Marek Marczykowski-Górecki
8a780cb7f5
qrexec: reformat qrexec-policy
...
No functional change, just make it slightly less painful to read...
2016-08-16 02:58:04 +02:00
Marek Marczykowski-Górecki
0568d2ae3b
qrexec: initial convert qrexec-policy to core3 API
2016-08-08 00:47:18 +02:00
Marek Marczykowski-Górecki
21bec492e8
qrexec: add service argument support
...
Fixes QubesOS/qubes-issues#1876
Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2016-05-19 15:39:08 +02:00
Marek Marczykowski-Górecki
c629529565
qrexec: prefer VM-local service file (if present) over default one
...
This will allow a service to be overridden per-VM.
Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2016-05-19 15:39:08 +02:00
Wojtek Porczyk
c4cf6b646b
qubes-rpc-multiplexer: deprecate /etc/qubes_rpc, allow /usr/local
...
/usr/local resides in private.img, so it is possible to define per-appvm RPC
Also, with the upcoming 3.0 release support for old (R1) paths is
removed.
Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2016-05-19 15:39:08 +02:00
Marek Marczykowski-Górecki
f8d23d0d64
qrexec: execute RPC service directly (without a shell) if it has executable bit set
...
This will allow to use some different shell/language for a service (for
example python).
Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2016-05-19 15:39:07 +02:00
Marek Marczykowski-Górecki
7b582e0339
qrexec: do not leak FDs to logger process
...
This would prevent qrexec from detecting EOF.
Signed-off-by: Marek Marczykowski-Górecki <marmarek@invisiblethingslab.com>
2016-05-19 15:39:07 +02:00
Marek Marczykowski-Górecki
0607d9021a
qrexec: add support for service argument
...
Fixes QubesOS/qubes-issues#1876
2016-03-27 04:31:11 +02:00
Marek Marczykowski-Górecki
ad28f4df62
qrexec: deny spaces in service domain name
...
Fixes QubesOS/qubes-issues#1877
2016-03-27 04:23:47 +02:00
Marek Marczykowski-Górecki
f8d8368b10
qrexec: add timeout for data vchan connection
...
When qrexec-agent crashes for any reason (for example
QubesOS/qubes-issues#1389 ), it will never connect back and qrexec-client
will wait forever. In worst case it may happen while holding qubes.xml
write lock (in case of DispVM startup) effectively locking the whole
system.
Fixes QubesOS/qubes-issues#1636
2016-02-22 22:24:04 +01:00
Marek Marczykowski-Górecki
fa8ebeb42d
Fix typo in "d9d48e8 qrexec: use tray notification when..."
...
Fixes QubesOS/qubes-issues#1446
Thanks HW42 for the report.
2015-12-28 00:59:45 +01:00
Marek Marczykowski-Górecki
d9d48e8948
qrexec: use tray notification when VM needs to be started
...
For both successful start and the failed one
Fixes QubesOS/qubes-issues#1446
2015-12-26 02:09:06 +01:00
Marek Marczykowski-Górecki
0c288aa355
qrexec: implement buffered write to child stdin to prevent deadlock
...
Otherwise if the child process isn't reading its stdin at that time, it
would deadlock the whole qrexec connection (for example preventing
reading the data from the child, which may be a cause of that deadlock).
QubesOS/qubes-issues#1347
2015-10-30 14:16:53 +01:00
Marek Marczykowski-Górecki
c8ce468c7f
qrexec: fallback to kdialog if zenity is not installed
...
Fixes QubesOS/qubes-issues#1277
2015-10-11 01:55:46 +02:00
Marek Marczykowski-Górecki
63e74a01d3
qrexec: fix handling autostarting RPC target VM
...
Do not reimplement manual VM state checking in qrexec-policy.
`qubes.xml` is loaded anyway, so just use QubesVM object to check if
domain is running.
Fixes QubesOS/qubes-issues#1283
2015-10-11 01:52:40 +02:00
Marek Marczykowski-Górecki
1288a13520
qrexec: do not terminate before sending all the data
...
Make sure that all the data from local process is sent (including final
EOF), before handling its exit code - which would include terminating
qrexec-client process.
2015-06-23 02:44:59 +02:00
Marek Marczykowski-Górecki
3f29b411d0
qrexec: do not send spurious MSG_SERVICE_REFUSED
...
This causes closing connection (FD) to still alive client.
Fixes qubesos/qubes-issues#993
2015-05-10 04:36:33 +02:00
Marek Marczykowski-Górecki
d6f0cfcbad
qrexec: fix waiting for qrexec-agent data connection
...
In case of vchan server libvchan_is_open() returns VCHAN_WAITING (2) when
client is not yet connected.
2015-04-20 05:46:47 +02:00
Marek Marczykowski-Górecki
51c736a92c
qrexec: enable compiler optimization
2015-03-20 12:16:28 +01:00
Marek Marczykowski-Górecki
18d079a99a
qrexec: fix compiler warnings
2015-03-20 12:16:19 +01:00
Marek Marczykowski-Górecki
b07475efea
qrexec: make the log writable by qubes group
...
Otherwise if VM was started as root, it will never start as normal user
again.
