QubesOS/qubes-core-admin-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
270 Commits 8 Branches 294 Tags 2.8 MiB
74afb8a7cc
Commit Graph

61 Commits

Author SHA1 Message Date
Marek Marczykowski-Górecki
fa8ebeb42d Fix typo in "d9d48e8 qrexec: use tray notification when..." 
Fixes QubesOS/qubes-issues#1446

Thanks HW42 for the report.
 2015-12-28 00:59:45 +01:00
Marek Marczykowski-Górecki
d9d48e8948
qrexec: use tray notification when VM needs to be started 
For both successful start and the failed one

Fixes QubesOS/qubes-issues#1446
 2015-12-26 02:09:06 +01:00
Marek Marczykowski-Górecki
0c288aa355
qrexec: implement buffered write to child stdin to prevent deadlock 
Otherwise if the child process isn't reading its stdin at that time, it
would deadlock the whole qrexec connection (for example preventing
reading the data from the child, which may be a cause of that deadlock).

QubesOS/qubes-issues#1347
 2015-10-30 14:16:53 +01:00
Marek Marczykowski-Górecki
c8ce468c7f
qrexec: fallback to kdialog if zenity is not installed 
Fixes QubesOS/qubes-issues#1277
 2015-10-11 01:55:46 +02:00
Marek Marczykowski-Górecki
63e74a01d3
qrexec: fix handling autostarting RPC target VM 
Do not reimplement manual VM state checking in qrexec-policy.
`qubes.xml` is loaded anyway, so just use QubesVM object to check if
domain is running.

Fixes QubesOS/qubes-issues#1283
 2015-10-11 01:52:40 +02:00
Marek Marczykowski-Górecki
1288a13520 qrexec: do not terminate before sending all the data 
Make sure that all the data from local process is sent (including final
EOF), before handling its exit code - which would include terminating
qrexec-client process.
 2015-06-23 02:44:59 +02:00
Marek Marczykowski-Górecki
3f29b411d0 qrexec: do not send spurious MSG_SERVICE_REFUSED 
This causes closing connection (FD) to still alive client.

Fixes qubesos/qubes-issues#993
 2015-05-10 04:36:33 +02:00
Marek Marczykowski-Górecki
d6f0cfcbad qrexec: fix waiting for qrexec-agent data connection 
In case of vchan server libvchan_is_open() returns VCHAN_WAITING (2) when
client is not yet connected.
 2015-04-20 05:46:47 +02:00
Marek Marczykowski-Górecki
51c736a92c qrexec: enable compiler optimization 2015-03-20 12:16:28 +01:00
Marek Marczykowski-Górecki
18d079a99a qrexec: fix compiler warnings 2015-03-20 12:16:19 +01:00
Marek Marczykowski-Górecki
b07475efea qrexec: make the log writable by qubes group 
Otherwise if VM was started as root, it will never start as normal user
again.
 2015-03-20 03:06:06 +01:00
Marek Marczykowski-Górecki
04816e014b qrexec: do not exit from qrexec-client until local process exit code is sent 2015-03-17 22:55:15 +01:00
Marek Marczykowski-Górecki
e76007fe20 qrexec: periodically check if remote domain/process still exists 2015-02-22 18:25:14 +01:00
Marek Marczykowski-Górecki
5645b4c307 qrexec: wait for remote exit code, even when both stdin/out are closed 2015-02-17 03:57:17 +01:00
Marek Marczykowski-Górecki
61eb2e7764 qrexec: fix handling of remote exit code 2015-02-11 16:11:38 +01:00
Marek Marczykowski-Górecki
d031126737 Add "--" to separate options from (untrusted) non-options arguments 
This will prevent passing an option instead of command (qvm-run) /
domain name (qrexec-policy). In both cases when VM tries to pass some
option it would fail because missing argument then - VM can not pass
additional arguments, so if one act as an option, one argument will be
missing).
 2015-02-10 01:57:33 +01:00
Marek Marczykowski-Górecki
1d017449d0 qrexec: fix compile warnings 2014-11-19 15:23:10 +01:00
Marek Marczykowski-Górecki
6efbbb88da qrexec: new protocol - direct data vchan connections 2014-11-19 15:23:10 +01:00
Marek Marczykowski-Górecki
0ba692c85a code style: change tabs to spaces 2014-11-19 15:21:42 +01:00
Marek Marczykowski-Górecki
6e47f12118 Revert "qrexec: fix deadlock in qrexec-client" 
This reverts commit 79abec9038.

