 +02:00
Marek Marczykowski-Górecki
3f29b411d0 qrexec: do not send spurious MSG_SERVICE_REFUSED
This causes closing connection (FD) to still alive client.

Fixes qubesos/qubes-issues#993
2015-05-10 04:36:33 +02:00
Marek Marczykowski-Górecki
b07475efea qrexec: make the log writable by qubes group
Otherwise if VM was started as root, it will never start as normal user
again.
2015-03-20 03:06:06 +01:00
Marek Marczykowski-Górecki
d031126737 Add "--" to separate options from (untrusted) non-options arguments
This will prevent passing an option instead of command (qvm-run) /
domain name (qrexec-policy). In both cases when VM tries to pass some
option it would fail because missing argument then - VM can not pass
additional arguments, so if one act as an option, one argument will be
missing).
2015-02-10 01:57:33 +01:00
Marek Marczykowski-Górecki
1d017449d0 qrexec: fix compile warnings 2014-11-19 15:23:10 +01:00
Marek Marczykowski-Górecki
6efbbb88da qrexec: new protocol - direct data vchan connections 2014-11-19 15:23:10 +01:00
Marek Marczykowski-Górecki
0ba692c85a code style: change tabs to spaces 2014-11-19 15:21:42 +01:00
Marek Marczykowski
43770dae36 qrexec: handle vchan connect errors 2014-11-19 15:21:41 +01:00
Marek Marczykowski
d08831cc7e qrexec: get domain name from cmdline
libvchan_get_domain_name will be removed
2014-11-19 15:21:41 +01:00
Marek Marczykowski
7bdf7b3f36 use domain name in error messages and log file name
Should be much more convenient than XID.
2014-11-19 15:21:41 +01:00
Marek Marczykowski
9215c09656 update for new vchan API 2014-11-19 15:21:40 +01:00
Marek Marczykowski-Górecki
6cca9a377f qrexec: add -q option to silence "Waiting for VM's qrexec agent" message 2014-10-24 22:03:46 +02:00
Marek Marczykowski-Górecki
3f9cbe63b8 qrexec: use proper unsigned type instead of muting compiler warning 2014-02-19 20:54:39 +01:00
Vincent Penquerc'h
36c8885ff2 Fix some potential aliasing issues 2014-02-16 11:44:30 +01:00
Marek Marczykowski-Górecki
aa0fda1984 Fix -Wextra warnings 2014-02-16 10:29:06 +01:00
Marek Marczykowski-Górecki
f77e2d656d qrexec: remove dialog box in case of connect timeout (#790)
Instead exit with failure (keeping child process for further connect
retries) and let the core/user decide what to do.
2014-02-05 03:31:47 +01:00
Marek Marczykowski-Górecki
c03a37f2bf qrexec: remove socket at daemon exit 2014-02-04 23:27:04 +01:00
Vincent Penquerc'h
4a81560536 qrexec-daemon: check symlink success 2014-01-16 04:20:18 +01:00
Vincent Penquerc'h
63c46b2f8c qrexec-daemon: add a few consts where appropriate 2014-01-16 04:20:18 +01:00
Vincent Penquerc'h
951e51d274 core-admin-linux: misc const/etc fixups 2014-01-06 17:54:47 +01:00
Vincent Penquerc'h
771be64912 qrexec-daemon: fix read underflow when the last fd goes
If no remaining fd is alive in the list, the loop breaks when i
is negative, but by then clients[-1] would have been dereferenced.
2014-01-06 17:54:47 +01:00
Vincent Penquerc'h
bac950c5ce qrexec-daemon: check we really did drop root privileges
and drop group privileges too while we're at it
2014-01-06 17:54:46 +01:00
Vincent Penquerc'h
5e4e1fe6ac qrexec-daemon: fix pathological break-out-of-wait-loop
If the timeout is 1, attempting to retry would not actually retry,
since i would be incremented just after being reset to 0, and would
thus break out of the loop.
2014-01-06 17:54:46 +01:00
Vincent Penquerc'h
e88faee9dd qrexec-daemon: reject negative timeouts 2014-01-06 17:54:46 +01:00
Vincent Penquerc'h
259d7aaf78 qrexec-daemon: use fully qualified path to kdialog/zenity 2014-01-06 17:54:46 +01:00
Vincent Penquerc'h
67f27bd94f qrexec-daemon: make children_count volatile
It's decremented in a signal handler
2014-01-06 17:54:46 +01:00
Marek Marczykowski-Górecki
ce971eaa54 qrexec: don't wait indefinitely if the daemon startup failed
Count started children and if the last one exits before getting SIGUSR1
(confirmation of successful daemon startup) report failure.
2013-10-27 17:19:43 +01:00
Marek Marczykowski-Górecki
19e7663928 qrexec-daemon: optionally don't wait for connection to the VM
Will be used to keep qrexec-daemon running in the background even if no
qrexec-agent installed (yet). Specifically to give the VM a chance to
inform about just installed agent.
2013-10-23 05:43:37 +02:00
Marek Marczykowski-Górecki
72b528ddd1 Revert "rpm: fix policy/qubes.SyncAppMenus name"
This reverts commit de087e9b8d.
Mangled two changes together.
2013-10-23 05:39:46 +02:00
Marek Marczykowski-Górecki
de087e9b8d rpm: fix policy/qubes.SyncAppMenus name 2013-10-23 00:25:50 +02:00
Marek Marczykowski-Górecki
28aa4d992f qrexec: display VM name in connect timeout message (#723)
Now it is possible, as we have domain name from cmdline.
2013-10-18 03:47:58 +02:00
Marek Marczykowski-Górecki
c92bc0a05c qrexec: use VM name in log filename 2013-10-18 02:27:46 +02:00
Marek Marczykowski
cf8959dbfe qrexec: get domain name from cmdline
libvchan_get_domain_name will be removed
2013-10-18 02:26:54 +02:00
Marek Marczykowski
158bfff3cf Add qrexec back, use qubes-utils libraries for common code 2013-03-20 06:24:17 +01:00