2015-03-20 03:06:06 +01:00
Marek Marczykowski-Górecki
04816e014b
qrexec: do not exit from qrexec-client until local process exit code is sent
2015-03-17 22:55:15 +01:00
Marek Marczykowski-Górecki
e76007fe20
qrexec: periodically check if remote domain/process still exists
2015-02-22 18:25:14 +01:00
Marek Marczykowski-Górecki
5645b4c307
qrexec: wait for remote exit code, even when both stdin/out are closed
2015-02-17 03:57:17 +01:00
Marek Marczykowski-Górecki
61eb2e7764
qrexec: fix handling of remote exit code
2015-02-11 16:11:38 +01:00
Marek Marczykowski-Górecki
d031126737
Add "--" to separate options from (untrusted) non-options arguments
...
This will prevent passing an option instead of command (qvm-run) /
domain name (qrexec-policy). In both cases when VM tries to pass some
option it would fail because missing argument then - VM can not pass
additional arguments, so if one act as an option, one argument will be
missing).
2015-02-10 01:57:33 +01:00
Marek Marczykowski-Górecki
1d017449d0
qrexec: fix compile warnings
2014-11-19 15:23:10 +01:00
Marek Marczykowski-Górecki
6efbbb88da
qrexec: new protocol - direct data vchan connections
2014-11-19 15:23:10 +01:00
Marek Marczykowski-Górecki
0ba692c85a
code style: change tabs to spaces
2014-11-19 15:21:42 +01:00
Marek Marczykowski-Górecki
6e47f12118
Revert "qrexec: fix deadlock in qrexec-client"
...
This reverts commit 79abec9038
.
The problem will not be applicable in new protocol, where vchan
connection is directly between VMs, so there is no longer two connected
qrexec-clients - always one end of data flow in qrexec-client is vchan,
which provide information about amount of data to read or buffer
space to write (lack of the later in case of pipes was a cause of the
original problem).
2014-11-19 15:21:42 +01:00
Marek Marczykowski-Górecki
9a1c071f40
qrexec-policy: remove trailing spaces
2014-11-19 15:21:42 +01:00
Marek Marczykowski
0eaae9790c
Use QubesVMMConnection object
...
Introduced in core-admin:
af521bd Wrap all VMM connection related object into QubesVMMConnection
class
2014-11-19 15:21:41 +01:00
Marek Marczykowski
43770dae36
qrexec: handle vchan connect errors
2014-11-19 15:21:41 +01:00
Marek Marczykowski
d08831cc7e
qrexec: get domain name from cmdline
...
libvchan_get_domain_name will be removed
2014-11-19 15:21:41 +01:00
Marek Marczykowski
6d2755abe6
Use libvirt in qrexec-policy
...
Import connection for core qubes module.
2014-11-19 15:21:41 +01:00
Marek Marczykowski
7bdf7b3f36
use domain name in error messages and log file name
...
Should be much more convenient than XID.
2014-11-19 15:21:41 +01:00
Marek Marczykowski
9215c09656
update for new vchan API
2014-11-19 15:21:40 +01:00
Marek Marczykowski-Górecki
28dfdddc0e
Minor fixes in messages
2014-10-28 05:28:13 +01:00
Marek Marczykowski-Górecki
6cca9a377f
qrexec: add -q option to silence "Waiting for VM's qrexec agent" message
2014-10-24 22:03:46 +02:00
Marek Marczykowski-Górecki
79abec9038
qrexec: fix deadlock in qrexec-client
...
When VM-VM qrexec service is called, two qrexec-clients are connected in
dom0. If both VMs are sending data simultaneously it can happen that
both qrexec-client processes will call write(2) and none of them will be
reading -> deadlock.
Solve it by handling I/O in two separate threads (one for reading from
VM, another for writing), at any time qrexec-client is ready to accept
data from either direction.
2014-07-01 03:24:46 +02:00
Marek Marczykowski-Górecki
9de6171a43
qubes-rpc: log (local) service output to syslog, discard stderr from VMs ( #842 )
...
Basically - store the logs where the service is running.
2014-05-05 05:27:08 +02:00
Marek Marczykowski-Górecki
0be6f8431f
qrexec: add support for filtering terminal escape chars
2014-04-15 03:12:53 +02:00
Marek Marczykowski-Górecki
3f9cbe63b8
qrexec: use proper unsigned type instead of muting compiler warning
2014-02-19 20:54:39 +01:00
Vincent Penquerc'h
36c8885ff2
Fix some potential aliasing issues
2014-02-16 11:44:30 +01:00
Marek Marczykowski-Górecki
2b95581928
Add -Wextra -Werror to all C compile flags
2014-02-16 10:29:22 +01:00
Marek Marczykowski-Górecki
aa0fda1984
Fix -Wextra warnings
2014-02-16 10:29:06 +01:00
Marek Marczykowski-Górecki
433a942bc3
qrexec: register callback for qrexec-lib
...
Now qrexec-lib do not use exported symbols of particular names, but
explicitly registered callbacks.
2014-02-07 05:35:24 +01:00
Marek Marczykowski-Górecki
f77e2d656d
qrexec: remove dialog box in case of connect timeout ( #790 )
...
Instead exit with failure (keeping child process for further connect
retries) and let the core/user decide what to do.
2014-02-05 03:31:47 +01:00
Marek Marczykowski-Górecki
c03a37f2bf
qrexec: remove socket at daemon exit
2014-02-04 23:27:04 +01:00
Vincent Penquerc'h
4a81560536
qrexec-daemon: check symlink success
2014-01-16 04:20:18 +01:00