The problem will not be applicable in new protocol, where vchan
connection is directly between VMs, so there is no longer two connected
qrexec-clients - always one end of data flow in qrexec-client is vchan,
which provide information about amount of data to read or buffer
space to write (lack of the later in case of pipes was a cause of the
original problem).
 2014-11-19 15:21:42 +01:00
Marek Marczykowski-Górecki
9a1c071f40 qrexec-policy: remove trailing spaces 2014-11-19 15:21:42 +01:00
Marek Marczykowski
0eaae9790c Use QubesVMMConnection object 
Introduced in core-admin:
af521bd Wrap all VMM connection related object into QubesVMMConnection
class
 2014-11-19 15:21:41 +01:00
Marek Marczykowski
43770dae36 qrexec: handle vchan connect errors 2014-11-19 15:21:41 +01:00
Marek Marczykowski
d08831cc7e qrexec: get domain name from cmdline 
libvchan_get_domain_name will be removed
 2014-11-19 15:21:41 +01:00
Marek Marczykowski
6d2755abe6 Use libvirt in qrexec-policy 
Import connection for core qubes module.
 2014-11-19 15:21:41 +01:00
Marek Marczykowski
7bdf7b3f36 use domain name in error messages and log file name 
Should be much more convenient than XID.
 2014-11-19 15:21:41 +01:00
Marek Marczykowski
9215c09656 update for new vchan API 2014-11-19 15:21:40 +01:00
Marek Marczykowski-Górecki
28dfdddc0e Minor fixes in messages 2014-10-28 05:28:13 +01:00
Marek Marczykowski-Górecki
6cca9a377f qrexec: add -q option to silence "Waiting for VM's qrexec agent" message 2014-10-24 22:03:46 +02:00
Marek Marczykowski-Górecki
79abec9038 qrexec: fix deadlock in qrexec-client 
When VM-VM qrexec service is called, two qrexec-clients are connected in
dom0. If both VMs are sending data simultaneously it can happen that
both qrexec-client processes will call write(2) and none of them will be
reading -> deadlock.
Solve it by handling I/O in two separate threads (one for reading from
VM, another for writing), at any time qrexec-client is ready to accept
data from either direction.
 2014-07-01 03:24:46 +02:00
Marek Marczykowski-Górecki
9de6171a43 qubes-rpc: log (local) service output to syslog, discard stderr from VMs (#842) 
Basically - store the logs where the service is running.
 2014-05-05 05:27:08 +02:00
Marek Marczykowski-Górecki
0be6f8431f qrexec: add support for filtering terminal escape chars 2014-04-15 03:12:53 +02:00
Marek Marczykowski-Górecki
3f9cbe63b8 qrexec: use proper unsigned type instead of muting compiler warning 2014-02-19 20:54:39 +01:00
Vincent Penquerc'h
36c8885ff2 Fix some potential aliasing issues 2014-02-16 11:44:30 +01:00
Marek Marczykowski-Górecki
2b95581928 Add -Wextra -Werror to all C compile flags 2014-02-16 10:29:22 +01:00
Marek Marczykowski-Górecki
aa0fda1984 Fix -Wextra warnings 2014-02-16 10:29:06 +01:00
Marek Marczykowski-Górecki
433a942bc3 qrexec: register callback for qrexec-lib 
Now qrexec-lib do not use exported symbols of particular names, but
explicitly registered callbacks.
 2014-02-07 05:35:24 +01:00
Marek Marczykowski-Górecki
f77e2d656d qrexec: remove dialog box in case of connect timeout (#790) 
Instead exit with failure (keeping child process for further connect
retries) and let the core/user decide what to do.
 2014-02-05 03:31:47 +01:00
Marek Marczykowski-Górecki
c03a37f2bf qrexec: remove socket at daemon exit 2014-02-04 23:27:04 +01:00
Vincent Penquerc'h
4a81560536 qrexec-daemon: check symlink success 2014-01-16 04:20:18 +01:00
Vincent Penquerc'h
63c46b2f8c qrexec-daemon: add a few consts where appropriate 2014-01-16 04:20:18 +01:00
Vincent Penquerc'h
951e51d274 core-admin-linux: misc const/etc fixups 2014-01-06 17:54:47 +01:00
Vincent Penquerc'h
771be64912 qrexec-daemon: fix read underflow when the last fd goes 
If no remaining fd is alive in the list, the loop breaks when i
is negative, but by then clients[-1] would have been dereferenced.
 2014-01-06 17:54:47 +01:00
Vincent Penquerc'h
bac950c5ce qrexec-daemon: check we really did drop root privileges 
and drop group privileges too while we're at it
 2014-01-06 17:54:46 +01:00
Vincent Penquerc'h
5e4e1fe6ac qrexec-daemon: fix pathological break-out-of-wait-loop 
If the timeout is 1, attempting to retry would not actually retry,
since i would be incremented just after being reset to 0, and would
thus break out of the loop.
 2014-01-06 17:54:46 +01:00
Vincent Penquerc'h
e88faee9dd qrexec-daemon: reject negative timeouts 2014-01-06 17:54:46 +01:00
Vincent Penquerc'h
259d7aaf78 qrexec-daemon: use fully qualified path to kdialog/zenity 2014-01-06 17:54:46 +01:00
Vincent Penquerc'h
67f27bd94f qrexec-daemon: make children_count volatile 
It's decremented in a signal handler
 2014-01-06 17:54:46 +01:00
Vincent Penquerc'h
97c7c97420 qrexec-policy: warn if some data is ignored 
Something like vm1 vm2 allow, user=foo would be 4 items,
and the user part would be ignored by the parser.
It might or might not be better to error out instead of
just warning, though...
 2014-01-06 17:54:46 +01:00
Marek Marczykowski-Górecki
05390894be Qrexec: log allowed RPC calls 2013-10-27 19:23:09 +01:00